Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A10C39688D6D11F0BEF52BB8DAE4EC9C.roa
File: A10C39688D6D11F0BEF52BB8DAE4EC9C.roa (raw, json)
Hash identifier: oNXFQ0mF5t67Q5xac+p4teF3cSasJvsttvoYmQ8RDzQ=
Subject key identifier: 85:ED:B9:9C:B5:48:3C:01:B8:29:7C:64:5A:7F:6B:88:27:06:A9:74
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 019F26
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A10C39688D6D11F0BEF52BB8DAE4EC9C.roa
Signing time: Tue 09 Sep 2025 11:10:44 +0000
ROA not before: Tue 09 Sep 2025 11:10:40 +0000
ROA not after: Thu 16 Oct 2025 11:10:40 +0000
asID: 22773
IP address blocks: 154.198.29.0/24 maxlen: 24
154.198.30.0/24 maxlen: 24
154.198.31.0/24 maxlen: 24
154.198.44.0/24 maxlen: 24
154.198.45.0/24 maxlen: 24
154.198.46.0/24 maxlen: 24
154.198.47.0/24 maxlen: 24
154.202.2.0/24 maxlen: 24
154.202.5.0/24 maxlen: 24
154.202.12.0/24 maxlen: 24
154.202.13.0/24 maxlen: 24
154.202.14.0/24 maxlen: 24
154.202.15.0/24 maxlen: 24
154.202.16.0/24 maxlen: 24
154.202.17.0/24 maxlen: 24
154.202.18.0/24 maxlen: 24
154.202.19.0/24 maxlen: 24
154.202.20.0/24 maxlen: 24
154.202.21.0/24 maxlen: 24
154.202.22.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 21 Sep 2025 00:06:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 106278 (0x19f26)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Sep 9 11:10:40 2025 GMT
Not After : Oct 16 11:10:40 2025 GMT
Subject: CN=68c00b34-9d17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:35:6e:52:cd:7e:fa:d7:48:fd:5f:6c:ae:ce:
d4:0a:15:1e:a2:a6:7c:0e:07:6b:2b:00:4c:6c:25:
a7:10:dd:87:03:03:c6:1c:36:84:41:3c:31:e4:74:
0d:78:c0:80:d8:b1:d6:43:7a:99:31:cd:34:ae:e8:
78:6e:00:a9:b0:03:7a:e3:4d:75:d2:87:74:2d:b0:
26:ba:89:60:ea:9a:5c:b0:41:39:e5:b0:07:40:c8:
2a:1f:d1:b1:ce:dc:91:26:b5:cf:86:f5:20:5c:2a:
bf:b4:42:ad:a0:41:c1:f0:f3:27:aa:b6:e1:8e:83:
ce:30:e8:6f:c4:7f:45:5e:81:0e:67:ce:7e:f4:db:
be:94:6a:c7:8a:d0:44:76:84:4d:66:8c:6e:39:f7:
02:81:33:3a:26:22:38:4d:1e:fb:1e:fb:5a:73:35:
cf:0e:65:19:a1:c5:12:11:6e:31:54:c4:1a:ca:e2:
04:c8:1e:30:9b:ec:63:59:ef:09:36:9b:8a:83:ce:
47:1e:5e:45:94:eb:33:22:03:df:8f:0a:8e:52:dc:
cb:31:42:92:88:ef:e3:bc:92:a9:58:4d:8e:91:91:
b5:0f:fc:67:19:88:e5:30:bf:e4:90:a3:5a:0d:99:
c4:17:b0:26:50:cb:b3:7a:43:c6:fa:fa:8d:09:36:
be:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:ED:B9:9C:B5:48:3C:01:B8:29:7C:64:5A:7F:6B:88:27:06:A9:74
