Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5D04C03C841211F0832F73D7DAE4EC9C.roa
File: 5D04C03C841211F0832F73D7DAE4EC9C.roa (raw, json)
Hash identifier: OSMN4kddr5gLm1oYJLAQp2YJDN+4fmYxeF425ZNK2G8=
Subject key identifier: F9:94:DA:51:C0:3D:03:8A:76:5C:50:56:EB:B2:D0:08:A4:1C:66:F6
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0199D0
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5D04C03C841211F0832F73D7DAE4EC9C.roa
Signing time: Thu 28 Aug 2025 13:24:46 +0000
ROA not before: Thu 28 Aug 2025 13:24:40 +0000
ROA not after: Tue 30 Sep 2025 13:24:40 +0000
asID: 62240
IP address blocks: 154.194.112.0/24 maxlen: 24
154.194.113.0/24 maxlen: 24
154.194.114.0/24 maxlen: 24
154.194.115.0/24 maxlen: 24
154.194.116.0/24 maxlen: 24
154.195.24.0/24 maxlen: 24
154.195.25.0/24 maxlen: 24
154.195.26.0/24 maxlen: 24
154.195.27.0/24 maxlen: 24
154.195.28.0/24 maxlen: 24
154.195.29.0/24 maxlen: 24
154.195.30.0/24 maxlen: 24
154.195.31.0/24 maxlen: 24
154.195.96.0/24 maxlen: 24
154.195.188.0/24 maxlen: 24
154.195.189.0/24 maxlen: 24
154.195.190.0/24 maxlen: 24
154.195.191.0/24 maxlen: 24
154.196.82.0/24 maxlen: 24
154.196.86.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 05 Sep 2025 09:25:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 104912 (0x199d0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Aug 28 13:24:40 2025 GMT
Not After : Sep 30 13:24:40 2025 GMT
Subject: CN=68b0589e-56ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:22:38:35:e9:c4:ff:ed:b0:30:d4:c5:d0:7e:
b1:3f:48:78:e0:94:51:35:47:d4:27:7a:8e:35:7a:
b3:05:87:9b:f7:a1:75:f0:81:da:f7:fb:97:29:d1:
0b:65:06:49:d8:61:c6:74:fc:d7:16:dd:57:0d:ca:
11:12:79:93:94:d0:99:ca:4e:9e:3f:d1:ed:08:cc:
33:8e:c3:c1:27:d9:f1:8a:e1:2f:63:b4:15:08:a1:
e1:6c:12:ea:d4:d5:f0:48:30:d3:40:fb:64:0f:8a:
dd:07:c7:24:2d:b7:f9:c8:6b:62:00:5e:6d:17:05:
cf:d3:74:73:ec:70:de:29:37:7c:85:28:50:40:6c:
b2:26:ec:8e:00:07:ee:2d:c9:3b:73:b6:5b:08:38:
2d:36:5e:98:3c:c1:2f:21:df:02:86:ff:23:da:bb:
ba:b6:00:b1:50:d5:9d:27:57:67:b6:bf:4b:c2:6b:
89:a3:4e:c4:0f:77:3a:f2:5c:22:31:95:83:91:1f:
1e:84:7c:9a:44:8d:a5:3e:0b:0e:88:f9:9f:49:4c:
ae:81:89:5f:c6:b0:d3:eb:c5:cb:f1:e6:8e:4f:ce:
be:7d:dc:e4:83:f9:ca:78:fc:65:07:d1:79:cd:76:
09:1c:3c:2a:65:f6:4f:01:e8:d0:8f:dd:a0:34:65:
e0:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:94:DA:51:C0:3D:03:8A:76:5C:50:56:EB:B2:D0:08:A4:1C:66:F6
