Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4D0FD97E8FB011F0A424A395DAE4EC9C.roa
File: 4D0FD97E8FB011F0A424A395DAE4EC9C.roa (raw, json)
Hash identifier: 3Dynk3n7Vh+Ycak3Y38A6Djo3YMg3Ouu4rvzGjBXsHU=
Subject key identifier: C8:90:0B:AB:62:B5:F0:DD:B9:43:7A:59:06:EF:86:B0:9B:5A:51:C4
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 019F74
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4D0FD97E8FB011F0A424A395DAE4EC9C.roa
Signing time: Fri 12 Sep 2025 08:13:02 +0000
ROA not before: Fri 12 Sep 2025 08:12:57 +0000
ROA not after: Sat 25 Oct 2025 08:12:57 +0000
asID: 54801
IP address blocks: 154.198.9.0/24 maxlen: 24
154.198.10.0/24 maxlen: 24
154.200.241.0/24 maxlen: 24
154.200.242.0/24 maxlen: 24
154.200.248.0/23 maxlen: 24
154.201.7.0/24 maxlen: 24
154.201.8.0/22 maxlen: 24
154.201.40.0/23 maxlen: 24
154.213.211.0/24 maxlen: 24
154.222.146.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 106356 (0x19f74)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Sep 12 08:12:57 2025 GMT
Not After : Oct 25 08:12:57 2025 GMT
Subject: CN=68c3d60e-c044
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:15:23:64:26:6a:30:22:7a:68:91:72:f0:f8:
04:e7:c6:e9:5d:3c:f5:a9:16:10:d0:b1:74:30:73:
f8:a2:d0:be:7c:c1:30:f8:0c:44:a3:63:4c:27:ba:
dc:b7:a6:26:a5:f5:87:f5:7a:db:c1:b7:11:c4:a7:
ab:09:14:68:87:59:0f:f3:6d:10:08:dd:7f:47:8a:
a2:6e:12:5e:10:af:45:27:df:2b:05:18:5a:d8:1f:
c1:7e:16:b7:f9:94:49:3a:46:7f:6d:ef:e9:61:8b:
60:c3:e9:af:a1:46:2c:32:27:12:97:41:19:78:ee:
13:d1:a9:39:a0:7e:41:92:37:5a:cf:ec:f9:29:01:
cf:ef:54:8c:72:e4:47:f1:5d:4b:1a:12:db:f9:4a:
9c:6e:7f:2a:66:80:65:ec:95:31:70:fc:92:55:52:
80:a9:49:e6:2e:03:15:6d:7b:62:11:a7:f6:53:cc:
8e:69:30:1f:71:9f:7c:6a:29:5e:f3:24:81:1a:2d:
05:d4:10:ec:1c:2d:6f:19:0d:6d:32:dc:06:48:68:
ca:99:7d:92:86:13:6c:a0:85:fd:9c:9d:9d:ea:e6:
8c:e6:b1:01:5b:05:bb:cf:be:ef:6c:6c:14:1f:9e:
5b:5c:34:42:e3:81:1e:ad:26:1f:bd:86:9d:ee:2c:
72:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:90:0B:AB:62:B5:F0:DD:B9:43:7A:59:06:EF:86:B0:9B:5A:51:C4
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4D0FD97E8FB011F0A424A395DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.198.9.0-154.198.10.255
154.200.241.0-154.200.242.255
154.200.248.0/23
