Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BCD8E012A81411F0B36DC196DAE4EC9C.roa
File: BCD8E012A81411F0B36DC196DAE4EC9C.roa (raw, json)
Hash identifier: iPo6+I5PS7FwzWfYRpba8tQW7TPOC1nuJglIUdM33gc=
Subject key identifier: BF:A1:83:E1:F8:0C:2A:EB:91:B3:F4:46:0C:FF:15:D3:0F:2C:E3:F1
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01A35E
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BCD8E012A81411F0B36DC196DAE4EC9C.roa
Signing time: Mon 13 Oct 2025 09:12:27 +0000
ROA not before: Mon 13 Oct 2025 09:12:23 +0000
ROA not after: Thu 20 Nov 2025 09:12:23 +0000
asID: 25198
IP address blocks: 154.83.140.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 107358 (0x1a35e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Oct 13 09:12:23 2025 GMT
Not After : Nov 20 09:12:23 2025 GMT
Subject: CN=68ecc27b-b796
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f8:64:fd:ba:30:cd:86:6e:1e:90:76:35:7a:d0:
85:fb:1f:ef:bd:98:e9:d3:47:09:14:61:9f:09:97:
68:08:fb:82:97:38:b6:ca:65:28:0c:4d:2a:77:0d:
ac:b7:8a:00:32:b5:44:0f:f8:df:17:82:14:b7:6d:
25:37:9d:50:03:21:3a:db:c0:07:8e:43:4d:d9:63:
d7:14:79:b9:95:84:75:40:8e:01:1e:df:17:61:f0:
25:3f:d1:52:31:2e:05:53:8a:bd:fd:68:79:14:9f:
28:49:c0:3f:6e:9d:91:9a:ce:00:f0:3b:3a:28:96:
d1:04:07:81:f2:8c:bc:53:3f:3f:f1:bf:ea:df:e5:
6f:07:87:79:72:39:8e:51:a5:6c:a1:72:3c:ff:56:
35:9c:54:a8:8b:ac:6b:1c:2a:b8:4c:5a:ab:41:c8:
db:c5:6e:ba:80:df:53:43:cf:30:d1:30:e9:76:b8:
d6:00:4f:1e:7d:da:9d:fa:a9:af:a2:eb:48:aa:35:
cb:b3:3a:b1:d6:98:54:a3:c3:fc:8a:da:47:ab:ce:
32:4b:70:d3:6d:90:cb:ad:29:2b:e2:db:49:be:97:
83:c8:ea:31:d3:3b:59:7f:fe:6f:77:59:2c:8d:53:
d7:7a:80:01:28:c3:68:31:f2:fa:df:54:e2:f6:16:
c2:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:A1:83:E1:F8:0C:2A:EB:91:B3:F4:46:0C:FF:15:D3:0F:2C:E3:F1
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BCD8E012A81411F0B36DC196DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.83.140.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:55:4a:2f:03:40:2a:d7:28:57:51:86:b6:ae:c2:9a:eb:fa:
6a:c2:e7:58:e9:af:00:0b:92:f0:91:95:8c:9e:9b:b7:cd:5e:
65:6d:f0:96:3d:99:fc:f9:3b:43:98:39:c1:16:5d:4f:79:bd:
9b:51:91:77:fa:01:8f:96:46:54:5c:75:17:03:ee:3a:0f:e3:
06:12:d7:3f:1a:ec:e9:c7:68:c5:09:3d:6e:d5:fa:dd:a9:53:
5e:54:6a:99:ba:ea:a0:55:81:ce:a3:08:a1:88:0b:93:25:16:
ab:0e:1a:a4:6e:be:cb:03:60:15:83:07:3d:15:1a:90:a2:c3:
c9:30:1c:79:79:34:27:c2:68:95:21:f0:dc:9d:d7:54:6f:b8:
06:6f:c4:b6:ba:42:ae:43:43:f6:9f:f7:01:d6:22:b4:0c:94:
99:d1:24:1d:f0:7f:1c:7e:43:96:aa:32:ee:91:f5:42:9b:74:
ed:2d:bf:f1:dc:fb:4e:5e:e2:00:67:c2:6a:44:d5:85:a7:3e:
2f:04:64:b8:6c:b4:2b:a0:62:de:ec:98:f1:bb:e1:3d:af:d3:
aa:45:c3:d3:3d:e6:94:c8:d4:d4:9c:04:16:f7:73:d5:07:b9:
b5:d9:54:05:17:84:cf:af:d9:f2:3b:73:cd:79:36:e6:5d:d0:
7e:f6:a9:b6
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAaNeMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUxMDEzMDkxMjIzWhcNMjUxMTIwMDkxMjIzWjAYMRYw
FAYDVQQDEw02OGVjYzI3Yi1iNzk2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA+GT9ujDNhm4ekHY1etCF+x/vvZjp00cJFGGfCZdoCPuClzi2ymUoDE0q
dw2st4oAMrVED/jfF4IUt20lN51QAyE628AHjkNN2WPXFHm5lYR1QI4BHt8XYfAl
P9FSMS4FU4q9/Wh5FJ8oScA/bp2Rms4A8Ds6KJbRBAeB8oy8Uz8/8b/q3+VvB4d5
cjmOUaVsoXI8/1Y1nFSoi6xrHCq4TFqrQcjbxW66gN9TQ88w0TDpdrjWAE8efdqd
+qmvoutIqjXLszqx1phUo8P8itpHq84yS3DTbZDLrSkr4ttJvpeDyOox0ztZf/5v
d1ksjVPXeoABKMNoMfL631Ti9hbCPQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFL+h
g+H4DCrrkbP0Rgz/FdMPLOPxMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CQ0Q4RTAxMkE4MTQxMUYwQjM2REMxOTZEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlOMMA0GCSqGSIb3DQEB
CwUAA4IBAQAeVUovA0Aq1yhXUYa2rsKa6/pqwudY6a8AC5LwkZWMnpu3zV5lbfCW
PZn8+TtDmDnBFl1Peb2bUZF3+gGPlkZUXHUXA+46D+MGEtc/Guzpx2jFCT1u1frd
qVNeVGqZuuqgVYHOowihiAuTJRarDhqkbr7LA2AVgwc9FRqQosPJMBx5eTQnwmiV
IfDcnddUb7gGb8S2ukKuQ0P2n/cB1iK0DJSZ0SQd8H8cfkOWqjLukfVCm3TtLb/x
3PtOXuIAZ8JqRNWFpz4vBGS4bLQroGLe7Jjxu+E9r9OqRcPTPeaUyNTUnAQW93PV
B7m12VQFF4TPr9nyO3PNeTbmXdB+9qm2
-----END CERTIFICATE-----
Generated at Sun Oct 19 08:51:03 2025 by rpki-client