Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9B37D260B32C11F093218EECDAE4EC9C.roa
File: 9B37D260B32C11F093218EECDAE4EC9C.roa (raw, json)
Hash identifier: 9FRSrW3SwGy9K0Fx3j49+KZMW9olvAj9/hpRVdz5uY4=
Subject key identifier: 71:0A:8F:54:8C:5B:9F:03:2F:18:CF:67:31:E1:20:44:F4:47:DF:62
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01A51D
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9B37D260B32C11F093218EECDAE4EC9C.roa
Signing time: Mon 27 Oct 2025 12:01:02 +0000
ROA not before: Mon 27 Oct 2025 12:00:54 +0000
ROA not after: Sat 29 Nov 2025 12:00:54 +0000
asID: 214143
IP address blocks: 154.197.25.0/24 maxlen: 24
154.197.90.0/24 maxlen: 24
154.197.127.0/24 maxlen: 24
154.200.72.0/21 maxlen: 24
154.200.109.0/24 maxlen: 24
154.205.248.0/22 maxlen: 24
154.206.4.0/22 maxlen: 24
154.208.72.0/22 maxlen: 24
154.222.72.0/23 maxlen: 24
154.223.232.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 06 Nov 2025 00:06:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 107805 (0x1a51d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Oct 27 12:00:54 2025 GMT
Not After : Nov 29 12:00:54 2025 GMT
Subject: CN=68ff5efd-dd37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:38:36:db:61:9f:5c:0b:9e:df:89:2c:24:2d:
51:28:46:26:70:d2:74:de:4a:dd:f1:8d:89:2d:cb:
dd:bf:de:1f:6d:71:55:c9:3d:4b:54:86:a5:b8:25:
f9:0f:4f:bb:66:5f:84:21:6d:7d:a1:7f:80:03:38:
11:17:42:39:bd:29:66:dd:35:ff:13:db:0e:56:b9:
3f:c4:06:f5:bc:08:18:02:77:14:e7:4f:74:ab:24:
3b:4e:52:36:02:ab:c3:94:02:e8:5a:55:6c:bd:44:
91:b3:6d:df:6d:09:91:5e:36:b3:be:6e:09:95:89:
11:e5:0b:d2:40:28:f9:eb:97:dc:c6:71:25:55:35:
79:71:41:1b:32:78:26:38:0a:a8:f8:50:3c:77:a5:
0d:af:a3:37:5e:4d:a6:ca:c8:9a:bb:43:c4:4a:8b:
55:17:ac:1b:82:b7:ce:2e:56:d8:c9:29:58:41:d7:
3c:ea:6d:0b:70:71:01:2f:2a:06:43:a5:c4:73:be:
2c:d1:32:10:b8:6d:ed:f3:4e:c0:d8:0b:4d:60:c0:
8a:a4:e2:2b:29:5c:e5:e9:70:69:0d:f6:18:30:cc:
e7:7e:ae:a6:dc:4c:16:b7:49:b7:5c:d0:1b:9b:39:
0f:d4:ae:5b:da:dc:53:7f:60:68:24:e0:5a:bc:dd:
a0:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:0A:8F:54:8C:5B:9F:03:2F:18:CF:67:31:E1:20:44:F4:47:DF:62
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9B37D260B32C11F093218EECDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.197.25.0/24
154.197.90.0/24
