Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/34939198B38611F0AF4681ABDAE4EC9C.roa
File: 34939198B38611F0AF4681ABDAE4EC9C.roa (raw, json)
Hash identifier: zXgmEemRzEfo8/wgPx0HXq4SD5St8mqIGCF/sZj7tgU=
Subject key identifier: CC:7C:35:27:83:98:C0:9C:83:ED:F0:42:6E:2B:80:2E:D2:5E:BA:F4
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01A5A6
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/34939198B38611F0AF4681ABDAE4EC9C.roa
Signing time: Mon 27 Oct 2025 22:42:24 +0000
ROA not before: Mon 27 Oct 2025 22:42:19 +0000
ROA not after: Wed 10 Dec 2025 22:42:19 +0000
asID: 138915
IP address blocks: 154.95.64.0/24 maxlen: 24
154.95.65.0/24 maxlen: 24
154.95.66.0/23 maxlen: 24
154.95.66.0/24 maxlen: 24
154.95.67.0/24 maxlen: 24
154.95.68.0/24 maxlen: 24
154.95.91.0/24 maxlen: 24
154.95.92.0/24 maxlen: 24
154.95.93.0/24 maxlen: 24
154.95.94.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 06 Nov 2025 00:06:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 107942 (0x1a5a6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Oct 27 22:42:19 2025 GMT
Not After : Dec 10 22:42:19 2025 GMT
Subject: CN=68fff550-56dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:6b:b4:50:8f:84:44:13:7b:b8:65:fc:84:ac:
cb:d5:9b:67:56:3d:49:10:49:df:2f:10:71:98:72:
fd:e1:0d:7b:7b:96:d4:de:01:8e:0a:f1:c5:4d:5b:
c5:97:95:c3:e5:a7:6b:13:0f:80:1e:29:b7:0e:f3:
74:9c:8c:37:1e:4a:7c:9f:29:23:1c:5e:1a:3f:9e:
5d:58:43:5d:74:32:16:2e:83:17:2a:d7:f0:87:4a:
52:41:c8:f2:99:cb:32:ae:95:82:02:08:04:90:51:
78:cf:aa:c7:39:5c:ba:9c:35:1a:f8:2d:25:78:17:
53:96:4b:f0:7f:fd:15:2a:3d:8c:82:17:49:ba:7f:
97:13:82:1e:f8:81:84:f0:85:7c:6b:3f:50:73:ff:
95:cd:02:21:fd:dd:2f:e6:2d:dc:b6:23:63:28:7a:
3a:3f:0e:91:cd:75:d2:2a:40:98:93:fc:e1:b9:aa:
c8:b0:56:b7:30:cc:1e:0a:e7:0f:f1:bf:d8:9a:be:
6e:3d:86:9a:9b:90:bd:fd:e0:a9:9f:37:9a:94:38:
04:c0:63:6f:68:40:46:fd:eb:26:3b:59:1d:ff:37:
79:16:17:3a:ca:14:c9:df:a0:01:55:f0:79:63:1b:
30:39:19:df:e0:73:50:89:fe:af:c8:28:8f:bf:2c:
57:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:7C:35:27:83:98:C0:9C:83:ED:F0:42:6E:2B:80:2E:D2:5E:BA:F4
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/34939198B38611F0AF4681ABDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.95.64.0-154.95.68.255
154.95.91.0-154.95.94.255
Signature Algorithm: sha256WithRSAEncryption
22:ca:d8:bd:0a:71:25:40:92:82:4b:4b:52:a2:ec:c7:85:ab:
94:90:5d:0f:17:7a:cd:0f:0a:2b:1d:ba:c6:7a:ce:31:73:07:
5d:00:02:f4:a2:19:bd:f7:f2:1c:bd:ca:3a:9a:2f:bc:09:7f:
8d:b4:08:11:27:67:6c:8d:ff:14:2f:6d:37:fd:9e:4a:43:1d:
e1:a7:0f:fc:ee:7d:91:87:18:d0:d7:98:a3:c7:10:6f:47:ac:
55:ae:42:26:1e:cb:90:14:4a:15:1c:c6:36:ba:27:04:30:34:
30:a8:d0:16:c3:b5:c9:78:b7:c0:94:34:54:80:38:0e:d5:33:
31:58:5f:c0:28:d4:f5:48:42:a7:38:3b:0f:43:0b:be:8e:58:
20:cf:b3:54:04:87:53:a7:f9:cf:16:80:08:04:01:45:e6:f3:
b4:14:34:5b:91:fb:47:39:bc:b3:a6:94:a1:19:fb:0e:27:4c:
29:7a:b9:56:af:81:27:ab:05:f6:fe:c2:0b:3f:6a:a3:73:86:
b4:6d:13:9b:35:10:27:97:c3:ac:ca:3b:d2:f1:bb:1b:87:f6:
9f:06:a2:5e:b5:ef:c4:8e:d1:55:9f:59:c6:d7:df:e8:a3:b6:
c6:13:fa:9d:04:0a:93:47:19:1b:4e:a5:54:36:8f:ba:ec:1f:
53:a2:2b:37
-----BEGIN CERTIFICATE-----
MIIFmjCCBIKgAwIBAgIDAaWmMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUxMDI3MjI0MjE5WhcNMjUxMjEwMjI0MjE5WjAYMRYw
FAYDVQQDEw02OGZmZjU1MC01NmRjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAr2u0UI+ERBN7uGX8hKzL1ZtnVj1JEEnfLxBxmHL94Q17e5bU3gGOCvHF
TVvFl5XD5adrEw+AHim3DvN0nIw3Hkp8nykjHF4aP55dWENddDIWLoMXKtfwh0pS
QcjymcsyrpWCAggEkFF4z6rHOVy6nDUa+C0leBdTlkvwf/0VKj2MghdJun+XE4Ie
+IGE8IV8az9Qc/+VzQIh/d0v5i3ctiNjKHo6Pw6RzXXSKkCYk/zhuarIsFa3MMwe
CucP8b/Ymr5uPYaam5C9/eCpnzealDgEwGNvaEBG/esmO1kd/zd5Fhc6yhTJ36AB
VfB5YxswORnf4HNQif6vyCiPvyxXewIDAQABo4ICuzCCArcwHQYDVR0OBBYEFMx8
NSeDmMCcg+3wQm4rgC7SXrr0MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zNDkzOTE5OEIzODYxMUYwQUY0NjgxQUJEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAATAcMAwDBAaaX0ADBACaX0QwDAME
AJpfWwMEAJpfXjANBgkqhkiG9w0BAQsFAAOCAQEAIsrYvQpxJUCSgktLUqLsx4Wr
lJBdDxd6zQ8KKx26xnrOMXMHXQAC9KIZvffyHL3KOpovvAl/jbQIESdnbI3/FC9t
N/2eSkMd4acP/O59kYcY0NeYo8cQb0esVa5CJh7LkBRKFRzGNronBDA0MKjQFsO1
yXi3wJQ0VIA4DtUzMVhfwCjU9UhCpzg7D0MLvo5YIM+zVASHU6f5zxaACAQBRebz
tBQ0W5H7Rzm8s6aUoRn7DidMKXq5Vq+BJ6sF9v7CCz9qo3OGtG0TmzUQJ5fDrMo7
0vG7G4f2nwaiXrXvxI7RVZ9Zxtff6KO2xhP6nQQKk0cZG06lVDaPuuwfU6IrNw==
-----END CERTIFICATE-----
Generated at Wed Nov 5 00:49:08 2025 by rpki-client