Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/227D044C8A4D11F0A34D64EFDAE4EC9C.roa
File: 227D044C8A4D11F0A34D64EFDAE4EC9C.roa (raw, json)
Hash identifier: JQHQIDww9f+2Lpe6vCCoa4hjoUVcJziYJKBwXoSiYc8=
Subject key identifier: DB:DD:3B:96:73:1B:9C:F3:EC:8B:55:2D:0F:E2:C6:43:46:4C:62:C8
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 019E20
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/227D044C8A4D11F0A34D64EFDAE4EC9C.roa
Signing time: Fri 05 Sep 2025 11:40:35 +0000
ROA not before: Fri 05 Sep 2025 11:40:29 +0000
ROA not after: Thu 04 Dec 2025 11:40:29 +0000
asID: 135377
IP address blocks: 154.83.196.0/24 maxlen: 24
154.83.197.0/24 maxlen: 24
154.83.198.0/24 maxlen: 24
154.83.199.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 106016 (0x19e20)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Sep 5 11:40:29 2025 GMT
Not After : Dec 4 11:40:29 2025 GMT
Subject: CN=68bacc33-1b31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:99:26:58:f1:83:7e:ce:6e:92:18:ca:87:ed:
0f:af:b5:24:59:df:8b:a5:e5:30:ff:c1:c9:8f:63:
b0:11:b9:4f:c7:be:a8:91:14:3b:c1:80:a8:4a:b7:
b0:09:17:8b:ff:16:64:f1:a7:bb:74:a5:01:a1:a7:
74:6b:0d:f8:78:b7:2e:ff:17:93:69:d2:f8:26:2c:
64:22:e8:f1:0f:8c:7a:94:b3:fb:5d:fe:4d:19:37:
5a:10:78:3b:1d:53:df:de:fd:ad:68:8f:f3:44:5f:
70:82:ad:53:97:a4:c5:3c:d5:49:ec:c8:a6:13:cb:
b0:a2:62:80:23:c0:25:d1:41:a4:5e:72:c2:2c:f7:
36:27:3c:cc:65:f7:99:8a:09:8e:b5:ef:d5:fe:d5:
6a:cb:dc:6b:16:4a:15:5e:bc:88:8e:2a:a8:61:87:
35:a2:8a:e7:e1:8e:63:70:20:53:3e:e1:20:02:da:
ec:2b:d7:23:d7:bb:c0:20:75:35:40:d8:27:de:50:
c3:1c:83:0c:16:03:83:6d:e0:96:8f:29:8b:5e:dd:
55:98:5b:50:16:b2:5d:20:2c:e9:a4:96:2a:5f:54:
50:db:59:be:d8:cd:2e:1b:1c:2f:c4:0f:98:52:39:
c9:46:fd:e5:83:da:09:6a:23:db:4b:e1:a4:18:67:
2d:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:DD:3B:96:73:1B:9C:F3:EC:8B:55:2D:0F:E2:C6:43:46:4C:62:C8
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/227D044C8A4D11F0A34D64EFDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.83.196.0/22
Signature Algorithm: sha256WithRSAEncryption
41:b9:91:70:21:81:a6:f5:02:76:ec:80:6f:f3:db:17:47:53:
21:95:e2:8c:bb:46:c8:17:88:c1:54:24:ba:08:df:a4:53:78:
61:a6:4e:82:ee:8d:68:07:1a:3a:c0:27:16:2c:a0:29:d0:8b:
35:34:f3:77:ca:b0:50:25:fe:67:d3:4e:dd:6a:5c:31:a6:95:
dc:fa:48:3a:0c:a4:ed:99:4b:b2:6c:ed:4e:1e:fe:1a:d0:74:
28:9a:7b:f8:c1:e5:33:a7:58:a0:d5:80:80:80:55:d0:9f:fc:
5c:24:b4:bb:c0:30:b7:77:2d:86:30:e8:22:f3:68:1e:7a:1c:
23:6d:17:84:37:8e:d6:b8:ff:4b:3a:7c:3a:d5:ab:32:ee:67:
bd:0f:ed:25:a2:7b:fa:bd:9e:89:cc:c2:15:bb:56:c5:83:a6:
da:ab:bd:11:b3:4c:d1:ad:45:d8:46:bf:34:cc:c4:17:ce:b6:
b3:22:d4:79:23:db:cd:07:c6:b7:6e:42:3b:fd:da:76:d5:81:
40:95:78:5c:b0:51:c8:68:fa:ee:ca:b8:92:1e:6c:e8:8a:ca:
95:37:fa:74:4a:2d:c0:79:ed:2b:5e:f1:e9:69:59:9f:41:3f:
02:f9:57:f7:1e:c4:48:a7:51:d5:37:2b:04:69:d1:35:6a:01:
43:24:7b:2d
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAZ4gMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwOTA1MTE0MDI5WhcNMjUxMjA0MTE0MDI5WjAYMRYw
FAYDVQQDEw02OGJhY2MzMy0xYjMxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzZkmWPGDfs5ukhjKh+0Pr7UkWd+LpeUw/8HJj2OwEblPx76okRQ7wYCo
SrewCReL/xZk8ae7dKUBoad0aw34eLcu/xeTadL4JixkIujxD4x6lLP7Xf5NGTda
EHg7HVPf3v2taI/zRF9wgq1Tl6TFPNVJ7MimE8uwomKAI8Al0UGkXnLCLPc2JzzM
ZfeZigmOte/V/tVqy9xrFkoVXryIjiqoYYc1oorn4Y5jcCBTPuEgAtrsK9cj17vA
IHU1QNgn3lDDHIMMFgODbeCWjymLXt1VmFtQFrJdICzppJYqX1RQ21m+2M0uGxwv
xA+YUjnJRv3lg9oJaiPbS+GkGGct6QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFNvd
O5ZzG5zz7ItVLQ/ixkNGTGLIMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yMjdEMDQ0QzhBNEQxMUYwQTM0RDY0RUZEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCmlPEMA0GCSqGSIb3DQEB
CwUAA4IBAQBBuZFwIYGm9QJ27IBv89sXR1MhleKMu0bIF4jBVCS6CN+kU3hhpk6C
7o1oBxo6wCcWLKAp0Is1NPN3yrBQJf5n007dalwxppXc+kg6DKTtmUuybO1OHv4a
0HQomnv4weUzp1ig1YCAgFXQn/xcJLS7wDC3dy2GMOgi82geehwjbReEN47WuP9L
Onw61asy7me9D+0lonv6vZ6JzMIVu1bFg6baq70Rs0zRrUXYRr80zMQXzrazItR5
I9vNB8a3bkI7/dp21YFAlXhcsFHIaPruyriSHmzoisqVN/p0Si3Aee0rXvHpaVmf
QT8C+Vf3HsRIp1HVNysEadE1agFDJHst
-----END CERTIFICATE-----
Generated at Sun Oct 19 08:51:29 2025 by rpki-client