Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2DD12C54AB5B11F0A109BB8BDAE4EC9C.roa
File: 2DD12C54AB5B11F0A109BB8BDAE4EC9C.roa (raw, json)
Hash identifier: zNJMCyt2clis4K6krbVFcB0KNs2NcKIMTO7yQ8XuVtk=
Subject key identifier: 3D:86:B9:80:86:FD:C7:68:AA:EA:16:97:EE:40:C8:39:61:15:F6:60
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01A42A
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2DD12C54AB5B11F0A109BB8BDAE4EC9C.roa
Signing time: Fri 17 Oct 2025 13:14:15 +0000
ROA not before: Fri 17 Oct 2025 13:14:08 +0000
ROA not after: Mon 24 Nov 2025 13:14:08 +0000
asID: 139923
IP address blocks: 154.217.240.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 107562 (0x1a42a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Oct 17 13:14:08 2025 GMT
Not After : Nov 24 13:14:08 2025 GMT
Subject: CN=68f24127-fade
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:f7:3d:cf:65:2b:1c:df:fb:ab:b6:24:0e:0c:
1b:cc:b7:a9:10:fe:c0:27:23:93:92:86:9f:d3:dc:
a6:52:47:0f:63:af:f3:56:39:c5:28:e0:24:c8:85:
d8:01:c6:fe:8f:a1:fb:5b:96:d7:47:ad:c6:a6:ce:
1c:67:fa:9f:eb:9f:7c:89:52:e3:33:f2:81:ca:ec:
13:5b:6c:c7:cb:50:bf:6b:38:ca:a8:d1:90:f6:76:
c3:e4:c9:b0:90:ac:44:5b:5e:ea:58:76:4d:1f:92:
e2:dc:33:bb:a0:ca:59:63:8c:02:6e:7f:80:e9:a7:
6b:61:7c:9d:bb:1e:63:4b:a4:8a:1d:41:23:9e:b8:
50:a1:cc:af:28:20:63:c1:ce:ac:a7:71:11:c6:ea:
06:28:e2:ad:0f:60:a1:1e:0f:d4:43:08:a0:fa:32:
50:6b:89:c4:0d:e0:06:e4:7d:db:61:0e:ba:62:e9:
e3:ae:93:37:10:e0:ad:05:5a:bd:fc:73:e7:47:10:
10:c4:74:78:6e:b1:1c:b0:3d:55:3e:4d:df:a5:fd:
70:b4:f7:e2:a3:df:6b:91:1f:5c:dd:43:31:14:f0:
8c:5c:93:7d:ef:f7:30:2e:a3:03:24:e8:82:a0:67:
1c:f9:c8:e1:c9:9c:65:d6:cd:36:58:30:7f:fe:aa:
be:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:86:B9:80:86:FD:C7:68:AA:EA:16:97:EE:40:C8:39:61:15:F6:60
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2DD12C54AB5B11F0A109BB8BDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.217.240.0/21
Signature Algorithm: sha256WithRSAEncryption
bd:75:bf:ee:96:c6:5c:04:3d:8b:0a:bb:3a:a5:1d:91:1e:60:
b7:b4:d8:71:82:87:1d:aa:80:7e:76:ac:22:82:04:f9:2c:ca:
96:8b:bb:de:18:ab:f0:7e:98:44:87:a2:cb:02:9f:db:90:a1:
5b:04:a0:44:3a:0b:72:f0:47:5b:41:f5:55:50:96:82:56:d1:
c8:d7:c8:cf:68:63:15:4f:e9:96:3c:4c:fc:a4:ae:e6:2e:98:
e8:e2:97:01:ed:79:12:f4:b8:45:ea:11:53:c5:96:73:88:19:
56:7c:e4:a7:ab:04:e0:f3:bc:d5:15:2f:95:83:ec:6d:ca:cd:
c6:31:7d:25:3f:97:6f:fb:e8:79:af:15:a6:f4:4f:c4:46:a3:
04:58:ea:79:ae:3e:44:67:74:9b:b8:5d:68:2c:04:0f:bc:02:
11:ee:24:1f:73:30:d4:a3:b1:8b:c9:3c:09:53:27:b9:cb:e8:
dd:3b:6c:bd:f6:18:b6:07:ac:58:07:7f:c8:93:e2:27:b6:e3:
ec:18:30:ef:6b:9c:68:02:fa:83:95:7a:3c:72:06:9d:a2:9c:
54:a7:32:07:05:56:2f:71:85:2f:73:d7:3c:bc:78:6b:e8:c3:
b2:54:27:4c:d7:34:5f:c7:8e:33:6f:aa:23:d3:bc:43:08:ca:
c1:2e:1a:46
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAaQqMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUxMDE3MTMxNDA4WhcNMjUxMTI0MTMxNDA4WjAYMRYw
FAYDVQQDEw02OGYyNDEyNy1mYWRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2/c9z2UrHN/7q7YkDgwbzLepEP7AJyOTkoaf09ymUkcPY6/zVjnFKOAk
yIXYAcb+j6H7W5bXR63Gps4cZ/qf6598iVLjM/KByuwTW2zHy1C/azjKqNGQ9nbD
5MmwkKxEW17qWHZNH5Li3DO7oMpZY4wCbn+A6adrYXydux5jS6SKHUEjnrhQocyv
KCBjwc6sp3ERxuoGKOKtD2ChHg/UQwig+jJQa4nEDeAG5H3bYQ66YunjrpM3EOCt
BVq9/HPnRxAQxHR4brEcsD1VPk3fpf1wtPfio99rkR9c3UMxFPCMXJN97/cwLqMD
JOiCoGcc+cjhyZxl1s02WDB//qq+4QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFD2G
uYCG/cdoquoWl+5AyDlhFfZgMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yREQxMkM1NEFCNUIxMUYwQTEwOUJCOEJEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDmtnwMA0GCSqGSIb3DQEB
CwUAA4IBAQC9db/ulsZcBD2LCrs6pR2RHmC3tNhxgocdqoB+dqwiggT5LMqWi7ve
GKvwfphEh6LLAp/bkKFbBKBEOgty8EdbQfVVUJaCVtHI18jPaGMVT+mWPEz8pK7m
Lpjo4pcB7XkS9LhF6hFTxZZziBlWfOSnqwTg87zVFS+Vg+xtys3GMX0lP5dv++h5
rxWm9E/ERqMEWOp5rj5EZ3SbuF1oLAQPvAIR7iQfczDUo7GLyTwJUye5y+jdO2y9
9hi2B6xYB3/Ik+IntuPsGDDva5xoAvqDlXo8cgadopxUpzIHBVYvcYUvc9c8vHhr
6MOyVCdM1zRfx44zb6oj07xDCMrBLhpG
-----END CERTIFICATE-----
Generated at Sun Oct 19 11:34:01 2025 by rpki-client