Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A1B60356AF2F11F081CC13D2DAE4EC9C.roa
File: A1B60356AF2F11F081CC13D2DAE4EC9C.roa (raw, json)
Hash identifier: KCrgYLYPQ5XOTGojeBqDQFAtRqhyNvD7v9+uY5LPjoQ=
Subject key identifier: 4D:8A:BA:42:E8:C8:CA:5B:12:20:2C:95:0D:CA:48:C3:FB:DF:ED:38
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01A49F
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A1B60356AF2F11F081CC13D2DAE4EC9C.roa
Signing time: Wed 22 Oct 2025 10:12:36 +0000
ROA not before: Wed 22 Oct 2025 10:12:31 +0000
ROA not after: Sat 29 Nov 2025 10:12:31 +0000
asID: 135983
IP address blocks: 154.200.32.0/24 maxlen: 24
154.200.33.0/24 maxlen: 24
154.200.35.0/24 maxlen: 24
154.200.36.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 26 Oct 2025 00:06:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 107679 (0x1a49f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Oct 22 10:12:31 2025 GMT
Not After : Nov 29 10:12:31 2025 GMT
Subject: CN=68f8ae14-46b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:0e:2e:5e:8d:94:35:7f:47:81:a9:43:04:04:
70:62:bd:d1:b5:0b:54:80:fa:84:e5:e5:38:da:21:
f2:f9:d6:da:03:8d:f4:f5:6b:9f:07:ef:56:5c:84:
e2:0b:dc:0e:54:4e:e0:f5:fe:05:ff:51:3e:cf:8b:
6b:fe:c9:d6:e1:b0:09:f2:db:e2:5b:b8:fa:ac:01:
cf:66:f8:7f:91:66:6b:d1:a0:6f:f0:9d:c2:6d:7d:
db:20:51:0c:a1:35:43:a3:34:2d:2b:98:0b:3f:e2:
fa:3a:63:04:7b:aa:97:b1:34:16:5f:ba:03:6e:d2:
9d:a8:44:0b:9d:4d:4e:03:ee:b7:57:d5:da:34:62:
63:0c:4e:79:9a:a0:c1:9f:bd:8d:93:85:0a:95:57:
9f:d1:08:c1:c5:eb:92:18:0a:62:94:dd:ee:31:06:
2b:0e:44:62:4b:5b:c1:38:ef:72:97:dd:50:ed:1d:
40:32:c1:3b:b8:41:89:7f:3f:d5:1d:7f:9e:6b:93:
37:4b:97:d1:89:7d:40:95:72:ba:23:e5:c0:63:70:
e4:0e:29:a4:2a:16:ab:6d:21:9f:74:3b:f4:93:6a:
86:79:52:2b:a1:b1:57:b8:b4:b0:ee:03:b1:af:f4:
4a:02:05:01:fd:83:8f:1b:85:5e:4c:af:8d:6a:93:
42:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:8A:BA:42:E8:C8:CA:5B:12:20:2C:95:0D:CA:48:C3:FB:DF:ED:38
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A1B60356AF2F11F081CC13D2DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.200.32.0/23
154.200.35.0-154.200.36.255
Signature Algorithm: sha256WithRSAEncryption
17:56:c5:9b:f5:6c:ad:74:0f:0f:40:21:22:b2:4c:72:16:8d:
71:46:e9:ef:61:a5:ed:d0:3f:b7:c1:eb:c4:03:59:ef:c0:b5:
17:1a:5e:d6:39:a1:43:d5:e4:4d:41:1d:97:ce:2a:81:f7:fd:
58:a8:8a:fb:fd:d0:3b:84:f6:8b:f5:5c:95:ee:55:8c:2f:79:
b9:43:57:10:83:dc:5d:91:3a:e4:e3:6e:b8:4a:e1:83:58:1d:
25:d3:ed:22:59:72:92:57:60:7a:9a:9c:0d:e7:3b:ca:36:93:
75:de:46:74:c1:5f:58:64:35:5e:d2:04:3f:39:36:7c:52:15:
7a:b2:69:ea:c8:2a:38:fb:29:b0:17:f2:40:cd:95:bb:fb:f4:
8d:49:6a:e6:ef:75:ba:61:4c:1d:ed:18:23:fc:c8:e9:43:24:
08:aa:db:1e:3a:a4:29:da:77:d8:4f:74:46:50:f8:be:b2:d3:
0e:a6:2e:b6:63:0a:2c:88:90:fb:12:1b:19:46:32:3b:e5:4e:
08:77:d6:5d:82:f6:ed:f9:73:17:b9:70:e3:89:b6:b7:b2:67:
22:15:ba:aa:18:bf:11:fb:40:17:46:fc:bc:27:63:13:22:7e:
d1:45:37:85:7d:fc:cf:a1:47:ba:84:bd:e9:a1:09:dc:fd:70:
bd:6a:7b:5f
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgIDAaSfMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUxMDIyMTAxMjMxWhcNMjUxMTI5MTAxMjMxWjAYMRYw
FAYDVQQDEw02OGY4YWUxNC00NmIyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAmg4uXo2UNX9HgalDBARwYr3RtQtUgPqE5eU42iHy+dbaA4309WufB+9W
XITiC9wOVE7g9f4F/1E+z4tr/snW4bAJ8tviW7j6rAHPZvh/kWZr0aBv8J3CbX3b
IFEMoTVDozQtK5gLP+L6OmMEe6qXsTQWX7oDbtKdqEQLnU1OA+63V9XaNGJjDE55
mqDBn72Nk4UKlVef0QjBxeuSGApilN3uMQYrDkRiS1vBOO9yl91Q7R1AMsE7uEGJ
fz/VHX+ea5M3S5fRiX1AlXK6I+XAY3DkDimkKharbSGfdDv0k2qGeVIrobFXuLSw
7gOxr/RKAgUB/YOPG4VeTK+NapNC/QIDAQABo4ICszCCAq8wHQYDVR0OBBYEFE2K
ukLoyMpbEiAslQ3KSMP73+04MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BMUI2MDM1NkFGMkYxMUYwODFDQzEzRDJEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQBmsggMAwDBACayCMDBACa
yCQwDQYJKoZIhvcNAQELBQADggEBABdWxZv1bK10Dw9AISKyTHIWjXFG6e9hpe3Q
P7fB68QDWe/AtRcaXtY5oUPV5E1BHZfOKoH3/Vioivv90DuE9ov1XJXuVYwveblD
VxCD3F2ROuTjbrhK4YNYHSXT7SJZcpJXYHqanA3nO8o2k3XeRnTBX1hkNV7SBD85
NnxSFXqyaerIKjj7KbAX8kDNlbv79I1JaubvdbphTB3tGCP8yOlDJAiq2x46pCna
d9hPdEZQ+L6y0w6mLrZjCiyIkPsSGxlGMjvlTgh31l2C9u35cxe5cOOJtreyZyIV
uqoYvxH7QBdG/LwnYxMiftFFN4V9/M+hR7qEvemhCdz9cL1qe18=
-----END CERTIFICATE-----
Generated at Fri Oct 24 12:11:05 2025 by rpki-client