Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FDEBF856835B11F08B5585A8DAE4EC9C.roa
File: FDEBF856835B11F08B5585A8DAE4EC9C.roa (raw, json)
Hash identifier: YEOl1bSoonUqGAWJUkEvloItua/63sSRIhmAlbP3T28=
Subject key identifier: 83:4C:33:A6:FD:A5:90:2A:E4:2C:11:86:3C:E8:E6:B3:0E:00:C4:F5
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0198CA
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FDEBF856835B11F08B5585A8DAE4EC9C.roa
Signing time: Wed 27 Aug 2025 15:39:18 +0000
ROA not before: Wed 27 Aug 2025 15:39:10 +0000
ROA not after: Wed 15 Oct 2025 15:39:10 +0000
asID: 138915
IP address blocks: 154.203.133.0/24 maxlen: 24
154.203.134.0/24 maxlen: 24
154.203.135.0/24 maxlen: 24
154.203.138.0/24 maxlen: 24
154.203.139.0/24 maxlen: 24
154.203.140.0/24 maxlen: 24
154.203.141.0/24 maxlen: 24
154.203.146.0/24 maxlen: 24
154.203.147.0/24 maxlen: 24
154.203.169.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 05 Sep 2025 09:25:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 104650 (0x198ca)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Aug 27 15:39:10 2025 GMT
Not After : Oct 15 15:39:10 2025 GMT
Subject: CN=68af26a6-b2ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:3b:da:05:fe:a3:e2:7d:4a:fa:d2:47:20:97:
2a:dc:81:7e:32:c8:e7:78:dd:f7:66:e7:19:16:d8:
3f:a4:96:a4:a7:6e:c3:14:df:0e:8b:e2:cf:dc:80:
5d:ea:28:02:0b:4a:53:eb:0c:0b:4f:de:37:eb:72:
cb:3f:d0:e6:73:35:33:67:3a:b2:66:3e:9f:17:1e:
04:04:ea:bf:7e:0d:12:d4:c2:75:e6:9a:8e:b8:50:
93:50:de:65:9a:f2:09:c0:61:48:50:fa:9d:1f:42:
cf:a7:6e:d2:9a:a5:24:db:5c:2e:3d:b7:16:2a:ad:
64:65:8e:f5:bb:c6:80:47:d9:30:20:99:4d:5a:56:
c7:8e:1f:46:5b:cd:07:ed:a3:64:f1:4e:48:06:a0:
81:69:b6:56:df:61:6f:ec:cb:ae:c4:52:ac:a3:e9:
e1:52:cc:6e:25:9e:c9:3e:c3:cc:5e:35:e9:3e:6e:
7b:21:07:4f:d0:da:bf:3e:31:c1:84:36:81:f8:94:
49:ae:b8:33:0c:bd:1b:9d:e5:64:21:3f:38:a3:7d:
ee:bd:96:be:9f:e5:c0:c0:04:e9:c0:64:d7:45:27:
68:2b:b7:b9:c8:51:b0:44:70:ff:b9:af:a8:a4:2c:
31:e7:31:16:e4:52:7e:a2:1f:e2:92:7c:94:09:81:
e1:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:4C:33:A6:FD:A5:90:2A:E4:2C:11:86:3C:E8:E6:B3:0E:00:C4:F5
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FDEBF856835B11F08B5585A8DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.203.133.0-154.203.135.255
154.203.138.0-154.203.141.255
154.203.146.0/23
154.203.169.0/24
Signature Algorithm: sha256WithRSAEncryption
47:a5:95:bb:7c:07:7d:48:97:f8:10:47:4e:61:f2:ec:4a:3d:
01:4d:1d:db:11:ec:4b:9b:d0:90:27:87:12:ae:b5:99:51:1e:
90:82:49:88:f9:a1:6d:40:3d:d3:7d:aa:d9:4e:14:dc:85:28:
4d:5f:46:12:0a:e8:19:76:a8:ed:d9:69:e6:64:3f:98:f9:59:
c7:57:3f:2b:fa:ca:ba:63:89:40:31:6b:76:7c:dd:7f:07:0f:
e4:c4:c4:4d:f2:48:34:2e:5e:68:d0:db:76:8a:d8:ee:16:f3:
4b:73:98:d1:cc:b6:55:df:2e:1f:ad:b0:20:30:b9:d7:bd:26:
a7:c0:63:2b:60:aa:22:a2:2c:da:1b:18:9c:91:f2:51:74:76:
31:3d:e5:42:7c:63:7f:d2:5a:32:0d:a8:1c:1b:2d:1c:f1:ae:
04:32:9b:f9:b4:44:5e:23:99:b4:12:d3:66:4a:dc:30:17:9d:
1e:e3:ac:1c:6d:60:d3:a2:3f:a8:5b:82:4b:b1:17:34:16:b4:
1a:b7:14:ce:0c:b9:bb:63:ec:3e:bb:ef:a0:1c:0f:ff:e6:5a:
6f:db:00:8a:a8:8e:e3:f2:f0:ca:fc:9b:98:d0:df:8d:e4:4a:
c6:e4:ac:0d:76:af:42:2c:cd:15:27:ee:32:26:3f:b4:e3:2b:
6b:fd:c4:61
-----BEGIN CERTIFICATE-----
MIIFpjCCBI6gAwIBAgIDAZjKMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwODI3MTUzOTEwWhcNMjUxMDE1MTUzOTEwWjAYMRYw
FAYDVQQDEw02OGFmMjZhNi1iMmNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuDvaBf6j4n1K+tJHIJcq3IF+MsjneN33ZucZFtg/pJakp27DFN8Oi+LP
3IBd6igCC0pT6wwLT94363LLP9DmczUzZzqyZj6fFx4EBOq/fg0S1MJ15pqOuFCT
UN5lmvIJwGFIUPqdH0LPp27SmqUk21wuPbcWKq1kZY71u8aAR9kwIJlNWlbHjh9G
W80H7aNk8U5IBqCBabZW32Fv7MuuxFKso+nhUsxuJZ7JPsPMXjXpPm57IQdP0Nq/
PjHBhDaB+JRJrrgzDL0bneVkIT84o33uvZa+n+XAwATpwGTXRSdoK7e5yFGwRHD/
ua+opCwx5zEW5FJ+oh/iknyUCYHhJwIDAQABo4ICxzCCAsMwHQYDVR0OBBYEFINM
M6b9pZAq5CwRhjzo5rMOAMT1MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9GREVCRjg1NjgzNUIxMUYwOEI1NTg1QThEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoMAwDBACay4UDBAOay4AwDAME
AZrLigMEAZrLjAMEAZrLkgMEAJrLqTANBgkqhkiG9w0BAQsFAAOCAQEAR6WVu3wH
fUiX+BBHTmHy7Eo9AU0d2xHsS5vQkCeHEq61mVEekIJJiPmhbUA9032q2U4U3IUo
TV9GEgroGXao7dlp5mQ/mPlZx1c/K/rKumOJQDFrdnzdfwcP5MTETfJINC5eaNDb
dorY7hbzS3OY0cy2Vd8uH62wIDC5170mp8BjK2CqIqIs2hsYnJHyUXR2MT3lQnxj
f9JaMg2oHBstHPGuBDKb+bREXiOZtBLTZkrcMBedHuOsHG1g06I/qFuCS7EXNBa0
GrcUzgy5u2PsPrvvoBwP/+Zab9sAiqiO4/LwyvybmNDfjeRKxuSsDXavQizNFSfu
MiY/tOMra/3EYQ==
-----END CERTIFICATE-----
Generated at Wed Sep 3 18:30:12 2025 by rpki-client