Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DD3DD172B96311F09DD81F9FDAE4EC9C.roa
File: DD3DD172B96311F09DD81F9FDAE4EC9C.roa (raw, json)
Hash identifier: t8WUXdtLo6J29CcV2G1FeK3RdDbK+abQmxMavhus6vs=
Subject key identifier: A5:9D:3B:1F:47:E4:4F:4F:74:5D:C9:61:4C:C4:EB:20:07:A2:25:A5
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01A775
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DD3DD172B96311F09DD81F9FDAE4EC9C.roa
Signing time: Tue 04 Nov 2025 09:51:42 +0000
ROA not before: Tue 04 Nov 2025 09:51:36 +0000
ROA not after: Thu 04 Dec 2025 09:51:36 +0000
asID: 17497
IP address blocks: 154.196.140.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Nov 2025 00:06:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 108405 (0x1a775)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Nov 4 09:51:36 2025 GMT
Not After : Dec 4 09:51:36 2025 GMT
Subject: CN=6909ccae-0bbb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:e2:cc:d0:bd:51:de:4b:1a:6b:2f:e3:04:1e:
50:4e:ab:82:5e:7f:12:ce:bd:ad:03:5d:7e:0f:80:
d8:ff:16:6b:1a:a3:00:10:f3:08:e2:bf:9e:de:5e:
b5:72:4d:6c:6e:96:09:ea:0b:29:e6:d8:49:72:eb:
ed:78:50:73:69:8b:9a:54:de:1c:9a:7b:d1:57:33:
4d:92:5e:92:72:35:38:86:09:5b:9f:d0:39:83:ad:
99:4d:94:45:c4:9b:03:11:6d:e6:47:ae:a2:e5:66:
cc:e1:d8:71:71:02:31:b4:29:ec:48:48:48:a7:8d:
9e:15:57:e1:cb:54:7b:20:90:da:2a:69:33:b7:dd:
75:d5:ba:7c:25:d1:ea:a4:66:f3:b3:04:f9:af:a0:
34:34:76:88:af:ec:33:1c:dc:90:5a:57:b3:14:d7:
35:14:05:26:92:97:39:1a:26:be:5b:24:bc:70:de:
b6:2d:ae:30:14:b3:93:ad:f3:40:51:6b:d7:35:a3:
73:1f:ac:c2:b4:63:b7:37:24:db:58:32:8e:7e:b0:
98:69:ad:6c:e2:64:b8:01:53:e3:36:b3:71:96:6b:
c1:af:f8:49:ca:94:e4:52:e5:31:fa:37:7d:a6:2c:
f9:da:a5:1f:c3:ae:62:e7:36:b8:b8:f2:f0:eb:c9:
09:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:9D:3B:1F:47:E4:4F:4F:74:5D:C9:61:4C:C4:EB:20:07:A2:25:A5
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DD3DD172B96311F09DD81F9FDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.196.140.0/22
Signature Algorithm: sha256WithRSAEncryption
60:d3:92:e5:fe:92:e6:f1:76:c5:20:b0:f4:ee:4f:38:4c:4e:
a2:bf:a6:7c:5c:53:b2:5e:82:72:5a:69:38:e0:af:71:dc:a5:
13:5d:b4:36:d9:35:96:66:aa:28:9a:4a:d4:71:25:cd:e5:c5:
3a:d1:01:28:3c:50:04:71:33:55:de:2b:3a:63:e7:8e:f5:95:
c6:7a:ac:49:a7:92:a7:a6:e2:c6:ff:37:28:2f:e2:24:f3:ea:
c9:3d:65:3d:1b:17:e7:81:25:71:3f:b6:cf:15:50:e3:ea:9b:
76:13:53:70:1d:93:04:f4:d1:31:61:3e:97:5a:34:dd:0b:a8:
7a:a3:20:c8:25:79:0e:86:4e:5c:42:f8:d0:bb:f5:53:79:a7:
46:44:b2:fc:d9:f7:bd:41:08:37:b5:33:0d:d0:ad:20:b2:7d:
d8:64:07:e7:44:e7:6e:fa:56:72:89:d5:5d:4a:1c:06:0e:00:
98:7a:f8:3c:eb:ea:38:19:62:41:2c:5e:0a:03:6b:90:58:98:
08:dd:98:77:35:bc:99:1a:5c:d2:fb:7f:53:4e:9f:1b:b4:f9:
f2:67:d0:26:82:4d:a0:d5:6d:ea:ee:72:a7:96:bd:f0:7c:61:
2d:d1:6f:a1:24:1e:77:7f:51:52:39:ff:28:f0:68:35:76:48:
96:ac:a1:f5
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAad1MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUxMTA0MDk1MTM2WhcNMjUxMjA0MDk1MTM2WjAYMRYw
FAYDVQQDEw02OTA5Y2NhZS0wYmJiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA4uLM0L1R3ksaay/jBB5QTquCXn8Szr2tA11+D4DY/xZrGqMAEPMI4r+e
3l61ck1sbpYJ6gsp5thJcuvteFBzaYuaVN4cmnvRVzNNkl6ScjU4hglbn9A5g62Z
TZRFxJsDEW3mR66i5WbM4dhxcQIxtCnsSEhIp42eFVfhy1R7IJDaKmkzt9111bp8
JdHqpGbzswT5r6A0NHaIr+wzHNyQWlezFNc1FAUmkpc5Gia+WyS8cN62La4wFLOT
rfNAUWvXNaNzH6zCtGO3NyTbWDKOfrCYaa1s4mS4AVPjNrNxlmvBr/hJypTkUuUx
+jd9piz52qUfw65i5za4uPLw68kJUQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFKWd
Ox9H5E9PdF3JYUzE6yAHoiWlMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9ERDNERDE3MkI5NjMxMUYwOUREODFGOUZEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCmsSMMA0GCSqGSIb3DQEB
CwUAA4IBAQBg05Ll/pLm8XbFILD07k84TE6iv6Z8XFOyXoJyWmk44K9x3KUTXbQ2
2TWWZqoomkrUcSXN5cU60QEoPFAEcTNV3is6Y+eO9ZXGeqxJp5KnpuLG/zcoL+Ik
8+rJPWU9GxfngSVxP7bPFVDj6pt2E1NwHZME9NExYT6XWjTdC6h6oyDIJXkOhk5c
QvjQu/VTeadGRLL82fe9QQg3tTMN0K0gsn3YZAfnROdu+lZyidVdShwGDgCYevg8
6+o4GWJBLF4KA2uQWJgI3Zh3NbyZGlzS+39TTp8btPnyZ9Amgk2g1W3q7nKnlr3w
fGEt0W+hJB53f1FSOf8o8Gg1dkiWrKH1
-----END CERTIFICATE-----
Generated at Wed Nov 5 08:13:44 2025 by rpki-client