Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F651A322B91911F09E3A10BADAE4EC9C.roa
File: F651A322B91911F09E3A10BADAE4EC9C.roa (raw, json)
Hash identifier: WCRT2RPjXNwSJUiGLawY9xjAEz4sF3ZtW11yhMfj61w=
Subject key identifier: EA:0E:C9:2C:56:90:35:7B:F4:A0:F9:DE:D9:45:AA:57:0E:38:06:5F
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01A744
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F651A322B91911F09E3A10BADAE4EC9C.roa
Signing time: Tue 04 Nov 2025 01:02:41 +0000
ROA not before: Tue 04 Nov 2025 01:02:36 +0000
ROA not after: Thu 01 Jan 2026 01:02:36 +0000
asID: 133115
IP address blocks: 154.201.4.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Nov 2025 00:06:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 108356 (0x1a744)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Nov 4 01:02:36 2025 GMT
Not After : Jan 1 01:02:36 2026 GMT
Subject: CN=690950b1-f9f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:b9:42:b9:d0:c9:33:cb:5c:63:95:c2:bb:22:
56:14:2a:bd:af:e1:f8:de:cf:0b:33:a1:9a:55:2d:
dc:79:c7:0e:c4:aa:be:ae:09:3f:4c:b1:a3:46:b8:
2a:9f:4f:d9:66:f0:fd:4a:48:33:17:a2:cc:7c:55:
93:96:cc:87:2d:b7:95:bb:b0:ba:b1:7f:aa:5b:aa:
38:bf:ff:93:aa:25:9d:b8:cb:de:0e:b0:52:cc:f8:
b3:7c:99:ae:d7:5b:cd:1c:a9:0a:2c:93:4f:5b:33:
32:b8:0c:6f:72:91:02:05:11:41:1c:1c:ad:50:25:
37:89:2b:24:7f:4a:7c:bd:d7:3a:65:70:90:47:e5:
c2:84:d0:d4:33:b7:07:8f:3b:21:c2:b6:dc:8e:ea:
e2:69:a6:2d:14:38:11:d9:7f:09:6d:db:fb:61:2d:
0a:93:f0:73:66:36:8a:62:67:4d:15:9b:6a:75:e8:
11:12:93:d1:6d:ff:30:d6:71:db:2b:15:ed:43:55:
47:5f:7d:86:e8:40:25:b4:15:d4:00:29:47:0e:e4:
47:cd:b2:ff:2b:09:92:ab:6e:ff:90:f2:e7:6f:71:
0a:79:a1:24:a5:16:b9:96:18:6c:f7:9c:61:42:c0:
78:6e:a1:45:6e:a3:24:23:cd:79:a4:a5:ff:1a:54:
3d:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:0E:C9:2C:56:90:35:7B:F4:A0:F9:DE:D9:45:AA:57:0E:38:06:5F
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F651A322B91911F09E3A10BADAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.201.4.0/24
Signature Algorithm: sha256WithRSAEncryption
28:f9:26:9c:93:ce:d3:1c:0c:e5:a4:84:66:b3:59:23:4c:f4:
8a:bf:94:cd:a3:33:cc:24:c6:f4:46:89:b6:87:b2:37:3b:85:
35:ad:38:d4:26:ee:0b:b8:8c:5b:22:ca:1e:b3:39:18:17:4e:
0d:15:30:50:b1:76:e8:e2:b3:78:50:7b:9e:31:33:54:8c:8c:
7a:54:8f:e4:69:10:18:63:6d:df:5f:1d:e7:ed:b3:04:a4:d8:
b5:99:5d:4d:6d:16:8f:cd:0f:aa:7e:64:50:9c:56:08:c8:39:
d6:b1:01:b6:c5:8e:85:45:08:3d:ae:f9:ac:12:cc:32:a5:84:
85:b3:86:b0:ac:3a:2a:82:9d:a7:22:36:42:2d:49:9c:14:77:
88:95:8e:08:df:b6:2b:55:c2:ea:b5:e6:06:17:36:8f:86:f4:
b7:32:27:7a:13:e7:dc:a6:96:af:e8:f9:5a:57:7b:b6:5f:49:
fd:22:04:8e:5e:0f:c1:c6:fb:26:57:16:61:eb:aa:fd:6b:42:
41:35:42:d6:74:a2:51:0f:fb:7e:29:df:d9:ce:6f:74:f3:f3:
54:86:ee:e7:29:60:fe:d3:67:25:21:c5:4f:c3:dd:f7:3f:04:
36:63:c8:29:e2:e4:e5:91:78:5d:b5:7f:b4:ba:f1:c0:ef:95:
d2:92:ab:5e
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAadEMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUxMTA0MDEwMjM2WhcNMjYwMTAxMDEwMjM2WjAYMRYw
FAYDVQQDEw02OTA5NTBiMS1mOWY3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzrlCudDJM8tcY5XCuyJWFCq9r+H43s8LM6GaVS3ceccOxKq+rgk/TLGj
Rrgqn0/ZZvD9SkgzF6LMfFWTlsyHLbeVu7C6sX+qW6o4v/+TqiWduMveDrBSzPiz
fJmu11vNHKkKLJNPWzMyuAxvcpECBRFBHBytUCU3iSskf0p8vdc6ZXCQR+XChNDU
M7cHjzshwrbcjuriaaYtFDgR2X8Jbdv7YS0Kk/BzZjaKYmdNFZtqdegREpPRbf8w
1nHbKxXtQ1VHX32G6EAltBXUAClHDuRHzbL/KwmSq27/kPLnb3EKeaEkpRa5lhhs
95xhQsB4bqFFbqMkI815pKX/GlQ9fwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFOoO
ySxWkDV79KD53tlFqlcOOAZfMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9GNjUxQTMyMkI5MTkxMUYwOUUzQTEwQkFEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmskEMA0GCSqGSIb3DQEB
CwUAA4IBAQAo+Sack87THAzlpIRms1kjTPSKv5TNozPMJMb0Rom2h7I3O4U1rTjU
Ju4LuIxbIsoeszkYF04NFTBQsXbo4rN4UHueMTNUjIx6VI/kaRAYY23fXx3n7bME
pNi1mV1NbRaPzQ+qfmRQnFYIyDnWsQG2xY6FRQg9rvmsEswypYSFs4awrDoqgp2n
IjZCLUmcFHeIlY4I37YrVcLqteYGFzaPhvS3Mid6E+fcppav6PlaV3u2X0n9IgSO
Xg/BxvsmVxZh66r9a0JBNULWdKJRD/t+Kd/Zzm908/NUhu7nKWD+02clIcVPw933
PwQ2Y8gp4uTlkXhdtX+0uvHA75XSkqte
-----END CERTIFICATE-----
Generated at Wed Nov 5 14:00:17 2025 by rpki-client