Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/194E45BA8A5311F08E320896DAE4EC9C.roa
File: 194E45BA8A5311F08E320896DAE4EC9C.roa (raw, json)
Hash identifier: 0OYI1gFy1YrAy/nW0oo6l490O1rj23zgqcVOgntHVS0=
Subject key identifier: 15:D2:AC:AA:B6:B9:04:A4:72:8D:7E:B1:BA:F6:1E:2E:24:37:61:BA
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 019E2C
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/194E45BA8A5311F08E320896DAE4EC9C.roa
Signing time: Fri 05 Sep 2025 12:23:16 +0000
ROA not before: Fri 05 Sep 2025 12:23:10 +0000
ROA not after: Fri 12 Dec 2025 12:23:10 +0000
asID: 398478
IP address blocks: 154.199.208.0/20 maxlen: 24
154.199.224.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 106028 (0x19e2c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Sep 5 12:23:10 2025 GMT
Not After : Dec 12 12:23:10 2025 GMT
Subject: CN=68bad634-c8bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:36:e6:4d:78:a8:36:6f:32:1d:0b:d5:2c:58:
fc:86:b5:5b:d2:55:48:37:18:9a:28:e6:1e:8e:a8:
39:d9:b4:76:48:d0:d7:94:cc:8b:90:2a:e3:4c:29:
e6:2d:86:d3:0c:be:8b:e1:e2:70:48:f8:44:e3:9f:
63:ae:61:b6:74:a2:c4:03:1c:37:49:73:80:71:09:
65:80:01:f8:0c:8f:b3:de:7a:43:50:4b:91:81:5a:
dc:ed:b5:bc:82:5f:f1:09:f3:b0:3c:f7:09:03:cc:
b1:a2:0e:b1:cf:c1:c2:13:c7:31:04:de:dc:3e:40:
d6:b5:a3:ac:be:a5:b2:45:0f:2a:e1:50:c8:29:95:
ec:8b:4c:13:75:70:b0:ca:10:50:06:9f:6e:27:a7:
9e:02:21:85:9f:9c:81:3a:49:57:f4:c2:e7:4c:74:
45:b3:4a:c4:a7:50:b1:40:1e:36:67:a3:e5:f6:46:
c8:99:df:02:a7:57:71:40:1c:9a:48:16:ff:0d:7a:
8e:b3:11:2f:50:d6:35:3f:0c:64:69:45:17:81:a8:
18:39:fa:17:f8:59:c4:70:c2:0a:d7:8e:ef:a1:5d:
4a:32:9f:78:60:ad:e0:9c:b5:11:ec:92:60:f4:12:
1c:ea:2b:24:99:01:40:e8:a2:b0:f0:09:13:a8:4b:
c3:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:D2:AC:AA:B6:B9:04:A4:72:8D:7E:B1:BA:F6:1E:2E:24:37:61:BA
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/194E45BA8A5311F08E320896DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.199.208.0-154.199.255.255
Signature Algorithm: sha256WithRSAEncryption
0c:c4:dd:c9:ee:0d:32:1c:60:82:61:cc:13:b9:74:12:81:80:
6d:f7:f0:40:d1:81:78:f1:de:f3:5a:97:0e:3e:96:44:71:46:
7a:6e:ce:81:cb:38:36:7f:91:49:10:db:2d:68:fc:21:55:95:
25:90:43:ca:ac:26:3e:92:e4:8b:13:cb:da:89:0b:03:8a:66:
47:a0:bc:a3:51:96:1d:b4:ab:4e:a2:b5:df:12:15:68:f9:32:
37:ab:44:6b:ed:08:92:60:ba:b3:69:42:03:f5:b5:49:de:21:
23:fb:79:65:73:05:21:2b:d6:98:00:fc:82:b1:aa:6c:87:3d:
53:0c:09:7c:3e:ff:7f:3e:ad:f0:fe:11:8a:d1:af:6f:0f:c7:
29:73:0e:c1:47:83:95:95:e7:d2:a8:e3:63:75:9b:23:f0:54:
2e:0f:66:ba:c4:05:5f:3d:a9:0f:ce:87:58:d9:c5:e2:15:b9:
53:fc:bb:7d:5a:0c:a6:84:6c:0d:bd:47:ca:8f:af:a1:21:f4:
3e:80:36:9a:e2:e2:7a:9b:ee:64:7e:4e:cd:bb:fb:f4:77:e7:
90:df:33:54:b7:04:fa:8a:8b:01:30:ae:f3:b0:c1:2c:f3:83:
2e:89:7b:b7:e1:1e:4f:40:94:d1:e8:f8:05:f4:10:36:a8:7f:
e3:e7:a3:b2
-----BEGIN CERTIFICATE-----
MIIFizCCBHOgAwIBAgIDAZ4sMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwOTA1MTIyMzEwWhcNMjUxMjEyMTIyMzEwWjAYMRYw
FAYDVQQDEw02OGJhZDYzNC1jOGJiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyTbmTXioNm8yHQvVLFj8hrVb0lVINxiaKOYejqg52bR2SNDXlMyLkCrj
TCnmLYbTDL6L4eJwSPhE459jrmG2dKLEAxw3SXOAcQllgAH4DI+z3npDUEuRgVrc
7bW8gl/xCfOwPPcJA8yxog6xz8HCE8cxBN7cPkDWtaOsvqWyRQ8q4VDIKZXsi0wT
dXCwyhBQBp9uJ6eeAiGFn5yBOklX9MLnTHRFs0rEp1CxQB42Z6Pl9kbImd8Cp1dx
QByaSBb/DXqOsxEvUNY1PwxkaUUXgagYOfoX+FnEcMIK147voV1KMp94YK3gnLUR
7JJg9BIc6iskmQFA6KKw8AkTqEvDBwIDAQABo4ICrDCCAqgwHQYDVR0OBBYEFBXS
rKq2uQSkco1+sbr2Hi4kN2G6MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xOTRFNDVCQThBNTMxMUYwOEUzMjA4OTZEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCYGCCsGAQUFBwEHAQH/BBcwFTATBAIAATANMAsDBASax9ADAwOawDANBgkq
hkiG9w0BAQsFAAOCAQEADMTdye4NMhxggmHME7l0EoGAbffwQNGBePHe81qXDj6W
RHFGem7Ogcs4Nn+RSRDbLWj8IVWVJZBDyqwmPpLkixPL2okLA4pmR6C8o1GWHbSr
TqK13xIVaPkyN6tEa+0IkmC6s2lCA/W1Sd4hI/t5ZXMFISvWmAD8grGqbIc9UwwJ
fD7/fz6t8P4RitGvbw/HKXMOwUeDlZXn0qjjY3WbI/BULg9musQFXz2pD86HWNnF
4hW5U/y7fVoMpoRsDb1Hyo+voSH0PoA2muLiepvuZH5Ozbv79HfnkN8zVLcE+oqL
ATCu87DBLPODLol7t+EeT0CU0ej4BfQQNqh/4+ejsg==
-----END CERTIFICATE-----
Generated at Sun Oct 19 08:51:28 2025 by rpki-client