Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9B8EA10C843411F0960BF4B2DAE4EC9C.roa
File: 9B8EA10C843411F0960BF4B2DAE4EC9C.roa (raw, json)
Hash identifier: slhW7pvqGvPfG7TSyQ60y6X1QIDDkIjpGXueMLEHGnc=
Subject key identifier: DB:F0:25:B3:9B:5A:48:57:B2:52:44:91:53:FB:FD:CA:71:B4:1B:19
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 019A0A
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9B8EA10C843411F0960BF4B2DAE4EC9C.roa
Signing time: Thu 28 Aug 2025 17:29:53 +0000
ROA not before: Thu 28 Aug 2025 17:29:49 +0000
ROA not after: Mon 06 Oct 2025 17:29:49 +0000
asID: 202656
IP address blocks: 154.218.30.0/24 maxlen: 24
154.219.16.0/24 maxlen: 24
154.219.24.0/24 maxlen: 24
154.219.28.0/24 maxlen: 24
154.219.207.0/24 maxlen: 24
154.219.211.0/24 maxlen: 24
154.219.222.0/24 maxlen: 24
154.219.230.0/24 maxlen: 24
154.219.232.0/24 maxlen: 24
154.219.245.0/24 maxlen: 24
154.219.246.0/24 maxlen: 24
154.219.247.0/24 maxlen: 24
154.219.250.0/24 maxlen: 24
154.219.251.0/24 maxlen: 24
154.219.252.0/24 maxlen: 24
154.219.253.0/24 maxlen: 24
154.219.254.0/24 maxlen: 24
154.219.255.0/24 maxlen: 24
154.221.60.0/24 maxlen: 24
154.222.192.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 05 Sep 2025 09:25:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 104970 (0x19a0a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Aug 28 17:29:49 2025 GMT
Not After : Oct 6 17:29:49 2025 GMT
Subject: CN=68b09211-9556
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:97:08:8e:e2:45:00:83:93:80:51:a9:4b:fb:
81:9d:e4:62:c6:00:82:87:2c:e7:30:1b:53:e4:95:
57:62:64:16:1a:0d:27:d7:9f:dd:3c:59:60:5a:a2:
71:0a:b6:0f:fb:0b:e3:2f:d5:29:7f:84:70:8f:b1:
aa:8e:fa:a1:28:2e:ba:68:1c:d2:b9:66:4a:72:c5:
94:9f:7c:e7:56:cd:cf:a5:8a:29:da:54:76:13:b8:
53:04:24:4a:c2:e7:57:b0:f0:91:1a:be:7c:89:26:
4a:2c:a8:17:25:6e:56:c4:fe:d1:2b:20:7e:55:17:
3d:a0:20:fe:cc:1d:0d:2a:31:04:95:4e:95:93:59:
10:e4:fc:81:3b:8e:40:53:ce:6f:7e:84:38:bf:3b:
67:e5:56:9e:56:2d:b5:6a:ad:50:73:0c:6b:a6:b1:
ad:18:88:6b:08:2e:2e:be:a3:b3:99:6a:02:be:42:
5b:b7:50:3a:4c:52:5e:a2:fa:28:af:b5:12:70:0b:
e1:87:58:62:b7:8b:ec:38:c8:f2:51:05:7f:2e:75:
98:8a:59:35:3d:8b:41:10:10:9e:5b:08:96:8f:1f:
1b:a0:2f:f8:14:81:6a:db:f1:a2:0e:c7:01:c4:83:
11:23:95:c9:0b:7d:b1:9a:53:80:e7:67:de:43:fe:
81:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:F0:25:B3:9B:5A:48:57:B2:52:44:91:53:FB:FD:CA:71:B4:1B:19
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9B8EA10C843411F0960BF4B2DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.218.30.0/24
