Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/356196F89D8111F084603378DAE4EC9C.roa
File: 356196F89D8111F084603378DAE4EC9C.roa (raw, json)
Hash identifier: /eYGnPpX/VrAyna8t/kOzzk7u4hwA9Bw5A4IfIDO/hU=
Subject key identifier: A9:89:CB:37:39:72:5D:26:7E:0B:3D:13:C9:AD:AE:F2:5A:E4:30:85
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01A19F
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/356196F89D8111F084603378DAE4EC9C.roa
Signing time: Mon 29 Sep 2025 22:11:13 +0000
ROA not before: Mon 29 Sep 2025 22:11:05 +0000
ROA not after: Wed 05 Nov 2025 22:11:05 +0000
asID: 49505
IP address blocks: 154.205.244.0/24 maxlen: 24
154.205.245.0/24 maxlen: 24
154.205.246.0/24 maxlen: 24
154.205.247.0/24 maxlen: 24
154.209.208.0/24 maxlen: 24
154.209.209.0/24 maxlen: 24
154.209.210.0/24 maxlen: 24
154.209.211.0/24 maxlen: 24
154.209.212.0/24 maxlen: 24
154.209.213.0/24 maxlen: 24
154.223.198.0/24 maxlen: 24
154.223.199.0/24 maxlen: 24
154.223.200.0/24 maxlen: 24
154.223.201.0/24 maxlen: 24
154.223.202.0/24 maxlen: 24
154.223.203.0/24 maxlen: 24
154.223.204.0/24 maxlen: 24
154.223.205.0/24 maxlen: 24
154.223.206.0/24 maxlen: 24
154.223.207.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 106911 (0x1a19f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Sep 29 22:11:05 2025 GMT
Not After : Nov 5 22:11:05 2025 GMT
Subject: CN=68db0400-0b16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:11:7a:72:3c:3c:6a:18:a3:f1:0b:a3:4c:43:
6d:7c:e3:77:7f:cf:1f:a2:f5:53:4a:ad:58:c5:31:
55:3b:60:30:3c:0f:7c:66:67:4e:59:82:e3:db:55:
e3:66:07:ba:8f:76:85:2f:86:27:2e:72:5c:2d:de:
c4:ed:f9:81:4c:00:22:9d:a4:03:ea:ff:1d:53:a6:
be:d9:0b:2d:5c:eb:7f:59:b5:9a:27:be:1e:6c:d7:
55:e3:f0:a4:d3:7b:6c:e1:49:5b:24:c7:c5:41:af:
82:79:32:f3:4e:31:77:12:e0:3e:ff:3b:44:62:3c:
f1:2e:cb:1b:67:7d:08:25:19:f3:75:a1:a5:3f:a3:
e4:d1:2c:1c:f0:14:98:15:26:05:79:9d:cb:bc:07:
93:1b:0b:d3:a3:0c:8b:2d:e3:44:2e:50:cc:4c:d2:
a8:ab:fc:1c:a5:56:73:29:4e:12:55:1c:e2:31:f6:
6c:cc:ae:d2:ea:2d:d4:16:84:3c:0d:33:e9:0b:97:
2b:f7:f1:4c:a9:2e:54:be:e3:42:13:50:6f:ab:d8:
8d:54:ff:c0:f2:d2:a6:48:fb:8b:31:56:58:25:20:
07:a4:9d:3c:ff:5f:2d:42:ea:55:de:c4:b0:0c:e9:
e2:20:f2:fa:3d:6e:39:fc:68:98:a7:14:0c:b3:79:
44:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:89:CB:37:39:72:5D:26:7E:0B:3D:13:C9:AD:AE:F2:5A:E4:30:85