154.197.127.0/24
154.200.72.0/21
154.200.109.0/24
154.205.248.0/22
154.206.4.0/22
154.208.72.0/22
154.222.72.0/23
154.223.232.0/21
Signature Algorithm: sha256WithRSAEncryption
6c:01:af:bd:2c:c9:df:af:33:51:7b:97:65:ed:c1:78:8e:a8:
1b:7b:20:fe:f5:e1:13:4d:a8:d2:e7:74:5d:a5:85:49:90:d4:
ef:e6:bb:03:b6:40:73:6d:32:54:71:a3:c3:d9:ab:6a:c5:fe:
b4:49:2c:79:73:c3:0c:c8:40:6b:c8:1a:03:cb:f4:fb:f5:30:
be:a5:a1:d3:95:7a:b7:4b:c4:f1:ca:c9:32:50:b3:84:74:10:
f9:ab:76:0f:ed:83:e2:35:63:e2:27:27:34:bf:cc:f2:02:6a:
48:f3:80:78:5a:e5:fd:db:89:65:8e:21:bd:e3:b2:cd:08:48:
fe:83:e0:7b:16:03:ae:cd:6e:d5:22:b7:23:af:e7:07:4f:a2:
ac:1a:32:6a:ec:2f:0e:ed:5d:a2:8d:94:73:3e:3e:25:bd:78:
d5:43:a3:4c:a9:d5:34:34:99:e0:7d:ed:6c:fd:7d:76:65:4f:
39:94:56:19:c8:52:4a:a0:2c:71:60:79:de:6d:51:96:94:1a:
b2:d3:70:a0:b1:d2:1a:48:5f:3d:69:4a:13:37:53:0a:47:ed:
fd:d0:37:a6:07:79:c8:31:25:ad:18:77:92:e6:26:c2:72:8b:
b9:03:08:a5:49:47:41:03:19:04:0c:fa:62:8c:a7:14:37:3f:
4f:6b:37:69
-----BEGIN CERTIFICATE-----
MIIFujCCBKKgAwIBAgIDAaUdMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUxMDI3MTIwMDU0WhcNMjUxMTI5MTIwMDU0WjAYMRYw
FAYDVQQDEw02OGZmNWVmZC1kZDM3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyDg222GfXAue34ksJC1RKEYmcNJ03krd8Y2JLcvdv94fbXFVyT1LVIal
uCX5D0+7Zl+EIW19oX+AAzgRF0I5vSlm3TX/E9sOVrk/xAb1vAgYAncU5090qyQ7
TlI2AqvDlALoWlVsvUSRs23fbQmRXjazvm4JlYkR5QvSQCj565fcxnElVTV5cUEb
MngmOAqo+FA8d6UNr6M3Xk2mysiau0PESotVF6wbgrfOLlbYySlYQdc86m0LcHEB
LyoGQ6XEc74s0TIQuG3t807A2AtNYMCKpOIrKVzl6XBpDfYYMMznfq6m3EwWt0m3
XNAbmzkP1K5b2txTf2BoJOBavN2gtQIDAQABo4IC2zCCAtcwHQYDVR0OBBYEFHEK
j1SMW58DLxjPZzHhIET0R99iMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85QjM3RDI2MEIzMkMxMUYwOTMyMThFRUNEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQAmsUZAwQAmsVaAwQAmsV/
AwQDmshIAwQAmshtAwQCms34AwQCms4EAwQCmtBIAwQBmt5IAwQDmt/oMA0GCSqG
SIb3DQEBCwUAA4IBAQBsAa+9LMnfrzNRe5dl7cF4jqgbeyD+9eETTajS53RdpYVJ
kNTv5rsDtkBzbTJUcaPD2atqxf60SSx5c8MMyEBryBoDy/T79TC+paHTlXq3S8Tx
yskyULOEdBD5q3YP7YPiNWPiJyc0v8zyAmpI84B4WuX924lljiG947LNCEj+g+B7
FgOuzW7VIrcjr+cHT6KsGjJq7C8O7V2ijZRzPj4lvXjVQ6NMqdU0NJngfe1s/X12
ZU85lFYZyFJKoCxxYHnebVGWlBqy03CgsdIaSF89aUoTN1MKR+390DemB3nIMSWt
GHeS5ibCcou5AwilSUdBAxkEDPpijKcUNz9Pazdp
-----END CERTIFICATE-----
Generated at Tue Nov 4 08:01:26 2025 by rpki-client