Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3BE811949D4C11F091108CA7DAE4EC9C.roa
File: 3BE811949D4C11F091108CA7DAE4EC9C.roa (raw, json)
Hash identifier: 3iGB6M8hp5ZjXmxxUTvvsUEmvxrnxzxqz0HjqldD1VU=
Subject key identifier: 70:7C:C3:2C:E7:6D:C5:01:0B:8E:5D:1B:32:28:31:19:CA:CC:2F:26
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01A151
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3BE811949D4C11F091108CA7DAE4EC9C.roa
Signing time: Mon 29 Sep 2025 15:52:00 +0000
ROA not before: Mon 29 Sep 2025 15:51:55 +0000
ROA not after: Fri 31 Oct 2025 15:51:55 +0000
asID: 62240
IP address blocks: 154.195.139.0/24 maxlen: 24
154.195.143.0/24 maxlen: 24
154.195.144.0/24 maxlen: 24
154.195.145.0/24 maxlen: 24
154.195.146.0/24 maxlen: 24
154.195.147.0/24 maxlen: 24
154.195.148.0/24 maxlen: 24
154.195.149.0/24 maxlen: 24
154.195.150.0/24 maxlen: 24
154.195.151.0/24 maxlen: 24
154.195.168.0/24 maxlen: 24
154.195.169.0/24 maxlen: 24
154.195.170.0/24 maxlen: 24
154.195.171.0/24 maxlen: 24
154.195.172.0/24 maxlen: 24
154.195.173.0/24 maxlen: 24
154.195.174.0/24 maxlen: 24
154.195.175.0/24 maxlen: 24
154.195.176.0/24 maxlen: 24
154.195.177.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 106833 (0x1a151)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Sep 29 15:51:55 2025 GMT
Not After : Oct 31 15:51:55 2025 GMT
Subject: CN=68daab20-4868
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:6f:ee:00:d0:b4:4a:06:22:70:eb:d1:29:dc:
e7:41:58:55:b1:4c:15:64:11:fc:91:bf:17:cd:d6:
0e:f4:6f:ce:45:46:a1:dc:4d:76:ff:f3:76:bb:08:
be:5f:55:cf:9d:35:2c:bd:fd:16:60:69:4c:db:f9:
2d:6c:7b:a1:48:75:71:7f:88:cb:b5:a6:9c:be:77:
a5:67:58:60:17:53:dd:f4:e1:36:2f:ae:66:74:d8:
36:47:23:d9:7a:e4:63:e0:20:13:63:6a:27:cc:45:
28:5b:80:7c:b5:4c:63:5f:60:0d:f5:94:8b:33:23:
44:36:5d:1d:b3:20:c9:c6:a1:91:d0:f8:86:d1:56:
c0:0c:5e:8a:b0:d8:bd:b0:c3:e7:a7:41:e8:58:5d:
2d:15:bb:8a:bf:c1:7e:17:90:c7:21:ee:d0:55:63:
50:b9:74:9f:2d:1f:0f:42:98:c5:b4:52:66:f5:d8:
ed:8a:bb:26:de:f0:88:ef:51:41:e7:cb:8c:49:91:
d8:5c:1b:99:60:d4:8e:c5:1f:b1:94:a6:68:55:84:
12:f0:7f:66:a2:d3:5d:8d:20:e2:63:5c:fe:d5:bc:
dc:ca:8c:0b:bf:cf:e1:a2:62:0b:fb:a1:02:1f:11:
a5:18:95:e8:c2:be:21:57:70:b1:fd:5f:f7:0c:9a:
be:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:7C:C3:2C:E7:6D:C5:01:0B:8E:5D:1B:32:28:31:19:CA:CC:2F:26
