Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/99ECB142B96111F09CA89F90DAE4EC9C.roa
File: 99ECB142B96111F09CA89F90DAE4EC9C.roa (raw, json)
Hash identifier: ERsd2MjsqXG04nwJkaMyMAKT68UPxArOe1txvx2r8fY=
Subject key identifier: 43:28:34:CB:BF:AE:14:64:09:4A:D6:76:A7:82:2B:33:28:79:8A:82
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01A76F
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/99ECB142B96111F09CA89F90DAE4EC9C.roa
Signing time: Tue 04 Nov 2025 09:35:30 +0000
ROA not before: Tue 04 Nov 2025 09:35:23 +0000
ROA not after: Tue 09 Dec 2025 09:35:23 +0000
asID: 200373
IP address blocks: 154.82.150.0/24 maxlen: 24
154.82.168.0/22 maxlen: 24
154.86.112.0/24 maxlen: 24
154.86.113.0/24 maxlen: 24
154.86.114.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 06 Nov 2025 00:06:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 108399 (0x1a76f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Nov 4 09:35:23 2025 GMT
Not After : Dec 9 09:35:23 2025 GMT
Subject: CN=6909c8e2-673d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:86:ee:1c:44:d7:f1:54:66:4d:19:e3:f6:d8:
ef:f9:48:20:ca:a8:82:43:a3:59:6c:64:e9:65:3f:
c1:a9:19:bc:94:bd:ac:87:07:22:b4:2a:ac:b2:a8:
fd:72:88:58:a6:db:87:2b:e8:c0:05:bb:84:03:b6:
5a:81:12:2c:b9:8b:df:00:3e:29:8c:51:da:bb:fe:
68:f0:6e:c7:2d:41:e7:a8:90:bd:e5:7a:4d:1d:76:
51:10:30:d2:d6:c5:84:bd:63:f5:e5:e3:6f:0c:14:
b5:d1:98:eb:52:8b:e4:89:ce:30:3a:84:3e:ea:f2:
4f:d8:3a:08:46:6d:f0:4c:b9:f3:dc:2f:a9:d4:74:
5a:2b:05:b0:6d:c8:e8:3c:03:83:50:fb:01:13:80:
98:c6:6d:47:65:a8:dc:8d:89:72:9c:85:57:7d:57:
c9:a5:04:d5:5b:f1:16:8d:84:d6:28:01:e5:53:4c:
ea:77:ce:7f:7a:ce:2e:53:2d:64:10:d8:1f:49:02:
20:85:47:f1:f7:8b:81:c7:1e:1e:b5:28:53:43:18:
f4:23:55:16:16:9a:9e:98:a0:2e:97:63:34:7c:75:
e1:7b:83:c8:e5:8e:88:bb:d8:b8:7b:c9:3b:81:86:
4a:89:95:46:97:a8:1b:65:20:18:bb:9a:7c:68:69:
4f:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:28:34:CB:BF:AE:14:64:09:4A:D6:76:A7:82:2B:33:28:79:8A:82
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/99ECB142B96111F09CA89F90DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.82.150.0/24
154.82.168.0/22
154.86.112.0-154.86.114.255
Signature Algorithm: sha256WithRSAEncryption
35:61:b4:4e:75:58:ae:7a:cd:d8:8e:11:b0:25:48:43:d7:9a:
17:91:6e:10:ad:43:87:20:4e:6a:5b:34:32:de:69:9d:58:8a:
55:8a:75:21:3a:3d:dd:0f:c4:c7:3c:9c:0e:aa:6e:c6:b7:85:
81:7b:8e:a2:96:19:0b:c3:83:46:46:ce:30:cc:52:64:e8:00:
b2:ec:70:88:4d:61:a4:db:04:53:d5:2d:8f:b9:df:da:26:74:
58:8c:3b:fe:bd:68:79:d3:6a:7b:29:0a:50:df:c0:c4:58:dd:
84:2d:db:8e:61:35:af:fd:0d:b8:46:3e:5a:34:94:1b:92:7a:
21:28:1d:0d:bb:a5:ef:dd:e1:b4:8c:5a:d8:10:b1:08:5b:56:
09:0e:ea:c7:30:86:2c:30:c9:43:56:10:f3:7c:40:f9:e9:fe:
27:45:9a:94:0a:43:4d:a9:e3:d0:77:a6:51:96:b8:21:23:02:
9a:90:24:99:27:48:07:a3:51:90:46:72:b5:11:b0:6e:41:6d:
a4:f7:82:b6:7a:a1:d3:ef:ac:52:2e:08:c4:9e:0f:07:49:cd:
86:0e:7b:e7:7f:1a:48:67:df:00:9e:68:6d:6a:01:e0:af:10:
84:28:e2:11:d3:0d:1c:5d:12:f8:97:b4:2c:86:67:d1:7a:b7:
40:85:ee:12
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgIDAadvMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUxMTA0MDkzNTIzWhcNMjUxMjA5MDkzNTIzWjAYMRYw
FAYDVQQDEw02OTA5YzhlMi02NzNkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxIbuHETX8VRmTRnj9tjv+UggyqiCQ6NZbGTpZT/BqRm8lL2shwcitCqs
sqj9cohYptuHK+jABbuEA7ZagRIsuYvfAD4pjFHau/5o8G7HLUHnqJC95XpNHXZR
EDDS1sWEvWP15eNvDBS10ZjrUovkic4wOoQ+6vJP2DoIRm3wTLnz3C+p1HRaKwWw
bcjoPAODUPsBE4CYxm1HZajcjYlynIVXfVfJpQTVW/EWjYTWKAHlU0zqd85/es4u
Uy1kENgfSQIghUfx94uBxx4etShTQxj0I1UWFpqemKAul2M0fHXhe4PI5Y6Iu9i4
e8k7gYZKiZVGl6gbZSAYu5p8aGlP9QIDAQABo4ICuTCCArUwHQYDVR0OBBYEFEMo
NMu/rhRkCUrWdqeCKzMoeYqCMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85OUVDQjE0MkI5NjExMUYwOUNBODlGOTBEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAmlKWAwQCmlKoMAwDBASa
VnADBACaVnIwDQYJKoZIhvcNAQELBQADggEBADVhtE51WK56zdiOEbAlSEPXmheR
bhCtQ4cgTmpbNDLeaZ1YilWKdSE6Pd0PxMc8nA6qbsa3hYF7jqKWGQvDg0ZGzjDM
UmToALLscIhNYaTbBFPVLY+539omdFiMO/69aHnTanspClDfwMRY3YQt245hNa/9
DbhGPlo0lBuSeiEoHQ27pe/d4bSMWtgQsQhbVgkO6scwhiwwyUNWEPN8QPnp/idF
mpQKQ02p49B3plGWuCEjApqQJJknSAejUZBGcrURsG5BbaT3grZ6odPvrFIuCMSe
DwdJzYYOe+d/Gkhn3wCeaG1qAeCvEIQo4hHTDRxdEviXtCyGZ9F6t0CF7hI=
-----END CERTIFICATE-----
Generated at Tue Nov 4 23:22:03 2025 by rpki-client