Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DCF3ACC8B0F311F08FC1D47CDAE4EC9C.roa
File: DCF3ACC8B0F311F08FC1D47CDAE4EC9C.roa (raw, json)
Hash identifier: 5mp+arNQ129gQIJP0J55pnHcRHQQCFNpMPlKwachInA=
Subject key identifier: A3:52:DD:62:76:80:84:55:34:A7:AD:18:E7:30:52:0C:14:A4:EE:90
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01A4D9
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DCF3ACC8B0F311F08FC1D47CDAE4EC9C.roa
Signing time: Fri 24 Oct 2025 16:09:48 +0000
ROA not before: Fri 24 Oct 2025 16:09:42 +0000
ROA not after: Wed 15 Apr 2026 16:09:42 +0000
asID: 132813
IP address blocks: 154.91.32.0/22 maxlen: 24
154.91.35.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Nov 2025 00:06:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 107737 (0x1a4d9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Oct 24 16:09:42 2025 GMT
Not After : Apr 15 16:09:42 2026 GMT
Subject: CN=68fba4cc-d3c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:37:e1:cb:45:39:dc:ad:4a:16:a5:6b:78:36:
d4:ba:95:7f:32:46:e4:6e:a5:d7:fe:a8:40:2b:7a:
6d:e6:67:20:48:7e:23:bc:a4:32:90:47:d3:b5:a2:
55:cb:a3:ad:11:cb:61:ea:67:ca:fd:3e:9c:90:2a:
da:4e:9c:e6:ff:7c:52:fe:d7:5d:66:0e:ce:8c:aa:
67:6f:16:44:0a:e5:94:c6:87:c2:af:6f:1d:e0:45:
9c:58:1f:1d:ee:3b:f9:ac:01:79:68:27:39:78:dd:
8e:94:08:50:d8:a0:a7:5b:5e:fb:96:c6:1d:20:59:
59:f5:21:b6:c9:5b:c0:f6:ae:b0:97:5d:84:ab:c1:
b7:a7:52:59:33:34:cd:f2:ce:92:a3:85:6a:e4:11:
b6:95:73:15:d4:1e:f3:81:8b:19:a3:9f:8c:88:50:
6c:34:4a:aa:94:91:72:1d:7e:0a:97:59:98:df:2e:
c0:d9:26:bd:81:c2:6f:ef:06:f0:a8:14:9a:2a:2b:
d0:b7:a2:ac:81:1b:2b:da:f9:4d:e4:69:12:51:c0:
3b:e9:c2:a1:db:38:36:71:4b:64:a2:a5:1e:8a:aa:
e1:d5:88:8f:2f:e5:6a:0e:6b:61:89:c4:e8:fd:f9:
72:ab:92:7f:9c:fa:f8:df:49:8f:5a:78:3f:ea:35:
80:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:52:DD:62:76:80:84:55:34:A7:AD:18:E7:30:52:0C:14:A4:EE:90
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DCF3ACC8B0F311F08FC1D47CDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.91.32.0/22
Signature Algorithm: sha256WithRSAEncryption
64:aa:4d:95:9d:bd:86:2d:bb:4f:9b:71:03:c2:f9:a1:c5:4a:
86:c0:15:1e:f9:44:6f:c0:17:91:c2:b4:dc:d2:a1:bd:8f:2b:
9c:cc:84:c0:83:ad:f5:8d:76:ff:45:c0:51:4f:36:25:a5:5c:
95:f8:48:f9:d3:53:4e:a0:88:e9:19:6a:99:92:ca:1b:3a:12:
b9:fc:00:e2:90:29:c3:3e:22:ff:0e:79:40:58:a5:d5:9c:8f:
bf:a2:62:ac:e1:f3:58:90:04:00:31:89:60:5d:ca:6c:ae:3e:
44:0f:0d:fd:71:0e:d9:07:2d:55:f4:73:38:d2:01:52:75:2a:
b7:c8:47:6e:dc:f5:17:70:28:42:3f:7e:de:95:ad:bb:4e:c3:
8f:bb:dc:f2:53:35:ee:3c:ae:40:3d:e7:80:05:92:f2:d0:a5:
15:67:2e:97:db:f5:83:f8:90:60:a5:5a:db:b7:0a:12:8d:84:
57:90:df:20:e6:84:78:5e:26:0f:bf:64:be:a5:df:42:65:9f:
53:34:c3:10:7a:38:df:10:64:bb:27:46:a7:a3:49:27:b0:dc:
9a:3e:e8:d9:2d:e4:4c:e0:64:25:35:eb:7a:61:26:dd:86:cc:
a7:81:5f:21:1c:3e:5d:61:36:0a:e5:d6:12:0a:d1:ef:e4:d3:
eb:61:38:41
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAaTZMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUxMDI0MTYwOTQyWhcNMjYwNDE1MTYwOTQyWjAYMRYw
FAYDVQQDEw02OGZiYTRjYy1kM2M0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqzfhy0U53K1KFqVreDbUupV/MkbkbqXX/qhAK3pt5mcgSH4jvKQykEfT
taJVy6OtEcth6mfK/T6ckCraTpzm/3xS/tddZg7OjKpnbxZECuWUxofCr28d4EWc
WB8d7jv5rAF5aCc5eN2OlAhQ2KCnW177lsYdIFlZ9SG2yVvA9q6wl12Eq8G3p1JZ
MzTN8s6So4Vq5BG2lXMV1B7zgYsZo5+MiFBsNEqqlJFyHX4Kl1mY3y7A2Sa9gcJv
7wbwqBSaKivQt6KsgRsr2vlN5GkSUcA76cKh2zg2cUtkoqUeiqrh1YiPL+VqDmth
icTo/flyq5J/nPr430mPWng/6jWALQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFKNS
3WJ2gIRVNKetGOcwUgwUpO6QMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9EQ0YzQUNDOEIwRjMxMUYwOEZDMUQ0N0NEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCmlsgMA0GCSqGSIb3DQEB
CwUAA4IBAQBkqk2Vnb2GLbtPm3EDwvmhxUqGwBUe+URvwBeRwrTc0qG9jyuczITA
g631jXb/RcBRTzYlpVyV+Ej501NOoIjpGWqZksobOhK5/ADikCnDPiL/DnlAWKXV
nI+/omKs4fNYkAQAMYlgXcpsrj5EDw39cQ7ZBy1V9HM40gFSdSq3yEdu3PUXcChC
P37ela27TsOPu9zyUzXuPK5APeeABZLy0KUVZy6X2/WD+JBgpVrbtwoSjYRXkN8g
5oR4XiYPv2S+pd9CZZ9TNMMQejjfEGS7J0ano0knsNyaPujZLeRM4GQlNet6YSbd
hsyngV8hHD5dYTYK5dYSCtHv5NPrYThB
-----END CERTIFICATE-----
Generated at Wed Nov 5 14:00:26 2025 by rpki-client