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5D04C03C841211F0832F73D7DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.194.112.0-154.194.116.255
154.195.24.0/21
154.195.96.0/24
154.195.188.0/22
154.196.82.0/24
154.196.86.0/24
Signature Algorithm: sha256WithRSAEncryption
06:f4:61:a2:02:50:cb:11:8d:00:8e:e6:c1:1b:17:ca:f6:84:
68:36:16:33:7f:3b:25:b2:86:1d:61:58:29:10:ef:20:64:b0:
63:a9:94:d7:06:ad:b9:83:04:5b:93:5b:88:3d:08:d5:05:c4:
25:12:3b:ec:49:d7:1e:32:1e:54:78:f3:cb:2f:d3:25:02:89:
c7:0a:eb:7d:8e:97:01:90:cd:7a:71:cf:78:42:bd:ce:0b:95:
78:ae:ae:62:dd:e5:e4:db:33:04:e1:b7:13:8c:ab:23:8e:c3:
b0:79:ca:9d:e5:7a:55:96:f9:da:03:c5:ec:5b:3e:b0:e5:67:
52:df:9b:f9:7e:ef:32:6b:01:c3:13:9b:41:6c:2b:ff:1d:ed:
bd:f3:0a:04:e3:98:70:a8:59:d8:45:1a:34:34:c6:ec:d7:27:
71:23:f2:51:3e:8e:31:a7:d4:42:53:02:90:12:b8:32:09:94:
88:4e:56:b8:d4:9a:88:9a:56:b5:86:3c:32:1c:e1:32:8e:9d:
b0:91:ba:1e:a4:7d:61:17:e4:28:2b:dd:6e:56:73:d3:d1:e2:
d3:35:c9:98:4c:82:d7:7d:76:44:97:b9:eb:82:8f:ca:e0:33:
41:1e:d2:5e:70:bd:d9:37:ea:cd:4c:08:c3:8d:6a:63:d1:94:
a2:cb:9d:bf
-----BEGIN CERTIFICATE-----
MIIFqjCCBJKgAwIBAgIDAZnQMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwODI4MTMyNDQwWhcNMjUwOTMwMTMyNDQwWjAYMRYw
FAYDVQQDEw02OGIwNTg5ZS01NmFiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAnCI4NenE/+2wMNTF0H6xP0h44JRRNUfUJ3qONXqzBYeb96F18IHa9/uX
KdELZQZJ2GHGdPzXFt1XDcoREnmTlNCZyk6eP9HtCMwzjsPBJ9nxiuEvY7QVCKHh
bBLq1NXwSDDTQPtkD4rdB8ckLbf5yGtiAF5tFwXP03Rz7HDeKTd8hShQQGyyJuyO
AAfuLck7c7ZbCDgtNl6YPMEvId8Chv8j2ru6tgCxUNWdJ1dntr9LwmuJo07ED3c6
8lwiMZWDkR8ehHyaRI2lPgsOiPmfSUyugYlfxrDT68XL8eaOT86+fdzkg/nKePxl
B9F5zXYJHDwqZfZPAejQj92gNGXgWQIDAQABo4ICyzCCAscwHQYDVR0OBBYEFPmU
2lHAPQOKdlxQVuuy0AikHGb2MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC81RDA0QzAzQzg0MTIxMUYwODMyRjczRDdEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsMAwDBASawnADBACawnQDBAOa
wxgDBACaw2ADBAKaw7wDBACaxFIDBACaxFYwDQYJKoZIhvcNAQELBQADggEBAAb0
YaICUMsRjQCO5sEbF8r2hGg2FjN/OyWyhh1hWCkQ7yBksGOplNcGrbmDBFuTW4g9
CNUFxCUSO+xJ1x4yHlR488sv0yUCiccK632OlwGQzXpxz3hCvc4LlXiurmLd5eTb
MwThtxOMqyOOw7B5yp3lelWW+doDxexbPrDlZ1Lfm/l+7zJrAcMTm0FsK/8d7b3z
CgTjmHCoWdhFGjQ0xuzXJ3Ej8lE+jjGn1EJTApASuDIJlIhOVrjUmoiaVrWGPDIc
4TKOnbCRuh6kfWEX5Cgr3W5Wc9PR4tM1yZhMgtd9dkSXueuCj8rgM0Ee0l5wvdk3
6s1MCMONamPRlKLLnb8=
-----END CERTIFICATE-----
Generated at Wed Sep 3 18:30:11 2025 by rpki-client