Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D4A91D5EB38811F0885A56BCDAE4EC9C.roa
File: D4A91D5EB38811F0885A56BCDAE4EC9C.roa (raw, json)
Hash identifier: YTAoNJ+k7greruqObin92u+DElRQTwApr47E18rq2Bk=
Subject key identifier: 9B:30:E7:20:5C:52:2C:D2:4E:36:68:6A:10:58:97:54:8A:9F:CC:8F
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01A5AC
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D4A91D5EB38811F0885A56BCDAE4EC9C.roa
Signing time: Mon 27 Oct 2025 23:01:12 +0000
ROA not before: Mon 27 Oct 2025 23:01:05 +0000
ROA not after: Wed 10 Dec 2025 23:01:05 +0000
asID: 138915
IP address blocks: 154.93.32.0/24 maxlen: 24
154.93.33.0/24 maxlen: 24
154.93.49.0/24 maxlen: 24
154.93.52.0/23 maxlen: 24
154.93.54.0/23 maxlen: 24
154.93.56.0/23 maxlen: 24
154.93.58.0/24 maxlen: 24
154.93.59.0/24 maxlen: 24
154.93.62.0/24 maxlen: 24
154.93.63.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Nov 2025 00:06:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 107948 (0x1a5ac)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Oct 27 23:01:05 2025 GMT
Not After : Dec 10 23:01:05 2025 GMT
Subject: CN=68fff9b7-693b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:79:4e:6b:25:77:2d:69:f1:d5:ba:d3:2b:50:
ea:b1:63:48:97:73:ae:81:7b:d3:69:b0:c0:5c:db:
80:a1:71:f6:db:bf:68:8b:f9:85:69:b3:8f:f9:a5:
2e:c7:76:6e:25:e2:4c:f8:c8:eb:75:f5:33:fa:08:
9e:7a:9e:18:31:0f:f9:fe:9e:35:a1:b8:e1:93:a5:
2f:42:4a:17:52:1c:7d:03:72:72:92:73:6b:05:db:
2b:af:e0:6a:95:2d:30:43:99:55:32:ae:68:56:56:
e2:26:13:0d:3b:c8:d7:7c:fb:70:19:d1:6a:ce:43:
7d:4a:a9:8b:ef:a5:a4:d8:71:1e:17:6a:bf:f5:de:
54:ca:93:4d:67:64:71:d9:ce:90:54:f7:6c:46:6f:
99:9d:f1:42:ba:64:1d:ca:3c:f9:bd:a0:4c:4f:ea:
d3:a9:e5:7b:f9:88:82:33:5f:5b:ae:bc:2a:cc:96:
4f:22:d7:8c:35:a1:bb:3c:9f:c3:34:7e:11:e5:ea:
b5:68:c4:32:60:d2:56:05:b8:a5:d5:95:52:a2:f9:
e8:f1:d4:14:d7:21:77:c1:03:eb:38:86:78:be:bf:
67:eb:1d:25:3f:a8:c5:3b:88:33:1c:05:d3:7c:16:
18:5d:a2:e6:65:b6:d1:7a:80:4f:3d:fc:fc:c9:5f:
49:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:30:E7:20:5C:52:2C:D2:4E:36:68:6A:10:58:97:54:8A:9F:CC:8F
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D4A91D5EB38811F0885A56BCDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.93.32.0/23
154.93.49.0/24
154.93.52.0-154.93.59.255
154.93.62.0/23
Signature Algorithm: sha256WithRSAEncryption
b5:73:88:a7:29:19:44:2a:3d:6d:e1:38:eb:89:3e:8c:3b:6a:
83:d0:6d:cd:b7:98:1a:23:4a:e2:d5:cc:04:b1:01:32:ce:11:
03:99:a9:a0:02:f7:c8:20:fa:ca:3d:02:96:5a:fb:83:00:4c:
af:0f:fb:1d:71:24:35:52:4b:2c:f8:39:46:3d:83:df:ae:75:
98:55:35:31:ec:c3:75:be:72:88:ee:03:46:40:73:ef:0e:98:
ef:56:90:ce:91:9b:57:4e:f8:8e:1f:76:5a:af:4b:82:c9:81:
7d:57:e1:31:34:7f:1b:47:b1:dd:d0:82:6d:af:95:ed:40:25:
a7:81:9c:05:1a:b6:d8:f7:b1:6f:f7:e6:da:b3:f0:e5:6c:1e:
9d:d8:5d:ba:f7:95:a8:0d:5d:ab:b0:e8:52:c5:6c:03:d8:64:
64:94:27:d5:6b:44:81:ac:e6:4f:53:27:b6:3d:a8:4c:05:6f:
b7:33:08:de:c5:f1:db:ba:6d:70:fd:83:60:f4:77:4c:76:15:
2c:a9:58:0a:ad:b9:c2:48:5f:f0:05:a4:df:9a:9f:64:1a:48:
27:2d:24:5f:08:7e:1c:21:8a:54:07:47:73:1e:39:64:67:9b:
7b:8a:16:9f:e4:d9:b2:ba:af:80:a8:22:d7:b5:e9:99:10:3d:
d2:b5:62:c2
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIDAaWsMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUxMDI3MjMwMTA1WhcNMjUxMjEwMjMwMTA1WjAYMRYw
FAYDVQQDEw02OGZmZjliNy02OTNiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvnlOayV3LWnx1brTK1DqsWNIl3OugXvTabDAXNuAoXH2279oi/mFabOP
+aUux3ZuJeJM+MjrdfUz+gieep4YMQ/5/p41objhk6UvQkoXUhx9A3JyknNrBdsr
r+BqlS0wQ5lVMq5oVlbiJhMNO8jXfPtwGdFqzkN9SqmL76Wk2HEeF2q/9d5UypNN
Z2Rx2c6QVPdsRm+ZnfFCumQdyjz5vaBMT+rTqeV7+YiCM19brrwqzJZPIteMNaG7
PJ/DNH4R5eq1aMQyYNJWBbil1ZVSovno8dQU1yF3wQPrOIZ4vr9n6x0lP6jFO4gz
HAXTfBYYXaLmZbbReoBPPfz8yV9JAwIDAQABo4ICvzCCArswHQYDVR0OBBYEFJsw
5yBcUizSTjZoahBYl1SKn8yPMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9ENEE5MUQ1RUIzODgxMUYwODg1QTU2QkNEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQBml0gAwQAml0xMAwDBAKa
XTQDBAKaXTgDBAGaXT4wDQYJKoZIhvcNAQELBQADggEBALVziKcpGUQqPW3hOOuJ
Pow7aoPQbc23mBojSuLVzASxATLOEQOZqaAC98gg+so9ApZa+4MATK8P+x1xJDVS
Syz4OUY9g9+udZhVNTHsw3W+cojuA0ZAc+8OmO9WkM6Rm1dO+I4fdlqvS4LJgX1X
4TE0fxtHsd3Qgm2vle1AJaeBnAUattj3sW/35tqz8OVsHp3YXbr3lagNXauw6FLF
bAPYZGSUJ9VrRIGs5k9TJ7Y9qEwFb7czCN7F8du6bXD9g2D0d0x2FSypWAqtucJI
X/AFpN+an2QaSCctJF8IfhwhilQHR3MeOWRnm3uKFp/k2bK6r4CoIte16ZkQPdK1
YsI=
-----END CERTIFICATE-----
Generated at Wed Nov 5 06:39:31 2025 by rpki-client