Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3674376/1340A870A5A611F0B96EAFD7DAE4EC9C/4C01EE48A5A711F0986AEDDFDAE4EC9C.roa
File: 4C01EE48A5A711F0986AEDDFDAE4EC9C.roa (raw, json)
Hash identifier: A7s5OPs1SpF17uQimMrgNTFUslRSjoE44d+zkAoaVyc=
Subject key identifier: 4A:9C:E6:AA:A3:0A:34:2A:96:A9:35:20:45:89:4A:D8:4C:E4:D4:72
Certificate issuer: /CN=F3674376AF/serialNumber=5A8F1BB960808858FC424A9FC9C06D4812DBA5C9
Certificate serial: 06
Authority key identifier: 5A:8F:1B:B9:60:80:88:58:FC:42:4A:9F:C9:C0:6D:48:12:DB:A5:C9
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/Wo8buWCAiFj8QkqfycBtSBLbpck.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3674376/1340A870A5A611F0B96EAFD7DAE4EC9C/4C01EE48A5A711F0986AEDDFDAE4EC9C.roa
Signing time: Fri 10 Oct 2025 07:04:00 +0000
ROA not before: Fri 10 Oct 2025 07:03:56 +0000
ROA not after: Mon 31 Dec 2035 07:03:56 +0000
asID: 329631
IP address blocks: 102.204.165.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3674376/1340A870A5A611F0B96EAFD7DAE4EC9C/Wo8buWCAiFj8QkqfycBtSBLbpck.crl
rsync://rpki.afrinic.net/repository/member_repository/F3674376/1340A870A5A611F0B96EAFD7DAE4EC9C/Wo8buWCAiFj8QkqfycBtSBLbpck.mft
rsync://rpki.afrinic.net/repository/afrinic/Wo8buWCAiFj8QkqfycBtSBLbpck.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 05:17:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6 (0x6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3674376AF, serialNumber=5A8F1BB960808858FC424A9FC9C06D4812DBA5C9
Validity
Not Before: Oct 10 07:03:56 2025 GMT
Not After : Dec 31 07:03:56 2035 GMT
Subject: CN=68e8afe0-d152
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:2c:be:2a:b2:2b:9a:a5:45:b0:76:6f:c3:9b:
37:89:95:a0:5b:c4:a7:d9:df:9b:fe:26:7f:2f:ad:
d6:4a:e0:6e:47:f0:3e:1a:35:9f:93:81:f9:b7:10:
b9:70:f5:fb:e1:85:13:bc:73:a4:d4:b2:e0:7e:32:
99:4b:42:db:c9:62:f1:23:05:6b:76:1c:ad:46:c4:
d2:c0:27:03:ee:b0:81:32:85:a4:41:87:2f:e3:73:
ea:ea:23:9f:06:8e:dc:ab:e3:ea:73:b8:35:2f:b5:
3e:ce:d0:f7:23:65:6e:cd:15:c9:f6:37:30:95:8d:
14:78:f0:aa:f1:b1:b2:eb:36:c0:7e:e6:33:05:a3:
43:e0:e0:02:89:d1:4c:b0:16:de:3b:df:71:13:f7:
14:87:b3:06:f4:f4:4f:11:73:23:70:33:75:3c:bb:
de:82:a6:a1:12:9a:9b:42:c1:5e:c7:fc:d1:e6:32:
bc:d3:ac:14:9b:57:c6:13:76:4f:f3:93:4a:1c:0e:
fe:bb:0b:34:a2:4b:21:c6:be:e9:76:bc:eb:a9:02:
12:29:98:aa:d6:ff:b2:2c:7e:c8:c2:1f:0d:38:8a:
77:89:72:cc:fb:e7:a1:52:66:8d:77:64:bd:c9:c5:
b7:fb:9a:31:af:69:53:09:76:ef:63:7a:bd:b9:f4:
37:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:9C:E6:AA:A3:0A:34:2A:96:A9:35:20:45:89:4A:D8:4C:E4:D4:72
X509v3 Authority Key Identifier:
