Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DF0B041CB1CE11F098AFFACCDAE4EC9C.roa
File: DF0B041CB1CE11F098AFFACCDAE4EC9C.roa (raw, json)
Hash identifier: F5xSX+EphNazcgiqp+BGEOYtGW3b2ZlZKSEL2Y35ro8=
Subject key identifier: BE:E2:88:B6:30:5C:A6:66:51:E2:DC:A4:7C:F1:22:40:F1:92:BA:C6
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01A4E8
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DF0B041CB1CE11F098AFFACCDAE4EC9C.roa
Signing time: Sat 25 Oct 2025 18:17:31 +0000
ROA not before: Sat 25 Oct 2025 18:17:25 +0000
ROA not after: Tue 18 Nov 2025 18:17:25 +0000
asID: 54801
IP address blocks: 154.90.28.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Nov 2025 00:06:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 107752 (0x1a4e8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Oct 25 18:17:25 2025 GMT
Not After : Nov 18 18:17:25 2025 GMT
Subject: CN=68fd143b-e548
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:1f:43:48:fd:a0:d2:e6:4e:09:1e:81:94:bb:
de:0e:8f:e8:75:74:52:71:1b:f9:2b:5b:c2:aa:ac:
e6:e1:c7:69:95:1c:e0:fa:7e:fb:b3:31:59:6b:89:
98:ae:20:1b:a6:2b:09:20:0a:4e:4b:56:c8:db:41:
60:54:da:d1:84:06:d7:20:ee:64:44:15:81:ad:5b:
d9:a2:22:9e:b3:17:af:09:3b:4c:be:a4:7d:16:62:
de:82:26:38:b1:36:16:57:78:a8:8d:b3:b7:57:b8:
9a:99:ff:07:0b:34:22:bc:f7:60:b0:7c:6f:8b:0f:
59:ac:27:05:78:53:fb:d4:3b:bd:62:ad:df:78:8f:
b9:77:e3:57:d9:69:22:17:e1:68:39:ab:31:85:a9:
5c:16:56:2d:5c:c0:5b:6c:24:3d:8f:86:19:98:10:
f8:93:f6:1e:3a:34:a2:fa:1b:f1:62:ce:c4:3b:bf:
57:f5:e1:ad:2a:fb:0d:37:9f:f1:8c:e3:1b:af:f5:
58:ce:51:70:69:71:20:57:e4:fd:61:1e:bf:c3:e5:
33:db:e5:a9:25:c1:25:97:cf:e1:ac:42:e9:85:0e:
8e:17:2d:9d:1f:e9:a2:ea:1c:e1:34:56:1a:86:ff:
d2:9b:44:18:c6:24:6b:89:65:16:59:95:55:6d:bb:
1c:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:E2:88:B6:30:5C:A6:66:51:E2:DC:A4:7C:F1:22:40:F1:92:BA:C6
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DF0B041CB1CE11F098AFFACCDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.90.28.0/22
Signature Algorithm: sha256WithRSAEncryption
6d:7d:87:07:d7:28:07:02:fd:04:d2:7e:29:f3:c1:4d:4f:74:
99:b8:7f:bb:2c:f2:87:9f:43:d3:e5:d3:33:31:d1:9c:7d:39:
d4:c6:7d:67:ee:0c:92:2a:3c:e1:b2:af:98:66:3f:2e:7c:5b:
eb:0a:b9:b2:7d:2c:c0:03:b4:ac:f7:79:8c:af:d0:31:11:87:
a2:04:9d:aa:ee:a8:35:e8:72:ab:a3:92:c1:33:fa:85:d9:13:
f1:2c:ad:21:56:2d:eb:d6:34:4c:f6:f6:b8:85:95:3b:24:e4:
52:c2:c5:24:ea:11:d8:5f:9f:47:f1:7f:6b:80:9a:ce:03:20:
73:22:dd:21:54:23:57:5b:88:af:1f:3d:d0:df:c1:9a:cb:e6:
9e:bd:5e:16:49:c9:a3:86:28:d2:53:8c:8f:e4:af:e3:05:14:
cb:53:b2:98:b1:49:ce:fa:59:ac:4a:f3:12:49:5d:3e:fb:92:
32:41:54:78:03:4e:f6:20:fb:1a:d4:1e:ec:71:81:7c:c0:94:
8c:30:24:0f:69:8f:df:f8:85:06:42:6c:ae:22:f1:82:11:5a:
d5:75:a0:00:f0:b6:d6:11:43:68:7f:af:ca:f2:fc:21:37:45:
84:94:99:24:2d:cc:b0:2e:cd:2e:48:5d:01:bb:f3:51:7c:96:
15:0e:bc:ad
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAaToMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUxMDI1MTgxNzI1WhcNMjUxMTE4MTgxNzI1WjAYMRYw
FAYDVQQDEw02OGZkMTQzYi1lNTQ4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAlh9DSP2g0uZOCR6BlLveDo/odXRScRv5K1vCqqzm4cdplRzg+n77szFZ
a4mYriAbpisJIApOS1bI20FgVNrRhAbXIO5kRBWBrVvZoiKesxevCTtMvqR9FmLe
giY4sTYWV3iojbO3V7iamf8HCzQivPdgsHxviw9ZrCcFeFP71Du9Yq3feI+5d+NX
2WkiF+FoOasxhalcFlYtXMBbbCQ9j4YZmBD4k/YeOjSi+hvxYs7EO79X9eGtKvsN
N5/xjOMbr/VYzlFwaXEgV+T9YR6/w+Uz2+WpJcEll8/hrELphQ6OFy2dH+mi6hzh
NFYahv/Sm0QYxiRriWUWWZVVbbschwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFL7i
iLYwXKZmUeLcpHzxIkDxkrrGMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9ERjBCMDQxQ0IxQ0UxMUYwOThBRkZBQ0NEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCmlocMA0GCSqGSIb3DQEB
CwUAA4IBAQBtfYcH1ygHAv0E0n4p88FNT3SZuH+7LPKHn0PT5dMzMdGcfTnUxn1n
7gySKjzhsq+YZj8ufFvrCrmyfSzAA7Ss93mMr9AxEYeiBJ2q7qg16HKro5LBM/qF
2RPxLK0hVi3r1jRM9va4hZU7JORSwsUk6hHYX59H8X9rgJrOAyBzIt0hVCNXW4iv
Hz3Q38Gay+aevV4WScmjhijSU4yP5K/jBRTLU7KYsUnO+lmsSvMSSV0++5IyQVR4
A072IPsa1B7scYF8wJSMMCQPaY/f+IUGQmyuIvGCEVrVdaAA8LbWEUNof6/K8vwh
N0WElJkkLcywLs0uSF0Bu/NRfJYVDryt
-----END CERTIFICATE-----
Generated at Wed Nov 5 14:00:03 2025 by rpki-client