Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/44DF22209D8211F08310547DDAE4EC9C.roa
File: 44DF22209D8211F08310547DDAE4EC9C.roa (raw, json)
Hash identifier: vF6H9OtNnztgkbOJORyHwV5kTWp7GcM5sHEUIyiRhcU=
Subject key identifier: B2:46:B2:B0:6C:7B:0E:63:BF:53:C4:2F:58:E2:D3:43:FE:97:9D:AE
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01A1A1
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/44DF22209D8211F08310547DDAE4EC9C.roa
Signing time: Mon 29 Sep 2025 22:18:48 +0000
ROA not before: Mon 29 Sep 2025 22:18:43 +0000
ROA not after: Wed 05 Nov 2025 22:18:43 +0000
asID: 49505
IP address blocks: 154.209.214.0/24 maxlen: 24
154.209.215.0/24 maxlen: 24
154.209.216.0/24 maxlen: 24
154.209.217.0/24 maxlen: 24
154.209.218.0/24 maxlen: 24
154.209.219.0/24 maxlen: 24
154.209.220.0/24 maxlen: 24
154.209.221.0/24 maxlen: 24
154.209.222.0/24 maxlen: 24
154.209.223.0/24 maxlen: 24
154.211.9.0/24 maxlen: 24
154.211.10.0/24 maxlen: 24
154.211.11.0/24 maxlen: 24
154.211.16.0/24 maxlen: 24
154.211.17.0/24 maxlen: 24
154.211.18.0/24 maxlen: 24
154.211.19.0/24 maxlen: 24
154.212.28.0/24 maxlen: 24
154.212.29.0/24 maxlen: 24
154.212.31.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 106913 (0x1a1a1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Sep 29 22:18:43 2025 GMT
Not After : Nov 5 22:18:43 2025 GMT
Subject: CN=68db05c8-d76f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:99:b2:90:69:e8:e5:c3:42:25:81:0e:51:fa:
c2:4c:a4:c8:da:14:dd:2c:f8:c1:e4:a1:a6:3f:20:
83:06:26:46:27:c9:64:f4:70:b0:02:42:f3:f2:ec:
a7:69:fd:fc:51:d0:a7:9f:8a:97:77:b3:44:fd:b1:
5e:7b:98:86:a3:d7:1f:90:66:7b:f7:65:e7:70:70:
2f:f9:8f:ff:33:9c:4f:3b:23:0b:da:06:4a:e5:58:
96:ba:d8:39:19:69:33:c1:7c:66:08:c8:c0:27:04:
c9:ba:ba:61:02:75:05:bb:b0:5c:5c:aa:b3:d2:28:
00:57:86:04:f3:10:b6:9a:a9:73:27:8a:bb:c0:d2:
ff:47:0b:f5:20:b4:f5:77:ca:5d:e8:76:c6:a4:ed:
57:b5:d9:5f:b4:41:a3:ed:38:82:48:50:0c:82:9e:
ee:ab:42:0f:ba:93:f6:66:a2:c8:a3:fd:14:41:63:
fb:97:7a:58:69:02:cb:06:82:4e:b1:06:a7:be:e0:
d3:8a:6a:de:b6:af:b4:bb:4d:23:9f:11:61:d2:94:
7a:69:58:cb:e8:35:d7:63:0b:cc:a6:fe:da:5e:3e:
c7:1c:ee:21:f4:fa:dd:05:f9:a3:35:9f:96:ff:ad:
08:92:3f:88:04:c1:b0:b2:29:c4:88:1d:9e:01:4c:
53:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:46:B2:B0:6C:7B:0E:63:BF:53:C4:2F:58:E2:D3:43:FE:97:9D:AE