keyid:5A:8F:1B:B9:60:80:88:58:FC:42:4A:9F:C9:C0:6D:48:12:DB:A5:C9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3674376/1340A870A5A611F0B96EAFD7DAE4EC9C/Wo8buWCAiFj8QkqfycBtSBLbpck.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/Wo8buWCAiFj8QkqfycBtSBLbpck.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3674376/1340A870A5A611F0B96EAFD7DAE4EC9C/4C01EE48A5A711F0986AEDDFDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.204.165.0/24
Signature Algorithm: sha256WithRSAEncryption
e7:64:ea:e7:92:67:31:3d:25:47:09:f3:fe:f0:84:24:d2:4a:
01:6d:ef:d7:61:0d:12:01:fc:c3:e2:1b:19:d9:5c:89:de:69:
89:b9:79:12:80:ea:e6:cc:83:55:4b:dd:63:c9:3f:e3:f2:c5:
87:21:77:9b:68:87:e2:0f:93:b9:9f:8e:be:40:49:d6:2e:f7:
f9:b8:c2:36:83:61:04:09:6d:7c:3b:55:a2:f5:40:27:f1:a9:
1c:f2:57:c3:e2:44:f3:73:79:45:bc:0d:44:7d:3c:ca:9b:62:
79:48:fd:0b:d6:63:94:7b:35:9e:19:96:a2:b8:cd:fb:f0:86:
83:dc:51:98:b5:19:b8:46:91:4d:02:4f:ca:e4:75:e1:97:27:
98:f1:ba:a5:da:e2:c6:77:03:55:a5:ed:2b:bc:4c:5b:05:15:
94:34:14:db:eb:8d:e4:46:10:a2:da:9c:e4:f0:d2:8d:ba:79:
86:d4:af:5f:0e:86:11:fe:70:24:ba:32:46:16:9c:2e:8f:a1:
2d:34:a8:7f:44:90:40:3a:ca:83:3d:00:d6:0c:c6:11:79:98:
26:b9:ed:a2:f8:fe:13:bd:4c:23:00:20:48:52:80:3d:4e:42:
de:9b:d3:06:bd:c7:91:85:10:e3:70:19:b5:fe:90:86:5d:2e:
1d:93:9e:0d
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBBjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY3
NDM3NkFGMTEwLwYDVQQFEyg1QThGMUJCOTYwODA4ODU4RkM0MjRBOUZDOUMwNkQ0
ODEyREJBNUM5MB4XDTI1MTAxMDA3MDM1NloXDTM1MTIzMTA3MDM1NlowGDEWMBQG
A1UEAxMNNjhlOGFmZTAtZDE1MjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL8sviqyK5qlRbB2b8ObN4mVoFvEp9nfm/4mfy+t1krgbkfwPho1n5OB+bcQ
uXD1++GFE7xzpNSy4H4ymUtC28li8SMFa3YcrUbE0sAnA+6wgTKFpEGHL+Nz6uoj
nwaO3Kvj6nO4NS+1Ps7Q9yNlbs0VyfY3MJWNFHjwqvGxsus2wH7mMwWjQ+DgAonR
TLAW3jvfcRP3FIezBvT0TxFzI3AzdTy73oKmoRKam0LBXsf80eYyvNOsFJtXxhN2
T/OTShwO/rsLNKJLIca+6Xa866kCEimYqtb/six+yMIfDTiKd4lyzPvnoVJmjXdk
vcnFt/uaMa9pUwl272N6vbn0N+UCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBRKnOaq
owo0KpapNSBFiUrYTOTUcjAfBgNVHSMEGDAWgBRajxu5YICIWPxCSp/JwG1IEtul
yTAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NzQzNzYvMTM0MEE4NzBBNUE2MTFGMEI5NkVBRkQ3REFFNEVDOUMvV284YnVX
Q0FpRmo4UWtxZnljQnRTQkxicGNrLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvV284YnVXQ0FpRmo4UWtxZnljQnRTQkxicGNrLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2NzQzNzYvMTM0MEE4NzBBNUE2MTFGMEI5NkVBRkQ3REFF
NEVDOUMvNEMwMUVFNDhBNUE3MTFGMDk4NkFFRERGREFFNEVDOUMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAGbMpTANBgkqhkiG9w0BAQsF
AAOCAQEA52Tq55JnMT0lRwnz/vCEJNJKAW3v12ENEgH8w+IbGdlcid5pibl5EoDq
5syDVUvdY8k/4/LFhyF3m2iH4g+TuZ+OvkBJ1i73+bjCNoNhBAltfDtVovVAJ/Gp
HPJXw+JE83N5RbwNRH08yptieUj9C9ZjlHs1nhmWorjN+/CGg9xRmLUZuEaRTQJP
yuR14ZcnmPG6pdrixncDVaXtK7xMWwUVlDQU2+uN5EYQotqc5PDSjbp5htSvXw6G
Ef5wJLoyRhacLo+hLTSof0SQQDrKgz0A1gzGEXmYJrntovj+E71MIwAgSFKAPU5C
3pvTBr3HkYUQ43AZtf6Qhl0uHZOeDQ==
-----END CERTIFICATE-----
Generated at Mon Oct 20 02:05:23 2025 by rpki-client