Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/82176942955B11F0BC3563BFDAE4EC9C.roa
File: 82176942955B11F0BC3563BFDAE4EC9C.roa (raw, json)
Hash identifier: NVLZxyWQGncLysYvcWy26iEpzTRZIHRDpy21Tj76uTs=
Subject key identifier: AD:BF:CA:AA:FC:6F:A0:7E:83:6C:5A:27:BF:00:2B:40:92:24:C6:6E
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01A031
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/82176942955B11F0BC3563BFDAE4EC9C.roa
Signing time: Fri 19 Sep 2025 13:21:11 +0000
ROA not before: Fri 19 Sep 2025 13:21:06 +0000
ROA not after: Mon 26 Oct 2026 13:21:06 +0000
asID: 214483
IP address blocks: 154.213.223.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 106545 (0x1a031)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Sep 19 13:21:06 2025 GMT
Not After : Oct 26 13:21:06 2026 GMT
Subject: CN=68cd58c7-93c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:1e:56:2d:9a:4f:e9:52:7e:0b:36:a8:7c:4f:
39:23:4d:c9:3d:9f:38:79:83:12:e6:dd:81:d7:eb:
24:b7:f8:8c:c4:1b:95:2e:c8:59:5f:66:7a:54:3d:
30:48:39:f3:e7:af:e2:b5:39:e5:11:72:de:58:65:
87:d5:11:4c:79:b8:11:a3:66:ab:44:79:72:5d:cb:
54:55:85:ba:b7:bf:ed:5e:54:e5:64:1a:0e:39:95:
6c:36:bb:c5:10:b1:59:66:b9:2b:6e:ee:6a:8e:3f:
c5:b9:4e:07:5c:d0:77:f4:5a:8c:a4:56:c6:09:6d:
52:9b:78:c9:04:bf:a7:49:f8:03:24:92:52:d2:0f:
62:90:35:c2:27:81:0a:a2:be:7f:05:af:19:dd:96:
95:52:2a:76:7a:dc:a3:d9:ce:60:68:a1:6f:c1:d9:
ed:b3:db:d7:01:a2:1c:88:3e:de:c5:31:ca:d9:17:
a9:1d:f1:fd:74:9f:b7:b2:cd:de:e0:62:4f:1d:b9:
18:84:f8:07:10:75:eb:52:cf:f4:52:e7:05:60:76:
7b:ba:a2:ba:ff:1c:10:54:a9:d0:da:92:4f:a2:74:
0c:b8:c9:8e:59:cb:bd:8c:cb:8c:b0:70:af:ce:fe:
7a:75:4f:b7:66:6d:26:a6:e3:2b:4b:b6:58:56:91:
ac:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:BF:CA:AA:FC:6F:A0:7E:83:6C:5A:27:BF:00:2B:40:92:24:C6:6E
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/82176942955B11F0BC3563BFDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.213.223.0/24
Signature Algorithm: sha256WithRSAEncryption
01:f0:95:02:b8:6a:6c:80:2a:6d:7e:13:cc:6c:a7:a1:58:b6:
03:e6:f0:9f:49:0c:8d:f2:a5:c6:be:92:02:fe:68:c0:a4:33:
ea:14:83:61:46:75:64:5a:33:fa:56:5e:18:03:b2:c3:50:08:
cb:05:6a:4a:02:2c:3d:50:37:9f:be:95:54:8b:7d:9b:a0:0f:
f5:ae:ce:91:92:07:df:53:37:a9:d7:57:c5:3c:4b:7b:2f:52:
16:64:9e:1d:37:b9:af:ba:42:6f:8a:f5:d3:2f:a5:88:79:26:
b5:02:e7:b2:45:fd:9d:bd:2f:63:6f:e6:c5:e7:27:5d:e6:e3:
16:c1:b5:30:bf:e2:fc:ee:9c:94:ca:a2:e1:ae:c2:d7:8f:33:
03:87:b7:09:d6:fa:8f:e9:15:71:c6:eb:2c:10:c5:84:9b:f6:
64:50:ef:a6:21:c0:33:f6:44:10:09:4d:33:74:b3:f5:a1:c6:
72:52:45:b8:e6:e9:73:de:48:dc:73:2c:99:ee:19:cc:b9:62:
e9:59:1c:d8:61:f7:c7:53:90:b9:08:b0:ee:aa:60:a0:6e:25:
69:0e:6f:58:e7:96:f4:50:12:f8:96:f5:b1:ab:07:c6:50:77:
39:2b:b0:3e:c4:36:98:69:5d:f6:aa:e5:12:63:81:0b:fb:5c:
ad:11:19:95
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAaAxMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwOTE5MTMyMTA2WhcNMjYxMDI2MTMyMTA2WjAYMRYw
FAYDVQQDEw02OGNkNThjNy05M2M4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxh5WLZpP6VJ+CzaofE85I03JPZ84eYMS5t2B1+skt/iMxBuVLshZX2Z6
VD0wSDnz56/itTnlEXLeWGWH1RFMebgRo2arRHlyXctUVYW6t7/tXlTlZBoOOZVs
NrvFELFZZrkrbu5qjj/FuU4HXNB39FqMpFbGCW1Sm3jJBL+nSfgDJJJS0g9ikDXC
J4EKor5/Ba8Z3ZaVUip2etyj2c5gaKFvwdnts9vXAaIciD7exTHK2RepHfH9dJ+3
ss3e4GJPHbkYhPgHEHXrUs/0UucFYHZ7uqK6/xwQVKnQ2pJPonQMuMmOWcu9jMuM
sHCvzv56dU+3Zm0mpuMrS7ZYVpGs6QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFK2/
yqr8b6B+g2xaJ78AK0CSJMZuMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84MjE3Njk0Mjk1NUIxMUYwQkMzNTYzQkZEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtXfMA0GCSqGSIb3DQEB
CwUAA4IBAQAB8JUCuGpsgCptfhPMbKehWLYD5vCfSQyN8qXGvpIC/mjApDPqFINh
RnVkWjP6Vl4YA7LDUAjLBWpKAiw9UDefvpVUi32boA/1rs6RkgffUzep11fFPEt7
L1IWZJ4dN7mvukJvivXTL6WIeSa1AueyRf2dvS9jb+bF5ydd5uMWwbUwv+L87pyU
yqLhrsLXjzMDh7cJ1vqP6RVxxussEMWEm/ZkUO+mIcAz9kQQCU0zdLP1ocZyUkW4
5ulz3kjccyyZ7hnMuWLpWRzYYffHU5C5CLDuqmCgbiVpDm9Y55b0UBL4lvWxqwfG
UHc5K7A+xDaYaV32quUSY4EL+1ytERmV
-----END CERTIFICATE-----
Generated at Sun Oct 19 21:09:36 2025 by rpki-client