Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/45B34372B30B11F0AA933198DAE4EC9C.roa
File: 45B34372B30B11F0AA933198DAE4EC9C.roa (raw, json)
Hash identifier: lRqBuJinWczqKm2+XlRObtwsHUtOjGMA9rjLFammuSc=
Subject key identifier: 29:F1:45:BA:08:85:BB:36:9E:B0:60:42:2D:3A:EC:CF:91:4A:B4:CB
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01A4FA
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/45B34372B30B11F0AA933198DAE4EC9C.roa
Signing time: Mon 27 Oct 2025 08:02:25 +0000
ROA not before: Mon 27 Oct 2025 08:02:20 +0000
ROA not after: Sun 30 Nov 2025 08:02:20 +0000
asID: 9304
IP address blocks: 154.82.134.0/24 maxlen: 24
154.82.148.0/24 maxlen: 24
154.82.153.0/24 maxlen: 24
154.82.158.0/24 maxlen: 24
154.82.196.0/24 maxlen: 24
154.90.134.0/24 maxlen: 24
154.90.136.0/24 maxlen: 24
154.90.137.0/24 maxlen: 24
154.90.140.0/24 maxlen: 24
154.92.216.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Nov 2025 00:06:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 107770 (0x1a4fa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Oct 27 08:02:20 2025 GMT
Not After : Nov 30 08:02:20 2025 GMT
Subject: CN=68ff2711-9aac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:b3:56:41:bb:b8:5a:fb:db:fb:48:61:69:5c:
70:9b:e5:ea:25:30:b0:15:cb:fb:9b:ec:c5:c5:14:
07:3d:51:17:2d:0c:42:a3:ff:23:57:bd:27:3f:0f:
07:18:b3:03:c9:38:db:77:8d:5c:a5:be:43:12:3c:
d4:45:01:0c:97:90:90:4d:39:19:69:44:f8:d3:0c:
1a:be:dd:8d:5d:ad:ef:3b:69:63:73:39:87:ad:2d:
0a:ec:63:b3:cd:64:d7:82:e8:3c:af:de:ba:aa:c4:
ee:9b:00:82:64:e5:fc:b3:f8:3c:1b:58:ea:87:02:
f8:34:c1:60:27:0d:45:ad:8f:3e:0d:67:e9:ad:a8:
b0:c7:28:8e:dd:b6:59:9c:88:66:67:6d:c6:de:b8:
da:44:c8:f0:f5:c0:36:ac:80:fd:24:ef:70:33:68:
1d:b1:ec:98:e6:4d:6e:38:2f:4d:48:3c:c2:64:2f:
25:1f:02:ca:46:3c:c6:fb:52:85:73:e0:00:09:87:
0c:7c:78:67:d7:28:64:89:78:ad:b9:b2:17:8e:5a:
10:0b:2a:5d:50:1f:07:6f:bd:5d:2d:40:fa:e8:fd:
83:77:32:63:21:52:d1:e7:04:27:fb:d8:6d:89:17:
dd:47:6f:6a:e7:7c:ec:d6:38:07:82:8c:92:8a:e1:
3a:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:F1:45:BA:08:85:BB:36:9E:B0:60:42:2D:3A:EC:CF:91:4A:B4:CB
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/45B34372B30B11F0AA933198DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.82.134.0/24
154.82.148.0/24
