Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/09A017F8841B11F0BB218B90DAE4EC9C.roa
File: 09A017F8841B11F0BB218B90DAE4EC9C.roa (raw, json)
Hash identifier: htmYy7bU+Oa4IhFYTO0Las2ckhc2lwRZWWKrUxZY7sg=
Subject key identifier: 90:1A:FD:E3:04:34:5E:4A:B5:BC:CC:69:EC:5C:85:18:95:9D:FD:3F
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0199E6
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/09A017F8841B11F0BB218B90DAE4EC9C.roa
Signing time: Thu 28 Aug 2025 14:26:51 +0000
ROA not before: Thu 28 Aug 2025 14:26:45 +0000
ROA not after: Tue 30 Sep 2025 14:26:45 +0000
asID: 62240
IP address blocks: 154.194.79.0/24 maxlen: 24
154.194.99.0/24 maxlen: 24
154.194.100.0/24 maxlen: 24
154.194.101.0/24 maxlen: 24
154.194.102.0/24 maxlen: 24
154.194.104.0/24 maxlen: 24
154.194.105.0/24 maxlen: 24
154.194.106.0/24 maxlen: 24
154.194.107.0/24 maxlen: 24
154.194.108.0/24 maxlen: 24
154.196.63.0/24 maxlen: 24
154.196.65.0/24 maxlen: 24
154.196.66.0/24 maxlen: 24
154.196.67.0/24 maxlen: 24
154.196.69.0/24 maxlen: 24
154.196.71.0/24 maxlen: 24
154.196.72.0/24 maxlen: 24
154.196.73.0/24 maxlen: 24
154.196.74.0/24 maxlen: 24
154.196.75.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 05 Sep 2025 09:25:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 104934 (0x199e6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Aug 28 14:26:45 2025 GMT
Not After : Sep 30 14:26:45 2025 GMT
Subject: CN=68b0672b-fb55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:ba:30:12:d0:0a:46:49:24:24:5c:b9:f4:e0:
4c:c5:49:18:e7:f2:ad:7f:07:3d:34:0f:ef:e7:59:
07:6e:74:af:0e:f6:6e:50:d2:77:76:9f:cd:c4:77:
3a:c1:d4:91:da:ef:31:3b:9f:77:da:aa:58:26:cc:
a9:b9:5c:1c:ed:19:bf:5f:0f:94:f5:fa:75:26:ad:
cc:62:9f:7b:4f:d5:ea:16:c6:ac:c3:bf:03:bf:13:
ff:c3:49:fb:ea:db:3e:b3:e9:af:32:48:c2:c1:84:
34:c1:59:f5:7b:4d:37:a6:ff:d3:2a:b8:67:9a:71:
e5:bc:48:24:3e:b8:25:04:f7:1b:3f:96:92:e7:48:
1e:55:1a:9e:b2:94:ee:fc:66:c0:e8:a0:28:67:63:
b6:46:50:73:fa:32:f3:86:c1:c9:bc:f0:f7:d0:36:
c5:27:f4:c3:ab:82:14:0a:0d:ee:ac:ba:b5:1a:ed:
4b:d9:b0:00:53:0b:2b:91:fb:b7:0c:37:76:ab:fe:
42:9f:81:34:cd:a1:21:e4:72:b5:1f:8a:cf:75:b2:
a5:04:5e:29:0a:b4:76:7e:02:89:d6:28:09:e2:a9:
cc:3e:ba:c3:0b:aa:72:33:42:b4:8a:c9:bd:eb:c7:
a7:53:dd:8a:cc:ec:16:52:36:23:1e:ed:09:1b:8c:
57:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:1A:FD:E3:04:34:5E:4A:B5:BC:CC:69:EC:5C:85:18:95:9D:FD:3F
