Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DCD42AE69D8511F0A7299B94DAE4EC9C.roa
File: DCD42AE69D8511F0A7299B94DAE4EC9C.roa (raw, json)
Hash identifier: IcxkyD6iqjc+FNhu5mfe1SriVXAZmJzjUhjSVWdrfbA=
Subject key identifier: 60:D9:82:F3:EF:1D:DE:C1:C7:7B:06:EB:2B:46:9E:C6:35:C5:26:A7
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01A1A9
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DCD42AE69D8511F0A7299B94DAE4EC9C.roa
Signing time: Mon 29 Sep 2025 22:44:31 +0000
ROA not before: Mon 29 Sep 2025 22:44:26 +0000
ROA not after: Wed 05 Nov 2025 22:44:26 +0000
asID: 202656
IP address blocks: 154.219.1.0/24 maxlen: 24
154.219.4.0/24 maxlen: 24
154.219.17.0/24 maxlen: 24
154.219.18.0/24 maxlen: 24
154.219.19.0/24 maxlen: 24
154.219.20.0/24 maxlen: 24
154.219.21.0/24 maxlen: 24
154.219.22.0/24 maxlen: 24
154.219.26.0/24 maxlen: 24
154.219.27.0/24 maxlen: 24
154.219.29.0/24 maxlen: 24
154.222.40.0/24 maxlen: 24
154.222.41.0/24 maxlen: 24
154.222.42.0/24 maxlen: 24
154.222.193.0/24 maxlen: 24
154.222.194.0/24 maxlen: 24
154.222.195.0/24 maxlen: 24
154.222.196.0/24 maxlen: 24
154.222.198.0/24 maxlen: 24
154.222.199.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 106921 (0x1a1a9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Sep 29 22:44:26 2025 GMT
Not After : Nov 5 22:44:26 2025 GMT
Subject: CN=68db0bcf-c028
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:17:47:2a:9f:31:4c:02:3f:87:ef:91:97:10:
6d:54:af:7a:80:92:be:06:4b:a3:3f:27:c3:36:e4:
69:4a:d4:23:59:df:04:92:4b:33:e7:d5:7f:d6:0a:
76:d6:02:a8:c6:39:cc:77:cd:2b:e1:8d:93:9a:83:
aa:ed:60:78:d4:f1:91:03:89:3b:e5:78:9a:ed:cc:
16:60:28:88:de:e0:7e:2d:3f:db:78:34:be:bc:37:
ba:00:5e:68:88:67:56:59:a4:9b:66:f1:aa:a9:e9:
d3:02:a1:54:2f:86:d2:c8:20:08:c4:17:b3:8e:31:
31:a1:86:f7:0c:85:3d:f1:a0:f2:b0:94:a2:59:59:
94:a0:b7:f5:d3:aa:e1:ba:c4:53:2a:b5:0f:58:b5:
6c:cb:75:13:7c:16:61:1c:cb:ce:07:06:e1:73:e8:
d4:e1:6a:b2:65:64:de:f9:b1:0f:03:9f:8f:56:60:
a7:57:97:90:42:4d:91:9e:87:c7:d7:70:00:72:fc:
09:1e:3f:01:9b:c3:72:77:8e:74:93:ef:14:87:ef:
45:87:05:fa:66:76:c6:d8:92:c7:9d:28:77:00:9c:
c6:0e:2d:49:f4:b6:23:8d:ea:1b:a6:a9:71:05:19:
45:fa:79:5f:93:d6:e4:fa:e0:d4:2c:55:d9:98:f6:
14:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:D9:82:F3:EF:1D:DE:C1:C7:7B:06:EB:2B:46:9E:C6:35:C5:26:A7
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DCD42AE69D8511F0A7299B94DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.219.1.0/24
