Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F642A0409F7C11F08E52ACDEDAE4EC9C.roa
File: F642A0409F7C11F08E52ACDEDAE4EC9C.roa (raw, json)
Hash identifier: d2WH9d5tUlIa385GqBknXbOWf5Tb0W0IYdUS7cah4io=
Subject key identifier: 24:84:2A:71:AC:85:40:DA:D2:59:E6:A3:F3:6C:2E:1B:A5:A1:87:02
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01A206
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F642A0409F7C11F08E52ACDEDAE4EC9C.roa
Signing time: Thu 02 Oct 2025 10:45:51 +0000
ROA not before: Thu 02 Oct 2025 10:45:44 +0000
ROA not after: Thu 13 Nov 2025 10:45:44 +0000
asID: 211826
IP address blocks: 154.197.91.0/24 maxlen: 24
154.197.110.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 107014 (0x1a206)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Oct 2 10:45:44 2025 GMT
Not After : Nov 13 10:45:44 2025 GMT
Subject: CN=68de57df-0a84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:f5:64:c7:68:96:23:6e:c7:db:17:e5:24:47:
a5:ca:a4:4d:e8:52:9b:38:ee:f7:93:b2:f0:5f:ef:
fe:3b:01:e0:53:7d:7f:7b:97:9b:aa:d7:6f:88:da:
0c:a6:29:52:fd:d5:a0:ae:25:58:8c:78:1e:19:83:
b8:df:d3:53:13:0a:31:fc:cd:95:fc:b2:55:61:32:
62:f3:ac:d4:48:35:f0:44:9e:35:4c:e5:a8:1e:e1:
7c:c6:33:e5:12:c5:9f:72:7d:08:d1:2f:ee:26:22:
cf:9e:32:a0:35:ac:36:6c:96:6a:30:85:e4:61:c6:
b8:60:0a:17:45:a5:32:bb:53:8e:c5:4d:e4:cf:0b:
31:11:b3:91:f7:c2:2f:07:3f:11:62:d6:c7:4a:bd:
bb:e2:98:3a:c5:88:36:00:89:91:33:cb:8b:6e:62:
73:aa:65:f5:2b:2b:83:df:34:3e:b6:ad:46:95:e1:
26:1d:e2:09:ad:0f:7d:f8:81:44:43:60:93:7b:3f:
77:70:a2:e3:13:ab:e9:b7:1a:17:ab:35:a6:8c:c3:
17:d0:da:33:45:1f:2e:89:3c:d0:45:a3:90:75:ed:
7f:89:e1:c9:3a:bf:37:5b:aa:17:fa:bc:49:b1:ff:
83:99:2c:51:19:e8:0a:e4:45:f6:66:8f:27:e5:7d:
59:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:84:2A:71:AC:85:40:DA:D2:59:E6:A3:F3:6C:2E:1B:A5:A1:87:02
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F642A0409F7C11F08E52ACDEDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.197.91.0/24
154.197.110.0/24
Signature Algorithm: sha256WithRSAEncryption
49:f8:65:db:23:1b:40:1e:95:a3:73:5f:dd:c6:f5:18:54:16:
a1:86:aa:a5:3d:a7:bf:e7:2c:4c:94:98:01:ff:64:a3:d4:33:
c4:ef:6d:66:a5:7b:46:3c:ce:cf:69:47:03:62:c0:ca:a8:59:
1e:f5:af:b1:2a:af:87:15:d2:36:71:c4:33:63:08:87:ac:21:
36:d0:38:03:03:de:82:2b:59:cc:e9:46:97:36:da:93:4a:52:
17:c9:b6:ea:cb:8e:b7:66:d7:1c:9a:71:16:ea:34:c3:54:8f:
f4:2d:3d:09:2d:30:a6:59:14:d8:36:2e:e2:df:66:1b:59:5c:
11:01:4c:0e:7f:18:82:81:47:2f:77:13:f6:bb:21:b0:e5:f9:
b6:cc:60:10:a8:8d:62:2d:f9:de:a3:e6:40:27:aa:01:f5:93:
9c:cf:e0:34:69:b8:a1:3d:73:54:df:02:6e:8b:61:93:dc:59:
d5:f3:19:da:21:43:80:30:1d:a9:14:78:3b:f0:22:63:1e:91:
0e:0e:bc:09:34:9b:91:e9:96:47:49:2c:ef:78:10:a6:ec:6e:
d0:c0:42:98:70:e1:ea:1f:f3:bb:53:62:8d:fa:2c:5e:8e:00:
90:03:db:b4:f3:1e:52:11:b0:8d:87:96:b6:b6:7d:b6:28:49:
5a:a9:fd:ec
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAaIGMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUxMDAyMTA0NTQ0WhcNMjUxMTEzMTA0NTQ0WjAYMRYw
FAYDVQQDEw02OGRlNTdkZi0wYTg0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1fVkx2iWI27H2xflJEelyqRN6FKbOO73k7LwX+/+OwHgU31/e5ebqtdv
iNoMpilS/dWgriVYjHgeGYO439NTEwox/M2V/LJVYTJi86zUSDXwRJ41TOWoHuF8
xjPlEsWfcn0I0S/uJiLPnjKgNaw2bJZqMIXkYca4YAoXRaUyu1OOxU3kzwsxEbOR
98IvBz8RYtbHSr274pg6xYg2AImRM8uLbmJzqmX1KyuD3zQ+tq1GleEmHeIJrQ99
+IFEQ2CTez93cKLjE6vptxoXqzWmjMMX0NozRR8uiTzQRaOQde1/ieHJOr83W6oX
+rxJsf+DmSxRGegK5EX2Zo8n5X1ZRwIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFCSE
KnGshUDa0lnmo/NsLhuloYcCMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9GNjQyQTA0MDlGN0MxMUYwOEU1MkFDREVEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAmsVbAwQAmsVuMA0GCSqG
SIb3DQEBCwUAA4IBAQBJ+GXbIxtAHpWjc1/dxvUYVBahhqqlPae/5yxMlJgB/2Sj
1DPE721mpXtGPM7PaUcDYsDKqFke9a+xKq+HFdI2ccQzYwiHrCE20DgDA96CK1nM
6UaXNtqTSlIXybbqy463ZtccmnEW6jTDVI/0LT0JLTCmWRTYNi7i32YbWVwRAUwO
fxiCgUcvdxP2uyGw5fm2zGAQqI1iLfneo+ZAJ6oB9ZOcz+A0abihPXNU3wJui2GT
3FnV8xnaIUOAMB2pFHg78CJjHpEODrwJNJuR6ZZHSSzveBCm7G7QwEKYcOHqH/O7
U2KN+ixejgCQA9u08x5SEbCNh5a2tn22KElaqf3s
-----END CERTIFICATE-----
Generated at Sun Oct 19 08:51:04 2025 by rpki-client