Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BFD00DD49ABF11F0ABF452ADDAE4EC9C.roa
File: BFD00DD49ABF11F0ABF452ADDAE4EC9C.roa (raw, json)
Hash identifier: aeI+/WoGzkYNRgj70ntUj34zoCrIUizTZQOZFLONLnw=
Subject key identifier: C1:C1:81:0E:55:37:AC:5F:CE:C6:29:2E:C9:9E:85:81:EB:F6:D7:04
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01A127
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BFD00DD49ABF11F0ABF452ADDAE4EC9C.roa
Signing time: Fri 26 Sep 2025 10:01:20 +0000
ROA not before: Fri 26 Sep 2025 10:01:12 +0000
ROA not after: Sun 09 Nov 2025 10:01:12 +0000
asID: 138915
IP address blocks: 154.90.42.0/23 maxlen: 24
154.90.44.0/23 maxlen: 24
154.90.46.0/23 maxlen: 24
154.90.48.0/23 maxlen: 24
154.90.50.0/23 maxlen: 24
154.90.52.0/23 maxlen: 24
154.90.54.0/23 maxlen: 24
154.90.56.0/23 maxlen: 24
154.90.58.0/23 maxlen: 24
154.90.60.0/23 maxlen: 24
154.90.62.0/23 maxlen: 24
154.93.34.0/23 maxlen: 24
154.93.36.0/23 maxlen: 24
154.93.38.0/23 maxlen: 24
154.93.51.0/24 maxlen: 24
154.95.69.0/24 maxlen: 24
154.95.76.0/24 maxlen: 24
154.95.77.0/24 maxlen: 24
154.95.78.0/24 maxlen: 24
154.95.79.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 106791 (0x1a127)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Sep 26 10:01:12 2025 GMT
Not After : Nov 9 10:01:12 2025 GMT
Subject: CN=68d66470-af80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:83:7a:7d:58:4a:f2:b7:4f:c7:21:72:f9:36:
77:72:16:4c:79:59:ed:7b:fa:38:62:01:2c:22:64:
ce:4f:19:67:8a:68:ac:b8:b9:74:58:a9:ae:6e:d9:
69:fb:81:00:54:ca:14:4d:c2:a6:f7:14:2e:e5:6f:
48:ce:e8:8e:6a:d2:3c:84:14:b5:e1:0b:ae:0f:e3:
0c:2b:bf:a5:e4:49:0b:9b:05:2b:92:f1:a3:d0:b9:
97:af:d4:b9:57:67:cc:2d:a0:9c:16:c5:70:b3:d8:
27:7c:3d:77:91:eb:fe:37:a2:30:95:6a:26:f8:ff:
73:9e:86:c6:07:8c:a3:5a:ea:3d:63:39:cf:28:57:
96:07:29:7f:28:df:0c:12:f3:d6:1f:08:c1:a8:2f:
09:c0:14:ef:5f:a1:82:85:19:bc:11:44:4f:60:f1:
a3:fb:86:3b:57:1d:78:11:1a:1b:c2:72:ff:93:58:
af:72:de:2d:d1:4c:1f:f0:f5:7b:8c:b1:f4:7e:6f:
5a:b1:ed:5b:a2:fa:2d:a3:6c:f9:dc:25:06:8d:bd:
16:c2:b3:2d:ce:b3:ef:06:33:ca:1d:b0:4d:1a:4d:
a9:f3:b8:07:dc:af:1a:97:71:a4:56:98:30:ce:f5:
bc:a9:3a:50:aa:f5:34:98:8a:e0:c4:52:3e:49:68:
b6:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:C1:81:0E:55:37:AC:5F:CE:C6:29:2E:C9:9E:85:81:EB:F6:D7:04
