Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5A8EA234AF3011F0B03369D6DAE4EC9C.roa
File: 5A8EA234AF3011F0B03369D6DAE4EC9C.roa (raw, json)
Hash identifier: Gsr5sleTAJ+C+nW+vZK3mB9grLKzMjJiA6WF6KO14WI=
Subject key identifier: 53:C2:2C:F6:F9:D3:7C:7C:BE:F6:BE:90:4E:8B:E1:DA:D8:58:BC:00
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01A4A1
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5A8EA234AF3011F0B03369D6DAE4EC9C.roa
Signing time: Wed 22 Oct 2025 10:17:46 +0000
ROA not before: Wed 22 Oct 2025 10:17:40 +0000
ROA not after: Sat 29 Nov 2025 10:17:40 +0000
asID: 32043
IP address blocks: 154.194.5.0/24 maxlen: 24
154.203.8.0/22 maxlen: 24
154.203.12.0/22 maxlen: 24
154.203.243.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 06 Nov 2025 00:06:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 107681 (0x1a4a1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Oct 22 10:17:40 2025 GMT
Not After : Nov 29 10:17:40 2025 GMT
Subject: CN=68f8af4a-ed54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:4e:53:45:0e:45:cf:8a:2b:e0:e9:3b:53:3a:
c3:4c:de:9e:29:ec:53:74:4a:cd:2d:fe:43:11:4b:
b5:1c:93:9d:37:6a:99:1c:60:e3:94:7a:d8:9d:0c:
14:a6:02:ce:48:a0:d8:ed:f0:dd:ae:b1:45:6c:71:
f1:70:32:92:31:97:78:eb:72:69:10:3e:36:52:c3:
bd:af:58:c4:5a:b4:5f:3a:d3:ee:a9:1b:72:1a:6c:
ec:e9:68:6e:f6:86:40:e7:29:bd:8a:9d:36:ee:81:
07:3e:94:84:9c:65:4c:67:88:6e:0e:c8:cf:d5:a0:
2c:8a:42:b8:36:14:bc:65:13:0f:42:75:5f:1b:b9:
38:24:f6:86:e5:9b:28:73:cc:22:6c:ca:c7:c3:c4:
30:2f:6c:b2:f8:f8:8b:9c:93:51:14:90:5d:e5:b9:
2d:74:07:83:62:06:19:5a:d6:e3:cc:0b:78:0f:e7:
f2:b9:02:19:20:2b:4d:1e:07:97:75:2b:66:05:ca:
55:5e:8e:2b:7a:72:fa:09:5d:b2:80:96:44:21:49:
70:42:c4:cf:29:cf:6a:4e:9b:85:39:24:94:f1:fb:
ad:63:90:72:d1:b2:eb:12:25:b0:87:09:a4:2c:ef:
f5:9d:2a:3c:30:c4:74:a2:15:4d:a8:1f:57:a7:55:
72:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:C2:2C:F6:F9:D3:7C:7C:BE:F6:BE:90:4E:8B:E1:DA:D8:58:BC:00
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5A8EA234AF3011F0B03369D6DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.194.5.0/24
154.203.8.0/21
154.203.243.0/24
Signature Algorithm: sha256WithRSAEncryption
9f:7e:9f:2d:58:b7:8c:73:f3:21:d5:a6:53:49:87:4d:fc:6d:
f5:73:5b:c5:e2:61:25:eb:4a:ac:25:e1:d2:b9:2f:2a:e0:66:
3e:c7:ea:7a:2b:08:8e:fe:49:9d:40:79:27:01:a4:03:66:3d:
c5:2a:8b:a4:f1:c6:21:0e:5a:76:b8:03:93:1e:c7:5a:6b:11:
79:a3:c7:41:48:4b:c3:91:ae:da:38:e4:aa:7f:08:14:9f:5b:
00:f0:89:29:13:2b:5c:b8:f2:98:72:90:ad:96:b8:6d:f7:95:
e4:64:70:86:74:84:5e:3e:48:e5:5c:09:00:f5:19:8f:34:d0:
7a:a6:19:90:78:ee:bd:b8:db:08:0b:f0:88:cc:77:f7:c8:30:
5a:d8:83:e0:88:79:dc:6d:35:a1:b9:ba:5e:d8:62:28:58:3b:
b2:e0:e6:37:50:80:15:79:4a:ed:f1:1f:1b:10:bf:25:c0:6a:
5e:a9:de:12:66:b2:e4:f0:8d:f5:bf:9b:a6:1f:ea:05:e9:79:
77:95:c1:1e:93:a7:0e:95:0a:8c:f3:51:13:a8:6a:e1:ff:e3:
1e:84:11:1c:c0:0c:14:19:f0:ee:c1:c5:7a:da:47:9c:18:d8:
98:90:05:ef:7d:17:ef:25:57:98:1d:9c:bf:53:30:e9:eb:5c:
8c:0f:05:aa
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgIDAaShMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUxMDIyMTAxNzQwWhcNMjUxMTI5MTAxNzQwWjAYMRYw
FAYDVQQDEw02OGY4YWY0YS1lZDU0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqU5TRQ5Fz4or4Ok7UzrDTN6eKexTdErNLf5DEUu1HJOdN2qZHGDjlHrY
nQwUpgLOSKDY7fDdrrFFbHHxcDKSMZd463JpED42UsO9r1jEWrRfOtPuqRtyGmzs
6Whu9oZA5ym9ip027oEHPpSEnGVMZ4huDsjP1aAsikK4NhS8ZRMPQnVfG7k4JPaG
5Zsoc8wibMrHw8QwL2yy+PiLnJNRFJBd5bktdAeDYgYZWtbjzAt4D+fyuQIZICtN
HgeXdStmBcpVXo4renL6CV2ygJZEIUlwQsTPKc9qTpuFOSSU8futY5By0bLrEiWw
hwmkLO/1nSo8MMR0ohVNqB9Xp1Vy3QIDAQABo4ICsTCCAq0wHQYDVR0OBBYEFFPC
LPb503x8vva+kE6L4drYWLwAMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC81QThFQTIzNEFGMzAxMUYwQjAzMzY5RDZEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAmsIFAwQDmssIAwQAmsvz
MA0GCSqGSIb3DQEBCwUAA4IBAQCffp8tWLeMc/Mh1aZTSYdN/G31c1vF4mEl60qs
JeHSuS8q4GY+x+p6KwiO/kmdQHknAaQDZj3FKouk8cYhDlp2uAOTHsdaaxF5o8dB
SEvDka7aOOSqfwgUn1sA8IkpEytcuPKYcpCtlrht95XkZHCGdIRePkjlXAkA9RmP
NNB6phmQeO69uNsIC/CIzHf3yDBa2IPgiHncbTWhubpe2GIoWDuy4OY3UIAVeUrt
8R8bEL8lwGpeqd4SZrLk8I31v5umH+oF6Xl3lcEek6cOlQqM81ETqGrh/+MehBEc
wAwUGfDuwcV62kecGNiYkAXvfRfvJVeYHZy/UzDp61yMDwWq
-----END CERTIFICATE-----
Generated at Tue Nov 4 21:47:17 2025 by rpki-client