Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F365FABE/1D3B5B38534211F097EA85DADAE4EC9C/DE032292A5B311F0994B3AB0DAE4EC9C.roa
File: DE032292A5B311F0994B3AB0DAE4EC9C.roa (raw, json)
Hash identifier: vkzFSLbDU0uihMdr3rdbCYc718qKER6rMg7GebnGpTc=
Subject key identifier: 51:FC:D8:EA:0F:A3:61:EE:6E:C1:CB:A3:A1:05:4B:20:7C:A3:3B:0F
Certificate issuer: /CN=F365FABEAF/serialNumber=325EE3B250B9C682BFB020B336CBA289E1BCD230
Certificate serial: 78
Authority key identifier: 32:5E:E3:B2:50:B9:C6:82:BF:B0:20:B3:36:CB:A2:89:E1:BC:D2:30
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/Ml7jslC5xoK_sCCzNsuiieG80jA.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F365FABE/1D3B5B38534211F097EA85DADAE4EC9C/DE032292A5B311F0994B3AB0DAE4EC9C.roa
Signing time: Fri 10 Oct 2025 08:33:59 +0000
ROA not before: Fri 10 Oct 2025 08:33:55 +0000
ROA not after: Tue 26 Oct 2027 08:33:55 +0000
asID: 37453
IP address blocks: 197.149.184.0/24 maxlen: 32
197.149.185.0/24 maxlen: 32
197.149.186.0/24 maxlen: 32
197.149.187.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F365FABE/1D3B5B38534211F097EA85DADAE4EC9C/Ml7jslC5xoK_sCCzNsuiieG80jA.crl
rsync://rpki.afrinic.net/repository/member_repository/F365FABE/1D3B5B38534211F097EA85DADAE4EC9C/Ml7jslC5xoK_sCCzNsuiieG80jA.mft
rsync://rpki.afrinic.net/repository/afrinic/Ml7jslC5xoK_sCCzNsuiieG80jA.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 22 Oct 2025 00:06:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 120 (0x78)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F365FABEAF, serialNumber=325EE3B250B9C682BFB020B336CBA289E1BCD230
Validity
Not Before: Oct 10 08:33:55 2025 GMT
Not After : Oct 26 08:33:55 2027 GMT
Subject: CN=68e8c4f7-f3a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:03:7e:47:be:f1:c1:11:aa:78:a5:2a:3b:ef:
f5:4a:e8:85:18:d3:47:53:59:32:c9:34:f8:9b:fd:
58:25:6b:a3:82:4c:34:27:58:e3:5c:cb:52:85:36:
18:e5:d6:91:20:23:56:35:9c:92:3a:02:a9:08:9e:
46:e5:cd:2c:e2:df:52:d8:f7:b5:b0:8c:f9:7a:57:
5a:56:d6:61:1e:e2:2d:08:ea:0b:df:94:15:52:49:
1a:18:28:63:c3:b1:5b:30:2d:61:ab:2a:c2:12:21:
4c:89:2e:72:4e:83:bd:30:cd:eb:a9:6d:1d:ae:b5:
66:ad:d7:91:5c:29:f1:b4:14:6a:19:e0:ca:10:d4:
34:be:ae:b0:16:18:55:07:19:89:53:9f:09:8d:e5:
6a:69:6c:8e:41:d3:09:51:e2:c1:59:04:32:9e:db:
af:51:55:0a:66:4a:17:94:91:99:dc:4c:21:29:41:
c7:2e:38:3a:b3:73:6d:c9:9c:11:b9:ed:79:c6:62:
2a:a4:ad:aa:18:1c:47:35:6a:6b:4b:65:a9:ae:50:
6d:74:97:cc:d1:7e:40:e5:cc:40:04:5e:23:bc:1c:
fc:4a:1d:05:29:5a:93:41:5e:59:2d:01:fd:32:d2:
d2:24:94:57:a7:ab:86:19:be:e2:60:a8:75:c2:14:
44:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:FC:D8:EA:0F:A3:61:EE:6E:C1:CB:A3:A1:05:4B:20:7C:A3:3B:0F
X509v3 Authority Key Identifier:
keyid:32:5E:E3:B2:50:B9:C6:82:BF:B0:20:B3:36:CB:A2:89:E1:BC:D2:30