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BFD00DD49ABF11F0ABF452ADDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.90.42.0-154.90.63.255
154.93.34.0-154.93.39.255
154.93.51.0/24
154.95.69.0/24
154.95.76.0/22
Signature Algorithm: sha256WithRSAEncryption
90:78:05:9e:fe:40:cb:89:d9:49:58:61:1f:13:10:2b:f7:d4:
ee:62:9f:a8:48:c9:5a:ad:ff:62:c5:6e:1b:88:1d:94:e6:93:
b0:a1:83:21:6c:f5:3e:3d:02:0e:79:47:ec:94:0f:f6:5a:3d:
7e:58:09:b9:97:d9:b2:55:f0:94:46:1a:c9:1d:be:8d:e7:d1:
4c:68:a0:86:bc:fe:b6:52:8a:64:d3:8e:d0:b3:63:89:3e:de:
ff:d8:92:92:05:f8:ce:30:18:9b:c3:20:f4:97:eb:3e:9a:32:
fd:34:55:c7:03:59:b2:b2:70:f5:ff:01:1a:a7:6b:ee:46:da:
60:fa:79:cf:f0:1b:d6:ec:77:a9:ae:09:e6:dd:56:89:53:12:
f3:17:db:19:7d:61:e7:b3:ce:a1:a6:97:50:d2:3b:bb:72:a6:
16:f1:b2:66:bb:72:b7:d4:9c:e4:7a:87:4b:69:77:0d:47:9c:
80:d8:1e:68:6e:8d:fd:b4:fe:45:f7:de:f4:43:b7:87:63:ab:
21:a9:5e:7e:4d:bb:00:3b:79:02:4e:80:ce:2a:76:6d:55:4b:
2c:af:5b:0f:56:0c:0c:06:e4:c1:7a:b5:e7:df:59:49:72:be:
6b:fc:14:fa:64:9f:d0:43:45:48:c0:ef:a5:e1:4e:14:86:b8:
23:4b:d4:26
-----BEGIN CERTIFICATE-----
MIIFrDCCBJSgAwIBAgIDAaEnMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwOTI2MTAwMTEyWhcNMjUxMTA5MTAwMTEyWjAYMRYw
FAYDVQQDEw02OGQ2NjQ3MC1hZjgwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0IN6fVhK8rdPxyFy+TZ3chZMeVnte/o4YgEsImTOTxlnimisuLl0WKmu
btlp+4EAVMoUTcKm9xQu5W9IzuiOatI8hBS14QuuD+MMK7+l5EkLmwUrkvGj0LmX
r9S5V2fMLaCcFsVws9gnfD13kev+N6IwlWom+P9znobGB4yjWuo9YznPKFeWByl/
KN8MEvPWHwjBqC8JwBTvX6GChRm8EURPYPGj+4Y7Vx14ERobwnL/k1ivct4t0Uwf
8PV7jLH0fm9ase1bovoto2z53CUGjb0WwrMtzrPvBjPKHbBNGk2p87gH3K8al3Gk
VpgwzvW8qTpQqvU0mIrgxFI+SWi20wIDAQABo4ICzTCCAskwHQYDVR0OBBYEFMHB
gQ5VN6xfzsYpLsmehYHr9tcEMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CRkQwMERENDlBQkYxMUYwQUJGNDUyQUREQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAATAuMAwDBAGaWioDBAaaWgAwDAME
AZpdIgMEA5pdIAMEAJpdMwMEAJpfRQMEAppfTDANBgkqhkiG9w0BAQsFAAOCAQEA
kHgFnv5Ay4nZSVhhHxMQK/fU7mKfqEjJWq3/YsVuG4gdlOaTsKGDIWz1Pj0CDnlH
7JQP9lo9flgJuZfZslXwlEYayR2+jefRTGighrz+tlKKZNOO0LNjiT7e/9iSkgX4
zjAYm8Mg9JfrPpoy/TRVxwNZsrJw9f8BGqdr7kbaYPp5z/Ab1ux3qa4J5t1WiVMS
8xfbGX1h57POoaaXUNI7u3KmFvGyZrtyt9Sc5HqHS2l3DUecgNgeaG6N/bT+Rffe
9EO3h2OrIalefk27ADt5Ak6Azip2bVVLLK9bD1YMDAbkwXq1599ZSXK+a/wU+mSf
0ENFSMDvpeFOFIa4I0vUJg==
-----END CERTIFICATE-----
Generated at Sun Oct 19 08:52:04 2025 by rpki-client