Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/295AA4ECAF3511F087A9B7F4DAE4EC9C.roa
File: 295AA4ECAF3511F087A9B7F4DAE4EC9C.roa (raw, json)
Hash identifier: bS46THo6+E/r1mdbcQ8Y0XhIhdh8XVICgAYwWPawI/I=
Subject key identifier: D3:A0:15:86:7B:50:CD:C9:BF:9D:EB:1C:BE:4F:6F:A7:C9:CA:5F:77
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01A4AD
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/295AA4ECAF3511F087A9B7F4DAE4EC9C.roa
Signing time: Wed 22 Oct 2025 10:52:11 +0000
ROA not before: Wed 22 Oct 2025 10:52:05 +0000
ROA not after: Sat 06 Dec 2025 10:52:05 +0000
asID: 20326
IP address blocks: 154.83.152.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Nov 2025 00:06:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 107693 (0x1a4ad)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Oct 22 10:52:05 2025 GMT
Not After : Dec 6 10:52:05 2025 GMT
Subject: CN=68f8b75b-67d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:6c:99:16:ca:a7:11:1c:fd:a1:5b:c8:43:dc:
c6:e8:38:f7:fc:43:c6:f7:0b:a4:ff:2c:26:87:61:
6a:3f:f9:3f:28:11:a9:f4:45:9a:20:02:de:74:b9:
b9:94:50:b1:ee:1c:9f:72:39:6d:3a:e6:57:10:3e:
bd:b8:a8:5e:11:81:97:36:10:a4:7e:11:aa:29:37:
93:09:fe:83:f6:35:c8:b3:37:8c:4e:4c:67:44:cf:
0e:8a:99:95:26:f3:e9:54:b9:93:89:ab:9c:66:3f:
12:0e:09:34:13:c8:ed:c7:46:60:2c:06:b4:18:68:
2d:bd:ba:bd:a3:c7:8a:58:cb:3c:b0:92:b0:75:43:
ec:95:09:a7:16:d0:74:0d:88:99:ed:ce:39:6a:35:
02:cc:80:5b:20:40:e0:61:ad:03:8f:73:be:c1:88:
8f:93:77:96:de:23:1a:9a:1d:3b:1b:1b:0d:53:06:
d6:4b:8b:61:a3:b9:68:f3:1f:86:73:7a:2d:62:81:
42:73:5d:b1:24:ff:52:a7:7c:ec:82:c1:5a:ef:75:
77:88:4a:ed:85:c1:43:0d:1b:0f:29:e2:b9:c0:1f:
3e:e7:f2:50:15:a4:6c:84:b9:fa:5b:9c:d8:b3:96:
0e:b9:a1:ad:38:85:02:74:1d:2f:46:14:37:1c:fb:
3e:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:A0:15:86:7B:50:CD:C9:BF:9D:EB:1C:BE:4F:6F:A7:C9:CA:5F:77
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/295AA4ECAF3511F087A9B7F4DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.83.152.0/22
Signature Algorithm: sha256WithRSAEncryption
39:44:68:a9:35:d9:06:07:74:7d:5d:be:28:92:1a:70:e1:6f:
90:f3:e3:a8:29:1a:ef:29:de:44:b6:01:c2:c0:d0:66:06:24:
2e:8a:3f:fd:32:fa:c8:34:6f:5d:87:82:47:b4:e5:42:5a:af:
a3:7b:57:40:4d:6d:cc:68:16:34:a8:cc:cf:f0:f9:24:6a:2a:
c8:d2:0d:20:1d:4d:be:88:50:30:a6:fa:57:a8:56:bf:55:68:
44:41:67:f3:8d:a3:10:7f:bc:ed:f3:10:5f:fe:a7:74:ed:88:
0e:55:f4:ae:0b:0b:6a:59:5e:7c:2c:de:72:2f:52:cd:ee:56:
39:ac:50:9e:a9:4e:f9:27:6f:38:3b:8b:15:f0:14:0a:e5:3d:
7c:70:48:7e:08:ab:19:5b:25:0c:80:4b:7d:c6:82:3e:56:ff:
33:df:35:57:71:6c:4a:af:f3:13:b3:d3:c2:1a:de:0f:d8:1b:
65:dd:19:7c:cf:07:1c:cf:74:8c:42:20:2b:ba:3f:19:55:34:
cc:44:bf:ee:c1:a5:ed:4d:7b:f4:9b:b6:12:19:6a:6b:31:d8:
87:ec:c3:eb:b1:05:cc:17:3b:3f:5c:27:ce:b4:c3:ec:35:23:
48:22:97:ae:1b:ad:a1:75:cd:4b:15:77:c1:ef:c6:05:dd:fd:
fc:b1:45:e4
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAaStMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUxMDIyMTA1MjA1WhcNMjUxMjA2MTA1MjA1WjAYMRYw
FAYDVQQDEw02OGY4Yjc1Yi02N2QzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA42yZFsqnERz9oVvIQ9zG6Dj3/EPG9wuk/ywmh2FqP/k/KBGp9EWaIALe
dLm5lFCx7hyfcjltOuZXED69uKheEYGXNhCkfhGqKTeTCf6D9jXIszeMTkxnRM8O
ipmVJvPpVLmTiaucZj8SDgk0E8jtx0ZgLAa0GGgtvbq9o8eKWMs8sJKwdUPslQmn
FtB0DYiZ7c45ajUCzIBbIEDgYa0Dj3O+wYiPk3eW3iMamh07GxsNUwbWS4tho7lo
8x+Gc3otYoFCc12xJP9Sp3zsgsFa73V3iErthcFDDRsPKeK5wB8+5/JQFaRshLn6
W5zYs5YOuaGtOIUCdB0vRhQ3HPs+GwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFNOg
FYZ7UM3Jv53rHL5Pb6fJyl93MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yOTVBQTRFQ0FGMzUxMUYwODdBOUI3RjREQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCmlOYMA0GCSqGSIb3DQEB
CwUAA4IBAQA5RGipNdkGB3R9Xb4okhpw4W+Q8+OoKRrvKd5EtgHCwNBmBiQuij/9
MvrING9dh4JHtOVCWq+je1dATW3MaBY0qMzP8PkkairI0g0gHU2+iFAwpvpXqFa/
VWhEQWfzjaMQf7zt8xBf/qd07YgOVfSuCwtqWV58LN5yL1LN7lY5rFCeqU75J284
O4sV8BQK5T18cEh+CKsZWyUMgEt9xoI+Vv8z3zVXcWxKr/MTs9PCGt4P2Btl3Rl8
zwccz3SMQiAruj8ZVTTMRL/uwaXtTXv0m7YSGWprMdiH7MPrsQXMFzs/XCfOtMPs
NSNIIpeuG62hdc1LFXfB78YF3f38sUXk
-----END CERTIFICATE-----
Generated at Wed Nov 5 05:39:08 2025 by rpki-client