Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/02CBD330A39811F0A6544C7CDAE4EC9C.roa
File: 02CBD330A39811F0A6544C7CDAE4EC9C.roa (raw, json)
Hash identifier: gXzltlVYa6/G9X9E6oVdE5D/YnR7cBoK0ff4qxISCwI=
Subject key identifier: C4:BE:56:DB:D5:B9:13:78:B0:CB:47:34:45:FE:99:B2:9B:F1:8F:A6
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01A298
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/02CBD330A39811F0A6544C7CDAE4EC9C.roa
Signing time: Tue 07 Oct 2025 16:09:33 +0000
ROA not before: Tue 07 Oct 2025 16:09:28 +0000
ROA not after: Mon 03 Nov 2025 16:09:28 +0000
asID: 203020
IP address blocks: 154.205.186.0/24 maxlen: 24
154.223.137.0/24 maxlen: 24
154.223.138.0/23 maxlen: 24
154.223.140.0/22 maxlen: 24
154.223.144.0/20 maxlen: 24
154.223.160.0/22 maxlen: 24
154.223.172.0/22 maxlen: 24
154.223.184.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 107160 (0x1a298)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Oct 7 16:09:28 2025 GMT
Not After : Nov 3 16:09:28 2025 GMT
Subject: CN=68e53b3d-538c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:2a:46:6d:8f:fa:17:80:86:d1:56:19:97:1c:
f1:3e:ca:f3:77:d5:2f:73:7b:49:8d:07:35:6a:b9:
6a:32:81:d6:cb:06:d7:89:d7:44:ca:55:4b:3a:6f:
33:a0:89:65:9b:e3:d7:9c:de:23:65:af:92:34:3c:
b9:49:b7:c8:a8:f9:3a:24:c1:a8:7a:ca:ee:9f:38:
57:2f:0d:be:7d:b0:69:91:4e:9e:89:f2:12:8a:c4:
e8:52:9f:70:66:02:40:60:c4:99:f0:88:85:5a:1e:
71:05:9b:df:6d:00:26:34:24:82:3e:45:65:3a:3c:
e8:5a:e0:2d:88:5a:a9:58:2c:81:eb:fe:2c:4e:b8:
b3:4a:60:0d:83:29:5d:92:a0:50:a3:29:e6:e1:82:
63:8a:2d:e0:43:93:07:15:38:a5:12:b8:fe:3c:b9:
47:14:f9:65:9e:61:43:c8:bc:f1:81:68:32:25:01:
da:e9:33:15:03:a0:6f:57:08:f5:ba:99:f8:f2:39:
9b:d4:51:5e:72:05:df:58:e9:fd:25:40:af:63:76:
dc:44:fe:6f:f5:53:43:0e:8a:2e:de:38:c6:48:43:
82:99:75:99:2e:62:92:17:19:00:65:ce:dc:b8:b3:
ad:51:7d:26:e5:1b:7c:88:09:04:22:5c:af:14:4f:
5c:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:BE:56:DB:D5:B9:13:78:B0:CB:47:34:45:FE:99:B2:9B:F1:8F:A6
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/02CBD330A39811F0A6544C7CDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.205.186.0/24
154.223.137.0-154.223.163.255
154.223.172.0/22
154.223.184.0/22
Signature Algorithm: sha256WithRSAEncryption
7c:71:35:da:38:ca:ef:3c:1f:bc:f8:4c:f2:e9:9a:43:cb:b7:
46:5b:d9:b0:39:ad:d0:26:2f:d2:05:e5:5b:a7:64:28:5c:2a:
67:4c:d7:87:c7:c9:91:a0:fa:95:2b:61:3d:98:84:2b:be:ef:
2d:cf:51:78:e0:15:88:9c:82:67:75:c6:1d:b2:5c:f2:ec:dc:
fd:a6:34:96:e6:af:50:4b:d1:06:4e:13:2c:cb:4b:70:c0:cb:
95:31:bf:61:af:16:a6:35:b0:9e:2a:0e:14:67:85:db:4e:52:
b8:98:cd:26:59:de:f8:61:a0:7a:82:f9:97:58:be:36:5f:11:
54:37:d4:9c:98:df:2a:4a:c0:04:a3:a3:28:d9:8b:b3:51:6e:
a2:cd:c8:fc:33:29:78:07:04:1a:03:4c:ea:bc:23:b0:13:4f:
52:d4:98:6d:50:8e:67:1c:32:ef:e6:fd:38:65:9f:c5:4b:08:
f8:31:3e:44:cc:30:4e:b0:56:d8:95:15:2b:81:38:49:ad:79:
ab:13:72:2a:99:06:9b:61:2f:3b:86:97:0f:bc:e7:79:14:5c:
a3:bf:e1:6b:e9:d9:cb:a0:19:34:75:e2:1c:64:ce:5f:c8:fb:
6f:df:f0:61:7c:31:6d:a3:de:9b:5f:60:96:27:fb:3d:32:52:
5b:b9:24:bd
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIDAaKYMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUxMDA3MTYwOTI4WhcNMjUxMTAzMTYwOTI4WjAYMRYw
FAYDVQQDEw02OGU1M2IzZC01MzhjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsipGbY/6F4CG0VYZlxzxPsrzd9Uvc3tJjQc1arlqMoHWywbXiddEylVL
Om8zoIllm+PXnN4jZa+SNDy5SbfIqPk6JMGoesrunzhXLw2+fbBpkU6eifISisTo
Up9wZgJAYMSZ8IiFWh5xBZvfbQAmNCSCPkVlOjzoWuAtiFqpWCyB6/4sTrizSmAN
gyldkqBQoynm4YJjii3gQ5MHFTilErj+PLlHFPllnmFDyLzxgWgyJQHa6TMVA6Bv
Vwj1upn48jmb1FFecgXfWOn9JUCvY3bcRP5v9VNDDoou3jjGSEOCmXWZLmKSFxkA
Zc7cuLOtUX0m5Rt8iAkEIlyvFE9c0wIDAQABo4ICvzCCArswHQYDVR0OBBYEFMS+
VtvVuRN4sMtHNEX+mbKb8Y+mMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8wMkNCRDMzMEEzOTgxMUYwQTY1NDRDN0NEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAms26MAwDBACa34kDBAKa
36ADBAKa36wDBAKa37gwDQYJKoZIhvcNAQELBQADggEBAHxxNdo4yu88H7z4TPLp
mkPLt0Zb2bA5rdAmL9IF5VunZChcKmdM14fHyZGg+pUrYT2YhCu+7y3PUXjgFYic
gmd1xh2yXPLs3P2mNJbmr1BL0QZOEyzLS3DAy5Uxv2GvFqY1sJ4qDhRnhdtOUriY
zSZZ3vhhoHqC+ZdYvjZfEVQ31JyY3ypKwASjoyjZi7NRbqLNyPwzKXgHBBoDTOq8
I7ATT1LUmG1QjmccMu/m/Thln8VLCPgxPkTMME6wVtiVFSuBOEmteasTciqZBpth
LzuGlw+853kUXKO/4Wvp2cugGTR14hxkzl/I+2/f8GF8MW2j3ptfYJYn+z0yUlu5
JL0=
-----END CERTIFICATE-----
Generated at Sun Oct 19 08:51:19 2025 by rpki-client