154.201.7.0-154.201.11.255
154.201.40.0/23
154.213.211.0/24
154.222.146.0/23
Signature Algorithm: sha256WithRSAEncryption
63:b2:0a:de:48:35:e2:20:90:be:6a:b2:f6:82:31:22:12:c1:
91:c8:05:8f:5f:4f:cb:f3:9f:04:24:78:98:08:41:6f:6f:1c:
d1:b7:74:98:c7:94:a4:3d:8a:31:38:44:b9:2f:5f:fb:83:1d:
19:c7:a8:60:b5:f9:64:8b:ff:24:07:80:8a:d6:45:79:15:20:
11:d0:e2:ec:64:9b:9a:6c:a5:d5:01:b7:76:b0:ed:f1:fe:c4:
9f:20:c0:70:7d:78:59:67:ac:fd:55:81:11:e2:b3:53:a8:84:
2b:9a:89:24:95:99:13:03:01:2c:30:02:70:db:37:10:f0:76:
60:7c:63:e9:6f:bc:38:b2:04:2e:25:21:48:dd:2b:86:cc:f6:
58:8f:4d:1f:97:dc:ca:d4:bc:46:e7:4c:93:58:3b:b3:4e:fe:
3e:de:74:dd:42:dc:6a:5f:42:92:d5:bd:88:cb:46:88:17:85:
9b:3b:3b:93:b5:30:4a:c3:72:9b:7d:5d:99:ff:d1:a8:d4:da:
97:d8:9c:20:c8:b0:1d:0c:a5:45:3c:20:4f:24:c3:08:84:97:
b4:7f:be:57:86:67:30:c8:ce:ef:aa:82:c0:67:4f:83:6b:bf:
c6:cd:ab:21:a4:48:c5:c1:43:ce:8d:e1:9a:26:29:80:0f:a9:
e3:ca:a0:a6
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIDAZ90MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwOTEyMDgxMjU3WhcNMjUxMDI1MDgxMjU3WjAYMRYw
FAYDVQQDEw02OGMzZDYwZS1jMDQ0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1hUjZCZqMCJ6aJFy8PgE58bpXTz1qRYQ0LF0MHP4otC+fMEw+AxEo2NM
J7rct6YmpfWH9XrbwbcRxKerCRRoh1kP820QCN1/R4qibhJeEK9FJ98rBRha2B/B
fha3+ZRJOkZ/be/pYYtgw+mvoUYsMicSl0EZeO4T0ak5oH5Bkjdaz+z5KQHP71SM
cuRH8V1LGhLb+Uqcbn8qZoBl7JUxcPySVVKAqUnmLgMVbXtiEaf2U8yOaTAfcZ98
aile8ySBGi0F1BDsHC1vGQ1tMtwGSGjKmX2ShhNsoIX9nJ2d6uaM5rEBWwW7z77v
bGwUH55bXDRC44EerSYfvYad7ixyPwIDAQABo4IC4TCCAt0wHQYDVR0OBBYEFMiQ
C6titfDduUN6WQbvhrCbWlHEMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80RDBGRDk3RThGQjAxMUYwQTQyNEEzOTVEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCMAwDBACaxgkDBACaxgowDAME
AJrI8QMEAJrI8gMEAZrI+DAMAwQAmskHAwQCmskIAwQBmskoAwQAmtXTAwQBmt6S
MA0GCSqGSIb3DQEBCwUAA4IBAQBjsgreSDXiIJC+arL2gjEiEsGRyAWPX0/L858E
JHiYCEFvbxzRt3SYx5SkPYoxOES5L1/7gx0Zx6hgtflki/8kB4CK1kV5FSAR0OLs
ZJuabKXVAbd2sO3x/sSfIMBwfXhZZ6z9VYER4rNTqIQrmokklZkTAwEsMAJw2zcQ
8HZgfGPpb7w4sgQuJSFI3SuGzPZYj00fl9zK1LxG50yTWDuzTv4+3nTdQtxqX0KS
1b2Iy0aIF4WbOzuTtTBKw3KbfV2Z/9Go1NqX2JwgyLAdDKVFPCBPJMMIhJe0f75X
hmcwyM7vqoLAZ0+Da7/GzashpEjFwUPOjeGaJimAD6njyqCm
-----END CERTIFICATE-----
Generated at Sun Oct 19 08:51:37 2025 by rpki-client