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/44DF22209D8211F08310547DDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.209.214.0-154.209.223.255
154.211.9.0-154.211.11.255
154.211.16.0/22
154.212.28.0/23
154.212.31.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:95:8a:ad:8c:a3:41:83:9a:9c:4a:ad:e6:3c:52:87:76:fa:
52:f4:9b:1f:5d:f7:ed:82:ac:9b:46:d4:12:5b:7b:82:ce:92:
bd:3e:21:e6:1e:8b:97:44:1e:e3:58:39:83:9d:fb:51:33:bb:
90:d1:73:57:df:17:6b:e4:2a:c6:71:5b:66:16:04:7b:44:e4:
0c:79:e5:55:20:85:72:8a:9e:3e:76:b7:8a:fa:b3:c5:2b:29:
a3:54:f5:be:e0:aa:85:8a:d1:29:2d:69:d2:b4:71:2e:15:0f:
c1:c8:79:34:1e:b1:78:c4:fc:9c:19:36:9e:66:f4:10:b4:eb:
7a:4e:85:af:78:e9:51:0d:0e:b9:1d:6b:7f:5c:07:07:da:30:
c7:4b:fb:31:60:3f:25:de:26:40:98:d6:07:4d:44:78:e9:c1:
51:9e:c6:17:17:c7:a1:99:5d:af:6a:2f:0a:37:62:0a:71:73:
cb:e6:3c:80:f7:41:0e:c8:f9:86:50:34:cb:73:82:e5:b6:16:
96:ac:50:cb:2f:b1:d6:b6:bd:d7:3f:34:e6:33:29:6f:e0:f6:
81:60:34:0b:e9:4e:3e:2a:f8:a7:cf:39:e4:29:51:05:c4:2e:
c6:93:c9:16:e0:0f:0b:10:28:68:e9:68:64:6b:ea:21:3d:20:
9a:32:fe:4f
-----BEGIN CERTIFICATE-----
MIIFrDCCBJSgAwIBAgIDAaGhMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwOTI5MjIxODQzWhcNMjUxMTA1MjIxODQzWjAYMRYw
FAYDVQQDEw02OGRiMDVjOC1kNzZmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAw5mykGno5cNCJYEOUfrCTKTI2hTdLPjB5KGmPyCDBiZGJ8lk9HCwAkLz
8uynaf38UdCnn4qXd7NE/bFee5iGo9cfkGZ792XncHAv+Y//M5xPOyML2gZK5ViW
utg5GWkzwXxmCMjAJwTJurphAnUFu7BcXKqz0igAV4YE8xC2mqlzJ4q7wNL/Rwv1
ILT1d8pd6HbGpO1XtdlftEGj7TiCSFAMgp7uq0IPupP2ZqLIo/0UQWP7l3pYaQLL
BoJOsQanvuDTimretq+0u00jnxFh0pR6aVjL6DXXYwvMpv7aXj7HHO4h9PrdBfmj
NZ+W/60Ikj+IBMGwsinEiB2eAUxTFQIDAQABo4ICzTCCAskwHQYDVR0OBBYEFLJG
srBsew5jv1PEL1ji00P+l52uMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80NERGMjIyMDlEODIxMUYwODMxMDU0N0REQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAATAuMAwDBAGa0dYDBAWa0cAwDAME
AJrTCQMEAprTCAMEAprTEAMEAZrUHAMEAJrUHzANBgkqhkiG9w0BAQsFAAOCAQEA
KpWKrYyjQYOanEqt5jxSh3b6UvSbH1337YKsm0bUElt7gs6SvT4h5h6Ll0Qe41g5
g537UTO7kNFzV98Xa+QqxnFbZhYEe0TkDHnlVSCFcoqePna3ivqzxSspo1T1vuCq
hYrRKS1p0rRxLhUPwch5NB6xeMT8nBk2nmb0ELTrek6Fr3jpUQ0OuR1rf1wHB9ow
x0v7MWA/Jd4mQJjWB01EeOnBUZ7GFxfHoZldr2ovCjdiCnFzy+Y8gPdBDsj5hlA0
y3OC5bYWlqxQyy+x1ra91z805jMpb+D2gWA0C+lOPir4p8855ClRBcQuxpPJFuAP
CxAoaOloZGvqIT0gmjL+Tw==
-----END CERTIFICATE-----
Generated at Sun Oct 19 08:51:27 2025 by rpki-client