Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F364563F/7E79C460686A11F0ACC5D07FDAE4EC9C/0D8258E0A06811F092E080CCDAE4EC9C.roa
File: 0D8258E0A06811F092E080CCDAE4EC9C.roa (raw, json)
Hash identifier: jAYBUqDBzFC3MpXtI17Ah8/ursFRmSV68BlqHI1aKEo=
Subject key identifier: D1:1D:DF:37:04:8A:51:5C:AD:98:B4:ED:18:3A:96:96:A8:98:25:76
Certificate issuer: /CN=F364563FAF/serialNumber=B67ECB1638710AF31E6E2A8FBDD553957525CFF4
Certificate serial: 4C
Authority key identifier: B6:7E:CB:16:38:71:0A:F3:1E:6E:2A:8F:BD:D5:53:95:75:25:CF:F4
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/tn7LFjhxCvMebiqPvdVTlXUlz_Q.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F364563F/7E79C460686A11F0ACC5D07FDAE4EC9C/0D8258E0A06811F092E080CCDAE4EC9C.roa
Signing time: Fri 03 Oct 2025 14:48:41 +0000
ROA not before: Fri 03 Oct 2025 14:48:37 +0000
ROA not after: Fri 02 Oct 2026 14:48:37 +0000
asID: 37404
IP address blocks: 41.78.8.0/24 maxlen: 24
41.78.9.0/24 maxlen: 24
41.78.10.0/24 maxlen: 24
41.78.11.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F364563F/7E79C460686A11F0ACC5D07FDAE4EC9C/tn7LFjhxCvMebiqPvdVTlXUlz_Q.crl
rsync://rpki.afrinic.net/repository/member_repository/F364563F/7E79C460686A11F0ACC5D07FDAE4EC9C/tn7LFjhxCvMebiqPvdVTlXUlz_Q.mft
rsync://rpki.afrinic.net/repository/afrinic/tn7LFjhxCvMebiqPvdVTlXUlz_Q.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 22 Oct 2025 05:10:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 76 (0x4c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F364563FAF, serialNumber=B67ECB1638710AF31E6E2A8FBDD553957525CFF4
Validity
Not Before: Oct 3 14:48:37 2025 GMT
Not After : Oct 2 14:48:37 2026 GMT
Subject: CN=68dfe249-091d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:5a:28:4c:46:ad:14:cd:06:85:35:4f:0b:c8:
f7:2e:08:08:b4:48:e1:6d:b4:53:b7:e3:4e:15:a5:
46:dc:ed:fc:93:d7:26:77:ff:8a:a7:93:4d:47:01:
0b:fb:75:29:25:02:fc:81:8e:27:80:b4:f6:e9:27:
89:7a:11:1c:34:86:73:cc:15:cd:24:95:78:ed:e0:
47:33:30:4b:14:d9:43:a0:64:ae:81:70:80:34:8d:
6a:1b:e1:c3:4f:ae:91:03:7d:7a:31:cc:de:4d:4d:
7c:20:70:dc:c4:c2:5b:31:b1:7f:a1:96:99:bc:6d:
cf:27:f1:25:2a:9b:48:e5:39:d9:e3:a8:6f:47:d0:
65:8f:39:d4:b4:d5:b7:05:13:1e:53:17:9b:0e:07:
17:88:a2:17:fd:eb:2b:e5:dc:41:c0:d2:e1:88:95:
b0:b7:27:da:55:99:79:73:82:a3:53:cf:d7:da:08:
48:9b:3a:c1:b6:9d:ee:9a:9c:a4:5b:59:44:f7:10:
97:57:31:ab:08:2e:79:88:cb:db:2f:fe:83:8b:d6:
ad:5f:8b:d0:da:11:c5:15:32:2e:57:5f:04:ee:0b:
de:3c:60:d9:92:05:24:4d:5f:08:48:8b:01:bb:1b:
ea:82:70:03:2c:a8:c0:a0:14:30:ad:ba:c4:a0:fd:
1a:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:1D:DF:37:04:8A:51:5C:AD:98:B4:ED:18:3A:96:96:A8:98:25:76
X509v3 Authority Key Identifier:
