Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/98F42AEAB8AD11F0BB01959FDAE4EC9C.roa
File: 98F42AEAB8AD11F0BB01959FDAE4EC9C.roa (raw, json)
Hash identifier: wFskbMG0RzQC/2S9HvwNc5F9DnWgfBn/oAk8gMxtNyc=
Subject key identifier: 85:E6:34:2D:65:02:01:E8:09:82:17:89:90:84:54:19:D2:C5:06:FF
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01A734
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/98F42AEAB8AD11F0BB01959FDAE4EC9C.roa
Signing time: Mon 03 Nov 2025 12:06:59 +0000
ROA not before: Mon 03 Nov 2025 12:06:51 +0000
ROA not after: Thu 11 Dec 2025 12:06:51 +0000
asID: 61112
IP address blocks: 154.82.138.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 06 Nov 2025 00:06:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 108340 (0x1a734)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Nov 3 12:06:51 2025 GMT
Not After : Dec 11 12:06:51 2025 GMT
Subject: CN=69089ae3-2910
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:f4:76:2d:ea:6e:c0:72:07:59:a7:1c:c4:0a:
ac:46:cc:5a:f0:d1:cf:2f:b0:94:cd:8a:da:7f:90:
01:6e:b3:51:f9:9d:8c:79:ea:ea:71:bd:f2:fb:e8:
0d:6e:5f:9e:62:0e:0c:39:f0:1f:7b:ec:49:2d:f9:
3c:82:9f:a0:e6:90:2c:e5:d5:fd:79:e2:12:c8:29:
a6:4a:6e:68:18:ec:63:e4:d2:40:c7:a0:75:4b:c2:
40:32:d5:61:ee:7d:75:26:1d:31:a5:f8:63:b3:1b:
34:f0:4b:92:d0:5c:34:e6:68:06:79:d5:75:01:dc:
0c:1f:b1:b5:81:4f:ef:8c:86:80:b9:25:2c:44:f1:
7a:22:e5:94:b8:c7:61:6c:3b:a8:20:24:59:95:46:
3d:a1:bb:5e:a5:39:66:14:a6:6f:a7:85:6c:09:80:
3f:08:24:e7:72:1f:24:57:1b:5a:2f:25:15:16:4c:
92:bb:34:ca:5e:59:ca:79:5a:8d:02:7c:06:94:33:
bc:1e:60:31:22:5e:8a:a6:e8:9a:6a:28:c2:b0:ec:
af:a3:b1:c2:38:b7:3b:a0:b2:87:01:e2:6c:53:48:
21:5d:22:d0:07:70:3f:ae:33:d3:42:9c:2d:e1:6b:
ef:eb:66:22:bb:48:7c:13:7f:50:c2:26:bb:bd:a5:
c1:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:E6:34:2D:65:02:01:E8:09:82:17:89:90:84:54:19:D2:C5:06:FF
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/98F42AEAB8AD11F0BB01959FDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.82.138.0/23
Signature Algorithm: sha256WithRSAEncryption
5d:11:40:aa:52:d1:d0:f0:fe:b2:29:74:59:18:1c:74:95:1e:
16:d4:8f:3d:60:45:b3:d6:67:f5:47:7b:79:cc:37:00:72:a5:
70:cb:b5:ae:a8:58:10:13:27:25:36:35:4c:2c:16:6e:de:c1:
82:8c:f4:7f:65:c3:e3:50:37:bb:4d:1a:58:79:34:f9:76:34:
65:a2:83:08:79:93:5f:7d:62:fd:58:a6:77:92:ff:d8:77:ed:
d8:34:8e:ee:af:aa:4e:97:54:a3:a9:f9:35:5b:41:50:b8:97:
56:97:33:11:b6:e2:e0:2a:48:66:66:7c:68:04:3d:28:0b:b0:
c2:98:53:4b:80:10:83:87:32:55:1a:2d:a4:e2:39:a1:5f:42:
b2:2a:98:f4:70:3b:4f:23:6f:df:c1:24:83:11:ed:b0:d8:66:
20:cb:e9:21:11:1b:b7:5f:a4:dc:40:01:0f:5d:54:77:63:79:
eb:a2:cd:13:d4:9a:89:34:45:e0:51:af:ec:c2:f9:a0:1c:00:
7d:37:36:15:21:df:55:02:c5:2c:d3:58:45:aa:f7:93:9e:9a:
8b:4c:3c:e0:f5:eb:b6:ac:2b:55:d7:10:5b:73:39:a6:a6:6d:
13:40:2e:36:15:b9:6e:93:6d:a0:2c:0c:46:b7:be:82:6b:3a:
87:67:20:cb
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAac0MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUxMTAzMTIwNjUxWhcNMjUxMjExMTIwNjUxWjAYMRYw
FAYDVQQDEw02OTA4OWFlMy0yOTEwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqPR2LepuwHIHWaccxAqsRsxa8NHPL7CUzYraf5ABbrNR+Z2Meerqcb3y
++gNbl+eYg4MOfAfe+xJLfk8gp+g5pAs5dX9eeISyCmmSm5oGOxj5NJAx6B1S8JA
MtVh7n11Jh0xpfhjsxs08EuS0Fw05mgGedV1AdwMH7G1gU/vjIaAuSUsRPF6IuWU
uMdhbDuoICRZlUY9obtepTlmFKZvp4VsCYA/CCTnch8kVxtaLyUVFkySuzTKXlnK
eVqNAnwGlDO8HmAxIl6KpuiaaijCsOyvo7HCOLc7oLKHAeJsU0ghXSLQB3A/rjPT
Qpwt4Wvv62Yiu0h8E39Qwia7vaXBRQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFIXm
NC1lAgHoCYIXiZCEVBnSxQb/MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85OEY0MkFFQUI4QUQxMUYwQkIwMTk1OUZEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmlKKMA0GCSqGSIb3DQEB
CwUAA4IBAQBdEUCqUtHQ8P6yKXRZGBx0lR4W1I89YEWz1mf1R3t5zDcAcqVwy7Wu
qFgQEyclNjVMLBZu3sGCjPR/ZcPjUDe7TRpYeTT5djRlooMIeZNffWL9WKZ3kv/Y
d+3YNI7ur6pOl1Sjqfk1W0FQuJdWlzMRtuLgKkhmZnxoBD0oC7DCmFNLgBCDhzJV
Gi2k4jmhX0KyKpj0cDtPI2/fwSSDEe2w2GYgy+khERu3X6TcQAEPXVR3Y3nros0T
1JqJNEXgUa/swvmgHAB9NzYVId9VAsUs01hFqveTnpqLTDzg9eu2rCtV1xBbczmm
pm0TQC42Fbluk22gLAxGt76CazqHZyDL
-----END CERTIFICATE-----
Generated at Tue Nov 4 19:22:14 2025 by rpki-client