Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/339444FC9D8A11F0B32BAEB0DAE4EC9C.roa
File: 339444FC9D8A11F0B32BAEB0DAE4EC9C.roa (raw, json)
Hash identifier: Ev/cMaxJa+DnxGyds3uPXAAXbeB3sCzsV/V41uVNXNI=
Subject key identifier: 41:FA:BC:F3:DB:2A:85:86:A7:99:E4:5C:A6:7F:7C:D0:A5:CB:B0:AD
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01A1B1
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/339444FC9D8A11F0B32BAEB0DAE4EC9C.roa
Signing time: Mon 29 Sep 2025 23:15:35 +0000
ROA not before: Mon 29 Sep 2025 23:15:30 +0000
ROA not after: Wed 05 Nov 2025 23:15:30 +0000
asID: 202656
IP address blocks: 154.218.25.0/24 maxlen: 24
154.218.26.0/24 maxlen: 24
154.218.31.0/24 maxlen: 24
154.219.237.0/24 maxlen: 24
154.219.238.0/24 maxlen: 24
154.219.239.0/24 maxlen: 24
154.219.240.0/24 maxlen: 24
154.219.241.0/24 maxlen: 24
154.219.242.0/24 maxlen: 24
154.219.243.0/24 maxlen: 24
154.219.244.0/24 maxlen: 24
154.219.248.0/24 maxlen: 24
154.221.50.0/24 maxlen: 24
154.221.51.0/24 maxlen: 24
154.222.200.0/24 maxlen: 24
154.222.201.0/24 maxlen: 24
154.222.202.0/24 maxlen: 24
154.222.203.0/24 maxlen: 24
154.222.204.0/24 maxlen: 24
154.222.205.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 106929 (0x1a1b1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Sep 29 23:15:30 2025 GMT
Not After : Nov 5 23:15:30 2025 GMT
Subject: CN=68db1317-abd5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:e3:83:2d:a6:00:17:09:44:e3:81:96:21:47:
1c:f5:15:2b:0d:cb:7b:e5:78:56:87:3e:62:7a:15:
d4:d5:9c:c7:af:1e:a2:b0:10:c5:53:42:bf:50:4d:
15:8c:69:a7:0e:05:08:24:1a:40:e4:fc:17:80:4f:
a8:03:0c:11:3b:c9:78:a9:44:c4:1f:ab:0d:53:f7:
83:35:e2:f8:0c:a6:a9:33:df:bc:68:84:c5:ec:4b:
ff:2e:91:87:d3:01:a6:6b:a4:b3:16:ac:7c:8a:db:
84:31:94:9c:ca:fa:6c:7f:19:bd:b7:52:63:f9:ac:
dc:53:b6:e4:82:cf:c9:5e:65:af:52:0d:cf:09:fa:
b2:ab:31:83:c8:92:4f:72:4e:ed:e4:34:41:75:a0:
c9:46:87:4d:df:58:08:7d:07:ff:09:bb:79:d6:e0:
a9:23:4a:3f:26:18:ee:72:7e:49:2c:b1:2c:d6:14:
ff:5c:cd:40:6e:f9:07:50:e3:02:91:00:99:32:49:
b4:3e:35:41:ab:ca:d3:db:ef:00:39:5e:9f:ee:37:
8b:4f:75:5b:68:d8:a4:fb:f8:a0:73:62:12:9b:b2:
ff:a7:25:d1:62:4c:ec:cf:f5:d6:0d:11:0a:35:17:
86:38:86:df:3c:0c:f4:6c:21:6e:2c:cb:97:f3:fc:
53:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:FA:BC:F3:DB:2A:85:86:A7:99:E4:5C:A6:7F:7C:D0:A5:CB:B0:AD
