Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2AD91D768A3C11F086A8F183DAE4EC9C.roa
File: 2AD91D768A3C11F086A8F183DAE4EC9C.roa (raw, json)
Hash identifier: JQEyGQ5OSkiQV+rvwSYuLEgLQYG+JNBpxEpOQKxhWVc=
Subject key identifier: 59:0A:98:FD:59:33:50:E3:58:44:F7:B5:AD:31:A0:22:B8:3A:BC:CC
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 019E08
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2AD91D768A3C11F086A8F183DAE4EC9C.roa
Signing time: Fri 05 Sep 2025 09:39:07 +0000
ROA not before: Fri 05 Sep 2025 09:39:02 +0000
ROA not after: Fri 05 Dec 2025 09:39:02 +0000
asID: 18229
IP address blocks: 154.206.22.0/24 maxlen: 24
154.206.23.0/24 maxlen: 24
154.206.29.0/24 maxlen: 24
154.210.128.0/24 maxlen: 24
154.210.129.0/24 maxlen: 24
154.210.130.0/24 maxlen: 24
154.210.131.0/24 maxlen: 24
154.210.132.0/24 maxlen: 24
154.210.133.0/24 maxlen: 24
154.210.134.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 105992 (0x19e08)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Sep 5 09:39:02 2025 GMT
Not After : Dec 5 09:39:02 2025 GMT
Subject: CN=68baafbb-b2be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:fb:ed:ab:e0:a6:00:4c:ff:87:dc:e6:5a:12:
fb:48:0d:64:c2:50:1f:21:1e:d1:35:48:15:2c:b5:
31:77:3e:c5:63:83:be:46:93:30:6b:12:91:78:77:
d9:45:bd:6e:4e:62:71:08:5a:95:92:ea:6b:0b:d9:
66:d9:09:e0:e0:8f:7a:e9:8d:b4:b7:cf:cf:69:8f:
28:b6:c2:cf:6e:31:82:31:0e:b4:ce:e6:01:81:d6:
ca:9e:44:13:0b:a3:0e:10:f8:fd:d1:90:59:7d:63:
64:8f:91:7d:69:81:45:f2:a0:f2:19:a0:72:9f:ea:
e4:de:c8:8d:f2:8e:b2:fa:e6:b4:a9:7c:b8:0f:c6:
88:ce:b2:16:f5:39:10:f7:29:93:fb:af:ce:72:05:
a7:0f:24:aa:9e:03:b7:49:ac:14:7e:8b:b8:2c:fb:
f5:80:9b:66:c8:32:6f:8d:d5:c6:03:b1:da:ed:69:
cc:36:ce:d9:11:5a:79:f4:2e:c1:9d:5b:5d:4a:55:
b5:03:34:3a:30:62:f8:a8:f2:bb:45:41:67:97:14:
b2:db:2d:15:48:00:f6:b6:40:3f:7c:41:c7:61:b2:
b4:a9:86:20:38:75:6d:77:c8:a7:0d:be:95:90:a6:
fb:b8:b7:fc:ab:2e:fa:1c:80:ce:00:13:c3:60:b7:
e5:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:0A:98:FD:59:33:50:E3:58:44:F7:B5:AD:31:A0:22:B8:3A:BC:CC
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2AD91D768A3C11F086A8F183DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.206.22.0/23
154.206.29.0/24
154.210.128.0-154.210.134.255
Signature Algorithm: sha256WithRSAEncryption
d4:01:b1:0e:ff:b8:54:50:fa:21:c6:6b:40:45:dd:97:b1:57:
04:85:46:8b:d6:32:d9:fd:c1:17:b0:f5:d0:d7:95:f3:3e:a4:
a3:bf:01:3d:37:cc:c9:f1:69:6e:e5:73:97:39:13:0a:b8:4e:
56:c6:a6:20:32:e1:bb:89:04:18:dc:b1:0c:82:ca:b1:46:4f:
fe:34:1a:9f:b1:e8:b7:b8:d5:8d:b5:c1:c2:ff:1f:11:87:3b:
f5:5a:ca:bf:0e:11:62:d6:d8:99:9b:be:ef:28:88:5c:95:6f:
bb:16:2c:b6:9c:a2:dd:32:1f:c2:f1:97:42:bd:9e:ac:f3:3c:
4d:69:bc:e5:46:37:e4:81:42:d7:ba:67:6e:c9:0c:41:3c:42:
61:cc:b3:fd:93:0f:6f:72:fe:fb:21:5f:ca:eb:a2:70:49:04:
87:96:50:d1:8c:b1:45:3f:b9:23:3b:ef:71:a1:68:a2:d1:8c:
24:27:e8:59:6f:53:d4:e5:60:e7:ad:24:c6:ed:b3:37:83:c6:
62:20:a3:e5:97:1d:0f:06:48:97:59:24:03:5f:1a:bb:7f:7b:
f8:c8:14:d6:ae:d4:36:d9:d1:d6:78:90:97:b9:4d:ba:6d:05:
18:9b:cd:56:1b:a0:7c:6e:94:7f:be:4d:de:99:92:9f:77:1a:
e4:18:d0:97
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgIDAZ4IMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwOTA1MDkzOTAyWhcNMjUxMjA1MDkzOTAyWjAYMRYw
FAYDVQQDEw02OGJhYWZiYi1iMmJlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAy/vtq+CmAEz/h9zmWhL7SA1kwlAfIR7RNUgVLLUxdz7FY4O+RpMwaxKR
eHfZRb1uTmJxCFqVkuprC9lm2Qng4I966Y20t8/PaY8otsLPbjGCMQ60zuYBgdbK
nkQTC6MOEPj90ZBZfWNkj5F9aYFF8qDyGaByn+rk3siN8o6y+ua0qXy4D8aIzrIW
9TkQ9ymT+6/OcgWnDySqngO3SawUfou4LPv1gJtmyDJvjdXGA7Ha7WnMNs7ZEVp5
9C7BnVtdSlW1AzQ6MGL4qPK7RUFnlxSy2y0VSAD2tkA/fEHHYbK0qYYgOHVtd8in
Db6VkKb7uLf8qy76HIDOABPDYLflqQIDAQABo4ICuTCCArUwHQYDVR0OBBYEFFkK
mP1ZM1DjWET3ta0xoCK4OrzMMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yQUQ5MUQ3NjhBM0MxMUYwODZBOEYxODNEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQBms4WAwQAms4dMAwDBAea
0oADBACa0oYwDQYJKoZIhvcNAQELBQADggEBANQBsQ7/uFRQ+iHGa0BF3ZexVwSF
RovWMtn9wRew9dDXlfM+pKO/AT03zMnxaW7lc5c5Ewq4TlbGpiAy4buJBBjcsQyC
yrFGT/40Gp+x6Le41Y21wcL/HxGHO/Vayr8OEWLW2Jmbvu8oiFyVb7sWLLacot0y
H8Lxl0K9nqzzPE1pvOVGN+SBQte6Z27JDEE8QmHMs/2TD29y/vshX8rronBJBIeW
UNGMsUU/uSM773GhaKLRjCQn6FlvU9TlYOetJMbtszeDxmIgo+WXHQ8GSJdZJANf
Grt/e/jIFNau1DbZ0dZ4kJe5TbptBRibzVYboHxulH++Td6Zkp93GuQY0Jc=
-----END CERTIFICATE-----
Generated at Sun Oct 19 08:52:05 2025 by rpki-client