Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FB6B1D48B4BE11F0B1202AE3DAE4EC9C.roa
File: FB6B1D48B4BE11F0B1202AE3DAE4EC9C.roa (raw, json)
Hash identifier: AXIXVxPirmr9BNxlEHquNd4D775tJ1WsZJDcPh7l4k4=
Subject key identifier: D7:6E:6C:99:38:2C:D0:57:82:D4:75:1B:9A:87:DC:C8:F8:C4:7A:1E
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01A626
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FB6B1D48B4BE11F0B1202AE3DAE4EC9C.roa
Signing time: Wed 29 Oct 2025 12:01:21 +0000
ROA not before: Wed 29 Oct 2025 12:01:15 +0000
ROA not after: Sun 30 Nov 2025 12:01:15 +0000
asID: 139880
IP address blocks: 154.206.128.0/18 maxlen: 24
154.215.64.0/18 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 06 Nov 2025 00:06:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 108070 (0x1a626)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Oct 29 12:01:15 2025 GMT
Not After : Nov 30 12:01:15 2025 GMT
Subject: CN=69020211-8891
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:1a:56:e1:a0:70:5f:9b:a2:9b:83:5f:19:e7:
dc:3e:ed:e4:60:62:a6:ed:e1:83:4d:13:2d:e9:33:
35:2e:60:1f:91:6c:e0:be:1d:0d:de:2e:e9:02:d3:
9f:50:85:21:51:e8:46:b9:9f:63:6b:17:97:7b:0f:
57:97:8a:b2:c4:9f:53:a0:56:e8:d9:39:7b:ec:9c:
60:e8:d0:03:9b:9a:5e:6e:6a:9d:36:c7:fd:08:d4:
8a:74:71:e6:7c:8a:7c:f9:7c:c5:ad:ee:da:7d:ad:
4c:54:9b:e3:a6:82:93:a5:96:40:6b:e7:6a:02:50:
6b:f6:85:4f:14:4a:73:71:54:aa:b3:ed:52:28:48:
17:00:b0:cd:44:b9:ce:52:72:a8:8b:2a:75:87:a2:
3a:79:c1:a3:16:54:12:8b:fe:a6:a8:39:87:ba:59:
17:be:eb:07:74:dc:cc:8b:1e:d2:d4:f0:ca:9c:5d:
f8:b4:8d:37:57:1e:79:09:5e:09:8d:52:fd:ba:47:
a3:31:74:48:2e:e3:6f:b1:1f:6d:24:b2:59:00:37:
89:29:65:af:73:0f:96:c1:2b:55:ca:87:c6:5e:c6:
ea:38:42:df:24:7c:14:c1:dd:8e:94:57:9c:7f:44:
cc:34:24:8b:bf:40:50:ed:79:58:7e:9e:7e:6b:3a:
01:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:6E:6C:99:38:2C:D0:57:82:D4:75:1B:9A:87:DC:C8:F8:C4:7A:1E
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FB6B1D48B4BE11F0B1202AE3DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.206.128.0/18
154.215.64.0/18
Signature Algorithm: sha256WithRSAEncryption
57:1a:ae:cb:b6:3e:f0:15:e6:5e:d4:81:08:a9:dc:b9:c0:f6:
58:98:99:c1:3e:06:34:78:59:dc:7a:4a:b1:51:08:5d:e6:6d:
c7:cd:7f:fa:f7:17:30:ab:fb:70:13:77:bf:50:31:a2:4d:ea:
a8:8d:d9:c4:ef:3c:32:c7:ec:3c:19:0e:3a:a0:05:ed:92:ca:
c3:a4:63:2e:d4:b8:08:3f:49:f5:46:f6:a4:59:7b:d0:c7:d8:
d3:1d:98:33:fc:81:64:ed:b3:96:5d:22:38:53:08:3e:72:e6:
49:fa:55:59:51:ce:0a:23:92:78:cc:65:6c:92:59:70:f1:f5:
7e:f5:09:e1:a0:b2:78:79:79:5e:0b:06:f6:44:66:0a:28:19:
6c:59:40:3b:e2:ca:ca:6c:2f:c4:6c:52:ff:4c:9c:e8:fc:4e:
69:1f:48:3f:e5:90:5b:e9:2f:e8:a0:a0:64:33:b2:ad:d4:60:
8e:be:e4:10:de:72:06:08:b1:65:2b:78:6e:22:8e:4a:fb:fe:
c7:c2:95:3e:a8:14:b8:5a:37:d7:2e:67:5e:de:12:cb:51:6f:
7e:f7:23:45:d7:f4:1e:6b:00:4b:10:db:04:a3:ba:b9:27:2e:
20:ae:01:95:11:f1:23:7d:e7:e0:82:08:aa:52:66:a1:32:78:
6e:d3:2a:33
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAaYmMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUxMDI5MTIwMTE1WhcNMjUxMTMwMTIwMTE1WjAYMRYw
FAYDVQQDEw02OTAyMDIxMS04ODkxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsxpW4aBwX5uim4NfGefcPu3kYGKm7eGDTRMt6TM1LmAfkWzgvh0N3i7p
AtOfUIUhUehGuZ9jaxeXew9Xl4qyxJ9ToFbo2Tl77Jxg6NADm5pebmqdNsf9CNSK
dHHmfIp8+XzFre7afa1MVJvjpoKTpZZAa+dqAlBr9oVPFEpzcVSqs+1SKEgXALDN
RLnOUnKoiyp1h6I6ecGjFlQSi/6mqDmHulkXvusHdNzMix7S1PDKnF34tI03Vx55
CV4JjVL9ukejMXRILuNvsR9tJLJZADeJKWWvcw+WwStVyofGXsbqOELfJHwUwd2O
lFecf0TMNCSLv0BQ7XlYfp5+azoB8wIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFNdu
bJk4LNBXgtR1G5qH3Mj4xHoeMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9GQjZCMUQ0OEI0QkUxMUYwQjEyMDJBRTNEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQGms6AAwQGmtdAMA0GCSqG
SIb3DQEBCwUAA4IBAQBXGq7Ltj7wFeZe1IEIqdy5wPZYmJnBPgY0eFncekqxUQhd
5m3HzX/69xcwq/twE3e/UDGiTeqojdnE7zwyx+w8GQ46oAXtksrDpGMu1LgIP0n1
RvakWXvQx9jTHZgz/IFk7bOWXSI4Uwg+cuZJ+lVZUc4KI5J4zGVskllw8fV+9Qnh
oLJ4eXleCwb2RGYKKBlsWUA74srKbC/EbFL/TJzo/E5pH0g/5ZBb6S/ooKBkM7Kt
1GCOvuQQ3nIGCLFlK3huIo5K+/7HwpU+qBS4WjfXLmde3hLLUW9+9yNF1/QeawBL
ENsEo7q5Jy4grgGVEfEjfefgggiqUmahMnhu0yoz
-----END CERTIFICATE-----
Generated at Tue Nov 4 21:46:21 2025 by rpki-client