Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F365FABE/1D3B5B38534211F097EA85DADAE4EC9C/D80D99D6A43B11F090E5B5A8DAE4EC9C.roa
File: D80D99D6A43B11F090E5B5A8DAE4EC9C.roa (raw, json)
Hash identifier: D+Q0jMvULF15SYOkGjIS9wZnck6JWgh8vGMk1HYUiV0=
Subject key identifier: 96:99:8C:F9:96:CD:26:01:17:9C:3D:7C:64:51:DA:21:51:C7:9E:74
Certificate issuer: /CN=F365FABEAF/serialNumber=325EE3B250B9C682BFB020B336CBA289E1BCD230
Certificate serial: 72
Authority key identifier: 32:5E:E3:B2:50:B9:C6:82:BF:B0:20:B3:36:CB:A2:89:E1:BC:D2:30
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/Ml7jslC5xoK_sCCzNsuiieG80jA.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F365FABE/1D3B5B38534211F097EA85DADAE4EC9C/D80D99D6A43B11F090E5B5A8DAE4EC9C.roa
Signing time: Wed 08 Oct 2025 11:42:19 +0000
ROA not before: Wed 08 Oct 2025 11:42:14 +0000
ROA not after: Tue 26 Oct 2027 11:42:14 +0000
asID: 37453
IP address blocks: 41.215.252.0/24 maxlen: 32
41.215.253.0/24 maxlen: 32
41.215.254.0/24 maxlen: 32
41.215.255.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F365FABE/1D3B5B38534211F097EA85DADAE4EC9C/Ml7jslC5xoK_sCCzNsuiieG80jA.crl
rsync://rpki.afrinic.net/repository/member_repository/F365FABE/1D3B5B38534211F097EA85DADAE4EC9C/Ml7jslC5xoK_sCCzNsuiieG80jA.mft
rsync://rpki.afrinic.net/repository/afrinic/Ml7jslC5xoK_sCCzNsuiieG80jA.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 22 Oct 2025 00:06:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 114 (0x72)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F365FABEAF, serialNumber=325EE3B250B9C682BFB020B336CBA289E1BCD230
Validity
Not Before: Oct 8 11:42:14 2025 GMT
Not After : Oct 26 11:42:14 2027 GMT
Subject: CN=68e64e1b-e3eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:e7:8c:00:38:2e:4f:37:0a:84:c8:ef:7c:f3:
1a:0f:c2:df:55:fb:ca:3c:54:e6:45:59:4d:79:c7:
90:5d:4a:d1:21:dc:9d:16:19:24:74:52:30:4e:c0:
2b:5b:91:1d:2d:78:5d:70:9f:bb:23:43:dc:73:8a:
8e:4d:34:45:d9:57:7f:79:15:98:b6:01:fa:58:49:
a9:2c:6c:e2:4b:93:0b:b4:a2:df:1f:d0:4c:5e:92:
c9:3c:39:fe:8b:c4:f0:ff:a9:36:e6:4d:22:da:2b:
88:aa:2b:b9:f0:9d:5a:fb:88:01:29:44:25:06:63:
2b:fe:00:a3:50:26:95:76:c6:b6:25:df:78:3e:9e:
af:cc:97:6d:bd:b2:ca:46:d8:cc:77:41:90:2a:c7:
41:0b:db:65:d5:ed:7a:84:89:24:8b:37:dc:b7:7a:
02:40:d1:91:b9:db:54:38:7f:3f:31:63:10:7e:9b:
80:fb:cf:86:70:16:aa:de:e5:90:11:ba:1b:39:18:
16:73:32:3a:e2:5f:18:8e:74:04:8b:dd:a3:df:a5:
39:ad:7e:ec:00:0f:fe:2d:20:3e:89:04:0b:e2:d9:
d1:29:7e:cd:a6:ae:48:14:a6:97:2b:c6:b3:e2:2a:
12:fd:ce:ea:76:5f:3a:1a:27:de:0f:05:f3:d2:15:
9e:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:99:8C:F9:96:CD:26:01:17:9C:3D:7C:64:51:DA:21:51:C7:9E:74
X509v3 Authority Key Identifier:
keyid:32:5E:E3:B2:50:B9:C6:82:BF:B0:20:B3:36:CB:A2:89:E1:BC:D2:30