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F365FABE/1D3B5B38534211F097EA85DADAE4EC9C/Ml7jslC5xoK_sCCzNsuiieG80jA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/Ml7jslC5xoK_sCCzNsuiieG80jA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F365FABE/1D3B5B38534211F097EA85DADAE4EC9C/DE032292A5B311F0994B3AB0DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
197.149.184.0/22
Signature Algorithm: sha256WithRSAEncryption
27:34:d5:52:80:e3:54:c6:a4:71:07:e1:da:cf:e8:cc:9f:fa:
45:a4:d0:87:37:1c:61:e3:fe:c7:96:cf:00:e1:69:f0:77:e6:
ab:19:16:78:3a:c9:e0:aa:3f:71:a6:80:a7:6b:d8:4e:0b:a4:
2a:78:c5:13:b8:dc:26:7a:de:4a:0b:12:c2:9d:e5:70:e7:f5:
84:54:47:57:80:33:28:67:2e:c3:7e:53:e5:fb:a7:8d:cc:2b:
48:91:85:6d:4c:30:43:80:57:76:ee:ee:a6:1d:db:de:fd:b4:
5a:c3:87:17:95:a2:1c:1a:27:cc:93:95:b6:c0:d6:07:2c:eb:
dd:d9:f8:d1:81:9b:11:2c:73:84:c7:82:4c:a4:42:93:49:64:
40:47:41:c0:18:9b:7a:c5:27:75:8f:fb:f3:e9:5d:a3:4f:0b:
bb:35:60:e5:0d:4f:33:4b:c8:7a:b3:b7:47:c4:ed:bd:7c:5c:
ef:ff:65:90:6a:94:e6:c9:5a:a0:ed:e8:b2:8d:76:07:1f:47:
0b:52:e3:7c:0d:c7:f8:f1:69:b9:3e:e7:18:34:9e:71:4c:ed:
11:a8:a1:95:4b:4e:0b:56:bd:84:f1:fb:fb:c5:f6:a5:5a:f7:
58:75:64:fd:43:dc:09:ae:f8:4d:2d:2b:30:fc:1b:24:3c:77:
e6:22:41:3d
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBeDANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY1
RkFCRUFGMTEwLwYDVQQFEygzMjVFRTNCMjUwQjlDNjgyQkZCMDIwQjMzNkNCQTI4
OUUxQkNEMjMwMB4XDTI1MTAxMDA4MzM1NVoXDTI3MTAyNjA4MzM1NVowGDEWMBQG
A1UEAxMNNjhlOGM0ZjctZjNhMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANYDfke+8cERqnilKjvv9UrohRjTR1NZMsk0+Jv9WCVro4JMNCdY41zLUoU2
GOXWkSAjVjWckjoCqQieRuXNLOLfUtj3tbCM+XpXWlbWYR7iLQjqC9+UFVJJGhgo
Y8OxWzAtYasqwhIhTIkuck6DvTDN66ltHa61Zq3XkVwp8bQUahngyhDUNL6usBYY
VQcZiVOfCY3lamlsjkHTCVHiwVkEMp7br1FVCmZKF5SRmdxMISlBxy44OrNzbcmc
EbntecZiKqStqhgcRzVqa0tlqa5QbXSXzNF+QOXMQAReI7wc/EodBSlak0FeWS0B
/TLS0iSUV6erhhm+4mCodcIURNcCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBRR/Njq
D6Nh7m7By6OhBUsgfKM7DzAfBgNVHSMEGDAWgBQyXuOyULnGgr+wILM2y6KJ4bzS
MDAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NUZBQkUvMUQzQjVCMzg1MzQyMTFGMDk3RUE4NURBREFFNEVDOUMvTWw3anNs
QzV4b0tfc0NDek5zdWlpZUc4MGpBLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvTWw3anNsQzV4b0tfc0NDek5zdWlpZUc4MGpBLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2NUZBQkUvMUQzQjVCMzg1MzQyMTFGMDk3RUE4NURBREFF
NEVDOUMvREUwMzIyOTJBNUIzMTFGMDk5NEIzQUIwREFFNEVDOUMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAsWVuDANBgkqhkiG9w0BAQsF
AAOCAQEAJzTVUoDjVMakcQfh2s/ozJ/6RaTQhzccYeP+x5bPAOFp8HfmqxkWeDrJ
4Ko/caaAp2vYTgukKnjFE7jcJnreSgsSwp3lcOf1hFRHV4AzKGcuw35T5funjcwr
SJGFbUwwQ4BXdu7uph3b3v20WsOHF5WiHBonzJOVtsDWByzr3dn40YGbESxzhMeC
TKRCk0lkQEdBwBibesUndY/78+ldo08LuzVg5Q1PM0vIerO3R8TtvXxc7/9lkGqU
5slaoO3oso12Bx9HC1LjfA3H+PFpuT7nGDSecUztEaihlUtOC1a9hPH7+8X2pVr3
WHVk/UPcCa74TS0rMPwbJDx35iJBPQ==
-----END CERTIFICATE-----
Generated at Mon Oct 20 16:59:02 2025 by rpki-client