Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DC2225F899E811F0842C06BCDAE4EC9C.roa
File: DC2225F899E811F0842C06BCDAE4EC9C.roa (raw, json)
Hash identifier: Kd6ONgwfvT8+KFGZnLuE8KJBJWaJYGQI3kfTTwa2pHo=
Subject key identifier: DD:82:E3:7D:47:45:22:AB:60:B8:CF:0C:E5:B2:16:A6:C5:DA:F5:72
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01A0DF
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DC2225F899E811F0842C06BCDAE4EC9C.roa
Signing time: Thu 25 Sep 2025 08:23:06 +0000
ROA not before: Thu 25 Sep 2025 08:23:01 +0000
ROA not after: Sat 15 Nov 2025 08:23:01 +0000
asID: 63139
IP address blocks: 154.203.160.0/24 maxlen: 24
154.203.162.0/24 maxlen: 24
154.203.163.0/24 maxlen: 24
154.203.164.0/24 maxlen: 24
154.203.165.0/24 maxlen: 24
154.203.166.0/24 maxlen: 24
154.203.167.0/24 maxlen: 24
154.203.168.0/24 maxlen: 24
154.203.169.0/24 maxlen: 24
154.203.170.0/24 maxlen: 24
154.203.172.0/24 maxlen: 24
154.223.22.0/24 maxlen: 24
154.223.25.0/24 maxlen: 24
154.223.27.0/24 maxlen: 24
154.223.30.0/24 maxlen: 24
154.223.31.0/24 maxlen: 24
154.223.36.0/24 maxlen: 24
154.223.38.0/24 maxlen: 24
154.223.39.0/24 maxlen: 24
154.223.50.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 106719 (0x1a0df)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Sep 25 08:23:01 2025 GMT
Not After : Nov 15 08:23:01 2025 GMT
Subject: CN=68d4fbea-913d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:cd:de:ec:57:5e:0e:36:3e:2b:c4:38:73:bb:
50:6b:a1:dc:11:03:56:1b:62:35:99:cf:72:8a:0d:
43:af:70:b4:7a:06:dc:7d:db:88:18:f3:2d:08:77:
0e:c0:75:ed:fa:20:32:69:96:7e:ca:aa:6c:66:7e:
42:99:9b:ac:5c:88:0a:f2:b6:d5:0e:fb:58:5f:1f:
a0:c6:2f:09:9b:6f:a9:75:d0:23:10:c6:fd:cd:6a:
0e:eb:4d:b4:59:5e:1c:04:6c:71:8e:12:0d:ad:ff:
19:57:e0:b9:3b:2d:af:01:0c:1d:9a:8d:80:83:2a:
3d:b0:94:53:38:ed:42:29:52:d0:1b:aa:0a:06:5f:
0e:f3:10:71:22:e0:c2:2d:6d:f0:0f:7d:9f:e0:84:
73:a7:31:44:fb:ce:ad:d4:f5:a2:54:b9:9f:24:5c:
d0:2a:89:c6:6c:a5:b8:6a:b2:30:24:15:eb:6a:3a:
3e:ac:df:17:37:8a:63:65:7e:12:e0:3f:89:a8:22:
a0:25:6d:f6:96:41:2c:0e:48:93:75:b7:23:38:7a:
49:5a:72:b6:ba:55:1a:03:57:16:11:9a:16:70:ee:
42:03:64:96:3e:d3:b2:80:5f:82:6f:50:77:3c:ad:
1c:d2:f9:5c:f0:c4:74:b5:a7:42:b1:98:ef:d4:a4:
55:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:82:E3:7D:47:45:22:AB:60:B8:CF:0C:E5:B2:16:A6:C5:DA:F5:72
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DC2225F899E811F0842C06BCDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.203.160.0/24
