Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9CF255689D6411F0A25F28C2DAE4EC9C.roa
File: 9CF255689D6411F0A25F28C2DAE4EC9C.roa (raw, json)
Hash identifier: nU7yQ7QCWvmcUTcXtLvMus4yJU8Xvg8wnVWLdYr5V/k=
Subject key identifier: D7:51:05:78:11:28:0A:C2:86:2D:CF:87:F0:39:99:75:7F:6F:43:1C
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01A179
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9CF255689D6411F0A25F28C2DAE4EC9C.roa
Signing time: Mon 29 Sep 2025 18:46:31 +0000
ROA not before: Mon 29 Sep 2025 18:46:23 +0000
ROA not after: Wed 05 Nov 2025 18:46:23 +0000
asID: 44559
IP address blocks: 154.209.144.0/24 maxlen: 24
154.209.145.0/24 maxlen: 24
154.209.152.0/24 maxlen: 24
154.209.153.0/24 maxlen: 24
154.209.154.0/24 maxlen: 24
154.209.155.0/24 maxlen: 24
154.209.157.0/24 maxlen: 24
154.209.158.0/24 maxlen: 24
154.209.195.0/24 maxlen: 24
154.209.196.0/24 maxlen: 24
154.209.197.0/24 maxlen: 24
154.209.198.0/24 maxlen: 24
154.209.199.0/24 maxlen: 24
154.209.200.0/24 maxlen: 24
154.209.201.0/24 maxlen: 24
154.209.202.0/24 maxlen: 24
154.209.203.0/24 maxlen: 24
154.209.204.0/24 maxlen: 24
154.209.205.0/24 maxlen: 24
154.209.207.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 106873 (0x1a179)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Sep 29 18:46:23 2025 GMT
Not After : Nov 5 18:46:23 2025 GMT
Subject: CN=68dad407-5a8a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:f5:4d:21:c6:2b:28:71:7b:4f:3c:17:8d:6c:
35:83:d8:1d:cf:73:94:12:99:4a:cd:a7:79:36:97:
e4:0a:71:14:81:d2:1c:f5:13:d2:c6:b2:fd:b7:ed:
6d:24:91:47:f4:6b:20:ec:e0:92:5d:07:24:18:cd:
59:3e:ee:f4:2d:76:17:8f:c4:6d:17:1e:b0:90:fc:
fd:d9:77:56:4e:27:34:50:5f:09:25:49:7e:71:5f:
a1:d3:c2:18:85:86:fb:05:ea:3f:50:04:20:ea:4a:
cb:e4:07:cc:c2:1d:3c:9f:38:04:17:de:6d:bd:7c:
b4:43:36:61:38:c6:5e:1b:d7:29:20:5e:94:19:bf:
80:11:e5:24:41:c0:a4:d5:56:c3:7f:20:94:9d:7f:
11:28:89:b9:76:97:dd:96:0e:10:9d:2c:ba:f0:6e:
8e:ec:f5:e6:ab:13:50:9c:c5:39:f1:d9:4b:c6:d5:
23:d1:d0:fa:99:c0:0e:7d:d3:39:a6:8b:b5:11:98:
05:b4:75:69:0a:c5:03:85:b1:f7:02:bf:fe:f8:0a:
8f:8d:52:22:23:82:a7:14:58:21:3e:ba:e8:4e:b0:
9a:f1:cb:98:f0:c7:e2:a6:ed:fc:fe:e0:cd:81:e3:
e2:f1:de:36:4e:b9:f9:05:f6:7a:d2:c9:78:25:d3:
7a:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:51:05:78:11:28:0A:C2:86:2D:CF:87:F0:39:99:75:7F:6F:43:1C
