Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/7838D0BCB8A311F096616EDEDAE4EC9C.roa
File: 7838D0BCB8A311F096616EDEDAE4EC9C.roa (raw, json)
Hash identifier: Mn7A9SzCNjHoogoohxvZlqcskzggJalV+jnT8OHc2b8=
Subject key identifier: 50:D0:4C:B8:8B:4A:09:94:18:61:B5:37:47:0B:21:90:96:41:52:5D
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01A728
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/7838D0BCB8A311F096616EDEDAE4EC9C.roa
Signing time: Mon 03 Nov 2025 10:54:29 +0000
ROA not before: Mon 03 Nov 2025 10:54:24 +0000
ROA not after: Wed 10 Dec 2025 10:54:24 +0000
asID: 137899
IP address blocks: 154.94.224.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 06 Nov 2025 00:06:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 108328 (0x1a728)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Nov 3 10:54:24 2025 GMT
Not After : Dec 10 10:54:24 2025 GMT
Subject: CN=690889e5-7213
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:60:3b:5f:08:1e:6b:d0:bb:1f:6d:66:1c:a2:
95:c8:26:6c:e7:4a:ad:6f:c4:d4:c5:8e:ab:99:a0:
28:9b:fa:27:bd:14:cd:ff:4b:93:2e:83:d0:c6:38:
8d:b2:6a:2b:2a:fb:66:c6:b4:28:b7:c4:08:8a:b7:
5f:b2:6c:3e:9d:c3:e2:d4:a4:1d:43:c9:a3:b3:93:
c1:af:5b:b8:f5:98:1b:da:32:21:51:6f:04:d1:3b:
77:93:33:09:78:40:32:80:df:e4:2a:2b:d7:65:af:
eb:a7:ea:1f:a9:54:30:14:ec:cb:88:1d:27:d5:4d:
93:cd:b1:3c:4d:b7:04:6e:d0:c7:d2:6c:94:5f:2a:
88:1d:42:1a:a4:62:cc:ba:08:f5:f4:c7:f1:2d:af:
53:b9:ff:72:a7:68:a7:9c:74:3b:a4:75:b2:c7:b6:
dd:9a:d2:30:26:1a:af:b0:d1:53:a1:90:42:7a:2e:
24:af:05:aa:36:a7:54:2b:e8:38:ee:ec:ff:10:30:
89:ee:4c:b2:6a:f6:3a:34:7a:e6:50:8b:8f:7f:c5:
9e:75:99:62:d6:68:0a:bf:11:80:8f:e1:eb:20:ed:
bd:d7:92:87:6a:15:bb:81:d2:92:ab:08:29:56:cc:
05:3d:49:fa:5f:2a:0d:b8:4f:41:ee:e6:71:3a:d1:
41:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:D0:4C:B8:8B:4A:09:94:18:61:B5:37:47:0B:21:90:96:41:52:5D
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/7838D0BCB8A311F096616EDEDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.94.224.0/20
Signature Algorithm: sha256WithRSAEncryption
54:fa:3a:f1:9f:92:cb:01:38:4f:2f:69:89:84:6e:b6:e7:07:
0b:3f:f5:00:6c:a6:36:cc:6e:ba:52:39:be:29:4a:7e:0e:23:
0d:83:ea:38:f9:80:af:42:c5:79:01:21:24:1e:b7:12:37:7f:
af:a6:84:32:4b:5f:ec:41:ae:a9:54:d8:05:a9:c5:41:03:69:
d3:64:47:c4:00:67:88:4f:9b:30:15:8f:57:58:95:84:19:52:
bb:e4:57:10:d6:fb:24:ce:92:7e:76:50:1d:31:1a:4f:1b:c2:
8a:8b:ed:1a:2b:40:1a:ab:07:54:f1:9c:e5:2c:2b:2d:c2:3a:
52:b8:6f:da:11:ab:d7:8e:18:f7:07:e3:41:84:01:3f:71:a6:
c4:1c:1b:34:b0:3a:b3:81:8f:9e:e0:8d:2a:36:28:92:71:45:
c0:55:9c:bd:46:61:8f:d6:43:a3:7b:1f:2c:8a:d6:52:7a:d6:
8b:91:0d:70:7f:e8:9e:43:83:75:4e:73:5f:c5:da:7b:f0:4c:
23:3a:b5:7f:00:6f:69:0c:f8:4a:3d:8c:80:e9:92:24:90:49:
04:ad:de:96:44:56:c3:f0:5a:b5:8b:46:11:56:17:a3:ff:5b:
75:3c:e6:26:8e:0d:50:58:9d:a9:12:b2:51:b8:27:40:dc:31:
c4:f4:ae:e6
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAacoMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUxMTAzMTA1NDI0WhcNMjUxMjEwMTA1NDI0WjAYMRYw
FAYDVQQDEw02OTA4ODllNS03MjEzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqmA7Xwgea9C7H21mHKKVyCZs50qtb8TUxY6rmaAom/onvRTN/0uTLoPQ
xjiNsmorKvtmxrQot8QIirdfsmw+ncPi1KQdQ8mjs5PBr1u49Zgb2jIhUW8E0Tt3
kzMJeEAygN/kKivXZa/rp+ofqVQwFOzLiB0n1U2TzbE8TbcEbtDH0myUXyqIHUIa
pGLMugj19MfxLa9Tuf9yp2innHQ7pHWyx7bdmtIwJhqvsNFToZBCei4krwWqNqdU
K+g47uz/EDCJ7kyyavY6NHrmUIuPf8WedZli1mgKvxGAj+HrIO2915KHahW7gdKS
qwgpVswFPUn6XyoNuE9B7uZxOtFBvwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFFDQ
TLiLSgmUGGG1N0cLIZCWQVJdMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC83ODM4RDBCQ0I4QTMxMUYwOTY2MTZFREVEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEml7gMA0GCSqGSIb3DQEB
CwUAA4IBAQBU+jrxn5LLAThPL2mJhG625wcLP/UAbKY2zG66Ujm+KUp+DiMNg+o4
+YCvQsV5ASEkHrcSN3+vpoQyS1/sQa6pVNgFqcVBA2nTZEfEAGeIT5swFY9XWJWE
GVK75FcQ1vskzpJ+dlAdMRpPG8KKi+0aK0AaqwdU8ZzlLCstwjpSuG/aEavXjhj3
B+NBhAE/cabEHBs0sDqzgY+e4I0qNiiScUXAVZy9RmGP1kOjex8sitZSetaLkQ1w
f+ieQ4N1TnNfxdp78EwjOrV/AG9pDPhKPYyA6ZIkkEkErd6WRFbD8Fq1i0YRVhej
/1t1POYmjg1QWJ2pErJRuCdA3DHE9K7m
-----END CERTIFICATE-----
Generated at Tue Nov 4 21:47:11 2025 by rpki-client