Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BC2EE580AA8011F08A0EDA86DAE4EC9C.roa
File: BC2EE580AA8011F08A0EDA86DAE4EC9C.roa (raw, json)
Hash identifier: hNITyDcb7GlnBd5cz0Gp4DYMCjKcT3tMOaTD5TNfXpc=
Subject key identifier: 64:08:1B:C6:08:B8:A5:B9:58:6A:FE:A0:F7:12:5D:93:5E:01:9F:2B
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01A3F2
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BC2EE580AA8011F08A0EDA86DAE4EC9C.roa
Signing time: Thu 16 Oct 2025 11:10:34 +0000
ROA not before: Thu 16 Oct 2025 11:10:29 +0000
ROA not after: Wed 19 Nov 2025 11:10:29 +0000
asID: 9304
IP address blocks: 154.92.196.0/24 maxlen: 24
154.92.197.0/24 maxlen: 24
154.92.198.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 107506 (0x1a3f2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Oct 16 11:10:29 2025 GMT
Not After : Nov 19 11:10:29 2025 GMT
Subject: CN=68f0d2aa-2933
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:e6:7e:83:90:c6:d3:d4:97:e2:5d:bb:92:ef:
d6:c6:e4:2f:16:80:84:73:56:76:e5:e5:c2:06:38:
c6:85:b0:87:26:8e:5d:78:d1:a2:f2:e4:4c:dd:67:
d9:75:4d:43:5b:0e:09:b8:83:84:6b:65:51:83:d9:
4e:57:ff:2a:cf:ef:d0:2f:1d:52:59:44:ce:01:61:
99:3d:ad:fe:6d:d0:17:1a:9d:5e:94:f0:8c:cc:38:
26:34:1b:0c:fb:54:a3:23:b5:c8:56:3b:41:5a:05:
71:d8:43:5e:f0:38:31:c5:58:14:bf:9c:3c:64:2f:
30:7f:7a:6d:b2:ac:e3:c0:67:b3:75:99:00:c9:f1:
e8:44:d2:d5:36:99:f8:0e:84:bd:5d:e0:07:dc:2c:
0e:ee:f2:da:9b:90:33:f7:d4:75:86:d7:e5:72:52:
aa:1d:af:a4:da:8f:cf:2b:e6:73:66:12:c1:c5:74:
ab:98:69:6c:6f:7a:42:97:d4:4d:ca:ef:6f:60:d2:
cc:ec:15:fa:94:b1:61:4a:b1:99:31:43:64:31:25:
2a:25:03:97:22:55:8a:9d:10:43:40:0f:5a:fe:7d:
0d:8a:e7:9e:e6:6b:37:72:9b:27:48:60:ba:9c:30:
d3:4a:67:7a:e1:2e:4f:ad:62:d6:da:32:94:6c:fa:
ce:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:08:1B:C6:08:B8:A5:B9:58:6A:FE:A0:F7:12:5D:93:5E:01:9F:2B
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BC2EE580AA8011F08A0EDA86DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.92.196.0-154.92.198.255
Signature Algorithm: sha256WithRSAEncryption
b1:53:bd:44:d1:d9:38:2a:04:b1:2d:b6:bc:17:02:2f:60:10:
41:4b:d1:ed:fa:7a:75:b9:48:3d:67:0b:99:de:bc:1b:61:47:
87:de:ea:ff:9e:81:93:d0:fa:2a:06:16:53:a4:8c:ca:e5:fb:
b0:52:b4:4a:f4:eb:34:74:3f:22:df:5e:e5:80:b2:ec:19:93:
06:1c:22:e8:2e:bd:a3:33:fb:d2:ac:cd:9e:fc:4f:d2:55:b4:
2d:25:32:5b:63:9a:f6:76:72:af:69:16:3a:c0:13:e7:5e:f2:
e0:37:f0:4b:1d:e8:58:41:f2:fa:cf:32:c4:f1:8d:87:78:c5:
0d:fe:c5:3c:f9:89:43:fc:4f:48:c8:f8:d8:9b:a0:ed:44:78:
c4:c2:d2:fc:31:c4:0e:e3:ca:cc:3d:b5:c3:e9:56:57:02:0b:
6c:75:81:d9:dd:26:d7:fb:64:be:ce:1c:58:b4:93:7d:c2:b2:
84:7d:a5:38:52:51:94:dc:ca:63:b6:08:48:9e:15:d5:c3:cb:
1d:6f:7a:80:0c:4e:dd:56:a0:b7:68:95:a3:a2:ed:23:ce:e2:
87:0c:41:07:6e:eb:f7:ff:fb:5c:69:88:82:fb:9b:62:8b:6f:
4b:3c:a9:13:71:ac:4d:72:56:b4:59:71:28:05:54:95:47:76:
28:b3:50:ae
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgIDAaPyMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUxMDE2MTExMDI5WhcNMjUxMTE5MTExMDI5WjAYMRYw
FAYDVQQDEw02OGYwZDJhYS0yOTMzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsuZ+g5DG09SX4l27ku/WxuQvFoCEc1Z25eXCBjjGhbCHJo5deNGi8uRM
3WfZdU1DWw4JuIOEa2VRg9lOV/8qz+/QLx1SWUTOAWGZPa3+bdAXGp1elPCMzDgm
NBsM+1SjI7XIVjtBWgVx2ENe8DgxxVgUv5w8ZC8wf3ptsqzjwGezdZkAyfHoRNLV
Npn4DoS9XeAH3CwO7vLam5Az99R1htflclKqHa+k2o/PK+ZzZhLBxXSrmGlsb3pC
l9RNyu9vYNLM7BX6lLFhSrGZMUNkMSUqJQOXIlWKnRBDQA9a/n0Niuee5ms3cpsn
SGC6nDDTSmd64S5PrWLW2jKUbPrO/wIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFGQI
G8YIuKW5WGr+oPcSXZNeAZ8rMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CQzJFRTU4MEFBODAxMUYwOEEwRURBODZEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAKaXMQDBACaXMYwDQYJ
KoZIhvcNAQELBQADggEBALFTvUTR2TgqBLEttrwXAi9gEEFL0e36enW5SD1nC5ne
vBthR4fe6v+egZPQ+ioGFlOkjMrl+7BStEr06zR0PyLfXuWAsuwZkwYcIuguvaMz
+9KszZ78T9JVtC0lMltjmvZ2cq9pFjrAE+de8uA38Esd6FhB8vrPMsTxjYd4xQ3+
xTz5iUP8T0jI+NiboO1EeMTC0vwxxA7jysw9tcPpVlcCC2x1gdndJtf7ZL7OHFi0
k33CsoR9pThSUZTcymO2CEieFdXDyx1veoAMTt1WoLdolaOi7SPO4ocMQQdu6/f/
+1xpiIL7m2KLb0s8qRNxrE1yVrRZcSgFVJVHdiizUK4=
-----END CERTIFICATE-----
Generated at Sun Oct 19 08:52:01 2025 by rpki-client