Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2DAFE8DEB35111F0AC6EC8E1DAE4EC9C.roa
File: 2DAFE8DEB35111F0AC6EC8E1DAE4EC9C.roa (raw, json)
Hash identifier: UXhQcYN4FRrf2N8QoQxQw4ebJQElm4wwyOxxjlsN+44=
Subject key identifier: B6:31:62:6F:6E:99:88:38:7D:40:0C:80:D0:52:86:41:46:DC:1D:92
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01A549
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2DAFE8DEB35111F0AC6EC8E1DAE4EC9C.roa
Signing time: Mon 27 Oct 2025 16:22:49 +0000
ROA not before: Mon 27 Oct 2025 16:22:44 +0000
ROA not after: Mon 01 Dec 2025 16:22:44 +0000
asID: 62240
IP address blocks: 154.195.168.0/24 maxlen: 24
154.195.169.0/24 maxlen: 24
154.195.170.0/24 maxlen: 24
154.195.171.0/24 maxlen: 24
154.195.172.0/24 maxlen: 24
154.195.173.0/24 maxlen: 24
154.195.174.0/24 maxlen: 24
154.195.175.0/24 maxlen: 24
154.195.176.0/24 maxlen: 24
154.195.177.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 30 Oct 2025 09:04:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 107849 (0x1a549)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Oct 27 16:22:44 2025 GMT
Not After : Dec 1 16:22:44 2025 GMT
Subject: CN=68ff9c59-c27c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:c8:75:7b:d7:65:9c:9c:7d:83:e4:4c:9f:20:
16:fd:0f:08:dd:4e:74:dd:44:b9:2f:cc:cf:ea:13:
e2:00:d5:a2:1d:fc:e1:ce:72:13:11:7e:68:38:2b:
6b:81:13:4a:cd:57:ac:16:9e:33:ae:54:a2:56:9b:
46:8f:38:21:8b:b2:3b:2a:d6:87:ec:02:60:36:19:
88:b9:81:2f:09:4b:3f:33:13:d1:55:af:43:92:a9:
8b:2e:93:61:5d:65:cb:f3:ed:62:4a:67:01:88:fb:
f8:ab:5d:30:0e:b7:10:bc:56:1a:56:fb:a2:83:d8:
8d:76:a8:0f:9e:b6:11:29:64:00:a7:a8:6b:1b:ba:
b8:3f:50:98:dc:fb:17:41:ee:76:ae:5c:c3:a6:4f:
5a:dd:4a:60:68:4a:e1:aa:81:9b:e9:51:af:4d:d0:
c7:d8:f7:10:d7:d9:f5:3b:06:e7:e1:ac:6a:a7:0d:
a6:e1:b9:ea:ff:14:c5:7d:0e:c4:fa:97:c4:d8:d0:
c1:01:93:33:aa:0e:fd:2d:31:fc:8c:e1:45:25:46:
33:8b:75:fa:09:dd:ba:a4:d6:73:50:4f:d6:81:a0:
81:38:9f:94:5c:58:2c:cd:d6:87:d4:f5:4a:dc:d6:
a6:73:7a:32:4f:b4:64:13:09:34:ce:28:b6:f3:83:
57:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:31:62:6F:6E:99:88:38:7D:40:0C:80:D0:52:86:41:46:DC:1D:92
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2DAFE8DEB35111F0AC6EC8E1DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.195.168.0-154.195.177.255
Signature Algorithm: sha256WithRSAEncryption
a1:88:b3:fc:13:43:d7:4e:fc:ed:ec:ef:17:af:f4:e3:08:c2:
e9:52:7a:69:5a:3b:29:3c:4b:2a:7d:4d:cb:a0:03:db:6d:91:
33:2d:03:5f:ac:43:63:ac:3b:aa:e3:9b:8c:3f:f7:52:a1:51:
09:bb:6a:11:4c:01:93:47:49:be:2c:bb:a0:38:a1:88:cb:b5:
63:0c:60:94:dc:a1:02:cc:9d:f7:95:0c:f1:a2:a1:c8:1a:2d:
a4:94:24:91:35:73:01:52:42:57:6f:4b:f8:2b:37:5c:32:08:
28:9d:f9:82:1d:83:15:f7:e1:54:a8:dd:07:df:f6:b7:cd:10:
0c:54:04:aa:7c:65:b5:54:b6:9f:79:2e:41:21:91:a3:3f:cb:
50:47:1a:23:80:15:cf:3c:13:f9:32:8c:2c:d3:53:64:fd:de:
52:d6:10:42:55:c7:f7:f7:00:59:be:3c:ce:12:db:0e:29:a1:
30:dc:70:d6:de:35:f6:e7:f1:24:58:ea:6f:df:2d:50:a4:b1:
18:45:ee:9d:69:60:76:2e:51:a1:08:cf:b8:cf:6e:62:b7:32:
4c:d4:22:4d:de:80:5b:eb:22:4e:48:18:bb:ad:38:bf:dd:52:
e5:e8:f4:48:5a:d7:a0:75:9a:98:21:78:77:9b:54:25:ed:a4:
5a:3e:99:f1
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgIDAaVJMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUxMDI3MTYyMjQ0WhcNMjUxMjAxMTYyMjQ0WjAYMRYw
FAYDVQQDEw02OGZmOWM1OS1jMjdjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxsh1e9dlnJx9g+RMnyAW/Q8I3U503US5L8zP6hPiANWiHfzhznITEX5o
OCtrgRNKzVesFp4zrlSiVptGjzghi7I7KtaH7AJgNhmIuYEvCUs/MxPRVa9DkqmL
LpNhXWXL8+1iSmcBiPv4q10wDrcQvFYaVvuig9iNdqgPnrYRKWQAp6hrG7q4P1CY
3PsXQe52rlzDpk9a3UpgaErhqoGb6VGvTdDH2PcQ19n1Owbn4axqpw2m4bnq/xTF
fQ7E+pfE2NDBAZMzqg79LTH8jOFFJUYzi3X6Cd26pNZzUE/WgaCBOJ+UXFgszdaH
1PVK3Namc3oyT7RkEwk0zii284NXxQIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFLYx
Ym9umYg4fUAMgNBShkFG3B2SMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yREFGRThERUIzNTExMUYwQUM2RUM4RTFEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAOaw6gDBAGaw7AwDQYJ
KoZIhvcNAQELBQADggEBAKGIs/wTQ9dO/O3s7xev9OMIwulSemlaOyk8Syp9Tcug
A9ttkTMtA1+sQ2OsO6rjm4w/91KhUQm7ahFMAZNHSb4su6A4oYjLtWMMYJTcoQLM
nfeVDPGiocgaLaSUJJE1cwFSQldvS/grN1wyCCid+YIdgxX34VSo3Qff9rfNEAxU
BKp8ZbVUtp95LkEhkaM/y1BHGiOAFc88E/kyjCzTU2T93lLWEEJVx/f3AFm+PM4S
2w4poTDccNbeNfbn8SRY6m/fLVCksRhF7p1pYHYuUaEIz7jPbmK3MkzUIk3egFvr
Ik5IGLutOL/dUuXo9Eha16B1mpgheHebVCXtpFo+mfE=
-----END CERTIFICATE-----
Generated at Tue Oct 28 17:04:46 2025 by rpki-client