Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/478E01DE995011F0B95997D7DAE4EC9C.roa
File: 478E01DE995011F0B95997D7DAE4EC9C.roa (raw, json)
Hash identifier: Hw6ifCSfokgE5qrMJr/kPU1t2M70IHQ9g0B73ekMFYI=
Subject key identifier: 78:32:16:CE:47:E1:35:BF:88:AC:51:FC:2E:3F:F2:77:A2:04:4E:B9
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01A07E
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/478E01DE995011F0B95997D7DAE4EC9C.roa
Signing time: Wed 24 Sep 2025 14:10:53 +0000
ROA not before: Wed 24 Sep 2025 14:10:48 +0000
ROA not after: Wed 29 Oct 2025 14:10:48 +0000
asID: 214143
IP address blocks: 154.197.25.0/24 maxlen: 24
154.197.90.0/24 maxlen: 24
154.197.127.0/24 maxlen: 24
154.200.72.0/21 maxlen: 24
154.200.109.0/24 maxlen: 24
154.203.196.0/22 maxlen: 24
154.203.208.0/22 maxlen: 24
154.203.240.0/24 maxlen: 24
154.205.248.0/22 maxlen: 24
154.206.4.0/22 maxlen: 24
154.208.72.0/22 maxlen: 24
154.222.72.0/23 maxlen: 24
154.222.74.0/23 maxlen: 24
154.222.80.0/23 maxlen: 24
154.222.82.0/23 maxlen: 24
154.222.84.0/23 maxlen: 24
154.223.232.0/21 maxlen: 24
154.223.248.0/21 maxlen: 24
154.223.248.0/22 maxlen: 24
154.223.252.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 106622 (0x1a07e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Sep 24 14:10:48 2025 GMT
Not After : Oct 29 14:10:48 2025 GMT
Subject: CN=68d3fbed-f695
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:08:03:53:4b:f4:97:0a:af:76:91:21:df:ea:
c3:ac:45:08:81:40:e7:07:74:40:af:e9:ec:75:6b:
1d:cb:5b:cd:50:df:6c:d8:ff:5f:9c:9a:ec:29:65:
2a:ca:ef:38:ec:f8:d8:0a:6d:72:8b:9e:8c:e8:7a:
1d:64:b6:1a:01:55:4e:d9:4a:6a:0d:8d:f3:6a:8d:
9b:26:2c:d1:98:d7:5f:9d:79:80:db:96:da:98:83:
68:82:d0:9a:dd:6d:47:90:27:b4:fb:a0:a4:7a:4d:
eb:65:2b:65:a6:df:0f:83:f1:e9:c7:05:7f:10:6b:
d7:87:46:7a:e0:c3:9c:19:1a:8f:00:90:68:d3:c8:
24:a9:02:2a:45:f6:22:1e:52:56:f3:76:e6:19:ca:
45:2a:db:d8:47:16:b5:57:ac:70:8e:01:92:b6:76:
47:26:a2:85:f1:85:ad:e9:c5:f6:f0:4f:91:9b:ec:
42:6b:17:c9:f8:e4:85:49:a2:8c:37:e7:8f:a7:5f:
46:33:a1:6a:07:d1:07:67:15:54:1f:8c:f0:0a:4f:
fe:8e:5e:b6:3b:19:4d:d8:0f:d0:9e:2c:fc:f5:43:
36:06:0e:c6:4f:5d:19:24:08:f4:79:d6:ed:e1:19:
ae:17:ba:19:1b:1e:cd:8d:9a:e0:68:79:ec:f4:5d:
14:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:32:16:CE:47:E1:35:BF:88:AC:51:FC:2E:3F:F2:77:A2:04:4E:B9
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/478E01DE995011F0B95997D7DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.197.25.0/24
154.197.90.0/24