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3BE811949D4C11F091108CA7DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.195.139.0/24
154.195.143.0-154.195.151.255
154.195.168.0-154.195.177.255
Signature Algorithm: sha256WithRSAEncryption
1a:43:26:ba:45:3c:23:f6:89:b3:f0:61:df:ac:b5:c4:c8:3f:
a6:3e:77:c0:91:33:94:be:14:ba:45:ba:50:7a:36:c2:d1:02:
a1:47:73:e7:c9:fb:c6:cd:06:0c:31:ed:20:2e:37:27:65:6a:
a7:b6:e1:54:2d:a9:7b:2f:5c:22:02:d2:bd:96:8a:74:8c:3a:
79:d6:11:5c:47:21:53:50:fe:db:d0:28:41:f3:a5:33:ab:ef:
9c:e9:14:31:eb:73:4e:8c:a0:8a:e6:eb:a1:c4:40:22:e2:1b:
68:28:92:af:1b:2f:9d:03:c1:89:3c:a3:53:ea:91:0a:dc:ce:
44:6d:b8:2c:7b:0c:5d:48:71:fa:48:a1:29:bf:af:a1:c3:03:
5e:a8:af:be:cf:2f:4f:32:ba:6d:9f:c5:d5:64:49:50:99:d7:
12:7c:39:9c:54:09:be:d2:10:d8:fa:ad:3e:78:b2:de:76:ed:
d9:76:91:59:d8:11:e2:62:59:90:11:1c:67:f0:5a:8b:38:bb:
92:7e:51:5a:db:fb:d6:2b:67:aa:8e:cb:26:90:ae:07:74:d2:
dc:17:16:1f:84:37:45:c7:37:a7:ee:a3:0d:6a:8c:be:b4:12:
b4:b1:62:a9:c9:c3:bb:40:67:cb:6c:7b:b1:85:d4:f0:d5:16:
3d:1a:fc:06
-----BEGIN CERTIFICATE-----
MIIFoDCCBIigAwIBAgIDAaFRMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwOTI5MTU1MTU1WhcNMjUxMDMxMTU1MTU1WjAYMRYw
FAYDVQQDEw02OGRhYWIyMC00ODY4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA4G/uANC0SgYicOvRKdznQVhVsUwVZBH8kb8XzdYO9G/ORUah3E12//N2
uwi+X1XPnTUsvf0WYGlM2/ktbHuhSHVxf4jLtaacvnelZ1hgF1Pd9OE2L65mdNg2
RyPZeuRj4CATY2onzEUoW4B8tUxjX2AN9ZSLMyNENl0dsyDJxqGR0PiG0VbADF6K
sNi9sMPnp0HoWF0tFbuKv8F+F5DHIe7QVWNQuXSfLR8PQpjFtFJm9djtirsm3vCI
71FB58uMSZHYXBuZYNSOxR+xlKZoVYQS8H9motNdjSDiY1z+1bzcyowLv8/homIL
+6ECHxGlGJXowr4hV3Cx/V/3DJq+LwIDAQABo4ICwTCCAr0wHQYDVR0OBBYEFHB8
wyznbcUBC45dGzIoMRnKzC8mMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zQkU4MTE5NDlENEMxMUYwOTExMDhDQTdEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiAwQAmsOLMAwDBACaw48DBAOa
w5AwDAMEA5rDqAMEAZrDsDANBgkqhkiG9w0BAQsFAAOCAQEAGkMmukU8I/aJs/Bh
36y1xMg/pj53wJEzlL4UukW6UHo2wtECoUdz58n7xs0GDDHtIC43J2Vqp7bhVC2p
ey9cIgLSvZaKdIw6edYRXEchU1D+29AoQfOlM6vvnOkUMetzToygiubrocRAIuIb
aCiSrxsvnQPBiTyjU+qRCtzORG24LHsMXUhx+kihKb+vocMDXqivvs8vTzK6bZ/F
1WRJUJnXEnw5nFQJvtIQ2PqtPniy3nbt2XaRWdgR4mJZkBEcZ/Baizi7kn5RWtv7
1itnqo7LJpCuB3TS3BcWH4Q3Rcc3p+6jDWqMvrQStLFiqcnDu0Bny2x7sYXU8NUW
PRr8Bg==
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:55:14 2025 by rpki-client