Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/4F5FE91EA5E311F091E2A9DDDAE4EC9C.roa
File: 4F5FE91EA5E311F091E2A9DDDAE4EC9C.roa (raw, json)
Hash identifier: HGP1A0IRwPiz4TcuqpWbmvaE5Eirn2Qiy7AbW/1qntY=
Subject key identifier: 67:EE:B5:3B:52:3A:3E:E7:3F:91:C0:1A:BA:CE:D4:B3:E8:35:68:C2
Certificate issuer: /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial: 1C52
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/4F5FE91EA5E311F091E2A9DDDAE4EC9C.roa
Signing time: Fri 10 Oct 2025 14:13:36 +0000
ROA not before: Fri 10 Oct 2025 14:13:31 +0000
ROA not after: Sun 10 Oct 2027 14:13:31 +0000
asID: 262287
IP address blocks: 154.16.251.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7250 (0x1c52)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3682B65AF, serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Validity
Not Before: Oct 10 14:13:31 2025 GMT
Not After : Oct 10 14:13:31 2027 GMT
Subject: CN=68e91490-c68f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:56:74:50:ef:87:88:75:f5:56:e4:99:9f:1b:
52:05:ff:71:42:88:8f:17:3b:f1:7d:a4:1e:41:84:
c4:d1:50:47:13:59:31:ba:2d:99:f5:c8:8c:7a:07:
94:51:c9:21:ea:20:bb:54:6a:5a:0a:a0:4e:3e:9d:
04:3d:df:8e:b1:6d:5d:f9:ef:9e:cb:67:34:1d:09:
9b:93:30:78:28:6c:b7:b8:10:34:2b:5f:e2:e5:66:
cb:68:59:69:82:cb:99:64:e6:49:dc:37:73:b6:07:
88:97:e8:f7:7a:20:2f:9a:2d:48:5b:97:ec:8b:a9:
fd:29:36:14:8e:78:f9:42:dd:9f:43:a0:73:d6:23:
b9:73:fb:ae:f4:d4:fb:84:de:d5:cb:a2:58:dd:06:
bb:7f:83:cc:f6:6f:0e:2c:bf:dc:e4:3b:e0:7e:12:
63:19:df:c9:0e:b7:c4:ac:b1:cf:3d:00:90:ed:55:
1d:15:67:84:fa:9c:20:aa:3b:45:da:d4:96:d8:f5:
4f:28:03:6c:ec:89:be:a8:d0:f7:c9:ce:07:a7:24:
3c:0a:b6:48:d9:0f:9f:26:bd:f6:24:ed:d3:5e:6b:
a7:6f:fb:ba:fb:57:cb:cd:17:f7:26:a5:e0:43:99:
f1:ed:b4:ee:3f:d7:61:2d:2b:96:2f:34:fa:10:91:
eb:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:EE:B5:3B:52:3A:3E:E7:3F:91:C0:1A:BA:CE:D4:B3:E8:35:68:C2
X509v3 Authority Key Identifier:
keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/4F5FE91EA5E311F091E2A9DDDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.16.251.0/24
Signature Algorithm: sha256WithRSAEncryption
24:99:a9:3a:b6:1c:87:dd:ed:65:21:7f:3e:dd:07:dd:af:0d:
6f:9e:cd:18:10:b8:98:80:dd:a5:4e:3c:65:ca:4a:6c:4e:00:
df:f8:4a:3f:97:89:97:4b:ee:b2:50:27:5b:b8:6d:a9:b7:d4:
78:33:01:9f:1f:36:1c:b9:59:52:04:c7:a0:19:06:fc:04:05:
5b:a0:01:f8:45:c0:96:51:75:8e:ac:e3:e2:7f:83:1d:f5:bd:
31:8a:21:17:6f:c7:0c:5c:01:e1:e8:79:cf:37:6c:93:0b:a4:
75:31:9d:1c:5c:af:4d:35:4c:e4:76:3c:ed:12:65:7b:e8:28:
5b:77:80:db:dc:af:02:aa:1f:a2:13:23:f5:a3:52:60:d5:d1:
de:e5:73:d2:2a:03:fa:b5:51:67:f0:7f:5b:4a:a0:40:a1:53:
b2:f3:2e:2b:f6:33:cd:dd:6d:6d:94:74:98:fb:38:67:14:c7:
7a:82:65:fb:09:72:2d:69:77:7e:52:3f:c4:c5:02:94:6d:f2:
07:a2:05:0d:7d:5c:60:98:20:f8:29:c6:e0:f3:bd:cc:fc:18:
4f:10:f9:5a:f1:b4:fb:aa:12:5d:84:0d:f7:9f:35:68:6b:ce:
12:34:b4:ec:66:9a:8e:ba:ca:19:66:fa:75:c6:96:da:07:31:
34:50:ca:b5
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICHFIwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNTEwMTAxNDEzMzFaFw0yNzEwMTAxNDEzMzFaMBgxFjAU
BgNVBAMTDTY4ZTkxNDkwLWM2OGYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC6VnRQ74eIdfVW5JmfG1IF/3FCiI8XO/F9pB5BhMTRUEcTWTG6LZn1yIx6
B5RRySHqILtUaloKoE4+nQQ9346xbV35757LZzQdCZuTMHgobLe4EDQrX+LlZsto
WWmCy5lk5kncN3O2B4iX6Pd6IC+aLUhbl+yLqf0pNhSOePlC3Z9DoHPWI7lz+670
1PuE3tXLoljdBrt/g8z2bw4sv9zkO+B+EmMZ38kOt8Sssc89AJDtVR0VZ4T6nCCq
O0Xa1JbY9U8oA2zsib6o0PfJzgenJDwKtkjZD58mvfYk7dNea6dv+7r7V8vNF/cm
peBDmfHttO4/12EtK5YvNPoQketDAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUZ+61
O1I6Puc/kcAaus7Us+g1aMIwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzRGNUZFOTFFQTVFMzExRjA5MUUyQTlERERBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEPswDQYJKoZIhvcNAQEL
BQADggEBACSZqTq2HIfd7WUhfz7dB92vDW+ezRgQuJiA3aVOPGXKSmxOAN/4Sj+X
iZdL7rJQJ1u4bam31HgzAZ8fNhy5WVIEx6AZBvwEBVugAfhFwJZRdY6s4+J/gx31
vTGKIRdvxwxcAeHoec83bJMLpHUxnRxcr001TOR2PO0SZXvoKFt3gNvcrwKqH6IT
I/WjUmDV0d7lc9IqA/q1UWfwf1tKoEChU7LzLiv2M83dbW2UdJj7OGcUx3qCZfsJ
ci1pd35SP8TFApRt8geiBQ19XGCYIPgpxuDzvcz8GE8Q+VrxtPuqEl2EDfefNWhr
zhI0tOxmmo66yhlm+nXGltoHMTRQyrU=
-----END CERTIFICATE-----
Generated at Mon Oct 20 01:07:12 2025 by rpki-client