Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4A3D6138B4DD11F0BF71289EDAE4EC9C.roa
File: 4A3D6138B4DD11F0BF71289EDAE4EC9C.roa (raw, json)
Hash identifier: JYn2U+Quf02k3Z+lvmnroU8y+iW3APfcnKkwbYD80rk=
Subject key identifier: 3D:D6:5A:58:4F:53:99:97:96:7A:4E:82:9C:0C:34:6F:C5:F6:CB:FE
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01A666
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4A3D6138B4DD11F0BF71289EDAE4EC9C.roa
Signing time: Wed 29 Oct 2025 15:38:18 +0000
ROA not before: Wed 29 Oct 2025 15:38:13 +0000
ROA not after: Wed 26 Nov 2025 15:38:13 +0000
asID: 397423
IP address blocks: 154.202.0.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 06 Nov 2025 00:06:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 108134 (0x1a666)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Oct 29 15:38:13 2025 GMT
Not After : Nov 26 15:38:13 2025 GMT
Subject: CN=690234ea-66fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:f6:8c:8d:81:01:81:2d:50:3c:8a:03:8c:4c:
05:a2:48:80:d1:56:7b:d5:b0:43:b4:fd:ee:ca:12:
60:8a:46:38:df:75:55:2c:bf:f4:dc:47:8f:e4:a7:
86:51:46:0f:08:99:1b:85:ac:f1:db:f6:63:cc:0f:
73:c5:0c:09:d4:d0:cf:d5:c4:8d:bd:a5:1f:a3:c5:
da:67:77:af:a2:36:2e:bb:dc:a0:db:2d:a2:24:ab:
7b:3b:a8:00:31:eb:b1:28:81:52:6f:bb:b8:13:14:
ad:74:7f:0e:8e:b4:a8:db:fa:22:84:bc:40:35:fe:
91:16:17:44:65:8c:a2:cf:66:90:27:0b:4a:87:15:
d4:61:df:ec:44:43:19:27:ee:8b:52:8e:e1:d5:30:
35:91:cc:7c:3e:1d:b2:67:8c:56:09:53:25:d6:ec:
6b:98:7b:9b:f7:52:ba:80:d9:c3:35:7c:aa:ef:28:
1e:12:1a:8e:4f:29:ab:c7:11:3f:84:52:72:b3:49:
f5:54:5d:52:c9:c4:da:55:9b:af:be:a2:ed:1f:d5:
47:d9:46:2d:67:25:fa:5a:5a:de:0a:7c:11:9b:57:
fd:e0:28:20:3c:1c:7d:94:e7:1c:53:fc:94:ed:c7:
c9:dd:0d:f7:29:ba:2a:07:5c:00:8c:4d:d8:e4:9a:
1f:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:D6:5A:58:4F:53:99:97:96:7A:4E:82:9C:0C:34:6F:C5:F6:CB:FE
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4A3D6138B4DD11F0BF71289EDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.202.0.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:b5:8c:ce:0d:d2:b3:1a:88:b4:08:31:23:70:c3:72:4a:d1:
d6:5f:93:f8:03:9f:14:20:da:ce:de:14:23:22:e1:92:fc:fd:
9c:f5:a8:a0:2b:50:7c:65:eb:c6:6a:26:8a:6f:88:fb:cc:08:
cf:4a:6f:f1:1a:53:09:52:cc:a0:d7:f2:df:04:6e:4d:f2:c8:
52:d9:b1:ae:f4:6f:51:df:5a:01:98:9b:9e:4d:f9:4b:dc:41:
b6:ed:ff:2a:8c:ad:84:05:8e:fe:5f:56:f0:5c:e7:de:fe:39:
2f:ff:4a:f3:7b:8c:b3:84:4f:a9:62:f4:29:5f:7f:28:28:c0:
5f:1c:9a:d1:4b:34:7b:92:92:14:1d:c5:0e:41:cd:d8:b3:ee:
5e:ad:ba:cd:59:2d:3d:a1:f1:2c:2c:e1:d3:d3:1a:4a:db:b0:
07:d7:53:b0:dd:8b:7b:9d:41:40:83:aa:01:7e:7a:34:8e:6c:
4e:9a:2f:68:c9:e1:12:04:92:42:91:ac:b4:2d:30:66:05:ed:
af:01:34:cd:04:f0:3f:95:41:fb:8c:d1:64:e2:26:a4:08:6b:
34:4e:41:cc:17:44:dc:a0:26:2d:94:04:90:7b:7a:ea:d3:02:
e1:e7:a0:b1:2c:b2:6d:28:06:e2:c1:58:7e:83:ef:dc:11:63:
0c:ef:16:6b
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAaZmMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUxMDI5MTUzODEzWhcNMjUxMTI2MTUzODEzWjAYMRYw
FAYDVQQDEw02OTAyMzRlYS02NmZkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwvaMjYEBgS1QPIoDjEwFokiA0VZ71bBDtP3uyhJgikY433VVLL/03EeP
5KeGUUYPCJkbhazx2/ZjzA9zxQwJ1NDP1cSNvaUfo8XaZ3evojYuu9yg2y2iJKt7
O6gAMeuxKIFSb7u4ExStdH8OjrSo2/oihLxANf6RFhdEZYyiz2aQJwtKhxXUYd/s
REMZJ+6LUo7h1TA1kcx8Ph2yZ4xWCVMl1uxrmHub91K6gNnDNXyq7ygeEhqOTymr
xxE/hFJys0n1VF1SycTaVZuvvqLtH9VH2UYtZyX6WlreCnwRm1f94CggPBx9lOcc
U/yU7cfJ3Q33KboqB1wAjE3Y5JofswIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFD3W
WlhPU5mXlnpOgpwMNG/F9sv+MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80QTNENjEzOEI0REQxMUYwQkY3MTI4OUVEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsoAMA0GCSqGSIb3DQEB
CwUAA4IBAQANtYzODdKzGoi0CDEjcMNyStHWX5P4A58UINrO3hQjIuGS/P2c9aig
K1B8ZevGaiaKb4j7zAjPSm/xGlMJUsyg1/LfBG5N8shS2bGu9G9R31oBmJueTflL
3EG27f8qjK2EBY7+X1bwXOfe/jkv/0rze4yzhE+pYvQpX38oKMBfHJrRSzR7kpIU
HcUOQc3Ys+5erbrNWS09ofEsLOHT0xpK27AH11Ow3Yt7nUFAg6oBfno0jmxOmi9o
yeESBJJCkay0LTBmBe2vATTNBPA/lUH7jNFk4iakCGs0TkHMF0TcoCYtlASQe3rq
0wLh56CxLLJtKAbiwVh+g+/cEWMM7xZr
-----END CERTIFICATE-----
Generated at Tue Nov 4 08:01:19 2025 by rpki-client