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9CF255689D6411F0A25F28C2DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.209.144.0/23
154.209.152.0/22
154.209.157.0-154.209.158.255
154.209.195.0-154.209.205.255
154.209.207.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:74:85:ec:42:70:74:ab:63:9e:f5:4e:c2:53:81:b0:a0:ab:
13:11:ce:50:fa:03:4d:5f:80:4d:11:d1:28:de:72:54:b5:72:
16:ab:47:a7:5a:3d:d6:9f:ed:a2:99:89:2c:4a:8a:aa:8d:3f:
3d:83:45:e5:af:f1:e9:0e:e8:98:7c:3f:45:95:53:bc:7c:74:
83:57:21:f1:c5:0d:d3:60:2c:c0:ca:9a:e3:cc:22:0c:3e:d7:
2f:7c:fb:40:28:a8:4f:39:65:54:72:1f:49:bd:71:6f:49:a9:
f5:05:e5:e9:6f:57:4d:0c:6c:5e:53:f1:61:a7:e6:8f:b9:98:
02:79:04:a1:81:d6:3a:e0:0a:79:3f:5a:7c:e8:61:33:d2:5f:
ab:1c:e3:fa:c3:dd:69:5c:62:4c:88:ba:de:84:20:72:c6:20:
2e:b3:66:b6:f6:59:be:f2:cb:85:da:b4:74:ef:1c:dc:82:7f:
49:22:8d:67:be:b1:4f:cf:b3:47:e8:ad:86:01:a3:3c:40:19:
ba:41:02:8e:4e:ca:63:ac:5b:39:bc:24:70:57:30:87:ce:00:
72:2e:8c:43:17:9d:32:9d:a2:4c:69:dc:e6:e5:99:a6:70:fe:
1d:c6:6c:1f:aa:95:da:34:31:49:22:4f:0e:ed:4a:36:20:71:
42:93:68:ef
-----BEGIN CERTIFICATE-----
MIIFrDCCBJSgAwIBAgIDAaF5MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwOTI5MTg0NjIzWhcNMjUxMTA1MTg0NjIzWjAYMRYw
FAYDVQQDEw02OGRhZDQwNy01YThhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0vVNIcYrKHF7TzwXjWw1g9gdz3OUEplKzad5NpfkCnEUgdIc9RPSxrL9
t+1tJJFH9Gsg7OCSXQckGM1ZPu70LXYXj8RtFx6wkPz92XdWTic0UF8JJUl+cV+h
08IYhYb7Beo/UAQg6krL5AfMwh08nzgEF95tvXy0QzZhOMZeG9cpIF6UGb+AEeUk
QcCk1VbDfyCUnX8RKIm5dpfdlg4QnSy68G6O7PXmqxNQnMU58dlLxtUj0dD6mcAO
fdM5pou1EZgFtHVpCsUDhbH3Ar/++AqPjVIiI4KnFFghPrroTrCa8cuY8Mfipu38
/uDNgePi8d42Trn5BfZ60sl4JdN6rQIDAQABo4ICzTCCAskwHQYDVR0OBBYEFNdR
BXgRKArChi3Ph/A5mXV/b0McMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85Q0YyNTU2ODlENjQxMUYwQTI1RjI4QzJEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAATAuAwQBmtGQAwQCmtGYMAwDBACa
0Z0DBACa0Z4wDAMEAJrRwwMEAZrRzAMEAJrRzzANBgkqhkiG9w0BAQsFAAOCAQEA
SnSF7EJwdKtjnvVOwlOBsKCrExHOUPoDTV+ATRHRKN5yVLVyFqtHp1o91p/topmJ
LEqKqo0/PYNF5a/x6Q7omHw/RZVTvHx0g1ch8cUN02AswMqa48wiDD7XL3z7QCio
TzllVHIfSb1xb0mp9QXl6W9XTQxsXlPxYafmj7mYAnkEoYHWOuAKeT9afOhhM9Jf
qxzj+sPdaVxiTIi63oQgcsYgLrNmtvZZvvLLhdq0dO8c3IJ/SSKNZ76xT8+zR+it
hgGjPEAZukECjk7KY6xbObwkcFcwh84Aci6MQxedMp2iTGnc5uWZpnD+HcZsH6qV
2jQxSSJPDu1KNiBxQpNo7w==
-----END CERTIFICATE-----
Generated at Sun Oct 19 08:51:49 2025 by rpki-client