154.219.16.0/24
154.219.24.0/24
154.219.28.0/24
154.219.207.0/24
154.219.211.0/24
154.219.222.0/24
154.219.230.0/24
154.219.232.0/24
154.219.245.0-154.219.247.255
154.219.250.0-154.219.255.255
154.221.60.0/24
154.222.192.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:49:c1:45:86:47:f0:24:ce:ee:b3:7c:6a:ea:80:8c:d0:33:
5e:bc:4a:da:cd:63:75:36:1c:60:f1:c5:90:1d:9e:e7:8a:b5:
21:0f:b2:68:3a:32:9d:39:d9:11:d6:f5:e1:0e:b4:99:eb:f8:
82:b0:e8:6c:db:b3:54:d7:f6:76:d1:2a:91:d2:ee:cc:4b:05:
16:a5:7e:c4:51:29:f7:cb:b7:84:da:74:7d:b1:de:63:b3:56:
6a:ea:86:32:71:5c:4a:ff:ae:bd:a2:4a:f2:2d:73:0d:af:be:
cc:d1:f7:86:21:e7:8f:5e:5b:f3:c8:98:82:59:96:6d:de:2f:
02:d9:e5:c0:dc:be:2e:20:7c:23:bd:d2:e4:6a:dd:f5:66:f2:
bb:25:30:5b:5a:44:9a:18:80:4a:9c:81:6f:6e:a8:2a:58:6a:
60:9b:91:66:71:1a:ae:ff:11:5e:cc:93:17:8f:9c:c4:ec:99:
9c:85:fb:77:8a:56:3b:46:9f:0c:66:97:44:53:e6:a2:68:1b:
fe:e1:22:df:e3:2d:78:ba:65:31:4f:4d:1b:ba:94:1e:a6:c0:
17:54:15:cb:7f:14:03:44:3d:8b:e9:8f:36:cc:5c:a4:b8:61:
9c:0a:16:8a:f4:9d:b3:cc:dd:7a:2f:fb:dc:3c:66:84:65:72:
27:b3:25:e5
-----BEGIN CERTIFICATE-----
MIIF2zCCBMOgAwIBAgIDAZoKMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwODI4MTcyOTQ5WhcNMjUxMDA2MTcyOTQ5WjAYMRYw
FAYDVQQDEw02OGIwOTIxMS05NTU2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAnpcIjuJFAIOTgFGpS/uBneRixgCChyznMBtT5JVXYmQWGg0n15/dPFlg
WqJxCrYP+wvjL9Upf4Rwj7GqjvqhKC66aBzSuWZKcsWUn3znVs3PpYop2lR2E7hT
BCRKwudXsPCRGr58iSZKLKgXJW5WxP7RKyB+VRc9oCD+zB0NKjEElU6Vk1kQ5PyB
O45AU85vfoQ4vztn5VaeVi21aq1QcwxrprGtGIhrCC4uvqOzmWoCvkJbt1A6TFJe
ovoor7UScAvhh1hit4vsOMjyUQV/LnWYilk1PYtBEBCeWwiWjx8boC/4FIFq2/Gi
DscBxIMRI5XJC32xmlOA52feQ/6BRQIDAQABo4IC/DCCAvgwHQYDVR0OBBYEFNvw
JbObWkhXslJEkVP7/cpxtBsZMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85QjhFQTEwQzg0MzQxMUYwOTYwQkY0QjJEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMHYGCCsGAQUFBwEHAQH/BGcwZTBjBAIAATBdAwQAmtoeAwQAmtsQAwQAmtsY
AwQAmtscAwQAmtvPAwQAmtvTAwQAmtveAwQAmtvmAwQAmtvoMAwDBACa2/UDBAOa
2/AwCwMEAZrb+gMDAprYAwQAmt08AwQAmt7AMA0GCSqGSIb3DQEBCwUAA4IBAQCe
ScFFhkfwJM7us3xq6oCM0DNevErazWN1Nhxg8cWQHZ7nirUhD7JoOjKdOdkR1vXh
DrSZ6/iCsOhs27NU1/Z20SqR0u7MSwUWpX7EUSn3y7eE2nR9sd5js1Zq6oYycVxK
/669okryLXMNr77M0feGIeePXlvzyJiCWZZt3i8C2eXA3L4uIHwjvdLkat31ZvK7
JTBbWkSaGIBKnIFvbqgqWGpgm5FmcRqu/xFezJMXj5zE7Jmchft3ilY7Rp8MZpdE
U+aiaBv+4SLf4y14umUxT00bupQepsAXVBXLfxQDRD2L6Y82zFykuGGcChaK9J2z
zN16L/vcPGaEZXInsyXl
-----END CERTIFICATE-----
Generated at Wed Sep 3 18:41:43 2025 by rpki-client