Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DA7C0EEE9D5811F0B0C774F5DAE4EC9C.roa
File: DA7C0EEE9D5811F0B0C774F5DAE4EC9C.roa (raw, json)
Hash identifier: WW+36ETDOgFKsv1aUCPe7B5/Xkap0nIWSYovfw/1brQ=
Subject key identifier: AD:59:5D:B9:24:BA:EB:68:5E:B8:03:5B:50:D9:83:EB:5F:6D:7D:8E
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01A169
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DA7C0EEE9D5811F0B0C774F5DAE4EC9C.roa
Signing time: Mon 29 Sep 2025 17:22:20 +0000
ROA not before: Mon 29 Sep 2025 17:22:14 +0000
ROA not after: Fri 31 Oct 2025 17:22:14 +0000
asID: 62240
IP address blocks: 154.196.81.0/24 maxlen: 24
154.196.87.0/24 maxlen: 24
154.223.208.0/24 maxlen: 24
154.223.209.0/24 maxlen: 24
154.223.210.0/24 maxlen: 24
154.223.211.0/24 maxlen: 24
154.223.212.0/24 maxlen: 24
154.223.213.0/24 maxlen: 24
154.223.214.0/24 maxlen: 24
154.223.215.0/24 maxlen: 24
154.223.216.0/24 maxlen: 24
154.223.217.0/24 maxlen: 24
154.223.218.0/24 maxlen: 24
154.223.219.0/24 maxlen: 24
154.223.220.0/24 maxlen: 24
154.223.221.0/24 maxlen: 24
154.223.222.0/24 maxlen: 24
154.223.223.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 106857 (0x1a169)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Sep 29 17:22:14 2025 GMT
Not After : Oct 31 17:22:14 2025 GMT
Subject: CN=68dac04c-601e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:ff:ea:d2:3a:2f:75:fb:1e:07:72:3e:e5:1c:
b9:4d:35:5c:5c:87:ee:3d:7d:35:31:a0:fb:cd:8c:
87:80:4c:40:d5:26:d2:ca:d2:31:cd:af:14:7c:a7:
e9:4e:c9:bd:bf:75:57:82:8c:8d:63:d1:ce:5d:42:
67:4e:fd:a7:ba:14:06:2d:6d:52:8d:00:59:bb:15:
57:a3:0f:cd:da:14:3a:a7:b4:58:08:97:e6:1e:e5:
36:c6:cb:58:ce:c8:2b:e8:31:19:44:50:95:68:b5:
26:eb:ac:e5:77:c6:b8:21:66:68:d0:50:44:56:b1:
fa:c5:aa:ec:42:24:c6:31:a6:90:eb:9f:3f:15:46:
91:3f:c7:25:19:50:af:c4:67:09:b3:a1:df:77:45:
53:e6:36:4f:d8:0e:21:3d:f5:da:2f:62:f1:e4:80:
c9:f9:1d:39:d1:03:25:a7:0f:1b:45:b4:4a:91:a5:
3e:db:82:2a:e0:eb:1e:ec:ea:d0:3c:eb:99:7e:c7:
67:d6:51:ae:3e:35:be:9e:85:fe:a0:02:4c:0a:b7:
b3:2a:83:13:c2:ba:39:cb:f1:ce:76:20:15:da:20:
04:38:9f:5d:8b:d6:4d:51:54:fb:b8:70:d4:ef:45:
6e:93:76:d1:82:b7:e2:51:87:ef:50:91:66:8d:28:
29:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:59:5D:B9:24:BA:EB:68:5E:B8:03:5B:50:D9:83:EB:5F:6D:7D:8E
