Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C4E2EC0EAE5311F0B52E6FCBDAE4EC9C.roa
File: C4E2EC0EAE5311F0B52E6FCBDAE4EC9C.roa (raw, json)
Hash identifier: 7SOwqOseahV5KwSd9GBMbZFSHQ6zzVrLx1TBnfmwldk=
Subject key identifier: 53:61:0A:5D:29:72:16:E4:C7:EC:D0:2A:D1:55:F3:2A:FD:00:0A:2D
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01A46C
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C4E2EC0EAE5311F0B52E6FCBDAE4EC9C.roa
Signing time: Tue 21 Oct 2025 07:58:46 +0000
ROA not before: Tue 21 Oct 2025 07:58:40 +0000
ROA not after: Sun 25 Jan 2026 07:58:40 +0000
asID: 135097
IP address blocks: 154.91.4.0/22 maxlen: 24
154.91.8.0/21 maxlen: 24
154.91.16.0/20 maxlen: 24
154.92.96.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Nov 2025 00:06:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 107628 (0x1a46c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Oct 21 07:58:40 2025 GMT
Not After : Jan 25 07:58:40 2026 GMT
Subject: CN=68f73d36-f13b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:57:83:fc:ed:f7:36:dc:e7:68:04:0f:f6:6d:
41:b0:7f:db:b1:23:d1:a0:d9:22:9a:3e:fb:9b:47:
8a:83:ed:76:c7:20:0e:75:a3:ea:41:08:8f:03:21:
f0:0c:0e:b6:56:26:a2:16:69:1e:28:fe:94:8d:05:
93:c0:c7:c9:8b:c2:a4:8a:7c:57:a2:ae:9b:fb:f2:
0f:b1:01:f1:f3:b2:58:81:1e:b0:06:cd:41:2b:55:
20:f9:79:3a:41:d3:02:dc:9c:c8:c8:4c:08:c9:e2:
b0:d0:51:56:59:18:54:ca:09:8e:55:9c:75:6c:01:
b3:97:fd:98:e9:a8:cf:4e:5e:32:19:7a:dd:70:eb:
2f:3d:c8:f0:d8:6e:7c:ec:dd:c6:b3:95:64:1a:8b:
73:d4:cb:e2:a7:c0:8e:2d:f2:a0:66:37:c7:98:e5:
5f:ce:4c:94:42:af:b0:7f:ba:85:a7:91:a8:72:d7:
fb:15:d4:61:28:73:17:82:ac:19:e3:39:95:c2:65:
66:70:6e:dd:3d:2b:ac:27:b1:00:97:f5:f3:7c:33:
6f:d9:c6:d6:31:a1:5e:cc:6d:44:51:9c:f4:d8:ad:
d5:0c:6a:9d:b7:9b:3e:40:ae:23:d5:8f:76:8d:10:
9f:ed:eb:88:d6:97:82:f7:0b:ec:bb:da:f1:f2:26:
4b:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:61:0A:5D:29:72:16:E4:C7:EC:D0:2A:D1:55:F3:2A:FD:00:0A:2D
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C4E2EC0EAE5311F0B52E6FCBDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.91.4.0-154.91.31.255
154.92.96.0/21
Signature Algorithm: sha256WithRSAEncryption
99:43:3a:d8:89:3a:27:78:ab:d2:5e:db:f3:7e:d8:99:54:e7:
58:b4:bd:0b:f9:48:5b:31:49:fe:66:ee:aa:dd:18:92:74:7f:
69:e3:f5:94:13:e1:59:de:3e:be:2c:71:5b:5b:e5:ae:30:4f:
0f:8c:37:28:62:82:1e:c3:eb:90:fb:96:08:ea:b3:03:c9:12:
7e:cc:d9:04:f9:04:85:df:74:15:6f:57:c5:70:e2:3b:8a:48:
b5:8c:9f:90:55:7f:57:e2:63:53:a1:87:08:16:d9:86:06:19:
20:7e:2e:28:e3:52:93:61:a8:a2:4b:db:97:f8:f4:3d:da:d1:
0d:5e:45:16:9f:df:6a:3d:06:74:bc:66:27:f0:96:38:c3:12:
e5:dd:23:73:44:42:15:18:be:18:e2:d0:f0:ba:d8:1c:7b:40:
ef:db:ab:93:10:c0:71:f8:0a:91:76:15:9d:a4:26:6b:45:a3:
1f:de:d8:a7:9e:37:94:30:d5:56:19:5a:e7:55:39:e3:e0:df:
98:55:d5:64:2b:48:55:26:0d:4a:0a:97:42:18:03:cc:9b:b7:
ec:07:06:9f:12:97:70:41:fd:73:2e:c4:1d:f5:c3:21:fa:a7:
7a:ad:d1:9b:82:90:63:91:b1:bc:05:83:1b:96:39:eb:b2:1b:
da:56:e9:fa
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgIDAaRsMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUxMDIxMDc1ODQwWhcNMjYwMTI1MDc1ODQwWjAYMRYw
FAYDVQQDEw02OGY3M2QzNi1mMTNiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEArVeD/O33NtznaAQP9m1BsH/bsSPRoNkimj77m0eKg+12xyAOdaPqQQiP
AyHwDA62ViaiFmkeKP6UjQWTwMfJi8KkinxXoq6b+/IPsQHx87JYgR6wBs1BK1Ug
+Xk6QdMC3JzIyEwIyeKw0FFWWRhUygmOVZx1bAGzl/2Y6ajPTl4yGXrdcOsvPcjw
2G587N3Gs5VkGotz1Mvip8COLfKgZjfHmOVfzkyUQq+wf7qFp5Goctf7FdRhKHMX
gqwZ4zmVwmVmcG7dPSusJ7EAl/XzfDNv2cbWMaFezG1EUZz02K3VDGqdt5s+QK4j
1Y92jRCf7euI1peC9wvsu9rx8iZLUwIDAQABo4ICszCCAq8wHQYDVR0OBBYEFFNh
Cl0pchbkx+zQKtFV8yr9AAotMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DNEUyRUMwRUFFNTMxMUYwQjUyRTZGQ0JEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAKaWwQDBAWaWwADBAOa
XGAwDQYJKoZIhvcNAQELBQADggEBAJlDOtiJOid4q9Je2/N+2JlU51i0vQv5SFsx
Sf5m7qrdGJJ0f2nj9ZQT4VnePr4scVtb5a4wTw+MNyhigh7D65D7lgjqswPJEn7M
2QT5BIXfdBVvV8Vw4juKSLWMn5BVf1fiY1OhhwgW2YYGGSB+LijjUpNhqKJL25f4
9D3a0Q1eRRaf32o9BnS8ZifwljjDEuXdI3NEQhUYvhji0PC62Bx7QO/bq5MQwHH4
CpF2FZ2kJmtFox/e2KeeN5Qw1VYZWudVOePg35hV1WQrSFUmDUoKl0IYA8ybt+wH
Bp8Sl3BB/XMuxB31wyH6p3qt0ZuCkGORsbwFgxuWOeuyG9pW6fo=
-----END CERTIFICATE-----
Generated at Wed Nov 5 06:02:55 2025 by rpki-client