Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F365FABE/1D3B5B38534211F097EA85DADAE4EC9C/3DBD6BF8A43C11F0B0207BA9DAE4EC9C.roa
File: 3DBD6BF8A43C11F0B0207BA9DAE4EC9C.roa (raw, json)
Hash identifier: QDcjTFM5zSxqp1TZUhDrR2cluwqbX9KhJ+5ywKso8Ew=
Subject key identifier: 8E:18:8F:67:C5:81:68:6F:38:40:89:D1:7B:67:00:D5:F1:43:FC:6B
Certificate issuer: /CN=F365FABEAF/serialNumber=325EE3B250B9C682BFB020B336CBA289E1BCD230
Certificate serial: 74
Authority key identifier: 32:5E:E3:B2:50:B9:C6:82:BF:B0:20:B3:36:CB:A2:89:E1:BC:D2:30
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/Ml7jslC5xoK_sCCzNsuiieG80jA.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F365FABE/1D3B5B38534211F097EA85DADAE4EC9C/3DBD6BF8A43C11F0B0207BA9DAE4EC9C.roa
Signing time: Wed 08 Oct 2025 11:45:09 +0000
ROA not before: Wed 08 Oct 2025 11:45:04 +0000
ROA not after: Tue 26 Oct 2027 11:45:04 +0000
asID: 37453
IP address blocks: 41.190.80.0/24 maxlen: 32
41.190.81.0/24 maxlen: 32
41.190.82.0/24 maxlen: 32
41.190.83.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F365FABE/1D3B5B38534211F097EA85DADAE4EC9C/Ml7jslC5xoK_sCCzNsuiieG80jA.crl
rsync://rpki.afrinic.net/repository/member_repository/F365FABE/1D3B5B38534211F097EA85DADAE4EC9C/Ml7jslC5xoK_sCCzNsuiieG80jA.mft
rsync://rpki.afrinic.net/repository/afrinic/Ml7jslC5xoK_sCCzNsuiieG80jA.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 22 Oct 2025 00:06:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 116 (0x74)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F365FABEAF, serialNumber=325EE3B250B9C682BFB020B336CBA289E1BCD230
Validity
Not Before: Oct 8 11:45:04 2025 GMT
Not After : Oct 26 11:45:04 2027 GMT
Subject: CN=68e64ec5-de7a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:19:06:20:e0:d4:6e:db:cc:59:89:83:61:5c:
21:c2:56:47:0e:db:cb:a3:28:87:02:49:20:aa:a1:
88:59:44:35:bc:d2:68:f9:29:af:34:fa:29:5e:cd:
b9:15:25:95:1f:b7:4a:20:4e:bf:f3:af:dc:94:cc:
77:11:e2:aa:7b:af:12:ee:30:f7:24:2a:af:19:bf:
4d:75:d3:23:5e:5a:22:04:d5:96:2d:29:e7:85:7a:
bd:ef:a2:bd:19:d3:53:0a:a5:2b:4e:e2:f7:41:69:
20:e7:6d:ea:e7:0d:8e:54:dc:1b:cf:73:59:6d:55:
9f:2e:14:d2:01:87:29:c8:59:c2:a4:0e:22:ce:d0:
fe:36:fd:5f:51:7c:ee:83:3d:a2:f1:7a:25:03:f8:
9f:55:ee:37:15:0f:e2:8a:e7:45:a9:91:fd:e5:b8:
7a:8c:d9:36:d8:f2:c3:1e:5b:d4:44:41:83:92:dc:
67:eb:a9:b6:b3:dc:75:a9:92:1c:60:b3:75:f6:54:
5c:e5:58:47:74:e0:0b:66:ee:7b:11:76:72:84:0f:
b5:46:56:f9:a2:61:b4:32:64:f0:b9:0f:39:a0:32:
4c:5f:6b:9f:b6:43:d9:f5:dd:49:21:2e:31:90:a6:
df:99:30:5c:b5:ec:d3:d4:39:62:28:2d:3e:42:b8:
75:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:18:8F:67:C5:81:68:6F:38:40:89:D1:7B:67:00:D5:F1:43:FC:6B
X509v3 Authority Key Identifier:
keyid:32:5E:E3:B2:50:B9:C6:82:BF:B0:20:B3:36:CB:A2:89:E1:BC:D2:30
