Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0D9B185C995C11F0999F1FA1DAE4EC9C.roa
File: 0D9B185C995C11F0999F1FA1DAE4EC9C.roa (raw, json)
Hash identifier: 44ipfKOyQSLVEr4ZAZMUHqmqPVCfWgzNefSHJumiZo8=
Subject key identifier: E7:40:CE:1D:D4:11:24:03:F2:0A:B7:C5:04:44:1D:4B:3E:AA:40:19
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01A08C
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0D9B185C995C11F0999F1FA1DAE4EC9C.roa
Signing time: Wed 24 Sep 2025 15:35:10 +0000
ROA not before: Wed 24 Sep 2025 15:35:05 +0000
ROA not after: Thu 30 Oct 2025 15:35:05 +0000
asID: 9304
IP address blocks: 154.193.2.0/24 maxlen: 24
154.194.195.0/24 maxlen: 24
154.196.134.0/24 maxlen: 24
154.196.160.0/24 maxlen: 24
154.199.4.0/24 maxlen: 24
154.200.1.0/24 maxlen: 24
154.200.37.0/24 maxlen: 24
154.200.46.0/24 maxlen: 24
154.200.48.0/24 maxlen: 24
154.200.53.0/24 maxlen: 24
154.200.54.0/24 maxlen: 24
154.200.60.0/24 maxlen: 24
154.200.129.0/24 maxlen: 24
154.200.130.0/24 maxlen: 24
154.200.154.0/24 maxlen: 24
154.200.156.0/24 maxlen: 24
154.200.157.0/24 maxlen: 24
154.200.158.0/24 maxlen: 24
154.200.159.0/24 maxlen: 24
154.211.211.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 106636 (0x1a08c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Sep 24 15:35:05 2025 GMT
Not After : Oct 30 15:35:05 2025 GMT
Subject: CN=68d40fad-7bb0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:36:9e:3e:b9:c1:dc:ab:df:aa:e5:52:cf:80:
ed:f0:fe:d3:10:b1:ea:45:fd:fc:47:2b:0e:86:bb:
ec:d4:63:12:b0:27:b0:71:a3:60:1c:7b:05:97:41:
00:51:a2:23:0e:8c:0a:f7:d4:d0:fe:32:b6:d2:a1:
8f:bb:e5:b3:25:3f:eb:34:4a:5c:a7:79:72:2c:62:
71:1f:62:e8:fd:29:42:06:b8:cc:b0:ca:7a:1d:f0:
08:21:f9:54:26:4c:4c:a4:ab:c5:aa:db:92:6d:5e:
21:34:b9:2c:b0:fc:fc:4d:25:c7:1f:63:57:7d:e4:
08:f1:4f:be:e4:1c:e1:c4:a0:fa:ef:1f:3f:20:9e:
96:75:a7:05:b5:1e:09:b9:63:b8:9d:9f:7b:56:07:
ce:2b:00:05:26:f4:37:7d:d1:4a:0c:ec:76:09:0a:
c7:36:15:65:24:41:c9:35:5a:de:82:07:41:39:91:
65:7b:07:65:b3:ca:76:98:47:60:8f:b9:c7:a4:44:
19:38:c6:c1:07:5b:a8:34:bd:2c:a4:2a:0f:2b:da:
7e:ba:e2:cc:ef:21:a2:2e:05:72:17:a0:57:83:40:
90:c2:85:89:04:96:68:d1:4c:b0:5a:4c:3b:dc:47:
e3:c1:24:43:a8:e9:8e:6c:ae:b1:97:0a:15:e6:ab:
fc:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:40:CE:1D:D4:11:24:03:F2:0A:B7:C5:04:44:1D:4B:3E:AA:40:19
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0D9B185C995C11F0999F1FA1DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.193.2.0/24
154.194.195.0/24
154.196.134.0/24
