Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9192732EB33011F095DE4386DAE4EC9C.roa
File: 9192732EB33011F095DE4386DAE4EC9C.roa (raw, json)
Hash identifier: QEmpf0qOiPwQb8WG86l7xIDbFEYYy8yiX7Sj5JlDRzo=
Subject key identifier: 35:1A:C5:5F:FC:D1:98:82:D0:92:EB:69:7D:7D:07:3B:D8:CF:B8:90
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01A525
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9192732EB33011F095DE4386DAE4EC9C.roa
Signing time: Mon 27 Oct 2025 12:29:23 +0000
ROA not before: Mon 27 Oct 2025 12:29:19 +0000
ROA not after: Sat 29 Nov 2025 12:29:19 +0000
asID: 134365
IP address blocks: 154.198.40.0/24 maxlen: 24
154.198.41.0/24 maxlen: 24
154.198.42.0/24 maxlen: 24
154.198.43.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 06 Nov 2025 00:06:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 107813 (0x1a525)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Oct 27 12:29:19 2025 GMT
Not After : Nov 29 12:29:19 2025 GMT
Subject: CN=68ff65a3-b1fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:08:04:3b:9a:e9:23:68:ea:37:0b:35:1a:05:
41:4e:27:12:66:8e:13:9c:2b:7a:60:36:b0:8c:76:
87:56:cc:bd:07:72:7a:e3:46:7d:2b:6c:3a:0d:25:
6e:53:8b:73:c8:43:00:f5:05:7a:62:d1:d7:f8:f0:
3a:6e:71:70:15:56:17:ea:dc:6f:c8:1e:bd:d5:cc:
fb:85:72:51:14:cc:41:4c:6a:51:58:f4:96:99:7b:
c6:6b:2f:7d:80:70:c7:1a:0b:2d:0a:bf:b6:b3:7f:
80:86:57:01:b3:82:43:9e:6d:8c:7f:6f:45:7c:af:
e3:61:cd:89:4b:7b:e8:87:2c:88:86:d1:9d:fc:ad:
7f:92:b9:70:27:be:f5:61:31:8d:f4:32:c3:ca:28:
0a:38:c5:42:ea:02:8c:b2:31:f5:8b:85:cb:5a:a3:
98:b0:30:7c:94:63:94:df:6f:16:dc:79:47:db:fb:
23:91:cd:b1:e7:31:43:7c:4a:39:fb:5f:ab:5e:15:
9e:91:38:93:ff:34:4c:03:5e:a9:54:cc:e4:37:d6:
d7:9c:b7:de:75:f6:63:ed:2f:40:b0:a1:0d:87:63:
c6:cf:05:81:59:66:73:f1:05:29:59:78:b8:3a:df:
2c:5f:93:17:2b:51:b5:ad:9e:d4:de:fe:53:9c:ab:
c5:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:1A:C5:5F:FC:D1:98:82:D0:92:EB:69:7D:7D:07:3B:D8:CF:B8:90
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9192732EB33011F095DE4386DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.198.40.0/22
Signature Algorithm: sha256WithRSAEncryption
54:93:8a:23:76:9d:1c:7f:42:0a:f9:24:39:fa:8d:1f:09:d0:
3e:68:06:1d:62:4e:dc:9d:f6:86:9b:e6:00:8a:47:39:2d:67:
53:2d:68:84:72:07:37:0a:6f:65:b0:10:4c:d8:bb:44:ea:ac:
21:1d:34:cc:d6:fb:8a:4b:7a:52:44:0c:4d:ef:f1:48:c0:05:
22:f0:d0:3d:1b:1d:ae:8d:d6:91:52:f3:3b:80:cf:db:96:2d:
59:07:7f:d6:8a:0b:37:67:42:60:33:24:4e:67:b7:ff:f0:52:
6b:5c:fd:bd:0d:18:24:0f:3b:63:1e:86:35:dc:21:c4:30:6f:
64:56:f6:86:40:23:26:1f:3a:2a:eb:54:6b:90:fd:09:d8:ab:
bf:3a:96:b0:9d:69:04:9d:ef:5f:1c:eb:1a:85:d4:ea:17:ed:
3a:fd:ca:1d:a9:ad:c5:88:1e:93:9b:d0:25:dc:07:8a:5b:2e:
f4:f8:2e:86:ee:9c:11:ee:f6:66:84:59:15:4c:0b:0a:ba:b7:
3c:8a:35:bf:50:cd:17:db:06:0a:c2:99:66:97:38:fa:fd:08:
f5:8d:82:b1:06:e0:f5:0d:46:7b:1b:d4:28:66:56:1a:ab:77:
2c:ec:1b:d6:69:36:3b:3b:8f:0d:d4:f5:7a:82:7d:59:8c:3e:
65:70:16:28
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAaUlMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUxMDI3MTIyOTE5WhcNMjUxMTI5MTIyOTE5WjAYMRYw
FAYDVQQDEw02OGZmNjVhMy1iMWZlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3ggEO5rpI2jqNws1GgVBTicSZo4TnCt6YDawjHaHVsy9B3J640Z9K2w6
DSVuU4tzyEMA9QV6YtHX+PA6bnFwFVYX6txvyB691cz7hXJRFMxBTGpRWPSWmXvG
ay99gHDHGgstCr+2s3+AhlcBs4JDnm2Mf29FfK/jYc2JS3vohyyIhtGd/K1/krlw
J771YTGN9DLDyigKOMVC6gKMsjH1i4XLWqOYsDB8lGOU328W3HlH2/sjkc2x5zFD
fEo5+1+rXhWekTiT/zRMA16pVMzkN9bXnLfedfZj7S9AsKENh2PGzwWBWWZz8QUp
WXi4Ot8sX5MXK1G1rZ7U3v5TnKvF0QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFDUa
xV/80ZiC0JLraX19BzvYz7iQMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85MTkyNzMyRUIzMzAxMUYwOTVERTQzODZEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCmsYoMA0GCSqGSIb3DQEB
CwUAA4IBAQBUk4ojdp0cf0IK+SQ5+o0fCdA+aAYdYk7cnfaGm+YAikc5LWdTLWiE
cgc3Cm9lsBBM2LtE6qwhHTTM1vuKS3pSRAxN7/FIwAUi8NA9Gx2ujdaRUvM7gM/b
li1ZB3/Wigs3Z0JgMyROZ7f/8FJrXP29DRgkDztjHoY13CHEMG9kVvaGQCMmHzoq
61RrkP0J2Ku/OpawnWkEne9fHOsahdTqF+06/codqa3FiB6Tm9Al3AeKWy70+C6G
7pwR7vZmhFkVTAsKurc8ijW/UM0X2wYKwplmlzj6/Qj1jYKxBuD1DUZ7G9QoZlYa
q3cs7BvWaTY7O48N1PV6gn1ZjD5lcBYo
-----END CERTIFICATE-----
Generated at Wed Nov 5 01:17:18 2025 by rpki-client