Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5042CC38B8AE11F08DE4D2A3DAE4EC9C.roa
File: 5042CC38B8AE11F08DE4D2A3DAE4EC9C.roa (raw, json)
Hash identifier: hJAE5bO2xaGL/rgo1c6Gg+15nPzyGeBWLi45jh0U9JM=
Subject key identifier: 97:EE:CE:CA:C2:32:54:99:56:4E:C6:99:45:AF:8E:23:5A:97:BE:1C
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01A736
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5042CC38B8AE11F08DE4D2A3DAE4EC9C.roa
Signing time: Mon 03 Nov 2025 12:12:06 +0000
ROA not before: Mon 03 Nov 2025 12:12:01 +0000
ROA not after: Thu 11 Dec 2025 12:12:01 +0000
asID: 401615
IP address blocks: 154.82.136.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 06 Nov 2025 00:06:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 108342 (0x1a736)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Nov 3 12:12:01 2025 GMT
Not After : Dec 11 12:12:01 2025 GMT
Subject: CN=69089c16-26dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:92:0e:67:8d:74:14:99:00:a7:af:9a:43:53:
48:2a:8d:1f:ac:89:f6:a0:6f:f2:55:e9:58:89:aa:
15:75:33:e4:87:27:be:ba:52:ea:70:c5:e3:61:8f:
8d:8a:c8:d8:a3:b7:6d:a9:10:2d:01:06:6c:82:90:
88:f0:1d:94:d2:fb:00:ca:f7:ba:d7:a7:f0:89:33:
d9:e6:18:61:4c:be:48:35:40:ce:ff:32:c1:c2:4d:
0f:22:13:8e:5b:68:d7:e9:08:0d:c0:0d:0d:d7:08:
4d:d4:22:2c:79:c3:b7:b3:e1:90:3e:4a:52:04:4c:
2d:55:aa:1e:60:a4:7c:96:38:9d:19:96:12:59:de:
89:36:91:13:eb:94:23:8d:6c:1c:e1:4c:be:1d:c0:
69:ba:c5:75:06:89:16:f8:cd:65:7f:c8:32:2a:d7:
f3:17:e9:25:6a:8c:19:ec:82:2e:fb:c2:3f:7b:80:
86:32:78:c5:6e:45:a8:c1:ce:fd:7c:8d:da:fb:0b:
88:4e:05:9a:c9:7a:2e:70:17:1d:7c:e3:15:34:e7:
41:c4:4c:87:33:03:94:9f:86:aa:a0:b7:ef:23:f6:
56:bc:fe:62:25:95:0a:a9:c0:8f:df:d8:25:c3:cd:
d0:d4:6f:78:3d:ac:e9:2d:8c:ae:f4:4c:79:33:a7:
ef:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:EE:CE:CA:C2:32:54:99:56:4E:C6:99:45:AF:8E:23:5A:97:BE:1C
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5042CC38B8AE11F08DE4D2A3DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.82.136.0/23
Signature Algorithm: sha256WithRSAEncryption
d0:8d:c9:4b:95:12:c6:68:f5:b0:02:5e:74:d8:8f:03:32:51:
76:c8:da:f8:06:9a:4b:a1:43:9d:e8:0d:bd:ab:c8:4b:58:80:
11:95:98:21:d9:a4:9e:b1:01:17:b4:8f:65:70:cb:82:40:cf:
11:1e:25:0c:a3:a5:1b:52:26:5e:9a:1c:c0:76:7e:fc:a8:9b:
04:64:04:e7:82:71:49:7e:08:27:f2:1d:c1:f3:1d:00:7e:6f:
d5:15:3f:13:5b:a8:a0:dc:eb:ca:77:67:a0:93:24:f5:36:70:
ba:c1:1f:1a:a2:1a:8e:f9:02:a1:21:a6:76:e2:af:78:b9:59:
52:ca:02:53:df:0f:f7:6b:ca:5d:69:2f:b6:3a:7d:4c:21:ea:
f3:a0:8e:b2:5c:47:75:a8:4f:50:bf:14:53:a0:4d:07:ce:4e:
d6:92:ad:16:16:18:21:43:7e:45:45:9e:9b:37:fe:d8:66:21:
ac:9e:d5:30:43:f9:cc:20:e7:28:f9:55:0c:84:b1:9f:73:b6:
d8:82:0a:21:97:f7:e8:60:95:46:e3:b2:35:50:32:f7:81:7b:
93:ab:62:b5:be:85:1f:13:b0:81:85:21:92:1c:46:91:73:25:
91:63:ae:be:1b:77:c7:49:73:58:8c:5b:e9:da:a7:5f:66:8c:
71:3d:89:18
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAac2MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUxMTAzMTIxMjAxWhcNMjUxMjExMTIxMjAxWjAYMRYw
FAYDVQQDEw02OTA4OWMxNi0yNmRjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAnJIOZ410FJkAp6+aQ1NIKo0frIn2oG/yVelYiaoVdTPkhye+ulLqcMXj
YY+NisjYo7dtqRAtAQZsgpCI8B2U0vsAyve616fwiTPZ5hhhTL5INUDO/zLBwk0P
IhOOW2jX6QgNwA0N1whN1CIsecO3s+GQPkpSBEwtVaoeYKR8ljidGZYSWd6JNpET
65QjjWwc4Uy+HcBpusV1BokW+M1lf8gyKtfzF+klaowZ7IIu+8I/e4CGMnjFbkWo
wc79fI3a+wuITgWayXoucBcdfOMVNOdBxEyHMwOUn4aqoLfvI/ZWvP5iJZUKqcCP
39glw83Q1G94PazpLYyu9Ex5M6fvKwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFJfu
zsrCMlSZVk7GmUWvjiNal74cMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC81MDQyQ0MzOEI4QUUxMUYwOERFNEQyQTNEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmlKIMA0GCSqGSIb3DQEB
CwUAA4IBAQDQjclLlRLGaPWwAl502I8DMlF2yNr4BppLoUOd6A29q8hLWIARlZgh
2aSesQEXtI9lcMuCQM8RHiUMo6UbUiZemhzAdn78qJsEZATngnFJfggn8h3B8x0A
fm/VFT8TW6ig3OvKd2egkyT1NnC6wR8aohqO+QKhIaZ24q94uVlSygJT3w/3a8pd
aS+2On1MIerzoI6yXEd1qE9QvxRToE0Hzk7Wkq0WFhghQ35FRZ6bN/7YZiGsntUw
Q/nMIOco+VUMhLGfc7bYggohl/foYJVG47I1UDL3gXuTq2K1voUfE7CBhSGSHEaR
cyWRY66+G3fHSXNYjFvp2qdfZoxxPYkY
-----END CERTIFICATE-----
Generated at Tue Nov 4 21:46:39 2025 by rpki-client