154.219.4.0/24
154.219.17.0-154.219.22.255
154.219.26.0/23
154.219.29.0/24
154.222.40.0-154.222.42.255
154.222.193.0-154.222.196.255
154.222.198.0/23
Signature Algorithm: sha256WithRSAEncryption
8d:c0:27:a6:4c:bc:7b:d9:a5:a5:57:8f:5e:9d:cd:1b:1c:76:
1b:d0:aa:1b:3a:51:31:a5:98:fc:fb:99:b2:69:15:d2:9f:3d:
3b:5b:2c:e3:54:1b:99:84:de:85:9d:58:8e:ec:78:d3:59:1e:
a7:a9:cc:58:5c:c1:de:aa:05:e7:c2:d3:67:b6:82:43:a7:f7:
1e:7b:da:94:1c:3e:13:48:9f:ef:80:56:a5:68:5e:65:98:a3:
68:0d:45:85:2a:ef:b3:a4:97:3b:49:89:a7:c1:64:68:f1:d1:
e1:dc:f0:a4:08:7e:43:87:2f:41:44:02:b7:2f:a2:b7:b0:2a:
9a:51:54:b6:7c:00:02:b6:57:ef:63:95:7d:e8:25:86:9e:6c:
8a:f0:8f:f6:ed:7d:46:b9:8e:5c:b1:11:e8:21:af:e1:bd:91:
27:fb:5d:c0:a9:3a:b4:91:0a:c7:58:5a:9d:a8:47:fd:12:57:
76:fc:45:44:aa:78:2c:69:01:80:ef:c6:a2:ee:2b:4e:fb:1e:
da:c0:5f:40:90:97:66:2f:97:e4:b4:ed:dc:d6:ab:23:96:80:
71:ac:cf:83:92:45:ea:0b:23:b0:d7:2d:2d:f7:43:0e:4e:34:
63:0b:fe:6f:aa:ce:2d:66:25:7b:53:55:a8:79:94:fc:6f:1f:
d0:04:88:e9
-----BEGIN CERTIFICATE-----
MIIFxjCCBK6gAwIBAgIDAaGpMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwOTI5MjI0NDI2WhcNMjUxMTA1MjI0NDI2WjAYMRYw
FAYDVQQDEw02OGRiMGJjZi1jMDI4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEApxdHKp8xTAI/h++RlxBtVK96gJK+BkujPyfDNuRpStQjWd8Ekksz59V/
1gp21gKoxjnMd80r4Y2TmoOq7WB41PGRA4k75Xia7cwWYCiI3uB+LT/beDS+vDe6
AF5oiGdWWaSbZvGqqenTAqFUL4bSyCAIxBezjjExoYb3DIU98aDysJSiWVmUoLf1
06rhusRTKrUPWLVsy3UTfBZhHMvOBwbhc+jU4WqyZWTe+bEPA5+PVmCnV5eQQk2R
nofH13AAcvwJHj8Bm8Nyd450k+8Uh+9FhwX6ZnbG2JLHnSh3AJzGDi1J9LYjjeob
pqlxBRlF+nlfk9bk+uDULFXZmPYUdQIDAQABo4IC5zCCAuMwHQYDVR0OBBYEFGDZ
gvPvHd7Bx3sG6ytGnsY1xSanMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9EQ0Q0MkFFNjlEODUxMUYwQTcyOTlCOTREQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQAmtsBAwQAmtsEMAwDBACa
2xEDBACa2xYDBAGa2xoDBACa2x0wDAMEA5reKAMEAJreKjAMAwQAmt7BAwQAmt7E
AwQBmt7GMA0GCSqGSIb3DQEBCwUAA4IBAQCNwCemTLx72aWlV49enc0bHHYb0Kob
OlExpZj8+5myaRXSnz07WyzjVBuZhN6FnViO7HjTWR6nqcxYXMHeqgXnwtNntoJD
p/cee9qUHD4TSJ/vgFalaF5lmKNoDUWFKu+zpJc7SYmnwWRo8dHh3PCkCH5Dhy9B
RAK3L6K3sCqaUVS2fAACtlfvY5V96CWGnmyK8I/27X1GuY5csRHoIa/hvZEn+13A
qTq0kQrHWFqdqEf9Eld2/EVEqngsaQGA78ai7itO+x7awF9AkJdmL5fktO3c1qsj
loBxrM+DkkXqCyOw1y0t90MOTjRjC/5vqs4tZiV7U1WoeZT8bx/QBIjp
-----END CERTIFICATE-----
Generated at Sun Oct 19 21:09:43 2025 by rpki-client