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/09A017F8841B11F0BB218B90DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.194.79.0/24
154.194.99.0-154.194.102.255
154.194.104.0-154.194.108.255
154.196.63.0/24
154.196.65.0-154.196.67.255
154.196.69.0/24
154.196.71.0-154.196.75.255
Signature Algorithm: sha256WithRSAEncryption
0a:c1:d2:54:3b:de:37:fc:af:89:40:b2:29:36:79:4c:7e:d1:
f8:8c:54:ed:c3:15:34:7e:f9:14:57:8a:e4:31:d4:aa:b1:d9:
a0:74:2f:5a:cd:2c:65:b8:ea:63:6f:e7:c8:c4:1f:aa:5c:9f:
1a:15:40:86:7a:5e:3b:b9:15:2d:8b:02:0b:4e:10:d0:a9:9e:
64:63:71:69:f1:b9:47:01:a2:6a:dc:9f:7b:a1:cf:11:86:52:
c5:f2:9c:6a:36:a1:c3:39:0d:d1:67:13:45:7e:85:db:be:d4:
fc:34:89:7e:cb:b1:9f:09:57:95:d8:62:40:4b:28:b5:ba:93:
75:f6:37:4e:7b:77:9d:5f:a0:23:43:01:36:f0:b0:35:41:ae:
9b:0c:1b:26:12:bd:a1:43:0d:df:d9:d1:5b:85:6b:1b:77:d7:
b3:67:5e:43:9d:3b:f2:0c:aa:4b:7c:8d:05:56:0e:ee:40:f3:
60:b1:d8:9f:5b:0c:82:16:60:a6:61:c0:90:e0:60:a6:7a:28:
c6:d3:31:d8:9e:9c:1f:f8:3e:2d:93:a3:f3:7a:38:d9:d4:40:
ea:7b:e2:18:b7:56:dc:d7:f3:c3:a2:d0:b5:41:42:f0:86:ed:
75:2e:66:90:53:dc:01:28:55:cc:3f:58:d0:c4:6b:a0:cd:74:
46:da:3e:c5
-----BEGIN CERTIFICATE-----
MIIFyDCCBLCgAwIBAgIDAZnmMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwODI4MTQyNjQ1WhcNMjUwOTMwMTQyNjQ1WjAYMRYw
FAYDVQQDEw02OGIwNjcyYi1mYjU1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwLowEtAKRkkkJFy59OBMxUkY5/Ktfwc9NA/v51kHbnSvDvZuUNJ3dp/N
xHc6wdSR2u8xO5932qpYJsypuVwc7Rm/Xw+U9fp1Jq3MYp97T9XqFsasw78DvxP/
w0n76ts+s+mvMkjCwYQ0wVn1e003pv/TKrhnmnHlvEgkPrglBPcbP5aS50geVRqe
spTu/GbA6KAoZ2O2RlBz+jLzhsHJvPD30DbFJ/TDq4IUCg3urLq1Gu1L2bAAUwsr
kfu3DDd2q/5Cn4E0zaEh5HK1H4rPdbKlBF4pCrR2fgKJ1igJ4qnMPrrDC6pyM0K0
ism968enU92KzOwWUjYjHu0JG4xXZwIDAQABo4IC6TCCAuUwHQYDVR0OBBYEFJAa
/eMENF5KtbzMaexchRiVnf0/MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8wOUEwMTdGODg0MUIxMUYwQkIyMThCOTBEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMGMGCCsGAQUFBwEHAQH/BFQwUjBQBAIAATBKAwQAmsJPMAwDBACawmMDBACa
wmYwDAMEA5rCaAMEAJrCbAMEAJrEPzAMAwQAmsRBAwQCmsRAAwQAmsRFMAwDBACa
xEcDBAKaxEgwDQYJKoZIhvcNAQELBQADggEBAArB0lQ73jf8r4lAsik2eUx+0fiM
VO3DFTR++RRXiuQx1Kqx2aB0L1rNLGW46mNv58jEH6pcnxoVQIZ6Xju5FS2LAgtO
ENCpnmRjcWnxuUcBomrcn3uhzxGGUsXynGo2ocM5DdFnE0V+hdu+1Pw0iX7LsZ8J
V5XYYkBLKLW6k3X2N057d51foCNDATbwsDVBrpsMGyYSvaFDDd/Z0VuFaxt317Nn
XkOdO/IMqkt8jQVWDu5A82Cx2J9bDIIWYKZhwJDgYKZ6KMbTMdienB/4Pi2To/N6
ONnUQOp74hi3VtzX88Oi0LVBQvCG7XUuZpBT3AEoVcw/WNDEa6DNdEbaPsU=
-----END CERTIFICATE-----
Generated at Wed Sep 3 18:32:36 2025 by rpki-client