Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/36BCC5F0AE6A11F09C606CD9DAE4EC9C.roa
File: 36BCC5F0AE6A11F09C606CD9DAE4EC9C.roa (raw, json)
Hash identifier: kOFBfw5mv+bIVG968i5yytFB5a+p8emBBhE3kGghzds=
Subject key identifier: B6:05:45:6B:1C:06:1F:61:D5:61:B5:65:55:02:76:0E:AF:B2:4E:4C
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01A490
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/36BCC5F0AE6A11F09C606CD9DAE4EC9C.roa
Signing time: Tue 21 Oct 2025 10:39:26 +0000
ROA not before: Tue 21 Oct 2025 10:39:19 +0000
ROA not after: Mon 01 Dec 2025 10:39:19 +0000
asID: 202656
IP address blocks: 154.200.227.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Nov 2025 00:06:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 107664 (0x1a490)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Oct 21 10:39:19 2025 GMT
Not After : Dec 1 10:39:19 2025 GMT
Subject: CN=68f762de-0328
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:6c:d9:8f:cf:32:b2:74:47:a6:b5:b8:3e:c8:
19:f7:95:87:a0:6c:29:30:fc:e8:f6:c7:86:6f:20:
61:52:0f:da:ec:ae:74:21:e0:b0:40:ac:df:f9:bd:
9c:c2:cb:c1:93:3a:5c:35:11:36:08:1f:08:f3:11:
cd:24:e6:d8:66:ed:e9:f7:cd:a4:41:6d:a8:4c:9a:
77:1f:2e:e7:69:1b:00:4c:56:6f:36:b2:a9:9d:7e:
84:db:0b:a0:42:46:df:31:8d:1f:29:0b:c5:ad:ee:
1e:d2:5e:c2:37:27:10:b5:40:cd:58:2b:10:53:de:
a9:f3:66:cb:16:ea:ae:41:e6:ba:3f:85:b0:02:ae:
77:1a:ed:46:4c:ab:f3:95:2a:f0:44:4a:26:38:fd:
f3:50:3c:96:41:6a:03:a6:04:43:46:27:ed:16:ba:
8e:23:51:f3:69:ac:49:3f:9d:99:2e:67:f6:7c:c4:
84:49:fa:a2:a0:57:e6:6e:18:66:5b:ec:c3:42:99:
77:54:e7:1e:19:00:cd:03:27:77:33:a6:9e:b3:77:
53:89:10:14:50:d9:04:d5:85:3a:a2:df:41:7f:e5:
c8:51:0a:05:3a:c1:a4:02:f2:6b:bc:c5:41:eb:1b:
53:df:5b:9b:79:fa:bb:dd:f0:0b:b1:d7:59:2a:55:
08:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:05:45:6B:1C:06:1F:61:D5:61:B5:65:55:02:76:0E:AF:B2:4E:4C
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/36BCC5F0AE6A11F09C606CD9DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.200.227.0/24
Signature Algorithm: sha256WithRSAEncryption
97:d4:1d:4e:0f:5d:7e:33:71:60:4f:02:e5:f3:79:f7:02:89:
eb:d4:19:50:50:7a:a6:c4:29:01:9e:79:0f:3d:47:52:b5:85:
3a:df:5f:bc:62:23:74:65:56:08:83:84:4f:a6:b2:97:c9:6b:
bf:42:15:21:c0:39:0b:7d:ca:00:af:b4:7a:b1:00:db:70:52:
8c:40:8c:0b:98:74:e5:8b:70:fa:dc:d4:f7:5f:17:bf:ff:86:
92:1f:c6:2d:02:e6:93:1c:9f:e5:13:7f:72:6e:36:78:ba:88:
80:b4:5c:87:3d:57:2e:72:96:df:d7:1f:bf:4f:da:04:2b:d0:
94:d8:dc:41:31:c0:27:27:22:7c:e7:c4:72:76:4d:42:1f:bf:
55:ca:81:c5:4b:b1:7e:c5:6a:09:40:ef:24:28:df:ba:b6:d7:
fa:83:85:ed:2e:6a:47:80:34:41:e5:50:e7:fb:47:c6:00:fe:
b8:4f:03:78:1e:83:c3:a0:72:a8:2a:9f:19:28:fa:97:35:c6:
30:7e:07:aa:1c:ef:dc:c8:bd:1d:12:6e:33:0a:4f:80:6f:d9:
eb:0f:7f:85:81:64:68:9a:a6:a4:da:16:e7:59:56:d4:3c:a9:
f0:bf:7b:76:0f:e4:f4:26:74:cc:48:09:6e:5d:58:06:ab:fa:
ed:e0:de:5c
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAaSQMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUxMDIxMTAzOTE5WhcNMjUxMjAxMTAzOTE5WjAYMRYw
FAYDVQQDEw02OGY3NjJkZS0wMzI4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAnmzZj88ysnRHprW4PsgZ95WHoGwpMPzo9seGbyBhUg/a7K50IeCwQKzf
+b2cwsvBkzpcNRE2CB8I8xHNJObYZu3p982kQW2oTJp3Hy7naRsATFZvNrKpnX6E
2wugQkbfMY0fKQvFre4e0l7CNycQtUDNWCsQU96p82bLFuquQea6P4WwAq53Gu1G
TKvzlSrwREomOP3zUDyWQWoDpgRDRiftFrqOI1HzaaxJP52ZLmf2fMSESfqioFfm
bhhmW+zDQpl3VOceGQDNAyd3M6aes3dTiRAUUNkE1YU6ot9Bf+XIUQoFOsGkAvJr
vMVB6xtT31ubefq73fALsddZKlUIPQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFLYF
RWscBh9h1WG1ZVUCdg6vsk5MMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zNkJDQzVGMEFFNkExMUYwOUM2MDZDRDlEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsjjMA0GCSqGSIb3DQEB
CwUAA4IBAQCX1B1OD11+M3FgTwLl83n3Aonr1BlQUHqmxCkBnnkPPUdStYU631+8
YiN0ZVYIg4RPprKXyWu/QhUhwDkLfcoAr7R6sQDbcFKMQIwLmHTli3D63NT3Xxe/
/4aSH8YtAuaTHJ/lE39ybjZ4uoiAtFyHPVcucpbf1x+/T9oEK9CU2NxBMcAnJyJ8
58Rydk1CH79VyoHFS7F+xWoJQO8kKN+6ttf6g4XtLmpHgDRB5VDn+0fGAP64TwN4
HoPDoHKoKp8ZKPqXNcYwfgeqHO/cyL0dEm4zCk+Ab9nrD3+FgWRomqak2hbnWVbU
PKnwv3t2D+T0JnTMSAluXVgGq/rt4N5c
-----END CERTIFICATE-----
Generated at Wed Nov 5 09:34:51 2025 by rpki-client