Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CB4B7B9A9D8411F0AB67D58FDAE4EC9C.roa
File: CB4B7B9A9D8411F0AB67D58FDAE4EC9C.roa (raw, json)
Hash identifier: CCLFpQZFHJsvF4k1WDove4KUqmxYvEoCBkFSbqZpSzk=
Subject key identifier: 97:30:72:E3:D9:49:C1:B5:F5:8B:2C:3D:25:30:50:A1:DD:44:79:F8
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01A1A7
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CB4B7B9A9D8411F0AB67D58FDAE4EC9C.roa
Signing time: Mon 29 Sep 2025 22:36:52 +0000
ROA not before: Mon 29 Sep 2025 22:36:45 +0000
ROA not after: Wed 05 Nov 2025 22:36:45 +0000
asID: 202656
IP address blocks: 154.218.30.0/24 maxlen: 24
154.219.16.0/24 maxlen: 24
154.219.24.0/24 maxlen: 24
154.219.28.0/24 maxlen: 24
154.219.207.0/24 maxlen: 24
154.219.211.0/24 maxlen: 24
154.219.222.0/24 maxlen: 24
154.219.230.0/24 maxlen: 24
154.219.232.0/24 maxlen: 24
154.219.245.0/24 maxlen: 24
154.219.246.0/24 maxlen: 24
154.219.247.0/24 maxlen: 24
154.219.250.0/24 maxlen: 24
154.219.251.0/24 maxlen: 24
154.219.252.0/24 maxlen: 24
154.219.253.0/24 maxlen: 24
154.219.254.0/24 maxlen: 24
154.219.255.0/24 maxlen: 24
154.221.60.0/24 maxlen: 24
154.222.192.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 106919 (0x1a1a7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Sep 29 22:36:45 2025 GMT
Not After : Nov 5 22:36:45 2025 GMT
Subject: CN=68db0a04-ebd2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:e6:be:04:c7:85:3e:44:4c:bd:17:ef:3b:90:
1b:37:bb:c8:f4:72:d7:ad:3b:3a:e6:9e:7b:ac:e5:
1f:84:f5:3a:f2:2d:6b:ba:6b:ca:38:35:0b:fc:c4:
fc:39:03:bb:0d:2f:45:9a:6b:98:2f:62:86:54:1c:
a6:5e:bb:52:3b:ad:1e:69:c5:a0:5f:66:6d:ef:8b:
2e:fb:89:2a:59:51:89:d8:14:85:41:b0:e6:69:d1:
56:f3:c9:b7:29:3c:35:56:71:1f:c4:16:3f:e3:ed:
05:c1:ba:1e:54:4b:75:d7:32:7d:a1:79:ad:c3:23:
89:93:85:6c:62:e3:45:29:e4:be:19:0a:79:17:e0:
5f:2e:6d:d7:ca:7e:cf:07:47:0f:ba:77:f0:60:79:
7d:c9:83:68:68:82:b6:fd:dc:6e:5d:b5:d6:2c:0b:
44:15:89:37:a8:73:5e:1e:4b:7b:4c:40:2a:a7:32:
09:12:72:78:c5:58:b6:38:e7:d2:90:9e:e3:e5:b0:
5c:5e:44:9e:d4:5e:ab:99:ba:2f:d4:3c:7a:52:ea:
a5:54:ba:f1:35:c6:4d:96:94:80:82:12:48:94:0e:
5b:8e:f0:2d:bc:65:1f:44:73:32:af:65:c4:15:e7:
0f:00:71:af:79:ad:7e:8b:82:51:c5:f3:4a:47:f4:
36:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:30:72:E3:D9:49:C1:B5:F5:8B:2C:3D:25:30:50:A1:DD:44:79:F8
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CB4B7B9A9D8411F0AB67D58FDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.218.30.0/24
