Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8DB130F8B31A11F0B01D7DF6DAE4EC9C.roa
File: 8DB130F8B31A11F0B01D7DF6DAE4EC9C.roa (raw, json)
Hash identifier: mD4EzxJ30g5gXHngzWgQguX4W5JNibSRhQfbraadT0s=
Subject key identifier: 95:AE:05:35:D9:BC:AA:81:41:74:74:3C:57:DA:43:60:B4:84:97:69
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01A514
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8DB130F8B31A11F0B01D7DF6DAE4EC9C.roa
Signing time: Mon 27 Oct 2025 09:51:48 +0000
ROA not before: Mon 27 Oct 2025 09:51:43 +0000
ROA not after: Thu 27 Nov 2025 09:51:43 +0000
asID: 6079
IP address blocks: 154.81.200.0/21 maxlen: 24
154.83.48.0/20 maxlen: 24
154.90.0.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 06 Nov 2025 00:06:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 107796 (0x1a514)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Oct 27 09:51:43 2025 GMT
Not After : Nov 27 09:51:43 2025 GMT
Subject: CN=68ff40b4-125a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:ca:3b:72:eb:a4:c0:da:4f:5b:92:7e:a9:6f:
92:3b:0e:64:44:92:41:16:5e:ed:24:35:e8:45:d3:
b8:54:a4:f3:91:98:97:7c:76:d1:69:ce:a4:7d:7e:
c1:d6:9f:59:9c:2a:3f:b3:19:32:ba:dd:ca:45:eb:
af:ec:40:c2:1c:5d:d7:54:46:3d:2f:ed:76:8e:8d:
ab:c7:6c:60:27:ad:61:72:b0:9a:a5:0a:2f:1f:b9:
7a:32:7b:e6:69:ab:f2:05:b8:38:52:9f:18:1b:90:
12:e0:1f:81:ae:97:5e:4b:a8:ba:55:e3:bf:d8:48:
75:bf:e3:01:75:a6:19:f3:cd:bc:b9:1e:ef:84:cf:
f8:dd:42:bc:19:08:24:4d:fa:6d:da:5c:76:d1:8c:
34:4b:fe:e5:61:60:91:59:a5:63:81:1b:8d:81:48:
55:b2:e2:5d:2c:c0:23:22:a7:47:a5:f6:cf:24:d8:
d3:29:d5:08:b6:a7:23:b8:ac:5a:b1:2b:46:08:d8:
bb:13:98:34:92:8d:18:85:14:ff:eb:23:56:d8:31:
41:d5:71:7b:7e:2c:99:98:e3:af:fd:79:24:23:b3:
53:3d:b6:11:32:02:d3:50:ff:a0:8f:bd:e9:09:23:
86:a8:b0:74:05:97:ea:f5:61:b8:08:38:0c:2b:4c:
21:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:AE:05:35:D9:BC:AA:81:41:74:74:3C:57:DA:43:60:B4:84:97:69
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8DB130F8B31A11F0B01D7DF6DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.81.200.0/21
154.83.48.0/20
154.90.0.0/24
Signature Algorithm: sha256WithRSAEncryption
cb:62:c6:b3:ba:d7:4b:06:ab:96:1f:05:71:24:ab:5e:84:ee:
4d:d5:73:78:94:2e:32:58:81:3b:e5:bb:25:21:a1:fb:01:5e:
b2:87:0e:c7:49:dc:83:16:56:7e:a2:f3:0f:e6:ba:9b:31:c8:
6a:1d:a1:68:fc:24:cd:da:90:24:84:c3:38:d9:60:63:ca:2b:
75:6d:4c:81:f1:c6:c9:71:66:57:9f:b2:f7:55:52:89:49:a2:
99:1f:cb:28:e3:07:52:8e:22:f8:a3:ac:27:6d:62:fd:be:d2:
ff:f3:4e:99:42:09:81:4d:81:47:67:83:c0:3e:6d:ee:f8:2a:
d4:ca:a2:e5:87:47:6a:a0:5d:75:2f:c6:a7:ee:60:88:43:db:
d3:96:d7:df:55:05:f2:58:8c:9e:56:93:b2:3c:80:0f:31:b0:
06:e9:4b:ca:b6:fd:99:ad:76:1d:ee:a3:cf:a7:8c:59:91:40:
9b:5c:54:b3:c6:ac:bd:e8:48:7d:0d:1f:7b:fa:8f:de:6a:a7:
35:25:49:16:92:34:d4:d6:82:0d:d3:7c:f7:84:a5:a2:95:0a:
08:53:77:b4:9e:30:ce:8d:b6:5c:c9:da:c3:87:c7:7c:bf:7b:
78:a9:64:93:37:99:d6:42:f2:46:14:d8:0e:78:10:9d:90:8d:
76:f0:dc:62
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgIDAaUUMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUxMDI3MDk1MTQzWhcNMjUxMTI3MDk1MTQzWjAYMRYw
FAYDVQQDEw02OGZmNDBiNC0xMjVhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAn8o7cuukwNpPW5J+qW+SOw5kRJJBFl7tJDXoRdO4VKTzkZiXfHbRac6k
fX7B1p9ZnCo/sxkyut3KReuv7EDCHF3XVEY9L+12jo2rx2xgJ61hcrCapQovH7l6
MnvmaavyBbg4Up8YG5AS4B+BrpdeS6i6VeO/2Eh1v+MBdaYZ8828uR7vhM/43UK8
GQgkTfpt2lx20Yw0S/7lYWCRWaVjgRuNgUhVsuJdLMAjIqdHpfbPJNjTKdUItqcj
uKxasStGCNi7E5g0ko0YhRT/6yNW2DFB1XF7fiyZmOOv/XkkI7NTPbYRMgLTUP+g
j73pCSOGqLB0BZfq9WG4CDgMK0whBQIDAQABo4ICsTCCAq0wHQYDVR0OBBYEFJWu
BTXZvKqBQXR0PFfaQ2C0hJdpMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84REIxMzBGOEIzMUExMUYwQjAxRDdERjZEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDmlHIAwQEmlMwAwQAmloA
MA0GCSqGSIb3DQEBCwUAA4IBAQDLYsazutdLBquWHwVxJKtehO5N1XN4lC4yWIE7
5bslIaH7AV6yhw7HSdyDFlZ+ovMP5rqbMchqHaFo/CTN2pAkhMM42WBjyit1bUyB
8cbJcWZXn7L3VVKJSaKZH8so4wdSjiL4o6wnbWL9vtL/806ZQgmBTYFHZ4PAPm3u
+CrUyqLlh0dqoF11L8an7mCIQ9vTltffVQXyWIyeVpOyPIAPMbAG6UvKtv2ZrXYd
7qPPp4xZkUCbXFSzxqy96Eh9DR97+o/eaqc1JUkWkjTU1oIN03z3hKWilQoIU3e0
njDOjbZcydrDh8d8v3t4qWSTN5nWQvJGFNgOeBCdkI128Nxi
-----END CERTIFICATE-----
Generated at Tue Nov 4 16:34:06 2025 by rpki-client