Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2D4F0ECEB4D711F0A47BFBF5DAE4EC9C.roa
File: 2D4F0ECEB4D711F0A47BFBF5DAE4EC9C.roa (raw, json)
Hash identifier: 71cRcTok2a44gQ3pLiz35C1dYGUeP1UNZQ5U/hYCohE=
Subject key identifier: B7:97:87:0A:1F:B9:19:CA:9E:20:0D:50:28:42:F9:22:5C:EB:99:BD
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01A656
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2D4F0ECEB4D711F0A47BFBF5DAE4EC9C.roa
Signing time: Wed 29 Oct 2025 14:54:32 +0000
ROA not before: Wed 29 Oct 2025 14:54:25 +0000
ROA not after: Sat 06 Dec 2025 14:54:25 +0000
asID: 44559
IP address blocks: 154.209.206.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Nov 2025 00:06:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 108118 (0x1a656)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Oct 29 14:54:25 2025 GMT
Not After : Dec 6 14:54:25 2025 GMT
Subject: CN=69022aa8-4f14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:aa:8e:40:14:11:50:dd:a7:ef:a3:1b:cf:f5:
af:f8:ff:dd:5f:83:d7:32:7e:6b:55:cc:af:65:d4:
09:05:82:fa:cb:02:aa:fd:5f:54:b9:6b:09:c4:81:
c8:ce:15:12:5b:94:be:ce:dd:35:77:c8:5f:c3:fc:
d5:03:45:79:12:08:21:1a:c1:8b:66:69:15:05:a3:
66:f5:b1:b4:1c:52:6d:c2:d1:c4:be:40:2f:a0:34:
cd:be:41:84:ab:3e:40:93:be:89:12:a3:14:ab:d8:
8f:d1:8d:54:a6:61:d8:a7:f4:f2:2e:42:07:75:d5:
5c:84:11:5b:f7:dc:78:c1:9d:89:ce:8d:96:52:ff:
f3:bd:0a:cc:7b:7e:be:c5:2e:e6:19:00:37:05:63:
7c:e8:db:2c:4e:c7:44:32:8c:7c:f5:10:82:f1:d4:
cf:0b:98:d0:4f:7b:50:b1:bc:08:4f:c6:ae:2b:89:
73:4c:f7:66:29:54:35:d6:2a:72:4b:92:66:9d:85:
7a:b3:18:78:4f:eb:12:0f:9e:6b:7f:1a:9e:b0:35:
50:b2:97:06:2a:2c:72:dc:1d:cf:83:2c:7d:0e:cd:
6f:a1:80:27:ad:47:0d:c3:fd:a5:4d:97:c7:cb:02:
97:86:09:17:25:43:dd:64:36:19:55:3b:d7:26:74:
a6:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:97:87:0A:1F:B9:19:CA:9E:20:0D:50:28:42:F9:22:5C:EB:99:BD
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2D4F0ECEB4D711F0A47BFBF5DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.209.206.0/24
Signature Algorithm: sha256WithRSAEncryption
92:19:d2:c3:b1:e6:09:8c:7d:67:e8:02:5b:c3:e0:27:b7:e0:
3c:58:59:8c:43:e0:a8:9e:0d:8c:d3:f8:17:47:c4:b5:0e:95:
33:d2:08:da:69:6b:aa:db:5d:96:09:5a:a0:1d:58:6c:b6:42:
5f:23:4a:51:10:f9:8d:33:1d:a5:cd:ca:20:f5:80:83:29:85:
8e:97:d8:4c:4d:62:12:95:b4:fa:f4:07:07:34:e5:d1:d4:74:
0c:b9:a9:89:75:a2:93:bc:d0:12:5b:df:f5:ad:d7:9f:3d:a3:
ae:7d:73:77:2a:b3:a5:cc:6f:0d:4d:ab:83:ae:88:c8:22:b4:
2f:1d:60:a1:d7:58:04:5a:97:df:e8:46:c3:0e:23:6e:0f:e1:
77:b7:cd:a6:72:ce:0e:37:17:28:7a:2e:eb:50:10:e9:90:5b:
b9:e6:8b:40:b9:0e:10:52:32:ab:c6:36:95:83:7c:5a:a5:35:
76:01:95:a9:c1:fd:c4:14:55:85:7a:f8:8d:d1:23:51:8b:30:
5d:3c:82:3d:5e:de:d0:f9:e3:f2:c8:e0:21:1d:81:7a:4d:72:
4f:f5:55:eb:23:1c:fa:e8:f5:d6:41:e8:1c:d1:44:f6:b1:7f:
26:4d:bf:ff:db:20:12:41:66:d4:71:ce:f5:cd:0e:6a:36:98:
f7:67:b5:4c
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAaZWMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUxMDI5MTQ1NDI1WhcNMjUxMjA2MTQ1NDI1WjAYMRYw
FAYDVQQDEw02OTAyMmFhOC00ZjE0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAr6qOQBQRUN2n76Mbz/Wv+P/dX4PXMn5rVcyvZdQJBYL6ywKq/V9UuWsJ
xIHIzhUSW5S+zt01d8hfw/zVA0V5EgghGsGLZmkVBaNm9bG0HFJtwtHEvkAvoDTN
vkGEqz5Ak76JEqMUq9iP0Y1UpmHYp/TyLkIHddVchBFb99x4wZ2Jzo2WUv/zvQrM
e36+xS7mGQA3BWN86NssTsdEMox89RCC8dTPC5jQT3tQsbwIT8auK4lzTPdmKVQ1
1ipyS5JmnYV6sxh4T+sSD55rfxqesDVQspcGKixy3B3Pgyx9Ds1voYAnrUcNw/2l
TZfHywKXhgkXJUPdZDYZVTvXJnSmawIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFLeX
hwofuRnKniANUChC+SJc65m9MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yRDRGMEVDRUI0RDcxMUYwQTQ3QkZCRjVEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtHOMA0GCSqGSIb3DQEB
CwUAA4IBAQCSGdLDseYJjH1n6AJbw+Ant+A8WFmMQ+Cong2M0/gXR8S1DpUz0gja
aWuq212WCVqgHVhstkJfI0pREPmNMx2lzcog9YCDKYWOl9hMTWISlbT69AcHNOXR
1HQMuamJdaKTvNASW9/1rdefPaOufXN3KrOlzG8NTauDrojIIrQvHWCh11gEWpff
6EbDDiNuD+F3t82mcs4ONxcoei7rUBDpkFu55otAuQ4QUjKrxjaVg3xapTV2AZWp
wf3EFFWFeviN0SNRizBdPII9Xt7Q+ePyyOAhHYF6TXJP9VXrIxz66PXWQegc0UT2
sX8mTb//2yASQWbUcc71zQ5qNpj3Z7VM
-----END CERTIFICATE-----
Generated at Wed Nov 5 08:13:57 2025 by rpki-client