Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BDA305ACAB5E11F0937C90A1DAE4EC9C.roa
File: BDA305ACAB5E11F0937C90A1DAE4EC9C.roa (raw, json)
Hash identifier: rXMIbi6ifzfzlYsiCV1foTqab0d3Xf67JNEvk6Px+a0=
Subject key identifier: 4A:57:C0:EA:38:82:A5:B2:DB:0C:D8:99:9B:63:DE:EB:79:F1:5F:68
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01A432
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BDA305ACAB5E11F0937C90A1DAE4EC9C.roa
Signing time: Fri 17 Oct 2025 13:39:45 +0000
ROA not before: Fri 17 Oct 2025 13:39:34 +0000
ROA not after: Mon 24 Nov 2025 13:39:34 +0000
asID: 8796
IP address blocks: 154.89.144.0/20 maxlen: 24
154.89.160.0/19 maxlen: 24
154.89.192.0/20 maxlen: 24
154.95.24.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 107570 (0x1a432)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Oct 17 13:39:34 2025 GMT
Not After : Nov 24 13:39:34 2025 GMT
Subject: CN=68f24721-c2cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:15:14:01:11:40:52:cd:0d:36:78:91:03:42:
e9:23:5d:e8:1f:50:35:06:1c:0b:bd:77:f8:1d:b5:
24:47:ae:05:58:ff:aa:5d:c5:d0:0d:e0:ba:15:21:
34:57:01:f3:0b:02:de:36:9b:01:a4:73:6e:47:17:
b7:4e:3f:18:3a:0b:47:9b:31:77:77:ac:ba:45:36:
20:f0:47:83:96:b2:1f:68:56:49:cc:89:f9:8b:61:
96:b9:0d:67:dc:5c:d0:7f:3e:fb:09:75:d5:51:67:
00:8c:b9:87:cf:1c:ea:eb:d4:80:54:6b:95:49:bf:
2c:09:1a:df:f4:90:97:5f:f7:9a:68:60:74:55:d0:
ee:cd:e6:43:7c:bf:a7:a6:ff:1d:01:9c:d6:4e:b1:
82:15:5f:9e:8a:bd:cc:3b:27:ef:9d:1e:2c:e0:49:
3b:d3:59:8f:66:70:5a:83:d4:7a:ac:5e:d0:29:aa:
c0:1b:7c:34:57:1c:5f:57:3d:08:aa:f9:d7:86:7f:
3b:3f:9c:50:1b:9f:07:d8:9b:91:1b:42:4d:a8:f8:
d9:00:31:62:9e:49:97:45:09:38:e6:c5:6f:d4:c6:
59:18:39:65:e0:9c:62:eb:2d:ca:21:51:a9:be:31:
b0:e7:73:d0:05:4b:00:d4:a3:32:94:d5:25:75:ab:
f5:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:57:C0:EA:38:82:A5:B2:DB:0C:D8:99:9B:63:DE:EB:79:F1:5F:68
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BDA305ACAB5E11F0937C90A1DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.89.144.0-154.89.207.255
154.95.24.0/24
Signature Algorithm: sha256WithRSAEncryption
47:9a:34:96:77:a5:7c:bc:9b:07:15:1f:86:5f:e1:00:c8:f4:
f6:e1:26:1a:06:86:e9:35:1b:f1:74:91:01:1d:51:48:ac:59:
22:6d:6b:00:71:cb:43:d4:66:19:e0:34:0f:04:55:5e:b6:6c:
06:a8:8c:ae:e8:dd:6c:c7:9d:b1:28:d5:92:97:cb:4b:b0:63:
2c:a0:cc:32:93:48:bb:47:3d:e4:40:43:f3:75:d1:95:c5:1c:
fa:db:5f:a0:b6:59:4f:9f:0f:cd:18:43:27:0e:37:73:c8:65:
89:54:75:c3:04:5f:4e:d4:30:01:8e:33:8f:b8:57:7f:b8:e3:
f4:74:64:77:bf:48:67:6c:09:99:f4:8a:f6:82:03:61:b6:f3:
72:ad:d2:db:8e:d2:6b:98:8d:d4:62:84:c3:57:32:63:e9:7a:
90:78:ce:45:f5:ed:8d:ea:28:75:62:51:a4:ec:af:5d:3a:f8:
a7:5d:17:da:2d:44:47:71:83:40:2a:b4:28:38:19:2b:0c:51:
21:76:8f:bf:44:54:47:65:17:dc:72:4e:0e:d1:ac:ca:c8:50:
57:16:cb:7b:ce:e1:85:d8:68:76:74:12:6d:94:73:f9:1f:36:
f0:10:dc:27:27:c5:8b:71:0a:5a:a9:72:f3:8f:6a:3e:3e:4f:
c2:77:e4:c8
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgIDAaQyMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUxMDE3MTMzOTM0WhcNMjUxMTI0MTMzOTM0WjAYMRYw
FAYDVQQDEw02OGYyNDcyMS1jMmNjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1xUUARFAUs0NNniRA0LpI13oH1A1BhwLvXf4HbUkR64FWP+qXcXQDeC6
FSE0VwHzCwLeNpsBpHNuRxe3Tj8YOgtHmzF3d6y6RTYg8EeDlrIfaFZJzIn5i2GW
uQ1n3FzQfz77CXXVUWcAjLmHzxzq69SAVGuVSb8sCRrf9JCXX/eaaGB0VdDuzeZD
fL+npv8dAZzWTrGCFV+eir3MOyfvnR4s4Ek701mPZnBag9R6rF7QKarAG3w0Vxxf
Vz0IqvnXhn87P5xQG58H2JuRG0JNqPjZADFinkmXRQk45sVv1MZZGDll4Jxi6y3K
IVGpvjGw53PQBUsA1KMylNUldav1ywIDAQABo4ICszCCAq8wHQYDVR0OBBYEFEpX
wOo4gqWy2wzYmZtj3ut58V9oMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CREEzMDVBQ0FCNUUxMUYwOTM3QzkwQTFEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBASaWZADBASaWcADBACa
XxgwDQYJKoZIhvcNAQELBQADggEBAEeaNJZ3pXy8mwcVH4Zf4QDI9PbhJhoGhuk1
G/F0kQEdUUisWSJtawBxy0PUZhngNA8EVV62bAaojK7o3WzHnbEo1ZKXy0uwYyyg
zDKTSLtHPeRAQ/N10ZXFHPrbX6C2WU+fD80YQycON3PIZYlUdcMEX07UMAGOM4+4
V3+44/R0ZHe/SGdsCZn0ivaCA2G283Kt0tuO0muYjdRihMNXMmPpepB4zkX17Y3q
KHViUaTsr106+KddF9otREdxg0AqtCg4GSsMUSF2j79EVEdlF9xyTg7RrMrIUFcW
y3vO4YXYaHZ0Em2Uc/kfNvAQ3CcnxYtxClqpcvOPaj4+T8J35Mg=
-----END CERTIFICATE-----
Generated at Sun Oct 19 21:10:39 2025 by rpki-client