Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BD124FC8B35911F098516596DAE4EC9C.roa
File: BD124FC8B35911F098516596DAE4EC9C.roa (raw, json)
Hash identifier: XHZqzsHUiaAstm7GbYBMkVAF6GireoGFClxFR8qgtTI=
Subject key identifier: E9:72:C1:86:67:36:B2:E0:1C:2E:6E:B3:83:84:FF:79:A3:C0:3B:DE
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01A55D
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BD124FC8B35911F098516596DAE4EC9C.roa
Signing time: Mon 27 Oct 2025 17:24:06 +0000
ROA not before: Mon 27 Oct 2025 17:24:01 +0000
ROA not after: Mon 01 Dec 2025 17:24:01 +0000
asID: 62240
IP address blocks: 154.196.29.0/24 maxlen: 24
154.196.32.0/24 maxlen: 24
154.196.34.0/24 maxlen: 24
154.196.35.0/24 maxlen: 24
154.196.37.0/24 maxlen: 24
154.196.38.0/24 maxlen: 24
154.196.39.0/24 maxlen: 24
154.196.89.0/24 maxlen: 24
154.196.90.0/24 maxlen: 24
154.196.91.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 30 Oct 2025 09:04:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 107869 (0x1a55d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Oct 27 17:24:01 2025 GMT
Not After : Dec 1 17:24:01 2025 GMT
Subject: CN=68ffaab6-6023
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:6c:b1:c6:53:b0:0d:64:0c:3d:d7:80:60:37:
8b:52:61:49:d9:cb:00:6c:fe:54:3c:82:b1:3f:42:
d3:8c:11:29:7e:f9:79:ee:3f:4f:0a:11:7d:72:63:
ef:b5:81:07:fa:b4:c4:ec:56:08:d5:61:a0:34:db:
4c:c7:f7:67:6b:0b:fa:fc:e4:3d:89:f9:fc:71:d0:
a0:34:fd:a8:61:08:61:5a:28:61:9f:96:5e:11:8c:
74:ff:d1:9d:e3:97:6e:df:ba:cf:95:1a:a0:88:d9:
76:53:cc:4d:ab:37:15:8e:d5:35:43:56:6f:99:c2:
35:fd:85:e9:82:1d:38:5d:7e:79:1c:47:44:5f:a3:
87:9c:a1:6b:df:ff:a7:92:39:fb:f2:90:6c:2f:22:
e3:55:c9:83:21:5f:24:2a:8b:eb:e6:41:f4:2e:3b:
bb:e1:a7:c8:91:a9:53:32:87:d5:71:07:80:a3:b5:
ef:60:1b:63:89:d3:d0:9f:af:30:b1:e8:89:d6:97:
b4:f8:1f:6e:26:29:88:21:3f:83:55:21:3d:f8:fd:
a5:27:61:c1:09:61:44:7b:81:60:52:83:9b:47:37:
ac:78:89:30:1a:05:72:81:67:58:53:5b:70:30:2c:
f2:80:87:9f:77:62:b8:13:41:c7:87:7e:fb:29:c3:
3a:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:72:C1:86:67:36:B2:E0:1C:2E:6E:B3:83:84:FF:79:A3:C0:3B:DE
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BD124FC8B35911F098516596DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.196.29.0/24
154.196.32.0/24
154.196.34.0/23
154.196.37.0-154.196.39.255
154.196.89.0-154.196.91.255
Signature Algorithm: sha256WithRSAEncryption
25:0d:42:1a:d2:84:e1:50:d2:1f:53:50:3a:7c:23:4d:49:02:
97:b7:32:8c:55:a7:0e:df:45:5e:11:b4:3c:18:c1:5b:ab:b2:
d0:db:53:65:39:2e:b7:ce:31:ee:92:ab:cb:a0:a2:60:d8:a7:
f3:ce:9a:ce:3e:17:6e:2c:ac:f6:11:08:ac:dc:9c:ec:fe:d2:
7e:e3:78:55:57:44:47:3c:76:c7:92:62:64:b3:2f:8d:68:c2:
e0:ed:6a:33:fd:e3:a4:7b:c3:cf:5f:15:cb:a7:43:9c:e3:d1:
6e:7a:f8:58:7d:fc:f3:30:e7:c7:26:b3:eb:3e:90:8d:17:a6:
96:26:c8:11:17:b8:9b:26:1c:04:16:58:b4:23:6c:a5:48:b7:
dc:65:6c:b1:59:50:5f:b0:f9:ea:be:87:87:7a:43:8d:31:3a:
a5:e2:c5:02:93:79:8f:e1:76:fb:aa:0c:c4:be:3e:5b:de:3b:
8c:8a:58:c9:d9:a8:7a:fb:a7:95:97:6a:3d:ba:dc:6f:73:69:
9e:b0:0d:c0:4a:5f:9d:6b:8f:6e:59:ba:5c:cc:60:a4:61:99:
4b:9a:54:f0:19:02:b1:81:61:81:d9:ec:40:8d:c8:fe:17:d4:
a0:ca:34:d2:9b:b8:7a:a7:07:5c:d6:94:45:e2:ad:60:25:d8:
01:d2:9b:bd
-----BEGIN CERTIFICATE-----
MIIFrDCCBJSgAwIBAgIDAaVdMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUxMDI3MTcyNDAxWhcNMjUxMjAxMTcyNDAxWjAYMRYw
FAYDVQQDEw02OGZmYWFiNi02MDIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA6WyxxlOwDWQMPdeAYDeLUmFJ2csAbP5UPIKxP0LTjBEpfvl57j9PChF9
cmPvtYEH+rTE7FYI1WGgNNtMx/dnawv6/OQ9ifn8cdCgNP2oYQhhWihhn5ZeEYx0
/9Gd45du37rPlRqgiNl2U8xNqzcVjtU1Q1ZvmcI1/YXpgh04XX55HEdEX6OHnKFr
3/+nkjn78pBsLyLjVcmDIV8kKovr5kH0Lju74afIkalTMofVcQeAo7XvYBtjidPQ
n68wseiJ1pe0+B9uJimIIT+DVSE9+P2lJ2HBCWFEe4FgUoObRzeseIkwGgVygWdY
U1twMCzygIefd2K4E0HHh377KcM6rwIDAQABo4ICzTCCAskwHQYDVR0OBBYEFOly
wYZnNrLgHC5us4OE/3mjwDveMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CRDEyNEZDOEIzNTkxMUYwOTg1MTY1OTZEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAATAuAwQAmsQdAwQAmsQgAwQBmsQi
MAwDBACaxCUDBAOaxCAwDAMEAJrEWQMEAprEWDANBgkqhkiG9w0BAQsFAAOCAQEA
JQ1CGtKE4VDSH1NQOnwjTUkCl7cyjFWnDt9FXhG0PBjBW6uy0NtTZTkut84x7pKr
y6CiYNin886azj4Xbiys9hEIrNyc7P7SfuN4VVdERzx2x5JiZLMvjWjC4O1qM/3j
pHvDz18Vy6dDnOPRbnr4WH388zDnxyaz6z6QjRemlibIERe4myYcBBZYtCNspUi3
3GVssVlQX7D56r6Hh3pDjTE6peLFApN5j+F2+6oMxL4+W947jIpYydmoevunlZdq
Pbrcb3NpnrANwEpfnWuPblm6XMxgpGGZS5pU8BkCsYFhgdnsQI3I/hfUoMo00pu4
eqcHXNaUReKtYCXYAdKbvQ==
-----END CERTIFICATE-----
Generated at Tue Oct 28 17:04:47 2025 by rpki-client