Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5666BE4CAD9311F09F889EF0DAE4EC9C.roa
File: 5666BE4CAD9311F09F889EF0DAE4EC9C.roa (raw, json)
Hash identifier: WgFjP+T1DXUd1nRxGQdJ9Tr4WHQnWQLSqFy00qVJMlY=
Subject key identifier: 5D:70:22:7A:7A:8A:86:7B:78:4D:B8:F6:F5:72:8C:4E:5E:E5:68:E9
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01A44F
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5666BE4CAD9311F09F889EF0DAE4EC9C.roa
Signing time: Mon 20 Oct 2025 09:01:17 +0000
ROA not before: Mon 20 Oct 2025 09:01:11 +0000
ROA not after: Mon 26 Jan 2026 09:01:11 +0000
asID: 29852
IP address blocks: 154.194.58.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Nov 2025 00:06:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 107599 (0x1a44f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Oct 20 09:01:11 2025 GMT
Not After : Jan 26 09:01:11 2026 GMT
Subject: CN=68f5fa5d-1287
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:eb:67:27:6d:3f:aa:b7:e9:11:b9:f4:f9:c1:
1e:71:97:14:a6:f6:a9:35:10:e5:85:a1:ec:bb:96:
6b:6b:b3:c0:70:a2:00:85:f3:66:4f:65:15:c6:50:
f4:91:24:fd:44:1d:6c:ee:25:37:c2:4c:9e:12:99:
ad:d6:19:76:48:88:b8:bc:ea:09:d3:6b:7e:aa:72:
b3:f2:bd:6c:c7:3e:06:95:6d:87:86:7f:cd:cd:23:
02:e6:de:9c:7a:57:e3:02:d0:c7:c8:fb:64:21:3b:
b0:ca:e1:81:46:c9:67:3b:00:78:1f:e2:e2:3e:78:
87:d7:f6:44:33:73:bb:8a:13:c2:be:5c:14:e5:67:
ba:48:8c:1a:4a:53:70:fd:85:23:00:0f:b9:d9:ee:
6f:d5:f0:37:eb:ea:9f:81:50:46:7b:07:37:f8:9a:
88:17:aa:86:69:5e:55:54:04:b9:5c:2c:2e:a5:26:
65:26:3e:f3:cd:0d:1c:c4:f1:c9:86:79:a3:eb:f0:
d9:83:89:db:33:62:34:80:23:ac:9b:78:de:64:31:
49:a2:8f:62:a9:82:8a:a6:2b:8e:21:44:bf:06:4d:
fe:b9:ba:7e:11:79:b9:f9:f0:56:41:f6:5a:b7:ae:
4d:ba:27:66:3b:82:7e:cc:70:82:66:13:33:c0:15:
3c:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:70:22:7A:7A:8A:86:7B:78:4D:B8:F6:F5:72:8C:4E:5E:E5:68:E9
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5666BE4CAD9311F09F889EF0DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.194.58.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:cc:53:7d:17:e7:b7:55:57:bc:ef:58:4b:96:f7:62:3b:70:
0e:4b:d5:f0:8d:23:d8:5b:0a:00:c1:f4:33:02:95:4d:b3:7a:
5c:a9:92:13:35:64:a0:92:e2:25:2e:f0:8b:6a:07:b6:aa:b0:
00:9c:20:12:ea:d6:59:d2:06:eb:67:eb:5c:21:0b:cf:49:9e:
ce:44:74:8e:fb:d9:10:7c:09:01:e0:c6:72:65:fa:bc:d3:d4:
35:43:03:34:15:c8:87:ab:4e:ea:6d:c5:49:c8:b2:77:8a:ee:
a2:1d:11:74:89:3f:cc:c7:60:62:87:bd:19:45:94:5d:c9:e1:
76:83:7d:82:11:e7:0b:94:0b:a3:ac:35:00:60:80:05:63:e5:
b0:25:4a:7d:8a:1a:0d:16:5f:27:fe:4e:b5:71:a9:cd:58:3d:
9c:dd:31:e6:08:6e:43:95:3f:50:e4:c1:83:1e:d1:05:e2:eb:
ec:b0:06:e9:8a:b9:63:bc:0e:e4:9d:08:8c:4d:fe:e1:09:9e:
b8:41:ce:44:08:62:82:b2:dd:09:68:cf:60:a3:ff:01:ab:04:
28:0b:03:f9:bf:fa:a5:9b:73:7b:0b:75:ee:9c:ab:5a:0a:75:
c5:22:f8:1d:c4:c4:ba:88:78:40:b0:c4:d9:cc:64:19:b3:68:
66:0b:35:15
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAaRPMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUxMDIwMDkwMTExWhcNMjYwMTI2MDkwMTExWjAYMRYw
FAYDVQQDEw02OGY1ZmE1ZC0xMjg3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsutnJ20/qrfpEbn0+cEecZcUpvapNRDlhaHsu5Zra7PAcKIAhfNmT2UV
xlD0kST9RB1s7iU3wkyeEpmt1hl2SIi4vOoJ02t+qnKz8r1sxz4GlW2Hhn/NzSMC
5t6celfjAtDHyPtkITuwyuGBRslnOwB4H+LiPniH1/ZEM3O7ihPCvlwU5We6SIwa
SlNw/YUjAA+52e5v1fA36+qfgVBGewc3+JqIF6qGaV5VVAS5XCwupSZlJj7zzQ0c
xPHJhnmj6/DZg4nbM2I0gCOsm3jeZDFJoo9iqYKKpiuOIUS/Bk3+ubp+EXm5+fBW
QfZat65NuidmO4J+zHCCZhMzwBU8YwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFF1w
Inp6ioZ7eE249vVyjE5e5WjpMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC81NjY2QkU0Q0FEOTMxMUYwOUY4ODlFRjBEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsI6MA0GCSqGSIb3DQEB
CwUAA4IBAQAMzFN9F+e3VVe871hLlvdiO3AOS9XwjSPYWwoAwfQzApVNs3pcqZIT
NWSgkuIlLvCLage2qrAAnCAS6tZZ0gbrZ+tcIQvPSZ7ORHSO+9kQfAkB4MZyZfq8
09Q1QwM0FciHq07qbcVJyLJ3iu6iHRF0iT/Mx2Bih70ZRZRdyeF2g32CEecLlAuj
rDUAYIAFY+WwJUp9ihoNFl8n/k61canNWD2c3THmCG5DlT9Q5MGDHtEF4uvssAbp
irljvA7knQiMTf7hCZ64Qc5ECGKCst0JaM9go/8BqwQoCwP5v/qlm3N7C3XunKta
CnXFIvgdxMS6iHhAsMTZzGQZs2hmCzUV
-----END CERTIFICATE-----
Generated at Wed Nov 5 03:09:35 2025 by rpki-client