Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F369591C/3474032EC24711EDAFA6C79FF1222468/F8703DBCA9D311F0864DDECEDAE4EC9C.roa
File: F8703DBCA9D311F0864DDECEDAE4EC9C.roa (raw, json)
Hash identifier: Oja+SAFoxpQD5GTECGpSo4HMoaVvions272/uyxavdc=
Subject key identifier: 68:87:FE:4E:8C:7B:CF:AB:48:7B:40:E8:8E:DA:BB:92:D4:0B:7B:3D
Certificate issuer: /CN=F369591CAF/serialNumber=C1090D37DA9FFEEE1A9C229BAFF1190BD22E8934
Certificate serial: 042C
Authority key identifier: C1:09:0D:37:DA:9F:FE:EE:1A:9C:22:9B:AF:F1:19:0B:D2:2E:89:34
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/wQkNN9qf_u4anCKbr_EZC9IuiTQ.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F369591C/3474032EC24711EDAFA6C79FF1222468/F8703DBCA9D311F0864DDECEDAE4EC9C.roa
Signing time: Wed 15 Oct 2025 14:33:52 +0000
ROA not before: Wed 15 Oct 2025 14:33:44 +0000
ROA not after: Tue 31 Dec 2030 14:33:44 +0000
asID: 15964
IP address blocks: 154.72.145.0/24 maxlen: 24
154.72.149.0/24 maxlen: 24
154.72.150.0/24 maxlen: 24
154.72.154.0/24 maxlen: 24
154.72.158.0/24 maxlen: 24
154.72.159.0/24 maxlen: 24
154.72.168.0/24 maxlen: 24
154.72.172.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F369591C/3474032EC24711EDAFA6C79FF1222468/wQkNN9qf_u4anCKbr_EZC9IuiTQ.crl
rsync://rpki.afrinic.net/repository/member_repository/F369591C/3474032EC24711EDAFA6C79FF1222468/wQkNN9qf_u4anCKbr_EZC9IuiTQ.mft
rsync://rpki.afrinic.net/repository/afrinic/wQkNN9qf_u4anCKbr_EZC9IuiTQ.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 22 Oct 2025 00:06:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1068 (0x42c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F369591CAF, serialNumber=C1090D37DA9FFEEE1A9C229BAFF1190BD22E8934
Validity
Not Before: Oct 15 14:33:44 2025 GMT
Not After : Dec 31 14:33:44 2030 GMT
Subject: CN=68efb0d0-f4f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:8d:e0:40:5b:6c:9a:14:67:9f:c8:80:8f:66:
67:1b:7f:b5:2f:41:dc:42:3c:e3:00:6e:47:63:79:
49:28:45:46:f3:3f:ca:32:5c:e9:2f:73:44:c4:57:
b6:d6:bf:ff:d5:57:9b:59:c0:27:7e:65:42:17:70:
b2:c0:06:68:84:be:98:e2:2e:b2:5c:a8:e3:48:5f:
03:13:57:9b:46:6d:35:ca:9f:8b:34:8d:9b:8e:b3:
63:c8:f2:b6:fe:64:41:88:b3:58:fc:fd:6b:a2:7a:
30:23:a9:ad:67:97:32:bd:c9:44:8b:da:cd:7e:52:
fa:24:e1:cd:24:18:13:25:2d:ec:60:11:43:61:d6:
4e:48:d5:d8:2d:4a:0a:62:02:92:17:ea:b0:ea:bb:
54:b2:7e:dc:19:6e:9d:ea:0f:4b:c4:1c:95:73:d7:
98:6b:d4:99:2c:fb:fd:b6:70:86:b0:df:9a:6d:ac:
47:60:7f:59:18:da:f5:53:93:e9:f2:44:79:a1:04:
93:78:28:19:f5:73:c3:ae:91:95:19:8d:61:78:b1:
f2:12:cc:e2:1d:cb:23:b2:1f:26:07:8a:6e:8c:08:
ac:18:28:09:da:ef:54:8f:9d:1d:17:51:69:72:86:
9a:75:d3:a5:de:20:61:c7:98:18:88:57:8e:06:20:
5d:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:87:FE:4E:8C:7B:CF:AB:48:7B:40:E8:8E:DA:BB:92:D4:0B:7B:3D
X509v3 Authority Key Identifier:
keyid:C1:09:0D:37:DA:9F:FE:EE:1A:9C:22:9B:AF:F1:19:0B:D2:2E:89:34
