Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DB7E10A4A36F11F0861B857FDAE4EC9C.roa
File: DB7E10A4A36F11F0861B857FDAE4EC9C.roa (raw, json)
Hash identifier: +SgQ9UKyyswAKYDEpYenF+Q/JLF8xGWaPZrJIwxkyUg=
Subject key identifier: 34:25:50:FE:D0:D5:80:D2:53:09:62:76:85:0E:BD:97:18:5B:29:60
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01A296
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DB7E10A4A36F11F0861B857FDAE4EC9C.roa
Signing time: Tue 07 Oct 2025 11:22:07 +0000
ROA not before: Tue 07 Oct 2025 11:22:02 +0000
ROA not after: Sun 07 Dec 2025 11:22:02 +0000
asID: 54801
IP address blocks: 154.204.0.0/24 maxlen: 24
154.208.12.0/22 maxlen: 24
154.208.16.0/20 maxlen: 24
154.212.128.0/24 maxlen: 24
154.215.0.0/24 maxlen: 24
154.218.0.0/24 maxlen: 24
154.221.0.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 107158 (0x1a296)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Oct 7 11:22:02 2025 GMT
Not After : Dec 7 11:22:02 2025 GMT
Subject: CN=68e4f7df-73fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:1c:4f:9a:c6:7b:e3:ef:fa:00:0d:54:dd:86:
5e:ca:0b:f8:f2:1b:b4:ee:46:45:be:13:df:5d:1c:
f4:2d:47:9a:76:d0:69:3c:d1:a4:19:2e:ff:3d:c6:
87:e4:dc:b0:98:91:34:4b:5b:db:ac:8f:05:10:f5:
75:44:93:e2:fb:13:11:be:cc:83:ca:aa:08:d2:73:
48:9c:25:45:bc:25:04:ea:5c:8b:70:2a:ed:24:51:
72:7e:36:17:ab:f9:48:7c:32:39:77:5e:c0:e8:6b:
f4:0e:fe:cb:88:cb:11:5d:82:61:12:95:40:9a:d2:
e0:3a:f5:9b:fe:8a:b2:ca:83:1d:46:65:93:7f:d5:
87:36:b1:19:28:6d:fe:78:78:f2:a9:ec:32:2a:ff:
c4:7d:77:6c:0b:f2:34:d1:83:63:90:55:3e:56:15:
b0:a6:aa:d8:39:1b:d9:84:a6:7b:b4:d6:7f:28:31:
0f:0f:54:6d:e2:6d:0a:bc:fc:25:5d:00:81:b8:72:
07:9a:8f:5f:b6:5c:73:8d:0f:55:d9:37:b7:8a:f1:
b1:dd:6f:5d:6a:e4:d6:6f:1f:d3:d8:f5:af:78:eb:
7f:28:bb:f9:66:7e:fe:7f:e9:a0:1a:d2:63:60:f3:
16:95:0c:a6:14:fe:ec:81:fc:3a:17:e5:2a:85:30:
a1:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:25:50:FE:D0:D5:80:D2:53:09:62:76:85:0E:BD:97:18:5B:29:60
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DB7E10A4A36F11F0861B857FDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.204.0.0/24
154.208.12.0-154.208.31.255
154.212.128.0/24
154.215.0.0/24
154.218.0.0/24
154.221.0.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:db:a5:ff:5a:a6:54:42:e9:36:26:f3:22:be:37:48:88:b8:
81:b8:e7:9d:4f:08:50:b4:31:65:9d:49:0a:a1:50:4a:83:38:
8c:d1:ce:f9:b1:53:c6:01:33:12:ac:eb:28:ef:85:06:f6:e3:
a1:3d:d0:d7:b4:fb:e7:e5:c7:96:ec:b3:9d:9d:d5:7f:71:c9:
d3:83:1c:a2:03:41:a4:0e:31:82:10:51:27:66:d3:33:1b:12:
77:49:b2:5d:5e:68:0f:7c:d1:dc:19:6b:f3:6a:87:28:38:71:
db:0e:8f:4e:6f:45:fd:6e:5d:2f:3c:b1:29:73:74:cf:3a:35:
e8:8f:b6:66:26:a8:8c:0e:c2:49:90:e6:ee:f1:9b:70:d8:e5:
5d:38:5a:f6:21:c0:13:e0:65:bf:da:dc:c1:c1:7e:9d:dc:b8:
52:1f:1a:74:dd:46:f8:18:17:82:40:da:44:54:99:ed:54:26:
b1:ba:84:eb:a7:43:1e:bf:b5:e4:6f:ca:9a:d4:7a:44:f1:0f:
24:4a:c6:26:ec:fd:e2:ac:7b:db:c9:eb:9f:dd:8c:45:8b:39:
cc:97:fb:e0:f9:88:13:27:d8:2d:98:f5:93:7a:b1:ef:30:fe:
8c:6b:13:1f:f0:eb:4f:ea:bc:c8:24:03:f5:88:1c:d9:f1:20:
58:c1:59:7e
-----BEGIN CERTIFICATE-----
MIIFqjCCBJKgAwIBAgIDAaKWMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUxMDA3MTEyMjAyWhcNMjUxMjA3MTEyMjAyWjAYMRYw
FAYDVQQDEw02OGU0ZjdkZi03M2ZkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtRxPmsZ74+/6AA1U3YZeygv48hu07kZFvhPfXRz0LUeadtBpPNGkGS7/
PcaH5NywmJE0S1vbrI8FEPV1RJPi+xMRvsyDyqoI0nNInCVFvCUE6lyLcCrtJFFy
fjYXq/lIfDI5d17A6Gv0Dv7LiMsRXYJhEpVAmtLgOvWb/oqyyoMdRmWTf9WHNrEZ
KG3+eHjyqewyKv/EfXdsC/I00YNjkFU+VhWwpqrYORvZhKZ7tNZ/KDEPD1Rt4m0K
vPwlXQCBuHIHmo9ftlxzjQ9V2Te3ivGx3W9dauTWbx/T2PWveOt/KLv5Zn7+f+mg
GtJjYPMWlQymFP7sgfw6F+UqhTChMQIDAQABo4ICyzCCAscwHQYDVR0OBBYEFDQl
UP7Q1YDSUwlidoUOvZcYWylgMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9EQjdFMTBBNEEzNkYxMUYwODYxQjg1N0ZEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQAmswAMAwDBAKa0AwDBAWa
0AADBACa1IADBACa1wADBACa2gADBACa3QAwDQYJKoZIhvcNAQELBQADggEBACvb
pf9aplRC6TYm8yK+N0iIuIG4551PCFC0MWWdSQqhUEqDOIzRzvmxU8YBMxKs6yjv
hQb246E90Ne0++flx5bss52d1X9xydODHKIDQaQOMYIQUSdm0zMbEndJsl1eaA98
0dwZa/Nqhyg4cdsOj05vRf1uXS88sSlzdM86NeiPtmYmqIwOwkmQ5u7xm3DY5V04
WvYhwBPgZb/a3MHBfp3cuFIfGnTdRvgYF4JA2kRUme1UJrG6hOunQx6/teRvyprU
ekTxDyRKxibs/eKse9vJ65/djEWLOcyX++D5iBMn2C2Y9ZN6se8w/oxrEx/w60/q
vMgkA/WIHNnxIFjBWX4=
-----END CERTIFICATE-----
Generated at Sun Oct 19 08:52:05 2025 by rpki-client