Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5C666E5CB3D611F0B1F3FCB5DAE4EC9C.roa
File: 5C666E5CB3D611F0B1F3FCB5DAE4EC9C.roa (raw, json)
Hash identifier: 2Otz+IK4aD3dUpIR/3qvxqyXsnkMITyjOmAu+JeQcvE=
Subject key identifier: 2D:C4:94:EA:B9:61:A8:3E:7D:36:5D:25:59:BE:FA:54:89:B7:78:1B
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01A5D8
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5C666E5CB3D611F0B1F3FCB5DAE4EC9C.roa
Signing time: Tue 28 Oct 2025 08:16:11 +0000
ROA not before: Tue 28 Oct 2025 08:16:06 +0000
ROA not after: Thu 06 Nov 2025 08:16:06 +0000
asID: 17497
IP address blocks: 154.196.140.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 06 Nov 2025 08:16:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 107992 (0x1a5d8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Oct 28 08:16:06 2025 GMT
Not After : Nov 6 08:16:06 2025 GMT
Subject: CN=69007bcb-8a28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:bb:18:1d:1c:bd:a7:ea:26:a7:9f:55:b6:29:
ab:43:33:65:f4:cb:51:63:f8:cf:bb:24:9d:80:8c:
b3:dc:26:62:7b:e0:4d:b7:25:99:b3:34:93:15:95:
0d:94:42:65:2f:b0:d4:97:f8:48:29:67:71:ae:65:
6c:ec:ec:cf:ea:da:36:ed:cb:c5:39:fb:f5:c4:13:
a4:f0:d2:15:40:a4:b4:60:03:2c:f2:5d:0c:5e:50:
a4:0c:0d:0e:4d:4f:98:3a:32:9d:06:37:9b:05:46:
e4:63:8d:92:af:0f:59:44:ad:bd:33:4f:42:64:46:
7b:da:40:4e:13:5f:21:b0:8f:32:83:10:dc:4d:2c:
a7:51:4e:50:96:29:dd:66:21:02:74:92:81:14:a4:
47:46:ed:74:39:11:51:1c:10:c0:b0:f0:30:43:5b:
9c:01:e0:11:62:cc:4e:e6:28:18:b9:94:b6:d2:75:
e6:a1:28:e8:69:41:30:86:45:08:de:f8:73:27:ba:
7a:a5:93:9a:13:92:00:1b:93:ad:69:af:aa:4d:4e:
ba:62:b3:4d:0d:84:50:3d:1c:82:8e:21:35:d6:29:
ed:04:b7:c9:a1:39:0b:d2:4e:04:dd:d1:0d:2c:0d:
1f:cd:fd:5f:0d:6b:05:af:ec:1b:20:46:17:95:69:
0b:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:C4:94:EA:B9:61:A8:3E:7D:36:5D:25:59:BE:FA:54:89:B7:78:1B
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5C666E5CB3D611F0B1F3FCB5DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.196.140.0/22
Signature Algorithm: sha256WithRSAEncryption
27:cb:c4:ad:35:c3:90:75:21:ce:c7:4a:4b:28:ba:c4:36:c5:
38:b6:87:30:02:1a:b5:a4:29:48:03:85:de:5e:2d:93:d0:a2:
82:29:11:25:5b:d8:4a:26:b2:f8:a5:e4:de:56:43:26:04:8a:
5d:53:08:86:a1:39:a6:21:b2:d3:16:30:da:1f:8f:43:7f:67:
fd:f5:3f:b1:c6:51:76:1a:6c:a5:da:91:de:38:11:32:82:6d:
bc:ea:40:86:14:b7:98:fd:4a:96:ff:2f:39:1b:d1:99:43:bf:
e1:4e:3a:1e:a2:e2:b3:93:d9:71:1c:a2:c6:e7:0f:43:d0:76:
db:b4:11:9d:2a:f7:94:65:6b:3d:93:79:c7:fe:01:93:c2:49:
0f:a8:07:c2:06:db:12:57:09:9d:3d:ec:b9:08:f0:92:a7:16:
59:f9:77:74:47:fa:9f:e7:f5:a8:7c:12:72:a3:e6:f4:9e:6d:
30:88:cd:40:46:b2:64:cc:76:e7:24:bc:19:0d:57:69:97:16:
a9:b3:3e:2b:48:d5:e1:0a:a0:9f:5d:9e:20:24:e6:ba:04:c9:
b6:ab:4c:8f:c2:77:ac:87:35:66:5d:1e:54:fd:f9:77:6f:6f:
1a:e4:56:c0:a3:b3:0f:8e:fc:9b:3f:a7:b1:e4:4e:2b:d5:e6:
b8:8c:2f:8f
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAaXYMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUxMDI4MDgxNjA2WhcNMjUxMTA2MDgxNjA2WjAYMRYw
FAYDVQQDEw02OTAwN2JjYi04YTI4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAs7sYHRy9p+omp59VtimrQzNl9MtRY/jPuySdgIyz3CZie+BNtyWZszST
FZUNlEJlL7DUl/hIKWdxrmVs7OzP6to27cvFOfv1xBOk8NIVQKS0YAMs8l0MXlCk
DA0OTU+YOjKdBjebBUbkY42Srw9ZRK29M09CZEZ72kBOE18hsI8ygxDcTSynUU5Q
lindZiECdJKBFKRHRu10ORFRHBDAsPAwQ1ucAeARYsxO5igYuZS20nXmoSjoaUEw
hkUI3vhzJ7p6pZOaE5IAG5Otaa+qTU66YrNNDYRQPRyCjiE11intBLfJoTkL0k4E
3dENLA0fzf1fDWsFr+wbIEYXlWkLSQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFC3E
lOq5Yag+fTZdJVm++lSJt3gbMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC81QzY2NkU1Q0IzRDYxMUYwQjFGM0ZDQjVEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCmsSMMA0GCSqGSIb3DQEB
CwUAA4IBAQAny8StNcOQdSHOx0pLKLrENsU4tocwAhq1pClIA4XeXi2T0KKCKREl
W9hKJrL4peTeVkMmBIpdUwiGoTmmIbLTFjDaH49Df2f99T+xxlF2Gmyl2pHeOBEy
gm286kCGFLeY/UqW/y85G9GZQ7/hTjoeouKzk9lxHKLG5w9D0HbbtBGdKveUZWs9
k3nH/gGTwkkPqAfCBtsSVwmdPey5CPCSpxZZ+Xd0R/qf5/WofBJyo+b0nm0wiM1A
RrJkzHbnJLwZDVdplxapsz4rSNXhCqCfXZ4gJOa6BMm2q0yPwneshzVmXR5U/fl3
b28a5FbAo7MPjvybP6ex5E4r1ea4jC+P
-----END CERTIFICATE-----
Generated at Wed Nov 5 20:19:31 2025 by rpki-client