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F369591C/3474032EC24711EDAFA6C79FF1222468/wQkNN9qf_u4anCKbr_EZC9IuiTQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/wQkNN9qf_u4anCKbr_EZC9IuiTQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F369591C/3474032EC24711EDAFA6C79FF1222468/F8703DBCA9D311F0864DDECEDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.72.145.0/24
154.72.149.0-154.72.150.255
154.72.154.0/24
154.72.158.0/23
154.72.168.0/24
154.72.172.0/24
Signature Algorithm: sha256WithRSAEncryption
20:b8:36:c5:c7:16:fb:48:8e:43:65:e0:ae:86:b3:80:af:ec:
80:5e:a3:2f:da:65:8b:ab:3b:96:b0:aa:de:38:44:07:43:e1:
e9:8c:18:a8:b5:65:b7:53:e0:dd:f7:d3:b5:37:6f:1e:58:6d:
38:a5:af:0b:72:41:64:04:5b:76:05:44:50:7c:80:85:14:8d:
97:56:72:27:a5:85:c5:2e:32:9d:0a:e1:34:85:b5:f1:ac:b8:
15:49:4b:b8:55:7c:b7:8a:3b:6f:5d:16:37:b1:6e:fe:fb:9f:
79:f8:56:39:93:61:47:76:5e:45:e7:b8:a4:82:d6:b6:ed:92:
56:7a:80:f7:e4:77:62:3a:a8:17:39:44:8e:d0:8e:19:6b:72:
9d:87:af:f2:e9:71:07:7c:07:82:88:1a:a6:c3:c6:ba:b1:e3:
3e:38:91:11:e8:68:c0:6d:e1:66:f2:fe:5e:0d:ff:f5:bd:3c:
94:10:e9:bb:a0:ec:b1:28:ef:5b:3a:20:76:96:30:15:25:20:
4c:e2:c7:a5:9b:83:88:f9:75:27:d5:fb:61:5d:65:b1:62:1c:
9a:28:09:8b:33:46:75:6d:3d:20:05:bb:5e:7f:10:3a:54:3a:
a0:59:78:28:69:44:7d:df:7f:f5:ee:be:15:05:31:37:23:5a:
45:f1:cf:3d
-----BEGIN CERTIFICATE-----
MIIFqTCCBJGgAwIBAgICBCwwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
OTU5MUNBRjExMC8GA1UEBRMoQzEwOTBEMzdEQTlGRkVFRTFBOUMyMjlCQUZGMTE5
MEJEMjJFODkzNDAeFw0yNTEwMTUxNDMzNDRaFw0zMDEyMzExNDMzNDRaMBgxFjAU
BgNVBAMTDTY4ZWZiMGQwLWY0ZjMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDVjeBAW2yaFGefyICPZmcbf7UvQdxCPOMAbkdjeUkoRUbzP8oyXOkvc0TE
V7bWv//VV5tZwCd+ZUIXcLLABmiEvpjiLrJcqONIXwMTV5tGbTXKn4s0jZuOs2PI
8rb+ZEGIs1j8/WuiejAjqa1nlzK9yUSL2s1+Uvok4c0kGBMlLexgEUNh1k5I1dgt
SgpiApIX6rDqu1SyftwZbp3qD0vEHJVz15hr1Jks+/22cIaw35ptrEdgf1kY2vVT
k+nyRHmhBJN4KBn1c8OukZUZjWF4sfISzOIdyyOyHyYHim6MCKwYKAna71SPnR0X
UWlyhpp106XeIGHHmBiIV44GIF19AgMBAAGjggLLMIICxzAdBgNVHQ4EFgQUaIf+
Tox7z6tIe0Dojtq7ktQLez0wHwYDVR0jBBgwFoAUwQkNN9qf/u4anCKbr/EZC9Iu
iTQwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjk1OTFDLzM0NzQwMzJFQzI0NzExRURBRkE2Qzc5RkYxMjIyNDY4L3dRa05O
OXFmX3U0YW5DS2JyX0VaQzlJdWlUUS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL3dRa05OOXFmX3U0YW5DS2JyX0VaQzlJdWlUUS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjk1OTFDLzM0NzQwMzJFQzI0NzExRURBRkE2Qzc5RkYx
MjIyNDY4L0Y4NzAzREJDQTlEMzExRjA4NjREREVDRURBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwRQYIKwYBBQUHAQcBAf8ENjA0MDIEAgABMCwDBACaSJEwDAMEAJpIlQMEAJpI
lgMEAJpImgMEAZpIngMEAJpIqAMEAJpIrDANBgkqhkiG9w0BAQsFAAOCAQEAILg2
xccW+0iOQ2XgroazgK/sgF6jL9pli6s7lrCq3jhEB0Ph6YwYqLVlt1Pg3ffTtTdv
HlhtOKWvC3JBZARbdgVEUHyAhRSNl1ZyJ6WFxS4ynQrhNIW18ay4FUlLuFV8t4o7
b10WN7Fu/vufefhWOZNhR3ZeRee4pILWtu2SVnqA9+R3YjqoFzlEjtCOGWtynYev
8ulxB3wHgogapsPGurHjPjiREehowG3hZvL+Xg3/9b08lBDpu6DssSjvWzogdpYw
FSUgTOLHpZuDiPl1J9X7YV1lsWIcmigJizNGdW09IAW7Xn8QOlQ6oFl4KGlEfd9/
9e6+FQUxNyNaRfHPPQ==
-----END CERTIFICATE-----
Generated at Mon Oct 20 14:49:37 2025 by rpki-client