154.219.16.0/24
154.219.24.0/24
154.219.28.0/24
154.219.207.0/24
154.219.211.0/24
154.219.222.0/24
154.219.230.0/24
154.219.232.0/24
154.219.245.0-154.219.247.255
154.219.250.0-154.219.255.255
154.221.60.0/24
154.222.192.0/24
Signature Algorithm: sha256WithRSAEncryption
66:7a:a4:e7:38:6d:9e:03:78:e0:6e:71:a9:d9:c3:fb:47:f8:
78:5e:ff:76:71:63:7b:d5:f4:43:a7:f9:ce:42:9b:97:aa:ff:
df:19:6f:21:30:90:c7:91:7d:72:26:e2:34:0e:bb:26:a2:0e:
24:f4:50:3c:16:0f:98:32:ff:12:ae:f4:75:21:42:79:38:d3:
8e:9d:53:5b:9d:57:90:c8:46:6f:48:be:8f:53:bf:6a:8d:6b:
d3:21:ba:0e:89:15:ef:ef:3e:f6:b8:f4:8e:9c:36:8b:a1:8f:
76:fa:51:9a:9b:16:fc:12:79:d3:88:51:2a:73:75:d5:19:3d:
b4:37:28:a4:9f:e4:83:0b:78:c1:ab:4c:29:ad:45:a8:41:4c:
af:a4:f3:3a:60:aa:38:c9:6b:a5:70:fa:f8:19:21:e7:03:a1:
a1:71:a7:df:96:7e:f6:28:8f:3c:75:01:e3:30:8c:35:99:c9:
ba:26:f9:1b:99:9e:c7:62:ac:45:a9:c4:94:3c:c1:b7:89:e8:
13:b4:2f:73:e4:37:91:35:64:a5:af:3a:69:51:d5:ab:c2:c7:
f2:0c:e7:94:b7:f2:40:95:c2:fb:47:24:c3:e9:7a:1c:76:1e:
c2:a9:d3:6e:7f:0c:52:19:bb:d2:b9:13:d0:a7:1f:cf:25:63:
69:7e:a1:a8
-----BEGIN CERTIFICATE-----
MIIF2zCCBMOgAwIBAgIDAaGnMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwOTI5MjIzNjQ1WhcNMjUxMTA1MjIzNjQ1WjAYMRYw
FAYDVQQDEw02OGRiMGEwNC1lYmQyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwua+BMeFPkRMvRfvO5AbN7vI9HLXrTs65p57rOUfhPU68i1rumvKODUL
/MT8OQO7DS9FmmuYL2KGVBymXrtSO60eacWgX2Zt74su+4kqWVGJ2BSFQbDmadFW
88m3KTw1VnEfxBY/4+0FwboeVEt11zJ9oXmtwyOJk4VsYuNFKeS+GQp5F+BfLm3X
yn7PB0cPunfwYHl9yYNoaIK2/dxuXbXWLAtEFYk3qHNeHkt7TEAqpzIJEnJ4xVi2
OOfSkJ7j5bBcXkSe1F6rmbov1Dx6UuqlVLrxNcZNlpSAghJIlA5bjvAtvGUfRHMy
r2XEFecPAHGvea1+i4JRxfNKR/Q2/wIDAQABo4IC/DCCAvgwHQYDVR0OBBYEFJcw
cuPZScG19YssPSUwUKHdRHn4MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DQjRCN0I5QTlEODQxMUYwQUI2N0Q1OEZEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMHYGCCsGAQUFBwEHAQH/BGcwZTBjBAIAATBdAwQAmtoeAwQAmtsQAwQAmtsY
AwQAmtscAwQAmtvPAwQAmtvTAwQAmtveAwQAmtvmAwQAmtvoMAwDBACa2/UDBAOa
2/AwCwMEAZrb+gMDAprYAwQAmt08AwQAmt7AMA0GCSqGSIb3DQEBCwUAA4IBAQBm
eqTnOG2eA3jgbnGp2cP7R/h4Xv92cWN71fRDp/nOQpuXqv/fGW8hMJDHkX1yJuI0
Drsmog4k9FA8Fg+YMv8SrvR1IUJ5ONOOnVNbnVeQyEZvSL6PU79qjWvTIboOiRXv
7z72uPSOnDaLoY92+lGamxb8EnnTiFEqc3XVGT20Nyikn+SDC3jBq0wprUWoQUyv
pPM6YKo4yWulcPr4GSHnA6Ghcaffln72KI88dQHjMIw1mcm6JvkbmZ7HYqxFqcSU
PMG3iegTtC9z5DeRNWSlrzppUdWrwsfyDOeUt/JAlcL7RyTD6Xocdh7CqdNufwxS
GbvSuRPQpx/PJWNpfqGo
-----END CERTIFICATE-----
Generated at Sun Oct 19 21:10:10 2025 by rpki-client