Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1F85EAA4B2EF11F0946A33E0DAE4EC9C.roa
File: 1F85EAA4B2EF11F0946A33E0DAE4EC9C.roa (raw, json)
Hash identifier: 4vW7Ak9nrK3dJVFo0GMS0djQQFvss1tYUHF/DMt30ms=
Subject key identifier: 98:30:88:B5:25:05:FC:6F:DB:00:AE:41:EB:97:85:91:53:18:9C:D7
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01A4F4
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1F85EAA4B2EF11F0946A33E0DAE4EC9C.roa
Signing time: Mon 27 Oct 2025 04:40:55 +0000
ROA not before: Mon 27 Oct 2025 04:40:50 +0000
ROA not after: Sun 30 Nov 2025 04:40:50 +0000
asID: 32043
IP address blocks: 154.200.8.0/22 maxlen: 24
154.200.12.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 06 Nov 2025 00:06:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 107764 (0x1a4f4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Oct 27 04:40:50 2025 GMT
Not After : Nov 30 04:40:50 2025 GMT
Subject: CN=68fef7d7-0a0f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:d4:e7:d6:8b:d2:2b:b3:d3:4c:8a:da:8b:84:
16:94:bf:6c:9f:41:7c:85:b8:45:b8:9d:83:9d:a4:
bf:1f:55:b5:70:65:3e:81:6b:59:ed:cc:84:0c:51:
10:9b:ca:8d:4b:ee:27:6f:3e:6a:74:9e:37:ac:30:
2b:89:d2:9b:7d:74:2c:3e:d3:aa:56:54:36:b7:79:
9f:c6:a6:48:7c:b0:1a:eb:18:8a:58:22:59:0d:ff:
9c:db:51:1c:91:67:fa:f3:14:58:74:8b:6b:69:68:
58:3c:c1:7d:9a:47:a1:2a:25:b2:e6:d6:0b:0a:56:
a7:dd:86:21:17:2c:5b:5e:a4:6a:a4:09:1d:7b:f9:
33:4a:46:9b:c5:8c:7a:e7:8e:44:3b:dd:a2:09:0d:
88:e0:4c:cf:8c:ca:2e:5e:b6:d3:bd:35:34:1d:cd:
87:de:07:ed:64:6c:b8:6b:ab:30:36:3d:e6:74:01:
05:93:1b:ea:8f:54:ff:a4:d4:ed:b5:05:d0:03:9f:
19:46:eb:a3:b1:91:11:fb:e6:71:43:a4:da:33:c8:
8a:64:f3:2e:7b:7a:90:1f:3c:30:19:36:39:05:5b:
d5:fc:9d:51:64:9a:37:a5:c2:71:76:a8:91:d8:04:
fc:7e:97:60:a3:82:f4:42:be:d0:59:81:61:d3:95:
d7:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:30:88:B5:25:05:FC:6F:DB:00:AE:41:EB:97:85:91:53:18:9C:D7
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1F85EAA4B2EF11F0946A33E0DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.200.8.0/21
Signature Algorithm: sha256WithRSAEncryption
b7:71:d1:d3:79:df:c8:2e:11:06:2f:6c:68:8d:91:12:f1:e0:
cd:5a:bb:56:ca:2e:2d:a4:11:62:c0:9d:9f:3c:81:27:c4:03:
cd:7c:b9:41:eb:46:a6:f5:92:17:32:f6:15:24:db:16:42:60:
9c:fb:b3:e4:de:99:57:48:b5:eb:77:9f:96:23:c7:de:77:d6:
88:f4:69:67:0c:1e:c6:9b:ab:7e:68:bc:b2:e4:44:df:84:55:
78:f4:3d:11:63:19:52:58:43:94:75:50:91:94:63:11:2f:93:
f5:ed:89:62:df:52:43:75:27:aa:5f:77:2e:92:f2:99:de:ea:
a2:54:bf:13:9f:02:8d:11:24:29:44:03:62:b4:7c:20:e3:c4:
72:10:01:91:66:05:9b:87:a8:70:12:4e:96:f6:53:6f:35:94:
41:2d:97:44:28:c3:fe:8b:48:95:81:7d:59:9e:7f:3c:ee:9d:
e1:38:70:26:42:34:25:16:8c:83:ec:41:48:b8:9d:46:ce:ee:
53:04:9e:5d:c8:1a:2e:2f:1a:55:8d:b8:7a:8a:a5:bc:6c:68:
6b:41:c7:15:1a:28:6a:d6:e4:d2:56:56:cc:6f:3b:fd:dc:b0:
c4:ef:2c:07:77:c0:19:c1:41:d4:e7:4e:b7:bf:99:8d:23:3c:
51:cf:4f:0e
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAaT0MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUxMDI3MDQ0MDUwWhcNMjUxMTMwMDQ0MDUwWjAYMRYw
FAYDVQQDEw02OGZlZjdkNy0wYTBmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAn9Tn1ovSK7PTTIrai4QWlL9sn0F8hbhFuJ2DnaS/H1W1cGU+gWtZ7cyE
DFEQm8qNS+4nbz5qdJ43rDAridKbfXQsPtOqVlQ2t3mfxqZIfLAa6xiKWCJZDf+c
21EckWf68xRYdItraWhYPMF9mkehKiWy5tYLClan3YYhFyxbXqRqpAkde/kzSkab
xYx6545EO92iCQ2I4EzPjMouXrbTvTU0Hc2H3gftZGy4a6swNj3mdAEFkxvqj1T/
pNTttQXQA58ZRuujsZER++ZxQ6TaM8iKZPMue3qQHzwwGTY5BVvV/J1RZJo3pcJx
dqiR2AT8fpdgo4L0Qr7QWYFh05XXOQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFJgw
iLUlBfxv2wCuQeuXhZFTGJzXMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xRjg1RUFBNEIyRUYxMUYwOTQ2QTMzRTBEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDmsgIMA0GCSqGSIb3DQEB
CwUAA4IBAQC3cdHTed/ILhEGL2xojZES8eDNWrtWyi4tpBFiwJ2fPIEnxAPNfLlB
60am9ZIXMvYVJNsWQmCc+7Pk3plXSLXrd5+WI8fed9aI9GlnDB7Gm6t+aLyy5ETf
hFV49D0RYxlSWEOUdVCRlGMRL5P17Yli31JDdSeqX3cukvKZ3uqiVL8TnwKNESQp
RANitHwg48RyEAGRZgWbh6hwEk6W9lNvNZRBLZdEKMP+i0iVgX1Znn887p3hOHAm
QjQlFoyD7EFIuJ1Gzu5TBJ5dyBouLxpVjbh6iqW8bGhrQccVGihq1uTSVlbMbzv9
3LDE7ywHd8AZwUHU5063v5mNIzxRz08O
-----END CERTIFICATE-----
Generated at Tue Nov 4 21:46:28 2025 by rpki-client