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/339444FC9D8A11F0B32BAEB0DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.218.25.0-154.218.26.255
154.218.31.0/24
154.219.237.0-154.219.244.255
154.219.248.0/24
154.221.50.0/23
154.222.200.0-154.222.205.255
Signature Algorithm: sha256WithRSAEncryption
d4:a6:cd:c8:4a:51:39:f0:b0:5e:be:af:ed:ac:ea:c0:a8:62:
9e:d2:14:5a:c4:83:1f:c8:aa:9b:74:68:98:84:a3:eb:c5:64:
a9:28:92:f4:d1:3c:9a:88:9f:d7:00:85:18:26:2f:56:25:34:
78:5a:2f:07:52:7d:3a:61:d9:30:41:26:fd:c6:81:6d:25:75:
0b:c7:74:f3:c1:b7:02:7f:de:c5:03:f9:e3:79:71:32:b9:98:
a9:00:a8:94:37:31:eb:9f:19:22:64:c6:47:9a:68:05:1f:af:
a3:51:c1:56:5b:d9:17:4d:df:f2:62:da:40:1d:cb:5e:58:47:
36:db:70:f4:03:8a:c7:a1:44:a4:17:8e:81:15:8a:b0:9f:bb:
9f:a7:27:d1:ac:ea:c8:80:f4:a2:c0:14:86:f7:43:64:df:d9:
fb:3a:2a:74:7c:c6:eb:98:f8:70:ed:95:bc:4e:1a:b0:d7:73:
5e:b2:80:47:7e:31:4a:56:b6:19:83:6b:b7:3e:13:4a:ed:f0:
05:62:26:0a:00:01:70:9d:1a:ac:79:39:ba:f8:f9:c3:ac:58:
bf:32:0a:fb:b9:43:39:7d:6c:35:75:db:76:d3:31:2c:21:e2:
b7:50:fe:30:52:6c:90:a1:70:1c:d9:87:55:9a:0a:ad:08:77:
31:20:e2:1b
-----BEGIN CERTIFICATE-----
MIIFujCCBKKgAwIBAgIDAaGxMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwOTI5MjMxNTMwWhcNMjUxMTA1MjMxNTMwWjAYMRYw
FAYDVQQDEw02OGRiMTMxNy1hYmQ1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAt+ODLaYAFwlE44GWIUcc9RUrDct75XhWhz5iehXU1ZzHrx6isBDFU0K/
UE0VjGmnDgUIJBpA5PwXgE+oAwwRO8l4qUTEH6sNU/eDNeL4DKapM9+8aITF7Ev/
LpGH0wGma6SzFqx8ituEMZScyvpsfxm9t1Jj+azcU7bkgs/JXmWvUg3PCfqyqzGD
yJJPck7t5DRBdaDJRodN31gIfQf/Cbt51uCpI0o/Jhjucn5JLLEs1hT/XM1AbvkH
UOMCkQCZMkm0PjVBq8rT2+8AOV6f7jeLT3VbaNik+/igc2ISm7L/pyXRYkzsz/XW
DREKNReGOIbfPAz0bCFuLMuX8/xTlQIDAQABo4IC2zCCAtcwHQYDVR0OBBYEFEH6
vPPbKoWGp5nkXKZ/fNCly7CtMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zMzk0NDRGQzlEOEExMUYwQjMyQkFFQjBEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8MAwDBACa2hkDBACa2hoDBACa
2h8wDAMEAJrb7QMEAJrb9AMEAJrb+AMEAZrdMjAMAwQDmt7IAwQBmt7MMA0GCSqG
SIb3DQEBCwUAA4IBAQDUps3ISlE58LBevq/trOrAqGKe0hRaxIMfyKqbdGiYhKPr
xWSpKJL00TyaiJ/XAIUYJi9WJTR4Wi8HUn06YdkwQSb9xoFtJXULx3TzwbcCf97F
A/njeXEyuZipAKiUNzHrnxkiZMZHmmgFH6+jUcFWW9kXTd/yYtpAHcteWEc223D0
A4rHoUSkF46BFYqwn7ufpyfRrOrIgPSiwBSG90Nk39n7Oip0fMbrmPhw7ZW8Thqw
13NesoBHfjFKVrYZg2u3PhNK7fAFYiYKAAFwnRqseTm6+PnDrFi/Mgr7uUM5fWw1
ddt20zEsIeK3UP4wUmyQoXAc2YdVmgqtCHcxIOIb
-----END CERTIFICATE-----
Generated at Sun Oct 19 11:34:12 2025 by rpki-client