154.203.162.0-154.203.170.255
154.203.172.0/24
154.223.22.0/24
154.223.25.0/24
154.223.27.0/24
154.223.30.0/23
154.223.36.0/24
154.223.38.0/23
154.223.50.0/24
Signature Algorithm: sha256WithRSAEncryption
59:51:06:9c:74:e9:38:3c:22:bc:07:88:24:36:65:0c:08:f5:
fa:88:08:96:b6:d2:45:81:56:d9:43:12:1b:7c:3c:5c:46:20:
b8:f7:13:ac:62:2a:de:2b:0e:3d:59:5e:39:93:9f:b6:cf:92:
3e:d8:70:4d:82:cc:d7:6e:7a:6f:d5:cc:e1:e1:d7:ef:72:ae:
e6:b5:b7:2e:ca:62:74:23:05:f9:15:a2:0c:ca:f5:3e:51:b3:
b4:be:c3:e2:cb:45:57:bf:52:18:d9:be:19:8f:72:b8:6f:85:
fd:e6:94:13:4e:32:83:87:c1:87:7b:7b:12:f8:1f:18:ea:b7:
e7:8c:d9:2d:c7:ed:51:83:52:db:da:8a:8a:e8:a0:8e:49:e2:
dc:8d:21:f0:4c:71:ec:cc:65:95:cc:46:42:a9:1c:ef:42:ee:
98:9c:5e:c6:d6:73:10:f9:51:de:f8:10:78:d2:9d:fa:25:c2:
ad:aa:30:88:85:17:41:df:fd:8e:05:a2:50:f8:fb:1a:96:40:
1b:6d:22:b8:8b:c5:39:be:00:ee:4b:e9:0a:4e:55:18:da:25:
1d:88:dd:db:21:0e:56:9f:b5:74:ce:47:be:83:e9:24:fb:35:
f2:ee:68:55:df:d7:c5:17:4e:41:22:fd:10:a3:22:98:fb:9e:
7e:22:72:38
-----BEGIN CERTIFICATE-----
MIIFwjCCBKqgAwIBAgIDAaDfMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwOTI1MDgyMzAxWhcNMjUxMTE1MDgyMzAxWjAYMRYw
FAYDVQQDEw02OGQ0ZmJlYS05MTNkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAv83e7FdeDjY+K8Q4c7tQa6HcEQNWG2I1mc9yig1Dr3C0egbcfduIGPMt
CHcOwHXt+iAyaZZ+yqpsZn5CmZusXIgK8rbVDvtYXx+gxi8Jm2+pddAjEMb9zWoO
6020WV4cBGxxjhINrf8ZV+C5Oy2vAQwdmo2Agyo9sJRTOO1CKVLQG6oKBl8O8xBx
IuDCLW3wD32f4IRzpzFE+86t1PWiVLmfJFzQKonGbKW4arIwJBXrajo+rN8XN4pj
ZX4S4D+JqCKgJW32lkEsDkiTdbcjOHpJWnK2ulUaA1cWEZoWcO5CA2SWPtOygF+C
b1B3PK0c0vlc8MR0tadCsZjv1KRVqwIDAQABo4IC4zCCAt8wHQYDVR0OBBYEFN2C
431HRSKrYLjPDOWyFqbF2vVyMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9EQzIyMjVGODk5RTgxMUYwODQyQzA2QkNEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMF0GCCsGAQUFBwEHAQH/BE4wTDBKBAIAATBEAwQAmsugMAwDBAGay6IDBACa
y6oDBACay6wDBACa3xYDBACa3xkDBACa3xsDBAGa3x4DBACa3yQDBAGa3yYDBACa
3zIwDQYJKoZIhvcNAQELBQADggEBAFlRBpx06Tg8IrwHiCQ2ZQwI9fqICJa20kWB
VtlDEht8PFxGILj3E6xiKt4rDj1ZXjmTn7bPkj7YcE2CzNduem/VzOHh1+9yrua1
ty7KYnQjBfkVogzK9T5Rs7S+w+LLRVe/UhjZvhmPcrhvhf3mlBNOMoOHwYd7exL4
Hxjqt+eM2S3H7VGDUtvaiorooI5J4tyNIfBMcezMZZXMRkKpHO9C7picXsbWcxD5
Ud74EHjSnfolwq2qMIiFF0Hf/Y4FolD4+xqWQBttIriLxTm+AO5L6QpOVRjaJR2I
3dshDlaftXTOR76D6ST7NfLuaFXf18UXTkEi/RCjIpj7nn4icjg=
-----END CERTIFICATE-----
Generated at Sun Oct 19 08:51:57 2025 by rpki-client