154.82.153.0/24
154.82.158.0/24
154.82.196.0/24
154.90.134.0/24
154.90.136.0/23
154.90.140.0/24
154.92.216.0/21
Signature Algorithm: sha256WithRSAEncryption
bb:a1:9d:f0:e9:8b:06:30:9e:27:a6:55:bb:18:3d:e8:e6:9f:
d5:9a:47:90:3a:7c:a6:c5:9d:20:17:7e:0f:a4:72:00:0d:37:
76:2c:8b:a6:c9:84:75:52:96:2b:3a:14:ee:44:51:e6:5a:57:
fb:8a:32:54:b0:66:d1:00:4d:99:c3:a0:b7:f2:90:b5:2a:b6:
71:54:8a:12:4a:40:09:3f:eb:1b:b7:d6:15:75:77:66:6e:c3:
9e:2e:74:17:a9:cf:8a:bd:99:71:68:35:12:1c:ad:e0:c2:cd:
74:d1:3d:e3:bc:0a:4e:3a:ed:49:4c:d0:8d:7c:d4:10:94:3b:
b5:b0:55:9d:cf:19:69:5a:a6:09:cf:a1:bb:e3:85:33:a8:e2:
53:2b:90:f1:4f:78:4b:bb:5b:ba:94:86:a2:eb:be:4d:5a:ea:
65:77:2e:e8:06:41:3b:08:93:a6:9b:57:99:53:a7:e9:7c:4c:
60:d5:61:d6:4c:34:a4:07:fd:14:49:e3:5b:78:ae:53:83:03:
ca:cd:cb:da:4f:54:fe:ea:ba:78:14:ee:2f:34:f0:16:59:d4:
07:14:da:02:3d:c7:e6:a2:67:4e:f7:85:6f:8a:a2:c2:a2:6f:
98:ba:dc:3e:cc:df:80:db:5a:d9:5a:63:e5:54:d2:5d:ee:3f:
8e:db:dc:32
-----BEGIN CERTIFICATE-----
MIIFtDCCBJygAwIBAgIDAaT6MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUxMDI3MDgwMjIwWhcNMjUxMTMwMDgwMjIwWjAYMRYw
FAYDVQQDEw02OGZmMjcxMS05YWFjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAoLNWQbu4Wvvb+0hhaVxwm+XqJTCwFcv7m+zFxRQHPVEXLQxCo/8jV70n
Pw8HGLMDyTjbd41cpb5DEjzURQEMl5CQTTkZaUT40wwavt2NXa3vO2ljczmHrS0K
7GOzzWTXgug8r966qsTumwCCZOX8s/g8G1jqhwL4NMFgJw1FrY8+DWfpraiwxyiO
3bZZnIhmZ23G3rjaRMjw9cA2rID9JO9wM2gdseyY5k1uOC9NSDzCZC8lHwLKRjzG
+1KFc+AACYcMfHhn1yhkiXitubIXjloQCypdUB8Hb71dLUD66P2DdzJjIVLR5wQn
+9htiRfdR29q53zs1jgHgoySiuE6DwIDAQABo4IC1TCCAtEwHQYDVR0OBBYEFCnx
RboIhbs2nrBgQi067M+RSrTLMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80NUIzNDM3MkIzMEIxMUYwQUE5MzMxOThEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAmlKGAwQAmlKUAwQAmlKZ
AwQAmlKeAwQAmlLEAwQAmlqGAwQBmlqIAwQAmlqMAwQDmlzYMA0GCSqGSIb3DQEB
CwUAA4IBAQC7oZ3w6YsGMJ4nplW7GD3o5p/VmkeQOnymxZ0gF34PpHIADTd2LIum
yYR1UpYrOhTuRFHmWlf7ijJUsGbRAE2Zw6C38pC1KrZxVIoSSkAJP+sbt9YVdXdm
bsOeLnQXqc+KvZlxaDUSHK3gws100T3jvApOOu1JTNCNfNQQlDu1sFWdzxlpWqYJ
z6G744UzqOJTK5DxT3hLu1u6lIai675NWupldy7oBkE7CJOmm1eZU6fpfExg1WHW
TDSkB/0USeNbeK5TgwPKzcvaT1T+6rp4FO4vNPAWWdQHFNoCPcfmomdO94VviqLC
om+Yutw+zN+A21rZWmPlVNJd7j+O29wy
-----END CERTIFICATE-----
Generated at Wed Nov 5 03:21:49 2025 by rpki-client