Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4A306286AE5B11F0A7A3C37CDAE4EC9C.roa
File: 4A306286AE5B11F0A7A3C37CDAE4EC9C.roa (raw, json)
Hash identifier: nnDqOoFAnxVYzdadG0CrX8e220TDPBQtfyCDRGJl71U=
Subject key identifier: 73:EC:53:A9:72:D4:81:F5:01:43:E8:91:D7:00:70:25:73:25:22:A0
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01A474
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4A306286AE5B11F0A7A3C37CDAE4EC9C.roa
Signing time: Tue 21 Oct 2025 08:52:36 +0000
ROA not before: Tue 21 Oct 2025 08:52:31 +0000
ROA not after: Thu 27 Nov 2025 08:52:31 +0000
asID: 6079
IP address blocks: 154.202.138.0/23 maxlen: 24
154.202.140.0/22 maxlen: 24
154.207.0.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 06 Nov 2025 00:06:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 107636 (0x1a474)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Oct 21 08:52:31 2025 GMT
Not After : Nov 27 08:52:31 2025 GMT
Subject: CN=68f749d4-f373
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:c9:54:d8:d3:0f:29:16:c1:ee:0f:b9:14:ce:
64:57:0d:24:46:2a:90:a7:3c:f6:12:ba:9a:e2:4e:
19:e5:68:c3:7e:2d:37:fe:c9:d0:b9:b3:f9:20:45:
da:c9:50:91:14:7a:a6:83:6d:05:40:5b:87:0b:f9:
03:e8:62:87:ba:14:48:09:d8:ce:b8:d7:c9:84:df:
58:0f:c6:74:58:00:10:46:2a:f7:fe:f3:bd:80:68:
63:7a:37:47:6f:c3:c9:e9:bc:b9:87:72:63:83:e6:
41:56:d6:cc:a0:61:3e:39:08:cb:3a:d5:08:c8:e2:
5f:54:fd:0f:b5:0e:b0:a4:37:6e:93:f9:97:c9:6a:
12:65:c1:90:51:90:4d:82:d8:83:95:e2:0a:77:7b:
19:0e:86:d5:76:65:b9:3b:55:10:4e:d7:5b:b7:d3:
a6:27:62:5b:7b:8e:cb:c2:d8:4b:01:32:d4:18:ac:
38:56:5e:2c:7e:70:09:08:19:80:0a:18:17:dc:2e:
1d:71:f1:64:c0:af:6a:b4:f6:c3:db:6c:15:16:73:
84:0b:8f:93:ab:5a:ee:6e:11:b8:19:52:a5:43:66:
82:a8:e0:db:5a:49:3c:43:7c:76:a6:e7:d8:e5:dc:
16:d8:bd:4b:2e:6b:4f:47:88:9e:db:68:22:15:ad:
f3:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:EC:53:A9:72:D4:81:F5:01:43:E8:91:D7:00:70:25:73:25:22:A0
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4A306286AE5B11F0A7A3C37CDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.202.138.0-154.202.143.255
154.207.0.0/19
Signature Algorithm: sha256WithRSAEncryption
09:31:44:14:ad:50:d6:99:a6:84:dc:ec:57:60:56:8e:92:c9:
65:03:97:fa:6c:65:ff:80:8f:c8:a9:57:c3:ba:f5:18:34:37:
8d:ca:71:2e:31:41:08:e3:41:14:2a:55:e9:3c:97:a8:48:7f:
70:f1:6c:78:e6:65:ce:b8:ae:19:96:8b:10:93:dd:31:de:69:
93:d7:7d:3a:9e:72:1a:4e:71:2f:fb:4e:bd:27:c3:9d:6a:05:
a9:2b:3f:24:b3:62:d7:ac:85:6f:e5:3b:54:d4:77:38:93:f3:
72:4b:2a:8a:b1:3a:4d:ce:66:70:18:f2:08:ac:01:6f:9c:f0:
da:d2:fb:79:a6:87:ed:44:b1:c9:ad:07:e5:e5:a6:bc:3c:04:
65:19:ae:9a:98:0a:b3:0c:de:2e:9a:a4:d4:af:98:b0:90:f3:
1c:59:cc:1f:d8:ae:55:12:75:e6:8a:0e:1d:1d:5d:e4:4e:01:
86:e7:70:da:b5:16:5a:90:3d:1c:b6:f1:9e:9b:db:b7:c1:b0:
22:38:08:25:bf:ab:1a:76:66:db:35:4f:a2:b2:9b:da:26:37:
1f:08:2a:af:01:9e:8e:75:8c:50:7f:41:d4:99:e4:20:44:a6:
b0:10:6d:e9:44:a0:59:30:e7:fc:79:ce:fc:d3:71:08:10:71:
15:c2:81:0d
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgIDAaR0MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUxMDIxMDg1MjMxWhcNMjUxMTI3MDg1MjMxWjAYMRYw
FAYDVQQDEw02OGY3NDlkNC1mMzczMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA9MlU2NMPKRbB7g+5FM5kVw0kRiqQpzz2Erqa4k4Z5WjDfi03/snQubP5
IEXayVCRFHqmg20FQFuHC/kD6GKHuhRICdjOuNfJhN9YD8Z0WAAQRir3/vO9gGhj
ejdHb8PJ6by5h3Jjg+ZBVtbMoGE+OQjLOtUIyOJfVP0PtQ6wpDduk/mXyWoSZcGQ
UZBNgtiDleIKd3sZDobVdmW5O1UQTtdbt9OmJ2Jbe47LwthLATLUGKw4Vl4sfnAJ
CBmAChgX3C4dcfFkwK9qtPbD22wVFnOEC4+Tq1rubhG4GVKlQ2aCqODbWkk8Q3x2
pufY5dwW2L1LLmtPR4ie22giFa3zrQIDAQABo4ICszCCAq8wHQYDVR0OBBYEFHPs
U6ly1IH1AUPokdcAcCVzJSKgMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80QTMwNjI4NkFFNUIxMUYwQTdBM0MzN0NEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAGayooDBASayoADBAWa
zwAwDQYJKoZIhvcNAQELBQADggEBAAkxRBStUNaZpoTc7FdgVo6SyWUDl/psZf+A
j8ipV8O69Rg0N43KcS4xQQjjQRQqVek8l6hIf3DxbHjmZc64rhmWixCT3THeaZPX
fTqechpOcS/7Tr0nw51qBakrPySzYteshW/lO1TUdziT83JLKoqxOk3OZnAY8gis
AW+c8NrS+3mmh+1EscmtB+Xlprw8BGUZrpqYCrMM3i6apNSvmLCQ8xxZzB/YrlUS
deaKDh0dXeROAYbncNq1FlqQPRy28Z6b27fBsCI4CCW/qxp2Zts1T6Kym9omNx8I
Kq8Bno51jFB/QdSZ5CBEprAQbelEoFkw5/x5zvzTcQgQcRXCgQ0=
-----END CERTIFICATE-----
Generated at Tue Nov 4 16:34:08 2025 by rpki-client