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DA7C0EEE9D5811F0B0C774F5DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.196.81.0/24
154.196.87.0/24
154.223.208.0/20
Signature Algorithm: sha256WithRSAEncryption
31:ef:d5:bc:4d:fc:97:95:a3:61:3b:d8:75:77:d7:f3:34:80:
c6:2c:29:34:0b:d3:4e:1b:de:4f:b2:0e:d9:87:28:b6:81:c7:
7e:9a:73:03:29:67:63:00:20:ce:08:63:32:7c:67:03:b0:1f:
21:79:5c:90:f7:24:83:81:1a:f8:7e:76:e2:5e:31:59:e8:73:
19:92:d5:35:9e:25:d9:2b:15:87:ba:2f:e9:6a:2c:33:9d:9c:
b3:db:30:0e:41:67:72:86:f2:69:04:5e:e5:72:f4:f1:51:84:
33:af:6d:0c:82:a4:cb:9f:af:81:43:ae:df:d5:43:80:53:3b:
62:13:d4:fa:33:f6:ef:02:86:c7:f8:fc:1f:95:ec:67:44:6b:
65:a6:0c:65:a5:2f:9f:ee:c3:a1:13:23:9a:7b:1d:f8:d7:a5:
e9:6c:1c:e5:3b:6a:99:b4:3c:f5:3d:e2:ec:55:58:d3:0b:1b:
f3:8a:19:86:e7:e7:90:b8:8c:00:eb:21:51:39:63:a7:20:2c:
ec:51:7f:5a:bf:74:75:7e:68:16:ae:6e:d8:06:fc:65:44:5d:
88:7c:28:db:50:d8:a5:f2:6b:29:4c:3b:ce:14:a2:de:d3:59:
a5:16:3f:8a:a1:8a:5b:96:c4:7a:94:0a:da:d8:2c:5a:1e:06:
22:7e:08:6e
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgIDAaFpMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwOTI5MTcyMjE0WhcNMjUxMDMxMTcyMjE0WjAYMRYw
FAYDVQQDEw02OGRhYzA0Yy02MDFlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwP/q0jovdfseB3I+5Ry5TTVcXIfuPX01MaD7zYyHgExA1SbSytIxza8U
fKfpTsm9v3VXgoyNY9HOXUJnTv2nuhQGLW1SjQBZuxVXow/N2hQ6p7RYCJfmHuU2
xstYzsgr6DEZRFCVaLUm66zld8a4IWZo0FBEVrH6xarsQiTGMaaQ658/FUaRP8cl
GVCvxGcJs6Hfd0VT5jZP2A4hPfXaL2Lx5IDJ+R050QMlpw8bRbRKkaU+24Iq4Ose
7OrQPOuZfsdn1lGuPjW+noX+oAJMCrezKoMTwro5y/HOdiAV2iAEOJ9di9ZNUVT7
uHDU70Vuk3bRgrfiUYfvUJFmjSgpqwIDAQABo4ICsTCCAq0wHQYDVR0OBBYEFK1Z
XbkkuutoXrgDW1DZg+tfbX2OMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9EQTdDMEVFRTlENTgxMUYwQjBDNzc0RjVEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAmsRRAwQAmsRXAwQEmt/Q
MA0GCSqGSIb3DQEBCwUAA4IBAQAx79W8TfyXlaNhO9h1d9fzNIDGLCk0C9NOG95P
sg7Zhyi2gcd+mnMDKWdjACDOCGMyfGcDsB8heVyQ9ySDgRr4fnbiXjFZ6HMZktU1
niXZKxWHui/paiwznZyz2zAOQWdyhvJpBF7lcvTxUYQzr20MgqTLn6+BQ67f1UOA
UztiE9T6M/bvAobH+PwflexnRGtlpgxlpS+f7sOhEyOaex3416XpbBzlO2qZtDz1
PeLsVVjTCxvzihmG5+eQuIwA6yFROWOnICzsUX9av3R1fmgWrm7YBvxlRF2IfCjb
UNil8mspTDvOFKLe01mlFj+KoYpblsR6lAra2CxaHgYifghu
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:55:04 2025 by rpki-client