Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4970AD5E996811F09D038CEFDAE4EC9C.roa
File: 4970AD5E996811F09D038CEFDAE4EC9C.roa (raw, json)
Hash identifier: PSuK1BxEvgdTuzS70NPYuB0amDszLcXXWSI0btMUwbc=
Subject key identifier: BC:D0:09:0E:2D:33:E0:FD:68:9C:CF:2B:07:38:67:DA:AD:53:F7:38
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01A09A
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4970AD5E996811F09D038CEFDAE4EC9C.roa
Signing time: Wed 24 Sep 2025 17:02:44 +0000
ROA not before: Wed 24 Sep 2025 17:02:38 +0000
ROA not after: Thu 30 Oct 2025 17:02:38 +0000
asID: 401783
IP address blocks: 154.193.2.0/24 maxlen: 24
154.194.195.0/24 maxlen: 24
154.196.134.0/24 maxlen: 24
154.196.160.0/24 maxlen: 24
154.199.4.0/24 maxlen: 24
154.200.1.0/24 maxlen: 24
154.200.37.0/24 maxlen: 24
154.200.46.0/24 maxlen: 24
154.200.48.0/24 maxlen: 24
154.200.53.0/24 maxlen: 24
154.200.54.0/24 maxlen: 24
154.200.60.0/24 maxlen: 24
154.200.129.0/24 maxlen: 24
154.200.130.0/24 maxlen: 24
154.200.154.0/24 maxlen: 24
154.200.156.0/24 maxlen: 24
154.200.157.0/24 maxlen: 24
154.200.158.0/24 maxlen: 24
154.200.159.0/24 maxlen: 24
154.211.211.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 106650 (0x1a09a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Sep 24 17:02:38 2025 GMT
Not After : Oct 30 17:02:38 2025 GMT
Subject: CN=68d42434-0f02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:28:fa:54:68:c6:22:8e:b8:76:f1:fa:81:9e:
57:f7:13:64:15:f2:b4:f1:16:a9:85:6a:a4:7f:7b:
aa:7f:12:ba:0a:b8:f6:15:21:b2:60:dd:11:7c:ad:
23:f0:ef:90:ef:e2:cf:44:82:70:db:81:43:c7:92:
8f:3c:80:37:e6:59:4f:7a:83:1f:52:ec:61:6a:a4:
55:40:c7:bf:7a:3b:59:fe:a2:cd:d9:4a:e3:a9:8f:
f7:5e:3c:8d:1b:3c:55:d5:08:26:34:17:99:e9:96:
e1:da:c3:b2:d9:9c:a4:9e:4d:ba:44:4e:84:b6:43:
78:15:3e:f5:db:3b:50:44:34:8a:bb:0d:49:54:81:
53:b4:29:4b:f5:06:c7:5a:28:5c:29:59:b2:00:e4:
6e:4b:42:31:21:4e:b8:19:27:14:08:07:6e:a3:63:
f4:08:65:2a:74:75:b9:79:5d:c2:9e:7c:d9:7f:2b:
dc:2f:72:df:be:b0:ad:b1:f6:67:1d:f1:1e:f3:76:
6c:ff:15:5a:74:f2:23:43:e0:fa:47:a8:21:77:53:
ae:8e:77:ee:ad:8f:c7:3b:3f:4a:bc:b2:2d:df:6c:
98:b2:13:3f:db:84:21:0e:7b:b6:a0:95:ab:f9:84:
15:24:cb:33:3b:63:7a:42:68:87:6d:6c:4e:39:ef:
f4:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:D0:09:0E:2D:33:E0:FD:68:9C:CF:2B:07:38:67:DA:AD:53:F7:38
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4970AD5E996811F09D038CEFDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.193.2.0/24
154.194.195.0/24
154.196.134.0/24
