Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/954CADECAE5111F088E05FBEDAE4EC9C.roa
File: 954CADECAE5111F088E05FBEDAE4EC9C.roa (raw, json)
Hash identifier: bekxeQuHq3YZB4Kz68+43PDVTRAP5ED2bekWMKAmyW0=
Subject key identifier: D5:31:89:C4:B2:B1:94:81:45:47:F3:23:95:57:CE:41:76:56:13:86
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01A468
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/954CADECAE5111F088E05FBEDAE4EC9C.roa
Signing time: Tue 21 Oct 2025 07:43:07 +0000
ROA not before: Tue 21 Oct 2025 07:43:01 +0000
ROA not after: Mon 24 Nov 2025 07:43:01 +0000
asID: 54600
IP address blocks: 154.202.117.0/24 maxlen: 24
154.202.120.0/21 maxlen: 24
154.217.234.0/23 maxlen: 24
154.217.236.0/22 maxlen: 24
154.217.240.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Nov 2025 00:06:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 107624 (0x1a468)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Oct 21 07:43:01 2025 GMT
Not After : Nov 24 07:43:01 2025 GMT
Subject: CN=68f7398b-e829
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:0e:23:ed:0d:6d:4e:04:e5:bd:cb:59:17:79:
ae:a6:be:3b:8f:35:a7:8d:ae:35:c0:a7:68:5b:4b:
cb:db:61:f1:d4:e8:f2:55:a9:88:0f:33:e5:c6:ba:
fa:e1:b8:e0:d6:cd:8f:c6:08:2e:f7:91:a2:1e:16:
72:f8:02:2b:ab:6e:45:c8:32:d2:e8:ab:62:41:ac:
32:19:d6:46:cc:64:cc:48:34:91:78:f2:84:a0:39:
ed:b4:8c:da:ef:22:4e:57:10:89:5b:40:74:a6:8e:
c7:05:57:cf:a8:84:8b:9c:18:b9:b6:d3:6c:bf:cc:
7b:0f:a6:64:83:eb:f6:81:a4:14:c0:98:27:55:d8:
08:b9:2e:ba:db:e5:eb:65:78:d3:10:ac:18:85:0f:
11:74:5e:4d:b6:3f:86:1a:1d:d2:51:3a:be:fb:26:
c1:24:77:d0:50:6f:c4:c2:9d:2d:14:39:82:c8:c5:
80:a1:f7:d5:8e:d9:62:14:85:30:3f:7d:98:0e:81:
25:26:c8:b3:a0:e0:9a:a2:36:40:ff:64:86:83:11:
3d:b6:97:a2:ef:67:ff:f9:b6:b1:4d:8a:1f:0b:30:
af:4a:6e:6c:5c:47:26:87:37:f3:a6:e3:09:f4:8a:
8a:f5:5f:70:90:f6:f0:ca:a2:df:be:bc:c5:1f:f1:
3a:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:31:89:C4:B2:B1:94:81:45:47:F3:23:95:57:CE:41:76:56:13:86
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/954CADECAE5111F088E05FBEDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.202.117.0/24
154.202.120.0/21
154.217.234.0-154.217.255.255
Signature Algorithm: sha256WithRSAEncryption
26:49:c2:11:6e:70:27:af:6f:68:a0:a6:cc:82:a2:c0:c5:40:
39:d0:be:0c:fa:7f:a9:f9:90:bd:c6:1c:91:2f:37:0c:89:53:
88:1a:15:fb:f7:6b:db:ae:92:59:ca:cb:b8:e2:30:55:29:04:
67:38:12:37:53:ec:9e:5a:34:dc:74:fa:0b:9b:30:a8:35:4f:
c7:7f:ff:fe:cc:3f:ef:52:d6:4e:42:a0:de:44:76:83:98:05:
b0:9c:ff:87:8d:2d:90:43:4a:48:56:7e:92:07:4e:8f:50:b5:
18:2d:27:c3:5e:5a:8d:89:c1:bc:ec:cb:01:c2:ef:05:84:bd:
3f:8b:82:60:e2:17:49:8d:be:c8:cc:74:14:82:2b:dd:52:f5:
50:d7:8e:08:4a:58:de:e2:f1:5d:db:bc:f9:c4:cc:40:02:ff:
df:6a:8f:a0:ab:f6:cc:b1:af:5f:a5:aa:0c:20:24:f8:ae:b5:
46:11:0a:85:9a:b9:8a:7a:1e:b6:14:bf:57:05:f9:f7:b6:9b:
36:7b:87:8e:d7:e8:6e:d8:a8:7d:93:36:0e:9a:46:da:18:d8:
f3:fa:69:f3:b1:4d:5b:be:2b:57:e6:50:f8:15:fd:c9:b2:1b:
be:78:0b:bc:20:0d:0b:ad:30:2a:9e:ac:04:6c:d0:91:1d:de:
d4:5e:40:d9
-----BEGIN CERTIFICATE-----
MIIFlzCCBH+gAwIBAgIDAaRoMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUxMDIxMDc0MzAxWhcNMjUxMTI0MDc0MzAxWjAYMRYw
FAYDVQQDEw02OGY3Mzk4Yi1lODI5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzQ4j7Q1tTgTlvctZF3mupr47jzWnja41wKdoW0vL22Hx1OjyVamIDzPl
xrr64bjg1s2Pxggu95GiHhZy+AIrq25FyDLS6KtiQawyGdZGzGTMSDSRePKEoDnt
tIza7yJOVxCJW0B0po7HBVfPqISLnBi5ttNsv8x7D6Zkg+v2gaQUwJgnVdgIuS66
2+XrZXjTEKwYhQ8RdF5Ntj+GGh3SUTq++ybBJHfQUG/Ewp0tFDmCyMWAoffVjtli
FIUwP32YDoElJsizoOCaojZA/2SGgxE9tpei72f/+baxTYofCzCvSm5sXEcmhzfz
puMJ9IqK9V9wkPbwyqLfvrzFH/E6UwIDAQABo4ICuDCCArQwHQYDVR0OBBYEFNUx
icSysZSBRUfzI5VXzkF2VhOGMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85NTRDQURFQ0FFNTExMUYwODhFMDVGQkVEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMDIGCCsGAQUFBwEHAQH/BCMwITAfBAIAATAZAwQAmsp1AwQDmsp4MAsDBAGa
2eoDAwGa2DANBgkqhkiG9w0BAQsFAAOCAQEAJknCEW5wJ69vaKCmzIKiwMVAOdC+
DPp/qfmQvcYckS83DIlTiBoV+/dr266SWcrLuOIwVSkEZzgSN1Psnlo03HT6C5sw
qDVPx3///sw/71LWTkKg3kR2g5gFsJz/h40tkENKSFZ+kgdOj1C1GC0nw15ajYnB
vOzLAcLvBYS9P4uCYOIXSY2+yMx0FIIr3VL1UNeOCEpY3uLxXdu8+cTMQAL/32qP
oKv2zLGvX6WqDCAk+K61RhEKhZq5inoethS/VwX597abNnuHjtfobtiofZM2DppG
2hjY8/pp87FNW74rV+ZQ+BX9ybIbvngLvCANC60wKp6sBGzQkR3e1F5A2Q==
-----END CERTIFICATE-----
Generated at Wed Nov 5 04:36:00 2025 by rpki-client