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F365FABE/1D3B5B38534211F097EA85DADAE4EC9C/Ml7jslC5xoK_sCCzNsuiieG80jA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/Ml7jslC5xoK_sCCzNsuiieG80jA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F365FABE/1D3B5B38534211F097EA85DADAE4EC9C/3DBD6BF8A43C11F0B0207BA9DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
41.190.80.0/22
Signature Algorithm: sha256WithRSAEncryption
11:74:76:bd:00:dd:0f:31:dd:4f:e9:6e:a9:9d:9b:bc:b0:72:
af:06:39:9d:74:b6:4b:ec:f4:0a:18:02:43:16:22:ea:3f:58:
0d:ff:e3:64:b7:39:bb:39:ca:7b:59:53:c9:33:fe:bf:29:2c:
a1:d6:5c:29:7b:8b:19:28:b5:32:91:09:99:12:8c:b5:17:52:
39:48:17:b9:17:30:8f:34:43:c0:0f:5b:33:60:5a:ca:ab:5c:
7b:4b:5d:c7:bd:5a:e6:ad:73:20:83:5b:3c:ae:c4:f1:8c:91:
35:d3:e2:9a:d4:6b:cd:26:0d:99:b6:5d:2d:7a:75:b9:7e:ee:
e4:13:57:be:7a:48:9a:34:d7:64:ba:68:0a:48:e6:87:bb:22:
e9:74:1d:68:73:c4:bf:01:71:09:a7:b5:b6:2a:80:d2:70:ea:
2d:78:15:6b:80:21:78:c1:ff:92:0a:e6:32:47:87:a0:e6:6c:
fc:0a:7d:c7:05:02:97:3b:e8:77:2e:ea:6b:b6:91:94:c7:50:
2a:29:a7:e3:5e:36:fc:e8:88:2e:65:45:61:4d:cf:68:a0:a1:
6b:34:c8:9e:ee:a5:73:4a:ca:82:7a:ba:ca:64:a8:ba:73:3b:
19:ea:3c:d2:cc:d6:b9:d2:46:f5:18:ac:0b:8c:60:28:a7:ba:
45:41:b4:b8
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBdDANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY1
RkFCRUFGMTEwLwYDVQQFEygzMjVFRTNCMjUwQjlDNjgyQkZCMDIwQjMzNkNCQTI4
OUUxQkNEMjMwMB4XDTI1MTAwODExNDUwNFoXDTI3MTAyNjExNDUwNFowGDEWMBQG
A1UEAxMNNjhlNjRlYzUtZGU3YTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJoZBiDg1G7bzFmJg2FcIcJWRw7by6MohwJJIKqhiFlENbzSaPkprzT6KV7N
uRUllR+3SiBOv/Ov3JTMdxHiqnuvEu4w9yQqrxm/TXXTI15aIgTVli0p54V6ve+i
vRnTUwqlK07i90FpIOdt6ucNjlTcG89zWW1Vny4U0gGHKchZwqQOIs7Q/jb9X1F8
7oM9ovF6JQP4n1XuNxUP4ornRamR/eW4eozZNtjywx5b1ERBg5LcZ+uptrPcdamS
HGCzdfZUXOVYR3TgC2buexF2coQPtUZW+aJhtDJk8LkPOaAyTF9rn7ZD2fXdSSEu
MZCm35kwXLXs09Q5YigtPkK4dW0CAwEAAaOCAqUwggKhMB0GA1UdDgQWBBSOGI9n
xYFobzhAidF7ZwDV8UP8azAfBgNVHSMEGDAWgBQyXuOyULnGgr+wILM2y6KJ4bzS
MDAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NUZBQkUvMUQzQjVCMzg1MzQyMTFGMDk3RUE4NURBREFFNEVDOUMvTWw3anNs
QzV4b0tfc0NDek5zdWlpZUc4MGpBLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvTWw3anNsQzV4b0tfc0NDek5zdWlpZUc4MGpBLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2NUZBQkUvMUQzQjVCMzg1MzQyMTFGMDk3RUE4NURBREFF
NEVDOUMvM0RCRDZCRjhBNDNDMTFGMEIwMjA3QkE5REFFNEVDOUMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAim+UDANBgkqhkiG9w0BAQsF
AAOCAQEAEXR2vQDdDzHdT+luqZ2bvLByrwY5nXS2S+z0ChgCQxYi6j9YDf/jZLc5
uznKe1lTyTP+vyksodZcKXuLGSi1MpEJmRKMtRdSOUgXuRcwjzRDwA9bM2Bayqtc
e0tdx71a5q1zIINbPK7E8YyRNdPimtRrzSYNmbZdLXp1uX7u5BNXvnpImjTXZLpo
Ckjmh7si6XQdaHPEvwFxCae1tiqA0nDqLXgVa4AheMH/kgrmMkeHoOZs/Ap9xwUC
lzvody7qa7aRlMdQKimn4142/OiILmVFYU3PaKChazTInu6lc0rKgnq6ymSounM7
Geo80szWudJG9RisC4xgKKe6RUG0uA==
-----END CERTIFICATE-----
Generated at Mon Oct 20 19:39:23 2025 by rpki-client