154.196.160.0/24
154.199.4.0/24
154.200.1.0/24
154.200.37.0/24
154.200.46.0/24
154.200.48.0/24
154.200.53.0-154.200.54.255
154.200.60.0/24
154.200.129.0-154.200.130.255
154.200.154.0/24
154.200.156.0/22
154.211.211.0/24
Signature Algorithm: sha256WithRSAEncryption
d3:a2:40:a3:ad:5e:c8:c8:4e:bf:56:55:2b:8f:d1:89:1f:c6:
74:8e:3f:b3:7a:ec:96:7b:45:2b:3c:37:03:42:7e:3f:00:d4:
4b:98:2f:05:bd:29:9e:d1:59:9f:e1:ea:aa:4a:2d:fb:3e:3d:
c0:b0:86:41:2c:72:4f:84:7f:b5:46:e4:fa:f7:d6:1c:2b:8a:
75:41:d2:d6:a9:a9:e7:fc:67:d0:cf:4d:3e:dd:0c:93:3e:ab:
4b:a4:78:48:de:25:63:e3:a4:1f:21:e7:64:88:46:cc:d8:59:
4c:ca:4d:5e:7f:9d:bd:ec:36:3f:8b:34:3a:e0:1c:5a:ba:91:
7f:49:d5:06:09:18:f3:9e:57:d9:f1:a4:b4:72:55:e9:a0:45:
1e:ae:e0:53:b1:69:83:1e:93:09:3d:59:d0:e6:61:13:2c:23:
94:d0:61:2f:40:d4:f7:b1:9b:9e:7a:03:4c:80:6b:8e:6c:dd:
25:67:69:60:63:58:99:2a:d1:45:11:92:36:15:74:bd:25:7b:
ac:61:5c:7f:24:d5:5b:d1:af:b4:eb:ca:aa:05:e0:62:05:e5:
b4:9f:a6:e4:a1:b3:43:72:0b:0e:43:c8:c1:51:19:95:8b:4c:
07:b1:92:e0:30:b6:d6:9f:b1:16:48:f1:08:f9:43:b4:ee:76:
44:16:45:f0
-----BEGIN CERTIFICATE-----
MIIF6TCCBNGgAwIBAgIDAaCMMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwOTI0MTUzNTA1WhcNMjUxMDMwMTUzNTA1WjAYMRYw
FAYDVQQDEw02OGQ0MGZhZC03YmIwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3DaePrnB3KvfquVSz4Dt8P7TELHqRf38RysOhrvs1GMSsCewcaNgHHsF
l0EAUaIjDowK99TQ/jK20qGPu+WzJT/rNEpcp3lyLGJxH2Lo/SlCBrjMsMp6HfAI
IflUJkxMpKvFqtuSbV4hNLkssPz8TSXHH2NXfeQI8U++5BzhxKD67x8/IJ6WdacF
tR4JuWO4nZ97VgfOKwAFJvQ3fdFKDOx2CQrHNhVlJEHJNVreggdBOZFlewdls8p2
mEdgj7nHpEQZOMbBB1uoNL0spCoPK9p+uuLM7yGiLgVyF6BXg0CQwoWJBJZo0Uyw
Wkw73EfjwSRDqOmObK6xlwoV5qv8lQIDAQABo4IDCjCCAwYwHQYDVR0OBBYEFOdA
zh3UESQD8gq3xQREHUs+qkAZMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8wRDlCMTg1Qzk5NUMxMUYwOTk5RjFGQTFEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMIGDBggrBgEFBQcBBwEB/wR0MHIwcAQCAAEwagMEAJrBAgMEAJrCwwMEAJrE
hgMEAJrEoAMEAJrHBAMEAJrIAQMEAJrIJQMEAJrILgMEAJrIMDAMAwQAmsg1AwQA
msg2AwQAmsg8MAwDBACayIEDBACayIIDBACayJoDBAKayJwDBACa09MwDQYJKoZI
hvcNAQELBQADggEBANOiQKOtXsjITr9WVSuP0YkfxnSOP7N67JZ7RSs8NwNCfj8A
1EuYLwW9KZ7RWZ/h6qpKLfs+PcCwhkEsck+Ef7VG5Pr31hwrinVB0tapqef8Z9DP
TT7dDJM+q0ukeEjeJWPjpB8h52SIRszYWUzKTV5/nb3sNj+LNDrgHFq6kX9J1QYJ
GPOeV9nxpLRyVemgRR6u4FOxaYMekwk9WdDmYRMsI5TQYS9A1Pexm556A0yAa45s
3SVnaWBjWJkq0UURkjYVdL0le6xhXH8k1VvRr7TryqoF4GIF5bSfpuShs0NyCw5D
yMFRGZWLTAexkuAwttafsRZI8Qj5Q7TudkQWRfA=
-----END CERTIFICATE-----
Generated at Sun Oct 19 11:34:06 2025 by rpki-client