154.197.127.0/24
154.200.72.0/21
154.200.109.0/24
154.203.196.0/22
154.203.208.0/22
154.203.240.0/24
154.205.248.0/22
154.206.4.0/22
154.208.72.0/22
154.222.72.0/22
154.222.80.0-154.222.85.255
154.223.232.0/21
154.223.248.0/21
Signature Algorithm: sha256WithRSAEncryption
60:ca:8a:1e:db:fe:30:f8:b0:3e:97:ff:9b:db:78:79:42:af:
03:06:b8:62:25:00:77:aa:6a:45:2e:6c:17:f8:ff:36:31:0e:
a4:8f:38:26:07:22:9f:47:ab:86:0e:b5:2a:49:97:e5:1e:7b:
23:bb:16:d3:47:9d:7e:0b:55:3f:45:c1:48:f9:e5:97:9a:06:
21:01:4a:9e:3b:a7:90:3f:ea:29:1f:ea:66:c8:ae:67:1f:e2:
36:59:33:e8:fa:78:cf:4b:9b:42:82:4b:a7:65:50:2a:09:09:
db:85:08:bc:1d:a3:bc:e5:3c:da:fa:7f:b4:1a:01:f3:08:ca:
d3:45:d3:3f:04:57:09:7c:ef:5e:2b:33:6b:de:23:c1:a3:9d:
32:17:1b:ea:86:f1:94:94:82:88:3d:84:a6:05:ae:da:ec:8d:
58:d3:53:ed:67:69:e1:aa:f6:df:3f:47:7a:ef:96:af:97:cd:
10:97:f0:ca:eb:76:77:ef:ba:f0:95:73:57:87:50:59:90:73:
74:e4:b9:23:93:6f:c6:4a:05:bc:38:e6:96:d6:f8:e9:ea:a6:
60:09:41:89:a4:0b:ff:72:37:ff:f1:50:9c:6a:a0:94:aa:5c:
94:78:de:1b:33:44:3b:3e:65:25:79:4d:4f:f9:9a:66:5c:a9:
4f:70:d8:ec
-----BEGIN CERTIFICATE-----
MIIF4DCCBMigAwIBAgIDAaB+MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwOTI0MTQxMDQ4WhcNMjUxMDI5MTQxMDQ4WjAYMRYw
FAYDVQQDEw02OGQzZmJlZC1mNjk1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqQgDU0v0lwqvdpEh3+rDrEUIgUDnB3RAr+nsdWsdy1vNUN9s2P9fnJrs
KWUqyu847PjYCm1yi56M6HodZLYaAVVO2UpqDY3zao2bJizRmNdfnXmA25bamINo
gtCa3W1HkCe0+6Ckek3rZStlpt8Pg/HpxwV/EGvXh0Z64MOcGRqPAJBo08gkqQIq
RfYiHlJW83bmGcpFKtvYRxa1V6xwjgGStnZHJqKF8YWt6cX28E+Rm+xCaxfJ+OSF
SaKMN+ePp19GM6FqB9EHZxVUH4zwCk/+jl62OxlN2A/Qniz89UM2Bg7GT10ZJAj0
edbt4RmuF7oZGx7NjZrgaHns9F0UWQIDAQABo4IDATCCAv0wHQYDVR0OBBYEFHgy
Fs5H4TW/iKxR/C4/8neiBE65MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80NzhFMDFERTk5NTAxMUYwQjk1OTk3RDdEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMHsGCCsGAQUFBwEHAQH/BGwwajBoBAIAATBiAwQAmsUZAwQAmsVaAwQAmsV/
AwQDmshIAwQAmshtAwQCmsvEAwQCmsvQAwQAmsvwAwQCms34AwQCms4EAwQCmtBI
AwQCmt5IMAwDBASa3lADBAGa3lQDBAOa3+gDBAOa3/gwDQYJKoZIhvcNAQELBQAD
ggEBAGDKih7b/jD4sD6X/5vbeHlCrwMGuGIlAHeqakUubBf4/zYxDqSPOCYHIp9H
q4YOtSpJl+UeeyO7FtNHnX4LVT9FwUj55ZeaBiEBSp47p5A/6ikf6mbIrmcf4jZZ
M+j6eM9Lm0KCS6dlUCoJCduFCLwdo7zlPNr6f7QaAfMIytNF0z8EVwl8714rM2ve
I8GjnTIXG+qG8ZSUgog9hKYFrtrsjVjTU+1naeGq9t8/R3rvlq+XzRCX8Mrrdnfv
uvCVc1eHUFmQc3TkuSOTb8ZKBbw45pbW+OnqpmAJQYmkC/9yN//xUJxqoJSqXJR4
3hszRDs+ZSV5TU/5mmZcqU9w2Ow=
-----END CERTIFICATE-----
Generated at Sun Oct 19 08:52:50 2025 by rpki-client