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F365FABE/1D3B5B38534211F097EA85DADAE4EC9C/Ml7jslC5xoK_sCCzNsuiieG80jA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/Ml7jslC5xoK_sCCzNsuiieG80jA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F365FABE/1D3B5B38534211F097EA85DADAE4EC9C/D80D99D6A43B11F090E5B5A8DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
41.215.252.0/22
Signature Algorithm: sha256WithRSAEncryption
a7:9c:49:82:9d:b3:8c:30:62:d7:ce:e2:e4:8c:75:e5:46:27:
3a:58:c8:72:6f:08:d5:48:24:f9:02:c8:4b:c0:98:04:98:ba:
90:8e:a9:54:bb:f9:3b:3f:67:55:22:c8:de:d7:05:38:78:0a:
d7:ff:64:dc:e8:7b:33:52:9e:2b:85:cd:9a:38:29:c1:2d:01:
4f:9f:1f:13:87:fe:cc:4f:72:63:6e:8c:38:4b:11:23:93:a5:
3f:29:ca:02:02:14:f0:bc:ca:ce:a9:76:c3:2b:87:fb:e7:11:
05:af:c1:8e:f4:e0:c4:5b:59:53:49:89:69:17:5c:54:6d:cc:
c7:cc:8a:45:04:0f:5a:4f:12:ff:7c:87:1c:9e:07:b9:60:65:
03:c4:2f:10:f3:56:26:00:bc:0f:37:f5:98:c7:97:db:9b:1e:
4f:c0:0f:ff:01:e8:3c:58:d6:9b:4c:04:b4:e4:54:35:fd:b6:
8d:ee:90:a1:28:ed:04:08:01:f3:0c:79:6e:6d:d4:63:57:b5:
e7:80:0c:98:e8:17:c2:0d:1a:9a:32:1f:86:75:ff:26:ec:1e:
b0:c8:b3:ef:6b:75:e0:1c:34:53:c1:95:1e:f4:be:78:7c:40:
7b:b3:13:a6:54:ee:3c:03:57:36:9f:f0:14:38:cb:78:a9:71:
6f:44:a5:07
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBcjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY1
RkFCRUFGMTEwLwYDVQQFEygzMjVFRTNCMjUwQjlDNjgyQkZCMDIwQjMzNkNCQTI4
OUUxQkNEMjMwMB4XDTI1MTAwODExNDIxNFoXDTI3MTAyNjExNDIxNFowGDEWMBQG
A1UEAxMNNjhlNjRlMWItZTNlYjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANPnjAA4Lk83CoTI73zzGg/C31X7yjxU5kVZTXnHkF1K0SHcnRYZJHRSME7A
K1uRHS14XXCfuyND3HOKjk00RdlXf3kVmLYB+lhJqSxs4kuTC7Si3x/QTF6SyTw5
/ovE8P+pNuZNItoriKorufCdWvuIASlEJQZjK/4Ao1AmlXbGtiXfeD6er8yXbb2y
ykbYzHdBkCrHQQvbZdXteoSJJIs33Ld6AkDRkbnbVDh/PzFjEH6bgPvPhnAWqt7l
kBG6GzkYFnMyOuJfGI50BIvdo9+lOa1+7AAP/i0gPokEC+LZ0Sl+zaauSBSmlyvG
s+IqEv3O6nZfOhon3g8F89IVnpUCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBSWmYz5
ls0mARecPXxkUdohUceedDAfBgNVHSMEGDAWgBQyXuOyULnGgr+wILM2y6KJ4bzS
MDAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NUZBQkUvMUQzQjVCMzg1MzQyMTFGMDk3RUE4NURBREFFNEVDOUMvTWw3anNs
QzV4b0tfc0NDek5zdWlpZUc4MGpBLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvTWw3anNsQzV4b0tfc0NDek5zdWlpZUc4MGpBLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2NUZBQkUvMUQzQjVCMzg1MzQyMTFGMDk3RUE4NURBREFF
NEVDOUMvRDgwRDk5RDZBNDNCMTFGMDkwRTVCNUE4REFFNEVDOUMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAinX/DANBgkqhkiG9w0BAQsF
AAOCAQEAp5xJgp2zjDBi187i5Ix15UYnOljIcm8I1Ugk+QLIS8CYBJi6kI6pVLv5
Oz9nVSLI3tcFOHgK1/9k3Oh7M1KeK4XNmjgpwS0BT58fE4f+zE9yY26MOEsRI5Ol
PynKAgIU8LzKzql2wyuH++cRBa/BjvTgxFtZU0mJaRdcVG3Mx8yKRQQPWk8S/3yH
HJ4HuWBlA8QvEPNWJgC8Dzf1mMeX25seT8AP/wHoPFjWm0wEtORUNf22je6QoSjt
BAgB8wx5bm3UY1e154AMmOgXwg0amjIfhnX/JuwesMiz72t14Bw0U8GVHvS+eHxA
e7MTplTuPANXNp/wFDjLeKlxb0SlBw==
-----END CERTIFICATE-----
Generated at Mon Oct 20 16:51:36 2025 by rpki-client