Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/EC8D99B8B95511F099A2CBC7DAE4EC9C.roa
File: EC8D99B8B95511F099A2CBC7DAE4EC9C.roa (raw, json)
Hash identifier: xRKx+rnSMi9fux14o5qToBb4zVXQ0htOxM0IUUMZnQg=
Subject key identifier: 9B:48:7F:B1:7A:54:32:DB:AB:D7:C1:59:C1:AE:30:67:29:B6:D0:28
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01A765
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/EC8D99B8B95511F099A2CBC7DAE4EC9C.roa
Signing time: Tue 04 Nov 2025 08:11:54 +0000
ROA not before: Tue 04 Nov 2025 08:11:50 +0000
ROA not after: Wed 10 Dec 2025 08:11:50 +0000
asID: 212042
IP address blocks: 154.193.131.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 06 Nov 2025 00:06:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 108389 (0x1a765)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Nov 4 08:11:50 2025 GMT
Not After : Dec 10 08:11:50 2025 GMT
Subject: CN=6909b54a-0f88
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:44:f6:51:1c:d1:d6:79:f1:d5:32:cd:5a:b3:
e1:4e:fe:1b:5e:0a:ff:02:92:af:54:fe:53:b9:6d:
3b:a2:e5:4d:29:ed:59:77:27:6f:a5:86:fa:fb:71:
3c:a4:9c:1c:b7:8f:1c:36:54:5c:95:62:1d:40:c6:
13:59:05:d6:3f:9d:12:c2:8c:6b:e2:c4:67:e5:d4:
ac:c9:10:b8:06:15:2d:e3:4e:39:80:95:29:91:c0:
4e:50:92:24:08:ff:df:c5:a7:58:52:28:01:4f:54:
41:b7:77:10:49:54:65:ea:78:74:6b:08:0b:ee:af:
90:6f:81:b3:8f:63:40:c6:c7:92:71:76:a5:f8:af:
30:d3:ef:b4:c7:d2:14:43:d8:09:82:a1:0a:93:1e:
41:78:1e:5b:9c:2d:d7:64:d9:ee:2f:41:d6:af:78:
e6:7c:38:12:79:b0:c1:39:d7:65:78:69:0f:35:2f:
cc:5e:cc:8e:10:c4:78:be:97:df:10:76:2f:db:0e:
37:98:80:67:e9:64:a0:1e:37:4e:c0:f8:f5:fb:17:
82:e2:1d:fc:43:21:b8:71:a0:76:fe:e1:e4:98:a8:
06:e3:0e:f1:4d:30:9b:92:5f:d0:ca:b2:18:9f:bd:
b2:62:4f:61:af:f6:90:61:49:6c:f6:3d:3c:7b:44:
d0:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:48:7F:B1:7A:54:32:DB:AB:D7:C1:59:C1:AE:30:67:29:B6:D0:28
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/EC8D99B8B95511F099A2CBC7DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.193.131.0/24
Signature Algorithm: sha256WithRSAEncryption
21:31:3d:a1:d3:98:86:22:72:33:20:84:a4:37:83:e7:07:3f:
35:0e:67:11:8c:07:dd:24:c7:56:81:ca:65:a7:cc:e8:5f:7b:
b5:e6:47:83:8e:e1:7e:00:2c:a7:9a:29:3e:f8:15:38:b6:73:
e2:6f:29:e0:e9:97:bf:d4:4f:af:90:fe:d8:b8:7d:e8:90:f1:
73:f1:0f:9d:8f:56:8b:13:5c:5e:0b:df:e2:4a:dd:2c:df:c2:
e2:ff:d2:9d:e6:ff:43:19:b2:6a:59:7f:09:26:fb:f6:21:02:
51:fb:f4:b6:48:1b:0a:35:7d:46:e8:11:36:c7:db:36:b7:e4:
b8:b9:7d:b9:30:94:7a:32:0d:80:a3:90:4f:98:75:cb:44:b1:
ff:54:cf:b9:07:3d:0c:32:f9:16:ea:1c:e5:88:3c:aa:02:f5:
37:3f:e6:36:e8:a8:3f:d7:26:36:24:ee:ba:18:9f:68:22:aa:
b3:e0:76:99:bd:a0:9b:54:57:80:a2:99:26:68:81:88:69:7c:
62:a4:76:e7:18:c2:d5:05:83:1d:bf:ce:88:eb:4f:5d:87:fd:
e7:d4:74:c9:84:82:06:62:be:49:b2:b2:85:db:52:93:21:fb:
8d:be:1d:2f:6a:b9:17:52:f1:e3:e4:c6:69:0c:34:48:31:54:
0f:e8:90:f4
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAadlMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUxMTA0MDgxMTUwWhcNMjUxMjEwMDgxMTUwWjAYMRYw
FAYDVQQDEw02OTA5YjU0YS0wZjg4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA5ET2URzR1nnx1TLNWrPhTv4bXgr/ApKvVP5TuW07ouVNKe1ZdydvpYb6
+3E8pJwct48cNlRclWIdQMYTWQXWP50Swoxr4sRn5dSsyRC4BhUt4045gJUpkcBO
UJIkCP/fxadYUigBT1RBt3cQSVRl6nh0awgL7q+Qb4Gzj2NAxseScXal+K8w0++0
x9IUQ9gJgqEKkx5BeB5bnC3XZNnuL0HWr3jmfDgSebDBOddleGkPNS/MXsyOEMR4
vpffEHYv2w43mIBn6WSgHjdOwPj1+xeC4h38QyG4caB2/uHkmKgG4w7xTTCbkl/Q
yrIYn72yYk9hr/aQYUls9j08e0TQoQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFJtI
f7F6VDLbq9fBWcGuMGcpttAoMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9FQzhEOTlCOEI5NTUxMUYwOTlBMkNCQzdEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsGDMA0GCSqGSIb3DQEB
CwUAA4IBAQAhMT2h05iGInIzIISkN4PnBz81DmcRjAfdJMdWgcplp8zoX3u15keD
juF+ACynmik++BU4tnPibyng6Ze/1E+vkP7YuH3okPFz8Q+dj1aLE1xeC9/iSt0s
38Li/9Kd5v9DGbJqWX8JJvv2IQJR+/S2SBsKNX1G6BE2x9s2t+S4uX25MJR6Mg2A
o5BPmHXLRLH/VM+5Bz0MMvkW6hzliDyqAvU3P+Y26Kg/1yY2JO66GJ9oIqqz4HaZ
vaCbVFeAopkmaIGIaXxipHbnGMLVBYMdv86I609dh/3n1HTJhIIGYr5JsrKF21KT
IfuNvh0varkXUvHj5MZpDDRIMVQP6JD0
-----END CERTIFICATE-----
Generated at Wed Nov 5 01:06:33 2025 by rpki-client