Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/423632BCA5B011F09E90419ADAE4EC9C.roa
File: 423632BCA5B011F09E90419ADAE4EC9C.roa (raw, json)
Hash identifier: Z9/YyEtDzedsqVTu6B8kI3O7UBjRgblPRktHbfy+qxY=
Subject key identifier: 8A:A2:40:F5:16:54:5B:95:8B:86:DA:AD:8D:D3:78:C5:D6:C9:3B:F4
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01A32B
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/423632BCA5B011F09E90419ADAE4EC9C.roa
Signing time: Fri 10 Oct 2025 08:08:10 +0000
ROA not before: Fri 10 Oct 2025 08:08:02 +0000
ROA not after: Sun 16 Nov 2025 08:08:02 +0000
asID: 2914
IP address blocks: 154.83.11.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 107307 (0x1a32b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Oct 10 08:08:02 2025 GMT
Not After : Nov 16 08:08:02 2025 GMT
Subject: CN=68e8bee9-8a63
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:5b:46:c3:67:b1:be:ca:3f:46:c3:20:ea:8e:
fb:8a:15:e6:44:7f:08:0b:5f:a6:4e:96:a7:05:6b:
89:f5:52:f4:1b:4d:67:e4:51:0b:7e:95:34:42:37:
eb:9f:83:39:c4:1d:b1:ea:b6:3b:71:a5:14:f7:f8:
fe:8f:8a:fb:f7:97:4e:ea:49:06:fc:87:79:d5:25:
7f:52:dc:90:0d:94:91:f6:47:f8:28:c9:c1:64:bc:
4a:d3:70:04:d6:85:3c:94:ef:08:8c:d1:29:1f:ad:
55:23:29:8c:01:5f:92:54:66:89:9e:76:26:e4:fb:
82:ff:dc:8d:d5:40:35:3a:b5:49:f3:bd:df:2d:17:
90:e5:57:e5:b6:18:43:b5:0f:5f:47:86:ee:eb:dd:
83:c4:b7:df:b3:88:bb:54:20:7d:20:76:30:cc:42:
60:4f:71:6d:10:ae:55:37:8e:9a:7b:89:62:b0:99:
6c:90:c9:50:78:69:d8:1d:2f:4b:9f:98:4b:ef:b4:
3a:7d:a6:7e:22:43:df:f0:b4:f4:22:6b:cd:3d:a4:
57:65:2f:6e:cc:bb:8f:aa:32:3f:c3:73:5b:b6:5a:
44:21:03:ca:60:63:96:1d:6d:a4:fa:7a:29:38:42:
b4:6f:3e:f7:08:6f:3f:20:12:06:1e:d2:be:39:34:
b7:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:A2:40:F5:16:54:5B:95:8B:86:DA:AD:8D:D3:78:C5:D6:C9:3B:F4
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/423632BCA5B011F09E90419ADAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.83.11.0/24
Signature Algorithm: sha256WithRSAEncryption
67:70:09:40:57:e5:cf:9e:75:2f:93:04:c0:6a:23:56:b5:4c:
b4:8e:19:64:10:76:17:f1:f3:92:c2:49:ab:b6:89:c9:5f:40:
b2:bf:1a:63:05:af:8c:9a:fa:e2:17:12:28:6f:ec:f6:14:ff:
7d:b9:e5:d3:2b:dd:02:ce:cb:40:4f:bb:d4:de:66:a5:85:41:
e5:39:ff:b5:4a:12:c9:f9:45:47:b5:9b:45:e7:cf:b0:8c:03:
d6:ec:9c:e4:e1:8d:06:54:26:c1:b6:4f:7a:3d:82:e9:e5:93:
d2:61:97:7e:41:09:8e:09:4c:dd:b5:3e:6c:29:d0:7d:05:cf:
69:1f:c3:c2:34:6e:1d:b7:2e:d1:ae:bd:bd:ba:a6:0a:4b:fe:
c5:14:08:1b:f8:07:76:78:d3:43:46:4b:3b:ae:3d:06:a3:1e:
76:5d:03:34:8a:e5:f9:92:51:d6:76:01:1d:f3:a7:fe:19:01:
8e:d9:dd:6a:f5:14:b1:d9:0a:2f:04:d6:e6:e9:ef:88:1f:84:
c0:b2:99:a5:0d:3a:d0:8f:42:83:ee:af:21:cc:01:fe:c3:fc:
de:31:a9:9b:f0:05:9c:76:9f:99:09:d1:16:57:b2:42:99:19:
74:77:60:bb:13:48:bd:cc:73:41:37:b5:26:4f:30:1c:64:6c:
17:63:49:8c
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAaMrMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUxMDEwMDgwODAyWhcNMjUxMTE2MDgwODAyWjAYMRYw
FAYDVQQDEw02OGU4YmVlOS04YTYzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAs1tGw2exvso/RsMg6o77ihXmRH8IC1+mTpanBWuJ9VL0G01n5FELfpU0
Qjfrn4M5xB2x6rY7caUU9/j+j4r795dO6kkG/Id51SV/UtyQDZSR9kf4KMnBZLxK
03AE1oU8lO8IjNEpH61VIymMAV+SVGaJnnYm5PuC/9yN1UA1OrVJ873fLReQ5Vfl
thhDtQ9fR4bu692DxLffs4i7VCB9IHYwzEJgT3FtEK5VN46ae4lisJlskMlQeGnY
HS9Ln5hL77Q6faZ+IkPf8LT0ImvNPaRXZS9uzLuPqjI/w3NbtlpEIQPKYGOWHW2k
+nopOEK0bz73CG8/IBIGHtK+OTS3UwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFIqi
QPUWVFuVi4barY3TeMXWyTv0MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80MjM2MzJCQ0E1QjAxMUYwOUU5MDQxOUFEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlMLMA0GCSqGSIb3DQEB
CwUAA4IBAQBncAlAV+XPnnUvkwTAaiNWtUy0jhlkEHYX8fOSwkmrtonJX0Cyvxpj
Ba+MmvriFxIob+z2FP99ueXTK90CzstAT7vU3malhUHlOf+1ShLJ+UVHtZtF58+w
jAPW7Jzk4Y0GVCbBtk96PYLp5ZPSYZd+QQmOCUzdtT5sKdB9Bc9pH8PCNG4dty7R
rr29uqYKS/7FFAgb+Ad2eNNDRks7rj0Gox52XQM0iuX5klHWdgEd86f+GQGO2d1q
9RSx2QovBNbm6e+IH4TAspmlDTrQj0KD7q8hzAH+w/zeMamb8AWcdp+ZCdEWV7JC
mRl0d2C7E0i9zHNBN7UmTzAcZGwXY0mM
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:54:59 2025 by rpki-client