Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DED145C6841811F0B9056F83DAE4EC9C.roa
File: DED145C6841811F0B9056F83DAE4EC9C.roa (raw, json)
Hash identifier: KTI5ld+rGoOjQQRcaBl53xVYfWrks7muaKLRDNGUWZk=
Subject key identifier: 17:F5:11:81:68:EB:AA:97:1F:33:E2:1E:21:BA:03:98:D7:00:CC:CF
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0199E2
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DED145C6841811F0B9056F83DAE4EC9C.roa
Signing time: Thu 28 Aug 2025 14:11:20 +0000
ROA not before: Thu 28 Aug 2025 14:11:15 +0000
ROA not after: Tue 30 Sep 2025 14:11:15 +0000
asID: 62240
IP address blocks: 154.194.75.0/24 maxlen: 24
154.194.76.0/24 maxlen: 24
154.194.77.0/24 maxlen: 24
154.194.78.0/24 maxlen: 24
154.194.94.0/24 maxlen: 24
154.194.95.0/24 maxlen: 24
154.194.96.0/24 maxlen: 24
154.194.97.0/24 maxlen: 24
154.194.103.0/24 maxlen: 24
154.196.20.0/24 maxlen: 24
154.196.21.0/24 maxlen: 24
154.196.23.0/24 maxlen: 24
154.196.24.0/24 maxlen: 24
154.196.25.0/24 maxlen: 24
154.196.26.0/24 maxlen: 24
154.196.27.0/24 maxlen: 24
154.196.28.0/24 maxlen: 24
154.196.51.0/24 maxlen: 24
154.196.52.0/24 maxlen: 24
154.196.53.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 05 Sep 2025 09:25:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 104930 (0x199e2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Aug 28 14:11:15 2025 GMT
Not After : Sep 30 14:11:15 2025 GMT
Subject: CN=68b06388-031b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:2c:2a:2d:68:5f:cb:8b:a5:ca:83:c7:19:8d:
89:b7:a0:83:05:a4:e4:0e:b9:74:bd:3b:07:34:51:
13:b7:ec:2b:04:95:80:39:fd:cb:00:c3:3e:64:e3:
41:17:3e:97:14:68:12:1e:86:7b:4b:aa:4b:9d:48:
96:b2:90:c3:4e:b5:29:a3:81:a3:6f:91:4c:18:e6:
f0:79:7b:69:b7:e9:34:82:1a:5b:5a:f9:f9:1e:10:
09:b8:61:7c:bf:f6:d4:6a:99:3d:92:f1:3c:39:c0:
05:ad:d7:82:02:63:88:30:27:3f:32:4a:af:25:76:
59:f4:e6:44:78:3f:80:01:d4:18:f5:bf:b2:cd:ef:
e5:75:19:bf:f6:6a:4f:3f:d0:bb:40:cf:b4:f5:fd:
e2:40:0c:15:52:30:7e:51:7e:32:2d:f0:00:02:5a:
a5:2e:d4:7c:bd:c2:11:4a:25:1c:92:d7:d4:a9:9d:
2e:5d:ce:fe:7d:5b:fc:66:bc:61:ff:cb:c8:76:3b:
3f:d3:97:56:8e:30:1c:02:4b:58:df:1e:7f:a0:75:
c0:c4:f0:bf:93:4c:e1:f5:25:2c:52:25:69:c3:97:
93:4d:0e:49:5e:bc:93:a2:e2:19:fd:68:5b:45:70:
48:66:df:41:ee:02:3b:ea:bd:44:bb:00:df:47:9d:
1a:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:F5:11:81:68:EB:AA:97:1F:33:E2:1E:21:BA:03:98:D7:00:CC:CF
