
Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/2101FE92960F11F0A9132BCBDAE4EC9C.roa
File: 2101FE92960F11F0A9132BCBDAE4EC9C.roa (raw, json)
Hash identifier: wCtcULlD6reDqkoT2UlePwJI7whJhre4zS8U1uSqZ54=
Subject key identifier: D1:8A:AE:0B:88:B9:A7:38:89:F4:1D:4C:23:5C:6E:59:3E:92:AB:C7
Certificate issuer: /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial: 1C11
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/2101FE92960F11F0A9132BCBDAE4EC9C.roa
Signing time: Sat 20 Sep 2025 10:46:57 +0000
ROA not before: Sat 20 Sep 2025 10:46:53 +0000
ROA not after: Mon 20 Sep 2027 10:46:53 +0000
asID: 834
IP address blocks: 154.16.141.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7185 (0x1c11)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3682B65AF, serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Validity
Not Before: Sep 20 10:46:53 2025 GMT
Not After : Sep 20 10:46:53 2027 GMT
Subject: CN=68ce8621-a4ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:b0:f9:50:cd:82:50:be:e2:aa:8c:30:0d:c2:
31:3a:4c:fe:1a:c1:a2:9f:c3:40:9c:64:45:c1:9f:
18:0e:60:a4:73:59:5c:a7:45:e4:56:1f:db:51:f4:
28:05:f7:11:8b:13:18:75:67:47:f2:5c:23:ab:61:
17:a3:97:86:59:54:0f:47:b9:b7:e6:66:da:ef:bf:
7f:ac:73:87:00:d5:47:7f:40:93:3d:d3:66:35:d6:
7d:88:39:9f:48:7d:34:92:7c:2b:48:5f:0b:d1:03:
51:67:bd:1c:d8:8a:21:13:88:c2:ac:b0:e7:dd:74:
22:47:be:e2:89:ac:8f:9d:b4:66:36:d2:df:ed:a5:
b2:a1:ed:68:b4:b7:74:1d:fb:ba:a0:5c:3b:d7:ed:
d2:06:46:36:0b:27:3b:49:08:a4:20:91:63:12:e2:
a8:25:6d:3b:52:09:61:ae:29:fc:46:78:77:e3:8a:
72:55:32:de:9c:8c:8b:6b:4f:f7:9f:8a:34:be:db:
c9:65:de:18:6a:a4:d7:65:54:74:3b:ed:f3:08:c1:
17:36:03:0a:93:5c:1e:61:c3:69:a0:5b:9b:79:2b:
47:22:0a:7a:61:28:7b:45:e2:e7:4a:4a:61:bb:18:
6b:c5:e8:f8:3f:5d:bd:82:65:60:ad:18:85:37:50:
c4:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:8A:AE:0B:88:B9:A7:38:89:F4:1D:4C:23:5C:6E:59:3E:92:AB:C7
X509v3 Authority Key Identifier:
keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/2101FE92960F11F0A9132BCBDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.16.141.0/24
Signature Algorithm: sha256WithRSAEncryption
63:97:78:f6:f4:a1:23:dc:cf:7e:06:f7:1b:22:26:32:2e:4c:
81:ca:bc:26:86:98:c1:8e:99:8d:8b:c5:d8:94:ce:f5:51:5a:
e5:79:e5:f2:30:08:78:f9:33:89:0d:04:e5:1c:75:0e:93:93:
a3:f1:d5:8d:28:41:bc:bb:08:e4:20:1c:ce:4e:d0:d5:94:ec:
a8:b3:f5:9d:1d:7c:e4:44:78:9a:43:3c:72:2b:98:cc:8f:9d:
02:93:e9:9f:34:b4:97:11:c0:96:02:96:64:c9:73:77:61:eb:
b8:1a:3d:6d:99:60:76:4e:99:1b:72:4f:98:44:24:8a:73:29:
c3:95:d7:17:a9:d0:62:f5:e0:32:c8:a3:64:3e:6e:56:ee:e6:
a2:5f:f7:ee:17:ab:a3:c4:43:bf:7c:e5:fe:9c:ce:2e:08:58:
87:18:07:95:17:6c:b8:5a:05:13:83:aa:99:35:71:b4:f9:51:
ee:52:2f:08:e0:76:db:87:26:94:87:e8:4e:83:34:ea:53:9d:
33:10:5b:e1:56:4d:c7:45:f4:45:14:04:4a:91:86:03:0a:c8:
ec:c0:9c:75:82:9e:90:b0:56:2e:58:2a:8c:ea:32:f9:ca:37:
73:7d:c4:19:45:be:60:43:9c:94:40:4a:bc:4f:31:1a:49:bb:
b4:cf:fc:d5
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICHBEwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNTA5MjAxMDQ2NTNaFw0yNzA5MjAxMDQ2NTNaMBgxFjAU
BgNVBAMTDTY4Y2U4NjIxLWE0ZWYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC+sPlQzYJQvuKqjDANwjE6TP4awaKfw0CcZEXBnxgOYKRzWVynReRWH9tR
9CgF9xGLExh1Z0fyXCOrYRejl4ZZVA9HubfmZtrvv3+sc4cA1Ud/QJM902Y11n2I
OZ9IfTSSfCtIXwvRA1FnvRzYiiETiMKssOfddCJHvuKJrI+dtGY20t/tpbKh7Wi0
t3Qd+7qgXDvX7dIGRjYLJztJCKQgkWMS4qglbTtSCWGuKfxGeHfjinJVMt6cjItr
T/efijS+28ll3hhqpNdlVHQ77fMIwRc2AwqTXB5hw2mgW5t5K0ciCnphKHtF4udK
SmG7GGvF6Pg/Xb2CZWCtGIU3UMQTAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQU0Yqu
C4i5pziJ9B1MI1xuWT6Sq8cwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzIxMDFGRTkyOTYwRjExRjBBOTEzMkJDQkRBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEI0wDQYJKoZIhvcNAQEL
BQADggEBAGOXePb0oSPcz34G9xsiJjIuTIHKvCaGmMGOmY2LxdiUzvVRWuV55fIw
CHj5M4kNBOUcdQ6Tk6Px1Y0oQby7COQgHM5O0NWU7Kiz9Z0dfOREeJpDPHIrmMyP
nQKT6Z80tJcRwJYClmTJc3dh67gaPW2ZYHZOmRtyT5hEJIpzKcOV1xep0GL14DLI
o2Q+blbu5qJf9+4Xq6PEQ7985f6czi4IWIcYB5UXbLhaBRODqpk1cbT5Ue5SLwjg
dtuHJpSH6E6DNOpTnTMQW+FWTcdF9EUUBEqRhgMKyOzAnHWCnpCwVi5YKozqMvnK
N3N9xBlFvmBDnJRASrxPMRpJu7TP/NU=
-----END CERTIFICATE-----
Generated at Sun Oct 19 14:43:27 2025 by rpki-client