Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/68AAEA32AB5F11F0B831CEA5DAE4EC9C.roa
File: 68AAEA32AB5F11F0B831CEA5DAE4EC9C.roa (raw, json)
Hash identifier: 59AEEcCv3/JhHXwjDYRW3aeGi4fpooHQZUkDmF5qbpM=
Subject key identifier: D2:E5:FE:5A:70:AE:3E:8D:C7:DF:88:13:00:C2:83:7E:61:44:82:A0
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01A434
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/68AAEA32AB5F11F0B831CEA5DAE4EC9C.roa
Signing time: Fri 17 Oct 2025 13:44:32 +0000
ROA not before: Fri 17 Oct 2025 13:44:27 +0000
ROA not after: Mon 24 Nov 2025 13:44:27 +0000
asID: 61414
IP address blocks: 154.217.248.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 22 Oct 2025 00:06:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 107572 (0x1a434)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Oct 17 13:44:27 2025 GMT
Not After : Nov 24 13:44:27 2025 GMT
Subject: CN=68f24840-fdc2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:f6:c4:95:66:a5:97:62:b5:a2:a0:f0:95:ef:
e5:d2:41:95:b8:d3:58:bf:eb:2b:e5:7e:66:72:8f:
51:3d:0b:a8:50:5b:ec:10:36:68:35:4b:c1:c4:1e:
ff:96:4b:03:63:4c:f4:da:4b:d6:07:83:1b:0c:81:
04:03:6b:55:ff:8b:31:33:0d:3e:df:6f:fb:6a:83:
98:55:e1:80:d6:5d:42:ed:6d:bd:27:72:9a:06:80:
75:c9:1d:17:7e:68:a7:61:30:ce:3b:86:23:bb:f9:
1c:49:15:7e:82:2a:44:12:13:96:f5:5a:73:80:78:
04:29:42:f9:87:1c:06:8f:2c:52:f9:84:e5:2c:34:
db:7c:74:70:4e:4e:40:d3:be:21:fb:d9:d2:c6:47:
2c:db:d0:6e:61:99:6d:6f:40:f3:e1:19:34:aa:d3:
88:fe:1a:b4:73:91:bc:ae:0b:2c:40:01:b4:ab:de:
94:f5:8b:25:3e:8e:5e:ca:9b:0b:9c:6c:a5:1a:fe:
73:ff:7b:5e:b7:65:11:28:23:13:48:ac:97:ad:40:
cd:06:83:f0:6d:0b:a8:f6:14:8d:02:b7:ac:ba:67:
d4:19:73:90:82:8f:a5:ec:1d:c0:e0:dd:59:0f:a7:
56:98:d7:dd:41:30:e0:a5:29:9c:dd:70:3f:7b:da:
dc:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:E5:FE:5A:70:AE:3E:8D:C7:DF:88:13:00:C2:83:7E:61:44:82:A0
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/68AAEA32AB5F11F0B831CEA5DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.217.248.0/21
Signature Algorithm: sha256WithRSAEncryption
23:44:97:00:92:8b:1e:d5:62:ce:16:0b:73:3f:5e:20:60:30:
81:e0:a8:69:e4:4a:8b:20:cc:3f:b6:40:e1:71:61:2c:c3:7d:
a1:1c:05:6f:ec:9a:2a:dc:67:8d:16:73:3e:28:32:a6:08:9d:
40:e3:2e:94:00:44:66:e2:53:97:c5:22:11:df:7f:76:9e:17:
5a:95:5b:d2:a6:2c:c0:15:7f:a5:69:81:a5:1a:04:24:99:5f:
5a:d1:3f:e2:c7:2a:b9:b5:f7:d8:fa:87:e2:5d:3b:76:ad:41:
16:06:1f:63:25:35:93:ba:2b:76:cd:83:d9:7a:ff:f0:b0:c2:
c5:23:c1:ad:c8:01:08:ba:5e:d7:50:27:f2:a4:55:7e:0d:00:
66:d2:bf:40:b7:08:ae:7c:b7:2a:87:3b:7a:99:ed:19:67:e1:
1c:07:a6:ce:38:12:18:9e:5f:19:f7:b6:71:43:90:62:e9:da:
2c:b0:ac:2b:61:7b:22:e2:8d:c1:8a:41:bf:89:f5:59:95:d7:
8b:52:c4:2b:77:1f:e1:da:51:23:cd:ed:1e:59:41:72:f2:f3:
35:f3:07:29:c7:c5:57:1f:a5:d0:ba:b3:d3:a6:78:6f:5b:61:
cc:a5:be:c7:8c:f0:b5:da:fd:5c:5b:ad:20:8e:93:d1:b2:bb:
e0:2e:6b:fd
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAaQ0MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUxMDE3MTM0NDI3WhcNMjUxMTI0MTM0NDI3WjAYMRYw
FAYDVQQDEw02OGYyNDg0MC1mZGMyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAnfbElWall2K1oqDwle/l0kGVuNNYv+sr5X5mco9RPQuoUFvsEDZoNUvB
xB7/lksDY0z02kvWB4MbDIEEA2tV/4sxMw0+32/7aoOYVeGA1l1C7W29J3KaBoB1
yR0XfminYTDOO4Yju/kcSRV+gipEEhOW9VpzgHgEKUL5hxwGjyxS+YTlLDTbfHRw
Tk5A074h+9nSxkcs29BuYZltb0Dz4Rk0qtOI/hq0c5G8rgssQAG0q96U9YslPo5e
ypsLnGylGv5z/3tet2URKCMTSKyXrUDNBoPwbQuo9hSNAresumfUGXOQgo+l7B3A
4N1ZD6dWmNfdQTDgpSmc3XA/e9rcoQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFNLl
/lpwrj6Nx9+IEwDCg35hRIKgMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82OEFBRUEzMkFCNUYxMUYwQjgzMUNFQTVEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDmtn4MA0GCSqGSIb3DQEB
CwUAA4IBAQAjRJcAkose1WLOFgtzP14gYDCB4Khp5EqLIMw/tkDhcWEsw32hHAVv
7Joq3GeNFnM+KDKmCJ1A4y6UAERm4lOXxSIR3392nhdalVvSpizAFX+laYGlGgQk
mV9a0T/ixyq5tffY+ofiXTt2rUEWBh9jJTWTuit2zYPZev/wsMLFI8GtyAEIul7X
UCfypFV+DQBm0r9AtwiufLcqhzt6me0ZZ+EcB6bOOBIYnl8Z97ZxQ5Bi6dossKwr
YXsi4o3BikG/ifVZldeLUsQrdx/h2lEjze0eWUFy8vM18wcpx8VXH6XQurPTpnhv
W2HMpb7HjPC12v1cW60gjpPRsrvgLmv9
-----END CERTIFICATE-----
Generated at Mon Oct 20 03:50:02 2025 by rpki-client