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DED145C6841811F0B9056F83DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.194.75.0-154.194.78.255
154.194.94.0-154.194.97.255
154.194.103.0/24
154.196.20.0/23
154.196.23.0-154.196.28.255
154.196.51.0-154.196.53.255
Signature Algorithm: sha256WithRSAEncryption
a3:06:3c:ba:bb:5b:65:23:81:bf:a7:9b:73:64:1c:79:f6:18:
3d:8c:c8:86:bb:ea:82:5a:f8:fe:c9:71:90:ae:01:b3:50:16:
b2:54:5c:de:e8:a1:85:2d:79:8c:7f:22:c5:12:4a:74:42:34:
89:6b:be:2b:9c:c1:c4:26:f6:81:91:09:d5:92:50:83:dc:8a:
52:31:a1:99:ca:ca:d9:54:a3:bf:a7:96:50:ed:f7:76:43:8c:
27:b0:8f:81:ff:12:2e:79:fb:1c:a6:43:d6:9b:b5:d4:77:6e:
f3:3f:33:65:7f:61:2b:17:ea:1b:40:f4:70:d2:25:b5:60:60:
5f:93:2c:ad:cb:91:8c:05:d0:0e:18:b9:82:3e:37:dc:36:9d:
b1:b7:4b:83:0f:5e:03:37:d8:d6:3f:6d:9c:dc:76:fe:b8:dd:
ce:85:df:bd:e3:d1:ef:bf:91:d8:e6:da:5a:28:14:d0:95:7f:
92:91:39:3d:23:69:0f:eb:88:39:11:a9:97:f2:3e:1a:a1:4d:
aa:05:5a:5b:7c:15:2a:e2:7f:30:18:0c:27:a0:82:8d:1c:67:
5e:82:09:49:24:af:b8:e7:88:c5:0a:41:73:90:1a:3b:af:54:
63:d8:5d:64:b1:f1:d4:a3:86:8a:8f:10:d6:5e:84:2a:cf:3c:
39:cf:f5:eb
-----BEGIN CERTIFICATE-----
MIIFwjCCBKqgAwIBAgIDAZniMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwODI4MTQxMTE1WhcNMjUwOTMwMTQxMTE1WjAYMRYw
FAYDVQQDEw02OGIwNjM4OC0wMzFiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAmiwqLWhfy4ulyoPHGY2Jt6CDBaTkDrl0vTsHNFETt+wrBJWAOf3LAMM+
ZONBFz6XFGgSHoZ7S6pLnUiWspDDTrUpo4Gjb5FMGObweXtpt+k0ghpbWvn5HhAJ
uGF8v/bUapk9kvE8OcAFrdeCAmOIMCc/MkqvJXZZ9OZEeD+AAdQY9b+yze/ldRm/
9mpPP9C7QM+09f3iQAwVUjB+UX4yLfAAAlqlLtR8vcIRSiUcktfUqZ0uXc7+fVv8
Zrxh/8vIdjs/05dWjjAcAktY3x5/oHXAxPC/k0zh9SUsUiVpw5eTTQ5JXryTouIZ
/WhbRXBIZt9B7gI76r1EuwDfR50aOwIDAQABo4IC4zCCAt8wHQYDVR0OBBYEFBf1
EYFo66qXHzPiHiG6A5jXAMzPMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9ERUQxNDVDNjg0MTgxMUYwQjkwNTZGODNEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMF0GCCsGAQUFBwEHAQH/BE4wTDBKBAIAATBEMAwDBACawksDBACawk4wDAME
AZrCXgMEAZrCYAMEAJrCZwMEAZrEFDAMAwQAmsQXAwQAmsQcMAwDBACaxDMDBAGa
xDQwDQYJKoZIhvcNAQELBQADggEBAKMGPLq7W2Ujgb+nm3NkHHn2GD2MyIa76oJa
+P7JcZCuAbNQFrJUXN7ooYUteYx/IsUSSnRCNIlrviucwcQm9oGRCdWSUIPcilIx
oZnKytlUo7+nllDt93ZDjCewj4H/Ei55+xymQ9abtdR3bvM/M2V/YSsX6htA9HDS
JbVgYF+TLK3LkYwF0A4YuYI+N9w2nbG3S4MPXgM32NY/bZzcdv643c6F373j0e+/
kdjm2looFNCVf5KROT0jaQ/riDkRqZfyPhqhTaoFWlt8FSrifzAYDCeggo0cZ16C
CUkkr7jniMUKQXOQGjuvVGPYXWSx8dSjhoqPENZehCrPPDnP9es=
-----END CERTIFICATE-----
Generated at Wed Sep 3 18:35:53 2025 by rpki-client