Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2A87B1CCB76211F0811375EDDAE4EC9C.roa
File: 2A87B1CCB76211F0811375EDDAE4EC9C.roa (raw, json)
Hash identifier: lnakHzfKzEGWjUwQY16KCb0TmASJLQAtxeACsCcHo5A=
Subject key identifier: A5:8E:FE:53:2D:4E:13:AF:43:C6:7F:E1:08:FA:1E:83:5B:7C:FF:8A
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01A6DA
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2A87B1CCB76211F0811375EDDAE4EC9C.roa
Signing time: Sat 01 Nov 2025 20:34:30 +0000
ROA not before: Sat 01 Nov 2025 20:34:25 +0000
ROA not after: Sat 15 Nov 2025 20:34:25 +0000
asID: 137443
IP address blocks: 154.218.6.0/24 maxlen: 24
154.218.7.0/24 maxlen: 24
154.218.8.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 06 Nov 2025 00:06:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 108250 (0x1a6da)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Nov 1 20:34:25 2025 GMT
Not After : Nov 15 20:34:25 2025 GMT
Subject: CN=69066ed6-6e23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:dd:45:72:ab:23:1e:98:7f:5a:0d:56:38:6c:
02:43:90:d0:84:23:77:66:15:e6:be:83:96:6a:6f:
a9:71:89:1b:ba:d3:22:90:39:92:9b:44:9f:dd:df:
0b:93:2d:12:db:9d:50:6c:94:4c:27:51:96:bd:d2:
63:8b:c8:86:03:9c:4b:e0:e3:c7:e9:71:77:0b:01:
db:9b:ce:a1:a0:59:b1:a6:58:ea:3e:e7:ed:0c:9d:
f4:88:2c:ec:99:ef:84:4b:ff:95:36:34:14:e5:d5:
65:f3:e0:e4:f5:27:86:79:e6:03:a4:d2:85:f1:75:
8a:21:5a:b4:be:41:4b:b2:32:b5:e9:aa:07:dd:bc:
29:f7:17:5f:09:d7:d3:ae:89:0d:3c:00:d9:e4:2a:
94:b1:ff:9a:75:b7:64:16:b5:96:97:ff:0f:01:40:
2f:d5:b2:6d:35:f3:85:fe:8f:83:64:7d:6f:7a:fc:
8d:ce:93:81:fc:20:b2:15:37:80:c5:24:f0:8d:c3:
c7:11:40:5d:4e:2d:87:f5:d0:ce:14:a1:59:0c:4d:
c5:61:4d:a3:8d:83:9e:7c:04:46:c4:b8:8e:e3:ed:
cc:31:c5:72:32:fd:29:34:42:b3:90:1c:93:fc:c1:
1e:1d:a9:27:89:e0:b4:a8:87:dc:8e:41:38:66:e4:
46:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:8E:FE:53:2D:4E:13:AF:43:C6:7F:E1:08:FA:1E:83:5B:7C:FF:8A
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2A87B1CCB76211F0811375EDDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.218.6.0-154.218.8.255
Signature Algorithm: sha256WithRSAEncryption
15:39:d4:6a:77:d5:71:c7:9b:c1:d2:23:b5:18:7f:8d:d4:31:
62:8e:0e:0f:be:60:75:2d:1d:84:b4:8b:6f:b8:33:0d:84:40:
bc:47:13:d6:de:29:7a:8c:55:c7:e0:33:c6:8c:30:76:7f:ed:
0f:43:71:79:59:b9:b5:c7:7c:d1:15:55:df:a1:28:bc:86:df:
77:d8:24:ca:9e:22:b0:62:38:e3:17:6b:ca:a1:b4:d3:86:09:
17:7e:a7:ca:18:e4:2c:5f:7f:c2:93:a8:88:92:4b:6c:c9:f7:
16:a8:9e:9f:e1:84:01:8a:13:af:48:ad:5b:f7:91:06:92:c0:
ad:01:ee:ec:98:02:83:56:1f:0e:58:91:63:37:00:45:47:0a:
01:69:ff:e9:bd:0f:24:cd:a4:26:29:9b:04:6e:77:5c:02:ed:
1b:c0:49:06:35:dd:c5:45:1a:91:38:2f:5c:05:69:f2:de:35:
af:d8:d4:c4:a4:41:7f:37:13:53:67:d4:59:2f:33:5d:3a:81:
7e:68:8e:78:0e:9e:21:7f:e4:5c:6f:89:7e:9c:4c:2d:b6:56:
da:42:f9:42:a5:a3:4b:2b:08:16:2a:60:70:73:c2:4f:a3:f8:
47:88:25:14:a3:12:ab:f8:3e:a9:80:70:51:34:36:98:24:46:
90:88:c5:3b
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgIDAabaMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUxMTAxMjAzNDI1WhcNMjUxMTE1MjAzNDI1WjAYMRYw
FAYDVQQDEw02OTA2NmVkNi02ZTIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3N1FcqsjHph/Wg1WOGwCQ5DQhCN3ZhXmvoOWam+pcYkbutMikDmSm0Sf
3d8Lky0S251QbJRMJ1GWvdJji8iGA5xL4OPH6XF3CwHbm86hoFmxpljqPuftDJ30
iCzsme+ES/+VNjQU5dVl8+Dk9SeGeeYDpNKF8XWKIVq0vkFLsjK16aoH3bwp9xdf
CdfTrokNPADZ5CqUsf+adbdkFrWWl/8PAUAv1bJtNfOF/o+DZH1vevyNzpOB/CCy
FTeAxSTwjcPHEUBdTi2H9dDOFKFZDE3FYU2jjYOefARGxLiO4+3MMcVyMv0pNEKz
kByT/MEeHaknieC0qIfcjkE4ZuRGHwIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFKWO
/lMtThOvQ8Z/4Qj6HoNbfP+KMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yQTg3QjFDQ0I3NjIxMUYwODExMzc1RUREQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAGa2gYDBACa2ggwDQYJ
KoZIhvcNAQELBQADggEBABU51Gp31XHHm8HSI7UYf43UMWKODg++YHUtHYS0i2+4
Mw2EQLxHE9beKXqMVcfgM8aMMHZ/7Q9DcXlZubXHfNEVVd+hKLyG33fYJMqeIrBi
OOMXa8qhtNOGCRd+p8oY5Cxff8KTqIiSS2zJ9xaonp/hhAGKE69IrVv3kQaSwK0B
7uyYAoNWHw5YkWM3AEVHCgFp/+m9DyTNpCYpmwRud1wC7RvASQY13cVFGpE4L1wF
afLeNa/Y1MSkQX83E1Nn1FkvM106gX5ojngOniF/5FxviX6cTC22VtpC+UKlo0sr
CBYqYHBzwk+j+EeIJRSjEqv4PqmAcFE0NpgkRpCIxTs=
-----END CERTIFICATE-----
Generated at Wed Nov 5 00:49:28 2025 by rpki-client