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/356196F89D8111F084603378DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.205.244.0/22
154.209.208.0-154.209.213.255
154.223.198.0-154.223.207.255
Signature Algorithm: sha256WithRSAEncryption
a5:0d:d8:b2:c1:0b:62:cb:8d:e0:50:50:73:45:06:15:b6:2f:
fb:c6:a3:15:38:6d:67:d2:c9:c4:68:a0:00:6d:19:f3:cc:a6:
0a:b2:ca:c4:d4:ec:35:ac:63:42:a4:3c:11:4b:8a:bf:bc:52:
4e:10:bb:cf:67:eb:c6:85:3e:ff:c3:50:cd:d0:f1:e2:91:bd:
87:78:8f:4d:c4:3c:33:23:b7:1d:62:89:cd:66:05:6b:92:fe:
12:87:7a:95:d1:80:7e:ab:7e:78:68:fc:71:e5:86:56:c0:4d:
46:19:5b:62:3b:f2:3d:ac:27:a5:95:f1:8b:95:ca:5e:74:a5:
16:23:60:9f:4f:c6:5b:42:b6:0f:8b:21:30:58:13:53:7b:45:
f6:1f:6d:a0:27:9d:05:fc:87:41:3c:67:e3:e9:55:81:36:bc:
d3:4f:02:8c:33:32:46:64:be:39:30:15:47:75:14:67:c7:2c:
28:96:30:bf:9a:05:3e:b2:d6:a1:73:e0:2b:83:97:6d:3b:1e:
61:b3:93:b5:1c:6f:48:50:a0:49:b2:9c:c5:a7:67:3d:e9:41:
26:00:b3:2c:59:27:cc:3e:0f:c3:36:4f:a5:63:db:b4:21:2c:
9f:57:99:9e:79:14:b2:69:2a:6a:39:af:1c:ee:9d:50:af:02:
24:bd:9c:d3
-----BEGIN CERTIFICATE-----
MIIFoDCCBIigAwIBAgIDAaGfMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwOTI5MjIxMTA1WhcNMjUxMTA1MjIxMTA1WjAYMRYw
FAYDVQQDEw02OGRiMDQwMC0wYjE2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsRF6cjw8ahij8QujTENtfON3f88fovVTSq1YxTFVO2AwPA98ZmdOWYLj
21XjZge6j3aFL4YnLnJcLd7E7fmBTAAinaQD6v8dU6a+2QstXOt/WbWaJ74ebNdV
4/Ck03ts4UlbJMfFQa+CeTLzTjF3EuA+/ztEYjzxLssbZ30IJRnzdaGlP6Pk0Swc
8BSYFSYFeZ3LvAeTGwvTowyLLeNELlDMTNKoq/wcpVZzKU4SVRziMfZszK7S6i3U
FoQ8DTPpC5cr9/FMqS5UvuNCE1Bvq9iNVP/A8tKmSPuLMVZYJSAHpJ08/18tQupV
3sSwDOniIPL6PW45/GiYpxQMs3lEEQIDAQABo4ICwTCCAr0wHQYDVR0OBBYEFKmJ
yzc5cl0mfgs9E8mtrvJa5DCFMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zNTYxOTZGODlEODExMUYwODQ2MDMzNzhEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiAwQCms30MAwDBASa0dADBAGa
0dQwDAMEAZrfxgMEBJrfwDANBgkqhkiG9w0BAQsFAAOCAQEApQ3YssELYsuN4FBQ
c0UGFbYv+8ajFThtZ9LJxGigAG0Z88ymCrLKxNTsNaxjQqQ8EUuKv7xSThC7z2fr
xoU+/8NQzdDx4pG9h3iPTcQ8MyO3HWKJzWYFa5L+Eod6ldGAfqt+eGj8ceWGVsBN
RhlbYjvyPawnpZXxi5XKXnSlFiNgn0/GW0K2D4shMFgTU3tF9h9toCedBfyHQTxn
4+lVgTa8008CjDMyRmS+OTAVR3UUZ8csKJYwv5oFPrLWoXPgK4OXbTseYbOTtRxv
SFCgSbKcxadnPelBJgCzLFknzD4PwzZPpWPbtCEsn1eZnnkUsmkqajmvHO6dUK8C
JL2c0w==
-----END CERTIFICATE-----
Generated at Sun Oct 19 08:51:29 2025 by rpki-client