Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/2D9197AEA8BA11F0968CF3BEDAE4EC9C.roa
File: 2D9197AEA8BA11F0968CF3BEDAE4EC9C.roa (raw, json)
Hash identifier: WIQ4AXwtyFhZ+ihUxFLXjGDDmuloJN7hkEEItPJ1J1M=
Subject key identifier: DE:81:CF:24:0F:27:BE:E3:60:2A:B3:D7:A7:EF:02:DC:32:5E:78:BA
Certificate issuer: /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial: 1C63
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/2D9197AEA8BA11F0968CF3BEDAE4EC9C.roa
Signing time: Tue 14 Oct 2025 04:56:43 +0000
ROA not before: Tue 14 Oct 2025 04:56:37 +0000
ROA not after: Thu 14 Oct 2027 04:56:37 +0000
asID: 397373
IP address blocks: 154.16.173.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7267 (0x1c63)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3682B65AF, serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Validity
Not Before: Oct 14 04:56:37 2025 GMT
Not After : Oct 14 04:56:37 2027 GMT
Subject: CN=68edd80b-a7a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:89:c8:f9:2c:1b:7e:bd:58:f2:45:a2:fb:72:
29:69:56:c9:a3:a1:21:51:e3:8e:83:48:5f:c7:ac:
5f:ec:ff:34:4e:84:22:a6:f4:58:0f:5f:78:24:3a:
fb:a9:16:fc:51:0a:e1:a7:dc:da:91:41:01:72:60:
b8:bb:a4:a8:a7:64:6a:1c:d4:8a:df:63:0b:d2:b3:
c0:c8:e7:ee:7f:5f:bb:00:8e:53:d9:27:49:67:7e:
5f:a6:26:f7:fc:b4:ad:8d:cc:2e:68:ea:40:5d:30:
9c:72:ec:39:ea:ad:8a:3e:1e:52:c3:c1:77:0d:a0:
a8:2f:f2:1c:23:62:f8:7a:53:7c:e2:be:bd:c9:3e:
6b:16:0c:55:9d:80:99:be:bd:c6:9a:c1:50:f1:e5:
4e:81:5e:19:3f:c9:d4:09:21:61:f1:db:73:a7:70:
51:2a:53:af:57:63:a2:88:a8:17:49:a1:22:b3:23:
26:98:9c:f4:c5:98:3a:f5:cb:c0:10:a3:30:e5:57:
4f:60:af:7c:9c:7a:fc:2d:e5:1d:e2:84:77:5f:58:
90:e9:24:4f:8b:13:e5:ed:7d:11:04:78:a5:fb:65:
52:08:a3:15:6e:be:05:a9:14:02:32:9a:73:61:0a:
cd:8a:51:49:0b:60:3c:b2:cd:1b:b6:8c:02:6a:b5:
fa:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:81:CF:24:0F:27:BE:E3:60:2A:B3:D7:A7:EF:02:DC:32:5E:78:BA
X509v3 Authority Key Identifier:
keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/2D9197AEA8BA11F0968CF3BEDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.16.173.0/24
Signature Algorithm: sha256WithRSAEncryption
58:79:a9:da:22:9d:be:a4:c3:6a:b6:83:e0:7f:7d:de:1a:c8:
c9:90:9b:42:e0:38:8f:81:8c:03:5a:6a:3e:86:97:00:05:90:
ff:10:4f:a7:ec:36:23:da:89:ce:d1:91:93:e8:b2:11:7c:82:
8a:a4:3d:5c:5b:c2:41:ef:ec:a5:09:d6:b5:05:c3:11:f9:86:
b7:a8:38:eb:8a:0b:7f:90:81:cf:60:ee:b9:e1:bb:3a:a4:60:
c6:45:44:5e:b1:b1:9e:d6:d9:e3:fc:24:a1:17:f3:57:68:57:
a7:d8:d1:78:0e:3e:6f:95:f7:3b:25:41:13:cd:fd:56:7e:1b:
06:ec:96:6c:68:09:03:ff:79:08:4a:04:55:d3:8c:e5:66:79:
bc:85:22:6d:7a:9c:f1:11:b9:08:02:1a:29:e6:1d:8f:46:06:
de:d8:1d:b2:c2:fd:20:c2:4a:2c:fb:60:20:60:60:f4:b8:c7:
71:d7:a9:90:66:1b:d3:9c:1f:dc:91:7c:2f:4e:6b:01:e3:48:
54:7e:73:76:3f:e0:9f:3b:a7:3a:d6:d7:45:e5:1a:04:f2:99:
2f:1d:29:8c:e7:05:27:03:92:95:63:5f:ec:67:16:46:99:7a:
55:37:92:d2:93:f3:5f:ed:2f:53:88:bc:f6:a4:9b:95:ee:5c:
8f:0a:90:32
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICHGMwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNTEwMTQwNDU2MzdaFw0yNzEwMTQwNDU2MzdaMBgxFjAU
BgNVBAMTDTY4ZWRkODBiLWE3YTUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC2icj5LBt+vVjyRaL7cilpVsmjoSFR446DSF/HrF/s/zROhCKm9FgPX3gk
OvupFvxRCuGn3NqRQQFyYLi7pKinZGoc1IrfYwvSs8DI5+5/X7sAjlPZJ0lnfl+m
Jvf8tK2NzC5o6kBdMJxy7DnqrYo+HlLDwXcNoKgv8hwjYvh6U3zivr3JPmsWDFWd
gJm+vcaawVDx5U6BXhk/ydQJIWHx23OncFEqU69XY6KIqBdJoSKzIyaYnPTFmDr1
y8AQozDlV09gr3ycevwt5R3ihHdfWJDpJE+LE+XtfREEeKX7ZVIIoxVuvgWpFAIy
mnNhCs2KUUkLYDyyzRu2jAJqtfrDAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQU3oHP
JA8nvuNgKrPXp+8C3DJeeLowHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzJEOTE5N0FFQThCQTExRjA5NjhDRjNCRURBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEK0wDQYJKoZIhvcNAQEL
BQADggEBAFh5qdoinb6kw2q2g+B/fd4ayMmQm0LgOI+BjANaaj6GlwAFkP8QT6fs
NiPaic7RkZPoshF8goqkPVxbwkHv7KUJ1rUFwxH5hreoOOuKC3+Qgc9g7rnhuzqk
YMZFRF6xsZ7W2eP8JKEX81doV6fY0XgOPm+V9zslQRPN/VZ+GwbslmxoCQP/eQhK
BFXTjOVmebyFIm16nPERuQgCGinmHY9GBt7YHbLC/SDCSiz7YCBgYPS4x3HXqZBm
G9OcH9yRfC9OawHjSFR+c3Y/4J87pzrW10XlGgTymS8dKYznBScDkpVjX+xnFkaZ
elU3ktKT81/tL1OIvPakm5XuXI8KkDI=
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:03:59 2025 by rpki-client