154.196.160.0/24
154.199.4.0/24
154.200.1.0/24
154.200.37.0/24
154.200.46.0/24
154.200.48.0/24
154.200.53.0-154.200.54.255
154.200.60.0/24
154.200.129.0-154.200.130.255
154.200.154.0/24
154.200.156.0/22
154.211.211.0/24
Signature Algorithm: sha256WithRSAEncryption
19:e1:33:07:1f:84:83:f0:a3:15:5c:d0:12:20:17:f4:e8:fa:
10:bd:6e:af:8f:2f:fb:e2:0e:9e:93:5b:0c:a9:cd:a1:ed:3b:
4f:ac:2b:60:a0:0c:b3:a5:68:10:75:72:2f:08:ff:ea:ae:6c:
51:e2:98:87:cb:06:f3:67:c1:8d:13:73:43:64:8c:a4:ab:bb:
6c:5a:8e:c4:3d:6c:49:6f:16:5b:98:89:2c:61:93:51:b3:e9:
08:d2:c2:b7:3d:21:a0:4c:d1:27:a8:be:75:a1:18:d4:2a:09:
1b:83:bc:2a:cb:0f:c8:04:ac:25:79:56:07:db:5c:5c:2b:d4:
cc:7c:28:ed:a9:c1:a3:0c:55:b3:51:1b:e2:66:7d:af:dc:26:
8f:86:75:d1:a2:87:47:e0:77:d6:61:73:6a:62:86:40:93:24:
e0:66:0d:7d:26:d8:61:11:34:24:fe:1d:da:01:c2:7a:23:7e:
52:b0:5c:27:6d:c5:7a:12:3f:68:2e:69:a7:41:f6:ca:c0:1d:
3c:56:0d:2e:b1:7e:2f:ac:ff:17:7f:e2:e1:08:f2:74:4e:c6:
01:6a:69:98:4e:0d:e9:b9:77:73:c0:92:2b:f3:f1:2d:31:e0:
25:51:ac:b4:46:72:20:96:b9:e5:d7:de:0d:4f:6e:f1:d5:7a:
b6:7b:ef:c4
-----BEGIN CERTIFICATE-----
MIIF6TCCBNGgAwIBAgIDAaCaMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwOTI0MTcwMjM4WhcNMjUxMDMwMTcwMjM4WjAYMRYw
FAYDVQQDEw02OGQ0MjQzNC0wZjAyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAoSj6VGjGIo64dvH6gZ5X9xNkFfK08RaphWqkf3uqfxK6Crj2FSGyYN0R
fK0j8O+Q7+LPRIJw24FDx5KPPIA35llPeoMfUuxhaqRVQMe/ejtZ/qLN2UrjqY/3
XjyNGzxV1QgmNBeZ6Zbh2sOy2Zyknk26RE6EtkN4FT712ztQRDSKuw1JVIFTtClL
9QbHWihcKVmyAORuS0IxIU64GScUCAduo2P0CGUqdHW5eV3CnnzZfyvcL3LfvrCt
sfZnHfEe83Zs/xVadPIjQ+D6R6ghd1OujnfurY/HOz9KvLIt32yYshM/24QhDnu2
oJWr+YQVJMszO2N6QmiHbWxOOe/0twIDAQABo4IDCjCCAwYwHQYDVR0OBBYEFLzQ
CQ4tM+D9aJzPKwc4Z9qtU/c4MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80OTcwQUQ1RTk5NjgxMUYwOUQwMzhDRUZEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMIGDBggrBgEFBQcBBwEB/wR0MHIwcAQCAAEwagMEAJrBAgMEAJrCwwMEAJrE
hgMEAJrEoAMEAJrHBAMEAJrIAQMEAJrIJQMEAJrILgMEAJrIMDAMAwQAmsg1AwQA
msg2AwQAmsg8MAwDBACayIEDBACayIIDBACayJoDBAKayJwDBACa09MwDQYJKoZI
hvcNAQELBQADggEBABnhMwcfhIPwoxVc0BIgF/To+hC9bq+PL/viDp6TWwypzaHt
O0+sK2CgDLOlaBB1ci8I/+qubFHimIfLBvNnwY0Tc0NkjKSru2xajsQ9bElvFluY
iSxhk1Gz6QjSwrc9IaBM0SeovnWhGNQqCRuDvCrLD8gErCV5VgfbXFwr1Mx8KO2p
waMMVbNRG+Jmfa/cJo+GddGih0fgd9Zhc2pihkCTJOBmDX0m2GERNCT+HdoBwnoj
flKwXCdtxXoSP2guaadB9srAHTxWDS6xfi+s/xd/4uEI8nROxgFqaZhODem5d3PA
kivz8S0x4CVRrLRGciCWueXX3g1PbvHVerZ778Q=
-----END CERTIFICATE-----
Generated at Sun Oct 19 08:52:07 2025 by rpki-client