Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/0DCEE8809EA211F0BE56E6D4DAE4EC9C.roa
File: 0DCEE8809EA211F0BE56E6D4DAE4EC9C.roa (raw, json)
Hash identifier: BbnEAog+UZftPoeWwhdD/fOOnBJysiWOT7vWU8q+sUs=
Subject key identifier: 61:31:B3:2B:1B:16:A3:90:C4:C1:F8:C1:89:64:6C:E5:A5:EA:E8:44
Certificate issuer: /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial: 1C33
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/0DCEE8809EA211F0BE56E6D4DAE4EC9C.roa
Signing time: Wed 01 Oct 2025 08:38:50 +0000
ROA not before: Wed 01 Oct 2025 08:38:46 +0000
ROA not after: Fri 01 Oct 2027 08:38:46 +0000
asID: 9304
IP address blocks: 154.16.132.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7219 (0x1c33)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3682B65AF, serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Validity
Not Before: Oct 1 08:38:46 2025 GMT
Not After : Oct 1 08:38:46 2027 GMT
Subject: CN=68dce89a-4f01
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:d3:d2:d4:87:50:e2:d7:86:a9:70:94:b2:f0:
90:00:80:99:42:6c:75:cc:a4:46:77:c2:40:5f:9c:
5c:7d:cf:f1:1e:df:28:78:96:29:ec:96:ed:55:9c:
e2:a0:d6:63:5b:ed:d4:92:c0:26:69:ed:ad:b6:6b:
0b:37:cd:2c:87:d6:6e:9a:8c:33:2c:5c:4c:3a:0e:
a4:04:a0:15:85:f3:c4:19:57:fd:fe:5f:90:a7:a2:
15:b9:20:14:77:ca:f8:a8:5c:6f:c2:ec:0d:82:06:
ed:2d:ca:8a:71:41:82:8f:a3:2a:cc:09:1b:22:07:
36:c6:4d:5d:fb:c3:f3:dd:7d:3b:f8:ad:16:62:f9:
82:9f:ad:78:fe:e1:2d:6d:d1:56:36:ca:b1:95:a0:
04:65:87:3b:9a:56:e1:29:d6:c2:ab:ad:d7:89:36:
36:d8:06:0f:14:0c:31:35:8d:af:34:fd:17:ce:23:
58:8e:78:be:c4:f1:11:90:75:fc:79:93:3c:4e:00:
e3:07:25:78:d7:6e:8c:b5:f8:50:4f:1d:36:7e:d2:
10:94:36:ca:8f:98:9e:54:9f:fd:14:23:88:db:53:
5a:38:1b:ea:2d:30:64:98:34:64:58:49:48:0f:69:
78:0f:ea:8a:42:e1:70:10:09:d1:16:5d:3c:74:f3:
32:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:31:B3:2B:1B:16:A3:90:C4:C1:F8:C1:89:64:6C:E5:A5:EA:E8:44
X509v3 Authority Key Identifier:
keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/0DCEE8809EA211F0BE56E6D4DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.16.132.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:4f:0b:ec:56:66:dd:c0:eb:d2:0f:89:de:76:75:95:77:1e:
04:75:23:58:35:e3:39:9f:e4:c3:67:10:c4:d3:94:e0:cd:54:
98:11:da:b6:4a:1a:71:62:9e:a1:f2:b6:2f:ec:d4:f0:86:62:
c7:d2:a3:8e:40:1c:e0:bf:f9:59:e5:e3:1c:d6:79:d5:c5:b4:
92:3a:d1:67:87:8a:71:7a:69:b9:db:d0:1b:2a:3d:da:b9:28:
18:ef:13:b9:7b:6e:3d:83:87:6e:5e:bc:00:24:e6:cf:7c:ed:
35:f4:51:1a:8e:c2:42:15:be:e5:9f:b1:c0:8e:be:1c:29:0c:
75:ba:8f:53:7b:3c:9f:19:ff:93:01:a7:a0:a7:c5:24:b7:e1:
be:50:0b:53:ea:c2:71:be:0f:e9:16:be:b5:57:76:fd:4d:e4:
65:3b:5b:3d:ab:5b:90:fb:84:63:44:68:49:ea:72:8d:de:6b:
67:ef:14:46:18:cc:20:34:f5:36:7b:b2:0a:5c:83:4c:af:10:
ac:b4:35:33:ec:16:35:51:76:24:8a:b4:6e:16:58:8a:7c:4d:
ae:4b:5c:96:8c:a5:8e:7c:ea:af:6a:b3:07:c3:cf:6f:02:38:
cb:b0:4d:91:ca:15:68:a3:26:9b:38:5b:d8:ec:75:19:5d:61:
9f:c0:c9:2b
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICHDMwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNTEwMDEwODM4NDZaFw0yNzEwMDEwODM4NDZaMBgxFjAU
BgNVBAMTDTY4ZGNlODlhLTRmMDEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDR09LUh1Di14apcJSy8JAAgJlCbHXMpEZ3wkBfnFx9z/Ee3yh4linslu1V
nOKg1mNb7dSSwCZp7a22aws3zSyH1m6ajDMsXEw6DqQEoBWF88QZV/3+X5CnohW5
IBR3yvioXG/C7A2CBu0tyopxQYKPoyrMCRsiBzbGTV37w/PdfTv4rRZi+YKfrXj+
4S1t0VY2yrGVoARlhzuaVuEp1sKrrdeJNjbYBg8UDDE1ja80/RfOI1iOeL7E8RGQ
dfx5kzxOAOMHJXjXboy1+FBPHTZ+0hCUNsqPmJ5Un/0UI4jbU1o4G+otMGSYNGRY
SUgPaXgP6opC4XAQCdEWXTx08zLFAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUYTGz
KxsWo5DEwfjBiWRs5aXq6EQwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzBEQ0VFODgwOUVBMjExRjBCRTU2RTZENERBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEIQwDQYJKoZIhvcNAQEL
BQADggEBAF1PC+xWZt3A69IPid52dZV3HgR1I1g14zmf5MNnEMTTlODNVJgR2rZK
GnFinqHyti/s1PCGYsfSo45AHOC/+Vnl4xzWedXFtJI60WeHinF6abnb0BsqPdq5
KBjvE7l7bj2Dh25evAAk5s987TX0URqOwkIVvuWfscCOvhwpDHW6j1N7PJ8Z/5MB
p6CnxSS34b5QC1PqwnG+D+kWvrVXdv1N5GU7Wz2rW5D7hGNEaEnqco3ea2fvFEYY
zCA09TZ7sgpcg0yvEKy0NTPsFjVRdiSKtG4WWIp8Ta5LXJaMpY586q9qswfDz28C
OMuwTZHKFWijJps4W9jsdRldYZ/AySs=
-----END CERTIFICATE-----
Generated at Sun Oct 19 22:25:28 2025 by rpki-client