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A10C39688D6D11F0BEF52BB8DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.198.29.0-154.198.31.255
154.198.44.0/22
154.202.2.0/24
154.202.5.0/24
154.202.12.0-154.202.22.255
Signature Algorithm: sha256WithRSAEncryption
b8:3a:b0:93:a7:56:8b:d3:f6:00:36:83:d0:48:f2:9e:70:e5:
40:18:41:be:75:fd:00:2f:a0:86:ec:91:59:35:a9:26:76:76:
fa:9a:98:38:65:b8:c8:d6:15:7b:82:1d:fc:f6:b8:3a:ff:a7:
b9:aa:69:09:3d:a4:af:bf:2b:24:57:fe:f2:7d:5d:73:41:64:
b4:8a:96:1b:7f:24:96:ac:f2:f0:43:b1:36:23:83:d1:ac:31:
f7:4d:90:75:d3:f1:87:c7:fd:32:28:6c:fa:ae:44:93:5e:75:
50:4b:07:bb:e3:a5:a6:a8:5c:a3:c2:21:13:31:06:6d:aa:0a:
38:2c:e5:bc:04:07:4f:58:cb:06:34:8d:95:cc:82:56:e2:27:
f9:29:e3:fb:4b:5b:86:4c:ab:be:f6:73:68:2e:dc:c8:db:5b:
09:a9:25:e7:9c:a5:62:94:3b:63:6e:8e:e6:fb:72:1b:0c:f7:
a1:f8:0e:17:5e:4c:90:b6:ed:1d:c7:60:b1:50:ae:01:52:75:
7e:32:45:54:07:cb:29:0e:f4:cc:41:e7:a8:b1:84:ab:08:7b:
12:7e:23:77:56:2d:19:46:94:7c:ed:a7:80:28:e2:ae:f8:6f:
63:20:84:67:6f:9d:10:f5:de:f2:1c:5d:57:f9:7e:c0:07:32:
d6:b0:ab:0c
-----BEGIN CERTIFICATE-----
MIIFrDCCBJSgAwIBAgIDAZ8mMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwOTA5MTExMDQwWhcNMjUxMDE2MTExMDQwWjAYMRYw
FAYDVQQDEw02OGMwMGIzNC05ZDE3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyTVuUs1++tdI/V9srs7UChUeoqZ8DgdrKwBMbCWnEN2HAwPGHDaEQTwx
5HQNeMCA2LHWQ3qZMc00ruh4bgCpsAN640110od0LbAmuolg6ppcsEE55bAHQMgq
H9GxztyRJrXPhvUgXCq/tEKtoEHB8PMnqrbhjoPOMOhvxH9FXoEOZ85+9Nu+lGrH
itBEdoRNZoxuOfcCgTM6JiI4TR77HvtaczXPDmUZocUSEW4xVMQayuIEyB4wm+xj
We8JNpuKg85HHl5FlOszIgPfjwqOUtzLMUKSiO/jvJKpWE2OkZG1D/xnGYjlML/k
kKNaDZnEF7AmUMuzekPG+vqNCTa+4wIDAQABo4ICzTCCAskwHQYDVR0OBBYEFIXt
uZy1SDwBuCl8ZFp/a4gnBql0MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BMTBDMzk2ODhENkQxMUYwQkVGNTJCQjhEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAATAuMAwDBACaxh0DBAWaxgADBAKa
xiwDBACaygIDBACaygUwDAMEAprKDAMEAJrKFjANBgkqhkiG9w0BAQsFAAOCAQEA
uDqwk6dWi9P2ADaD0EjynnDlQBhBvnX9AC+ghuyRWTWpJnZ2+pqYOGW4yNYVe4Id
/Pa4Ov+nuappCT2kr78rJFf+8n1dc0FktIqWG38klqzy8EOxNiOD0awx902QddPx
h8f9Mihs+q5Ek151UEsHu+Olpqhco8IhEzEGbaoKOCzlvAQHT1jLBjSNlcyCVuIn
+Snj+0tbhkyrvvZzaC7cyNtbCakl55ylYpQ7Y26O5vtyGwz3ofgOF15MkLbtHcdg
sVCuAVJ1fjJFVAfLKQ70zEHnqLGEqwh7En4jd1YtGUaUfO2ngCjirvhvYyCEZ2+d
EPXe8hxdV/l+wAcy1rCrDA==
-----END CERTIFICATE-----
Generated at Fri Sep 19 04:19:45 2025 by rpki-client