Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/02876022B35811F083F4F08DDAE4EC9C.roa
File: 02876022B35811F083F4F08DDAE4EC9C.roa (raw, json)
Hash identifier: s1PNkbI9NMJxUzqXpllRNn4ChxBaEWIV5RTFnUgZSz0=
Subject key identifier: FE:DA:6E:D3:0C:53:76:92:FA:76:B1:13:B6:E3:7C:8D:94:7C:89:67
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01A559
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/02876022B35811F083F4F08DDAE4EC9C.roa
Signing time: Mon 27 Oct 2025 17:11:43 +0000
ROA not before: Mon 27 Oct 2025 17:11:36 +0000
ROA not after: Mon 01 Dec 2025 17:11:36 +0000
asID: 62240
IP address blocks: 154.195.127.0/24 maxlen: 24
154.195.128.0/24 maxlen: 24
154.195.129.0/24 maxlen: 24
154.195.130.0/24 maxlen: 24
154.195.131.0/24 maxlen: 24
154.195.132.0/24 maxlen: 24
154.195.133.0/24 maxlen: 24
154.195.134.0/24 maxlen: 24
154.195.135.0/24 maxlen: 24
154.196.88.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 30 Oct 2025 09:04:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 107865 (0x1a559)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Oct 27 17:11:36 2025 GMT
Not After : Dec 1 17:11:36 2025 GMT
Subject: CN=68ffa7cf-b22d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:41:d4:1d:2d:d8:d4:a5:4c:b9:7d:00:3e:82:
c0:ef:8c:8f:1d:ff:41:53:ff:24:99:cd:ba:a8:5d:
53:3f:6e:27:c3:18:e7:85:5a:bc:c9:48:8b:7d:13:
bc:47:a0:2f:71:02:a2:cf:a7:f5:af:8f:77:12:28:
d6:0b:dc:9a:17:44:1f:6b:21:bc:d9:de:64:de:5d:
c8:d3:29:55:c2:b5:10:d0:55:a1:e6:e1:c2:c0:da:
77:87:2e:67:7f:f8:05:fc:33:f1:8e:9a:ca:04:e3:
1a:f9:a2:dd:7f:8d:be:a7:d7:f3:21:e2:6f:0a:69:
c6:88:88:ac:a0:58:f1:d1:d3:1b:0b:ca:ac:c1:b6:
8e:26:cb:dc:17:d6:ea:78:7f:47:bc:0a:e3:58:02:
be:7a:50:01:c5:59:48:45:a3:9d:99:df:13:94:ae:
04:e9:06:52:3f:b9:d2:63:5a:8e:cf:e7:95:f4:4e:
b6:94:5d:f2:f9:59:ca:62:35:b4:16:d6:3f:fa:cb:
a6:ab:64:73:06:fa:ce:ea:8d:26:bd:bb:11:ea:ef:
7a:2c:32:09:85:42:91:60:4a:fe:80:bb:5e:33:39:
ee:45:5e:e7:3c:a0:44:d9:84:29:8e:48:94:22:c2:
86:a9:88:0f:23:9e:b7:e6:ce:c6:cd:45:50:a2:7f:
04:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:DA:6E:D3:0C:53:76:92:FA:76:B1:13:B6:E3:7C:8D:94:7C:89:67
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/02876022B35811F083F4F08DDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.195.127.0-154.195.135.255
154.196.88.0/24
Signature Algorithm: sha256WithRSAEncryption
50:79:d8:8f:f9:d2:42:b8:8e:92:4b:e3:00:cf:9d:c3:e7:18:
e9:7a:65:c3:f7:69:e5:46:be:d3:c4:2c:00:ee:f8:08:6a:41:
f8:99:8f:26:48:94:a5:fc:b2:a1:85:5f:72:bc:44:3d:a3:2a:
dd:3b:e0:62:2f:c5:e8:29:2e:3f:c4:19:26:16:1a:6a:a3:02:
a6:e9:94:74:93:9a:c5:51:49:93:e4:1e:5f:0d:da:d5:0b:05:
18:5c:c2:f4:71:ad:9c:34:7e:7c:f0:dd:b1:ec:0f:af:f1:df:
23:b3:b1:cd:51:9f:ac:a2:e7:29:92:9b:c6:4e:a1:8c:94:9a:
80:8a:85:5c:a0:2b:f2:44:ac:e9:12:ec:74:6c:e2:2e:5f:a7:
8c:97:25:f1:92:bf:75:ad:4e:c2:08:e1:05:a4:d5:86:19:31:
4e:ca:2b:ee:f2:e6:46:19:f8:6b:e2:f4:8e:c4:2f:05:06:d3:
13:d9:e3:50:2c:db:96:4c:0b:cb:46:d9:bf:ba:af:ac:d9:55:
a8:8f:b8:4c:9d:a3:1d:00:33:8f:d4:44:a1:1d:20:03:f5:15:
f9:67:a7:cc:73:58:e7:28:cb:d7:c1:9d:5d:f6:44:41:84:7a:
da:81:f3:15:1a:73:2d:c3:d7:ae:0f:77:33:87:11:aa:8c:16:
f9:29:f4:c5
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgIDAaVZMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUxMDI3MTcxMTM2WhcNMjUxMjAxMTcxMTM2WjAYMRYw
FAYDVQQDEw02OGZmYTdjZi1iMjJkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAnkHUHS3Y1KVMuX0APoLA74yPHf9BU/8kmc26qF1TP24nwxjnhVq8yUiL
fRO8R6AvcQKiz6f1r493EijWC9yaF0QfayG82d5k3l3I0ylVwrUQ0FWh5uHCwNp3
hy5nf/gF/DPxjprKBOMa+aLdf42+p9fzIeJvCmnGiIisoFjx0dMbC8qswbaOJsvc
F9bqeH9HvArjWAK+elABxVlIRaOdmd8TlK4E6QZSP7nSY1qOz+eV9E62lF3y+VnK
YjW0FtY/+sumq2RzBvrO6o0mvbsR6u96LDIJhUKRYEr+gLteMznuRV7nPKBE2YQp
jkiUIsKGqYgPI5635s7GzUVQon8EkQIDAQABo4ICszCCAq8wHQYDVR0OBBYEFP7a
btMMU3aS+naxE7bjfI2UfIlnMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8wMjg3NjAyMkIzNTgxMUYwODNGNEYwOEREQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBACaw38DBAOaw4ADBACa
xFgwDQYJKoZIhvcNAQELBQADggEBAFB52I/50kK4jpJL4wDPncPnGOl6ZcP3aeVG
vtPELADu+AhqQfiZjyZIlKX8sqGFX3K8RD2jKt074GIvxegpLj/EGSYWGmqjAqbp
lHSTmsVRSZPkHl8N2tULBRhcwvRxrZw0fnzw3bHsD6/x3yOzsc1Rn6yi5ymSm8ZO
oYyUmoCKhVygK/JErOkS7HRs4i5fp4yXJfGSv3WtTsII4QWk1YYZMU7KK+7y5kYZ
+Gvi9I7ELwUG0xPZ41As25ZMC8tG2b+6r6zZVaiPuEydox0AM4/URKEdIAP1Ffln
p8xzWOcoy9fBnV32REGEetqB8xUacy3D164PdzOHEaqMFvkp9MU=
-----END CERTIFICATE-----
Generated at Tue Oct 28 17:04:47 2025 by rpki-client