Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FDB2523E874011F0A069829ADAE4EC9C.roa
File: FDB2523E874011F0A069829ADAE4EC9C.roa (raw, json)
Hash identifier: XgeInGTiw2X966xhTxHHjPF5PmogyLh/CThNT485YVk=
Subject key identifier: 5F:34:7D:38:67:8D:11:E5:BB:AC:F3:9A:B4:92:8B:1C:E7:CC:6F:66
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 019B8A
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FDB2523E874011F0A069829ADAE4EC9C.roa
Signing time: Mon 01 Sep 2025 14:36:06 +0000
ROA not before: Mon 01 Sep 2025 14:36:00 +0000
ROA not after: Sun 28 Sep 2025 14:36:00 +0000
asID: 401783
IP address blocks: 154.82.134.0/24 maxlen: 24
154.82.148.0/24 maxlen: 24
154.82.158.0/24 maxlen: 24
154.90.140.0/24 maxlen: 24
154.193.2.0/24 maxlen: 24
154.196.160.0/24 maxlen: 24
154.199.4.0/24 maxlen: 24
154.200.54.0/24 maxlen: 24
154.200.129.0/24 maxlen: 24
154.200.130.0/24 maxlen: 24
154.200.154.0/24 maxlen: 24
154.200.156.0/24 maxlen: 24
154.200.157.0/24 maxlen: 24
154.200.158.0/24 maxlen: 24
154.200.159.0/24 maxlen: 24
154.200.160.0/24 maxlen: 24
154.200.161.0/24 maxlen: 24
154.200.162.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 05 Sep 2025 09:25:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 105354 (0x19b8a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Sep 1 14:36:00 2025 GMT
Not After : Sep 28 14:36:00 2025 GMT
Subject: CN=68b5af55-0e8f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:a5:4a:da:95:3c:a0:c2:5a:35:a8:8c:97:19:
88:bf:db:90:a5:6a:c1:df:e2:85:bb:08:37:96:05:
2b:c1:0d:15:ad:47:b3:bf:1b:b0:6d:61:88:53:e6:
23:95:ba:87:18:8f:31:6e:5f:c4:a7:5a:d7:1b:27:
c7:73:35:04:9c:97:65:01:22:1f:1f:00:70:ed:86:
e3:4f:2c:e4:e2:d9:96:5e:97:7d:2b:aa:70:e1:31:
b9:5e:63:6a:9d:e0:6d:0c:7c:7a:63:be:97:2d:7d:
2d:1d:a1:a7:17:b2:87:d1:a8:c8:db:cc:4f:32:ec:
ba:21:74:5d:d1:7a:65:01:47:9c:00:d2:50:fa:45:
8c:ff:f1:a9:3a:a9:91:e0:90:be:33:27:a5:38:c5:
f0:03:b8:11:d2:de:e1:72:c8:76:b0:de:27:97:20:
b4:97:0c:61:73:6c:90:cd:ff:87:7e:fb:22:9b:d5:
87:1e:ef:ff:f7:60:75:89:94:98:bf:dd:ed:6e:ee:
f2:e3:12:d2:04:37:a6:ba:72:da:2c:d9:d7:b8:a5:
ad:d7:e9:73:c5:6b:81:fd:a9:ff:b5:4d:ef:98:24:
0d:06:98:4a:8d:7c:36:2c:5f:d2:02:25:ea:31:d0:
fb:a0:2f:64:9b:e0:76:8f:d3:f7:e4:b3:af:88:38:
eb:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:34:7D:38:67:8D:11:E5:BB:AC:F3:9A:B4:92:8B:1C:E7:CC:6F:66
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FDB2523E874011F0A069829ADAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.82.134.0/24
