Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/29CFDD5CB41211F0942EC9A4DAE4EC9C.roa
File: 29CFDD5CB41211F0942EC9A4DAE4EC9C.roa (raw, json)
Hash identifier: k8dXNB830XwrubJJVuT8YAAonwIB0NXSGlSb4DLedkk=
Subject key identifier: 98:09:3A:8A:62:A3:99:DC:9E:64:2B:F1:A9:0A:CB:01:AC:2A:85:10
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01A615
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/29CFDD5CB41211F0942EC9A4DAE4EC9C.roa
Signing time: Tue 28 Oct 2025 15:24:16 +0000
ROA not before: Tue 28 Oct 2025 15:24:09 +0000
ROA not after: Mon 15 Dec 2025 15:24:09 +0000
asID: 138915
IP address blocks: 154.205.139.0/24 maxlen: 24
154.205.140.0/24 maxlen: 24
154.205.142.0/23 maxlen: 24
154.205.145.0/24 maxlen: 24
154.205.154.0/24 maxlen: 24
154.205.155.0/24 maxlen: 24
154.205.156.0/24 maxlen: 24
154.205.157.0/24 maxlen: 24
154.205.158.0/24 maxlen: 24
154.205.159.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 06 Nov 2025 00:06:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 108053 (0x1a615)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Oct 28 15:24:09 2025 GMT
Not After : Dec 15 15:24:09 2025 GMT
Subject: CN=6900e01f-4a8e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:95:5a:3d:8e:ad:f8:fe:1f:42:ff:f6:35:2c:
a3:52:ef:90:52:92:48:b9:03:c1:63:83:d2:12:6e:
73:0d:6e:0c:81:38:b0:e2:3c:8d:f2:3c:34:7b:b1:
17:00:af:8d:b8:59:d7:f4:ff:86:06:0e:8b:a0:f3:
e8:6d:8f:27:85:0b:be:7c:ed:b5:03:14:32:89:cb:
af:cf:77:e2:f9:c1:c7:22:61:18:59:e8:13:c1:9e:
e8:54:fd:aa:dd:70:49:6f:6b:03:10:6b:ca:77:80:
9c:6e:a8:57:73:c5:02:47:54:49:42:70:26:3a:3c:
3e:40:24:f7:b1:da:92:51:d3:86:27:ef:6a:3f:2e:
56:f2:19:32:86:55:80:89:f4:83:86:a8:d0:ac:42:
0d:0b:04:69:32:68:bc:26:d4:f7:8d:00:48:19:97:
31:5a:4c:c9:4d:eb:8a:40:fa:f4:ed:b8:6f:3d:3d:
a9:a6:fc:8a:ad:7a:8d:6a:d9:47:05:27:ce:05:ab:
88:81:b7:c9:de:6a:1f:df:00:25:88:3f:14:06:f7:
fb:6e:e4:62:10:81:4a:b7:af:de:88:f0:25:de:2f:
70:27:88:75:11:e0:ea:85:90:fc:b1:5b:bc:62:32:
a6:f1:7a:e8:cf:43:0a:70:3a:4e:e6:ae:53:83:6c:
45:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:09:3A:8A:62:A3:99:DC:9E:64:2B:F1:A9:0A:CB:01:AC:2A:85:10
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/29CFDD5CB41211F0942EC9A4DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.205.139.0-154.205.140.255
154.205.142.0/23
154.205.145.0/24
154.205.154.0-154.205.159.255
Signature Algorithm: sha256WithRSAEncryption
38:14:da:ef:fa:01:26:8b:c4:39:c6:9d:14:ce:ef:b9:39:15:
44:49:f6:e3:c7:e5:c7:e1:a7:f3:c4:3a:cf:da:c7:a7:dd:24:
f9:b4:9d:72:b8:9a:c7:27:30:b2:e1:ff:8b:d8:77:58:f4:31:
3d:74:8e:5f:11:ad:78:ae:e2:e1:4f:12:94:db:a8:dd:b7:0e:
16:d5:e9:b3:3c:f9:d4:46:f8:cc:58:e5:8c:6c:7c:95:b6:df:
2c:91:87:bb:a6:43:d1:78:0c:4e:6c:30:71:6f:c3:56:00:d1:
24:43:dd:8c:b1:87:ec:02:7c:b1:c4:8d:23:25:c2:9a:91:bc:
5f:3f:29:77:6a:04:c7:2f:62:c5:f6:25:a0:d7:e0:e7:0a:ee:
20:9e:af:b1:11:14:1c:38:9a:3e:d5:05:72:19:d0:fa:5c:a9:
ec:e1:16:6c:9e:8d:b6:06:85:65:24:66:e0:41:d8:c8:b9:54:
b1:76:3e:f2:21:0e:9e:89:f7:1f:38:16:d0:79:78:02:77:22:
03:ef:08:95:da:13:ae:5b:ea:9b:99:bf:9c:40:49:7d:f5:25:
53:34:68:07:69:5b:85:63:58:69:5d:48:ec:43:ed:45:b6:3a:
e6:b9:93:48:7c:f4:1b:7a:f4:11:1c:49:83:4a:d1:03:5b:19:
a9:fa:8f:46
-----BEGIN CERTIFICATE-----
MIIFpjCCBI6gAwIBAgIDAaYVMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUxMDI4MTUyNDA5WhcNMjUxMjE1MTUyNDA5WjAYMRYw
FAYDVQQDEw02OTAwZTAxZi00YThlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA6pVaPY6t+P4fQv/2NSyjUu+QUpJIuQPBY4PSEm5zDW4MgTiw4jyN8jw0
e7EXAK+NuFnX9P+GBg6LoPPobY8nhQu+fO21AxQyicuvz3fi+cHHImEYWegTwZ7o
VP2q3XBJb2sDEGvKd4CcbqhXc8UCR1RJQnAmOjw+QCT3sdqSUdOGJ+9qPy5W8hky
hlWAifSDhqjQrEINCwRpMmi8JtT3jQBIGZcxWkzJTeuKQPr07bhvPT2ppvyKrXqN
atlHBSfOBauIgbfJ3mof3wAliD8UBvf7buRiEIFKt6/eiPAl3i9wJ4h1EeDqhZD8
sVu8YjKm8Xroz0MKcDpO5q5Tg2xFjQIDAQABo4ICxzCCAsMwHQYDVR0OBBYEFJgJ
Oopio5ncnmQr8akKywGsKoUQMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yOUNGREQ1Q0I0MTIxMUYwOTQyRUM5QTREQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoMAwDBACazYsDBACazYwDBAGa
zY4DBACazZEwDAMEAZrNmgMEBZrNgDANBgkqhkiG9w0BAQsFAAOCAQEAOBTa7/oB
JovEOcadFM7vuTkVREn248flx+Gn88Q6z9rHp90k+bSdcriaxycwsuH/i9h3WPQx
PXSOXxGteK7i4U8SlNuo3bcOFtXpszz51Eb4zFjljGx8lbbfLJGHu6ZD0XgMTmww
cW/DVgDRJEPdjLGH7AJ8scSNIyXCmpG8Xz8pd2oExy9ixfYloNfg5wruIJ6vsREU
HDiaPtUFchnQ+lyp7OEWbJ6NtgaFZSRm4EHYyLlUsXY+8iEOnon3HzgW0Hl4Anci
A+8IldoTrlvqm5m/nEBJffUlUzRoB2lbhWNYaV1I7EPtRbY65rmTSHz0G3r0ERxJ
g0rRA1sZqfqPRg==
-----END CERTIFICATE-----
Generated at Wed Nov 5 00:49:55 2025 by rpki-client