Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D73E3BB2B4C311F099086882DAE4EC9C.roa
File: D73E3BB2B4C311F099086882DAE4EC9C.roa (raw, json)
Hash identifier: I4GUUOOZtUYR5MpS3faEXP03XGoNOzWK/pONUeo2Vvs=
Subject key identifier: 31:E6:C0:E1:DC:16:8F:70:4F:B9:2F:97:38:2D:24:96:ED:F7:F9:E8
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01A628
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D73E3BB2B4C311F099086882DAE4EC9C.roa
Signing time: Wed 29 Oct 2025 12:36:07 +0000
ROA not before: Wed 29 Oct 2025 12:36:03 +0000
ROA not after: Fri 05 Dec 2025 12:36:03 +0000
asID: 61112
IP address blocks: 154.88.66.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 06 Nov 2025 00:06:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 108072 (0x1a628)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Oct 29 12:36:03 2025 GMT
Not After : Dec 5 12:36:03 2025 GMT
Subject: CN=69020a37-3942
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:ea:dd:b9:55:79:22:83:d2:1c:19:fd:32:21:
4f:23:4e:bc:0b:cf:fe:eb:fb:5d:a7:0e:79:56:21:
04:4b:1b:97:cb:52:76:48:81:06:ec:9b:38:0e:36:
49:48:3b:6a:bb:0d:27:1a:7c:5c:4a:60:bc:cf:6d:
d2:9a:eb:e7:ff:fe:0f:aa:91:07:11:2a:8e:7f:51:
a6:a8:9f:79:ee:21:b9:d5:64:60:42:e7:6f:08:19:
0f:de:35:93:1b:df:61:17:39:eb:9b:f2:14:ef:8b:
c6:ab:12:b5:db:ff:37:2f:81:ce:97:af:7f:e2:f0:
86:7d:74:d6:e8:7f:b3:c7:30:bd:7c:c3:cc:51:5e:
77:0e:20:36:bd:ca:c4:b4:df:e0:a4:20:37:37:fa:
9d:01:eb:94:f9:4f:e7:23:ea:ad:dd:e7:88:68:c7:
ae:97:67:e1:c8:c3:8c:6e:20:18:a2:8b:1a:88:90:
46:ac:a0:ba:31:51:a6:64:6b:a9:e8:2a:a0:f4:80:
cc:7a:37:a9:6b:34:c6:a3:fa:a5:1d:12:c3:2b:3b:
33:d0:26:b4:97:84:76:bd:52:45:05:61:e5:9e:83:
f5:f3:84:50:dd:92:db:34:67:82:7a:9b:7d:8a:a7:
ec:bd:90:66:cf:06:26:16:66:a2:67:60:4b:e5:83:
f0:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:E6:C0:E1:DC:16:8F:70:4F:B9:2F:97:38:2D:24:96:ED:F7:F9:E8
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D73E3BB2B4C311F099086882DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.88.66.0/23
Signature Algorithm: sha256WithRSAEncryption
48:a3:5f:25:6c:5c:71:d2:e0:11:bb:46:63:b3:bb:e4:6a:b0:
b0:e0:de:bc:86:8d:83:6b:74:8a:0f:99:2c:d2:d8:ba:82:65:
27:0d:79:f0:ca:50:e0:ee:fc:d0:db:46:ab:97:f6:08:ce:c6:
cc:c8:e3:8c:3a:3a:26:77:9e:05:ab:f4:f4:68:92:bf:0b:4a:
3f:c7:dc:72:96:97:70:19:60:df:be:e3:62:31:64:a4:e4:7d:
ea:ae:71:31:c9:b1:19:9a:ec:4a:26:1d:b1:eb:fa:05:55:10:
96:e5:95:b3:4b:61:e3:97:9e:d5:fc:71:38:f1:d4:3b:b9:67:
c8:41:92:73:65:54:c9:7c:b7:ce:6d:7c:da:7b:b5:32:4e:e0:
a2:62:9c:84:a2:32:f9:16:eb:c5:84:07:70:45:42:6d:74:d1:
06:ca:40:eb:60:33:9b:4e:15:db:49:51:47:87:d6:28:a7:3f:
19:73:84:78:7f:a7:2f:5c:1e:70:05:40:89:62:fa:99:6b:6b:
e1:a2:27:b6:9c:37:2f:a5:22:85:ba:81:13:78:36:57:7d:89:
e6:1d:63:df:9c:05:55:7c:80:39:4e:ef:65:36:a1:a2:4e:71:
7f:6e:07:07:a7:56:0e:30:23:da:63:b2:82:a9:66:bd:86:09:
45:47:f4:9f
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAaYoMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUxMDI5MTIzNjAzWhcNMjUxMjA1MTIzNjAzWjAYMRYw
FAYDVQQDEw02OTAyMGEzNy0zOTQyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0erduVV5IoPSHBn9MiFPI068C8/+6/tdpw55ViEESxuXy1J2SIEG7Js4
DjZJSDtquw0nGnxcSmC8z23Smuvn//4PqpEHESqOf1GmqJ957iG51WRgQudvCBkP
3jWTG99hFznrm/IU74vGqxK12/83L4HOl69/4vCGfXTW6H+zxzC9fMPMUV53DiA2
vcrEtN/gpCA3N/qdAeuU+U/nI+qt3eeIaMeul2fhyMOMbiAYoosaiJBGrKC6MVGm
ZGup6Cqg9IDMejepazTGo/qlHRLDKzsz0Ca0l4R2vVJFBWHlnoP184RQ3ZLbNGeC
ept9iqfsvZBmzwYmFmaiZ2BL5YPwAQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFDHm
wOHcFo9wT7kvlzgtJJbt9/noMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9ENzNFM0JCMkI0QzMxMUYwOTkwODY4ODJEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmlhCMA0GCSqGSIb3DQEB
CwUAA4IBAQBIo18lbFxx0uARu0Zjs7vkarCw4N68ho2Da3SKD5ks0ti6gmUnDXnw
ylDg7vzQ20arl/YIzsbMyOOMOjomd54Fq/T0aJK/C0o/x9xylpdwGWDfvuNiMWSk
5H3qrnExybEZmuxKJh2x6/oFVRCW5ZWzS2Hjl57V/HE48dQ7uWfIQZJzZVTJfLfO
bXzae7UyTuCiYpyEojL5FuvFhAdwRUJtdNEGykDrYDObThXbSVFHh9Yopz8Zc4R4
f6cvXB5wBUCJYvqZa2vhoie2nDcvpSKFuoETeDZXfYnmHWPfnAVVfIA5Tu9lNqGi
TnF/bgcHp1YOMCPaY7KCqWa9hglFR/Sf
-----END CERTIFICATE-----
Generated at Tue Nov 4 17:01:23 2025 by rpki-client