154.82.148.0/24
154.82.158.0/24
154.90.140.0/24
154.193.2.0/24
154.196.160.0/24
154.199.4.0/24
154.200.54.0/24
154.200.129.0-154.200.130.255
154.200.154.0/24
154.200.156.0-154.200.162.255
Signature Algorithm: sha256WithRSAEncryption
0b:ce:4f:a1:cd:f3:30:be:22:cc:f4:34:4d:9f:16:40:95:a2:
e1:2a:2e:bc:d0:bc:99:7b:a6:7b:fc:64:d9:3f:e3:d5:da:b1:
f7:ec:00:52:19:27:89:c1:13:62:20:3e:da:33:0b:56:a2:7e:
9a:ce:f0:09:cf:48:a3:0f:c4:c4:3c:84:0d:43:40:68:01:29:
50:38:70:26:e7:db:bd:bd:89:83:b2:ed:09:7f:3e:76:de:f9:
b9:94:1f:4b:a4:21:96:a7:54:b4:38:21:d5:c0:6f:ee:ae:4b:
04:0e:13:8a:da:59:dc:7a:56:0f:54:b1:bc:dc:b7:b4:cb:d5:
ae:41:50:8e:3f:44:76:df:e7:29:ca:c4:27:51:d4:2a:6c:89:
f5:5b:7e:2e:b5:72:89:68:71:fb:17:72:9f:3c:32:68:35:f7:
ad:34:7d:b2:7a:2c:7d:61:bf:8f:13:eb:50:be:5e:36:ac:4b:
04:30:4c:5d:ad:12:e3:c3:d2:2a:e3:34:16:e1:4e:7e:47:e9:
35:46:c7:6e:2a:2e:f7:e6:d8:c4:0c:24:06:00:b9:f6:c6:91:
8f:54:75:ac:fc:7d:ce:26:60:a9:c7:bd:77:56:dd:ee:76:62:
80:09:64:45:9e:57:28:68:9e:0e:12:e7:bf:c0:5c:4a:84:80:
f9:e7:21:3e
-----BEGIN CERTIFICATE-----
MIIF0DCCBLigAwIBAgIDAZuKMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwOTAxMTQzNjAwWhcNMjUwOTI4MTQzNjAwWjAYMRYw
FAYDVQQDEw02OGI1YWY1NS0wZThmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA86VK2pU8oMJaNaiMlxmIv9uQpWrB3+KFuwg3lgUrwQ0VrUezvxuwbWGI
U+YjlbqHGI8xbl/Ep1rXGyfHczUEnJdlASIfHwBw7YbjTyzk4tmWXpd9K6pw4TG5
XmNqneBtDHx6Y76XLX0tHaGnF7KH0ajI28xPMuy6IXRd0XplAUecANJQ+kWM//Gp
OqmR4JC+MyelOMXwA7gR0t7hcsh2sN4nlyC0lwxhc2yQzf+Hfvsim9WHHu//92B1
iZSYv93tbu7y4xLSBDemunLaLNnXuKWt1+lzxWuB/an/tU3vmCQNBphKjXw2LF/S
AiXqMdD7oC9km+B2j9P35LOviDjreQIDAQABo4IC8TCCAu0wHQYDVR0OBBYEFF80
fThnjRHlu6zzmrSSixznzG9mMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9GREIyNTIzRTg3NDAxMUYwQTA2OTgyOUFEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMGsGCCsGAQUFBwEHAQH/BFwwWjBYBAIAATBSAwQAmlKGAwQAmlKUAwQAmlKe
AwQAmlqMAwQAmsECAwQAmsSgAwQAmscEAwQAmsg2MAwDBACayIEDBACayIIDBACa
yJowDAMEAprInAMEAJrIojANBgkqhkiG9w0BAQsFAAOCAQEAC85Poc3zML4izPQ0
TZ8WQJWi4SouvNC8mXume/xk2T/j1dqx9+wAUhknicETYiA+2jMLVqJ+ms7wCc9I
ow/ExDyEDUNAaAEpUDhwJufbvb2Jg7LtCX8+dt75uZQfS6QhlqdUtDgh1cBv7q5L
BA4TitpZ3HpWD1SxvNy3tMvVrkFQjj9Edt/nKcrEJ1HUKmyJ9Vt+LrVyiWhx+xdy
nzwyaDX3rTR9snosfWG/jxPrUL5eNqxLBDBMXa0S48PSKuM0FuFOfkfpNUbHbiou
9+bYxAwkBgC59saRj1R1rPx9ziZgqce9d1bd7nZigAlkRZ5XKGieDhLnv8BcSoSA
+echPg==
-----END CERTIFICATE-----
Generated at Wed Sep 3 18:36:44 2025 by rpki-client