keyid:B6:7E:CB:16:38:71:0A:F3:1E:6E:2A:8F:BD:D5:53:95:75:25:CF:F4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F364563F/7E79C460686A11F0ACC5D07FDAE4EC9C/tn7LFjhxCvMebiqPvdVTlXUlz_Q.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/tn7LFjhxCvMebiqPvdVTlXUlz_Q.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F364563F/7E79C460686A11F0ACC5D07FDAE4EC9C/0D8258E0A06811F092E080CCDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
41.78.8.0/22
Signature Algorithm: sha256WithRSAEncryption
97:f0:e4:3d:98:e4:3d:48:ca:3a:96:21:7c:ff:30:cd:1f:2e:
07:d6:db:d1:8e:02:5d:00:aa:77:76:97:42:a8:55:5e:fa:e7:
55:4b:78:6e:a6:de:f7:4c:c2:6e:0a:df:58:30:4f:a1:a7:05:
e1:75:e9:b5:c6:91:48:aa:8d:c8:bf:f4:e5:dc:6d:47:7c:06:
3a:fe:70:3e:8b:23:6f:b8:67:6e:3b:b4:a4:f2:b3:d9:e2:16:
72:c4:85:c2:5e:99:1b:88:9b:b3:f0:a5:0e:31:6f:39:6c:d8:
4e:bb:ec:a9:cb:31:f1:ed:94:d2:eb:e6:2e:bf:f2:8c:78:54:
a9:40:61:9e:43:b0:fa:70:9e:f3:49:48:6b:23:aa:b5:26:1b:
91:9b:06:46:6f:c7:3b:25:d3:63:56:f7:c4:37:ba:11:5b:c1:
d8:5e:76:6f:db:0f:e7:f0:b7:a3:af:09:1f:69:94:5a:c2:6a:
f2:de:0c:f1:59:a4:51:c3:a5:6b:e8:ba:0f:67:7e:5e:0d:37:
ae:6e:8a:9d:0e:0b:24:5c:c1:5a:f7:15:0e:99:77:6a:04:5d:
77:c0:b3:61:d4:89:b3:ac:0a:2d:2d:f0:39:ec:0c:06:d5:c6:
83:3f:e0:83:91:1d:28:8b:01:f0:29:6f:bf:72:aa:c0:df:7c:
a4:70:61:aa
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBTDANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY0
NTYzRkFGMTEwLwYDVQQFEyhCNjdFQ0IxNjM4NzEwQUYzMUU2RTJBOEZCREQ1NTM5
NTc1MjVDRkY0MB4XDTI1MTAwMzE0NDgzN1oXDTI2MTAwMjE0NDgzN1owGDEWMBQG
A1UEAxMNNjhkZmUyNDktMDkxZDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ1aKExGrRTNBoU1TwvI9y4ICLRI4W20U7fjThWlRtzt/JPXJnf/iqeTTUcB
C/t1KSUC/IGOJ4C09ukniXoRHDSGc8wVzSSVeO3gRzMwSxTZQ6BkroFwgDSNahvh
w0+ukQN9ejHM3k1NfCBw3MTCWzGxf6GWmbxtzyfxJSqbSOU52eOob0fQZY851LTV
twUTHlMXmw4HF4iiF/3rK+XcQcDS4YiVsLcn2lWZeXOCo1PP19oISJs6wbad7pqc
pFtZRPcQl1cxqwgueYjL2y/+g4vWrV+L0NoRxRUyLldfBO4L3jxg2ZIFJE1fCEiL
Absb6oJwAyyowKAUMK26xKD9GmECAwEAAaOCAqUwggKhMB0GA1UdDgQWBBTRHd83
BIpRXK2YtO0YOpaWqJgldjAfBgNVHSMEGDAWgBS2fssWOHEK8x5uKo+91VOVdSXP
9DAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NDU2M0YvN0U3OUM0NjA2ODZBMTFGMEFDQzVEMDdGREFFNEVDOUMvdG43TEZq
aHhDdk1lYmlxUHZkVlRsWFVsel9RLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvdG43TEZqaHhDdk1lYmlxUHZkVlRsWFVsel9RLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2NDU2M0YvN0U3OUM0NjA2ODZBMTFGMEFDQzVEMDdGREFF
NEVDOUMvMEQ4MjU4RTBBMDY4MTFGMDkyRTA4MENDREFFNEVDOUMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAilOCDANBgkqhkiG9w0BAQsF
AAOCAQEAl/DkPZjkPUjKOpYhfP8wzR8uB9bb0Y4CXQCqd3aXQqhVXvrnVUt4bqbe
90zCbgrfWDBPoacF4XXptcaRSKqNyL/05dxtR3wGOv5wPosjb7hnbju0pPKz2eIW
csSFwl6ZG4ibs/ClDjFvOWzYTrvsqcsx8e2U0uvmLr/yjHhUqUBhnkOw+nCe80lI
ayOqtSYbkZsGRm/HOyXTY1b3xDe6EVvB2F52b9sP5/C3o68JH2mUWsJq8t4M8Vmk
UcOla+i6D2d+Xg03rm6KnQ4LJFzBWvcVDpl3agRdd8CzYdSJs6wKLS3wOewMBtXG
gz/gg5EdKIsB8Clvv3KqwN98pHBhqg==
-----END CERTIFICATE-----
Generated at Tue Oct 21 01:28:39 2025 by rpki-client