Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/DADD2410A6A211F0B5EFC6B7DAE4EC9C.roa
File: DADD2410A6A211F0B5EFC6B7DAE4EC9C.roa (raw, json)
Hash identifier: CAG3cwsbbEtnF0pXtXDtrElISF9ae4zqPkPuueAa7NM=
Subject key identifier: 28:B8:F1:0F:8C:61:BC:D1:FB:6C:66:6F:39:1B:17:5A:84:22:88:E4
Certificate issuer: /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial: 1C5C
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/DADD2410A6A211F0B5EFC6B7DAE4EC9C.roa
Signing time: Sat 11 Oct 2025 13:04:44 +0000
ROA not before: Sat 11 Oct 2025 13:04:37 +0000
ROA not after: Mon 11 Oct 2027 13:04:37 +0000
asID: 205886
IP address blocks: 154.16.231.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7260 (0x1c5c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3682B65AF, serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Validity
Not Before: Oct 11 13:04:37 2025 GMT
Not After : Oct 11 13:04:37 2027 GMT
Subject: CN=68ea55ec-8ad5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:bb:aa:6c:4d:c2:0c:69:88:3c:af:f4:94:49:
95:2c:2d:ab:22:46:fd:80:10:00:10:4f:4a:b6:22:
fd:24:2e:43:10:63:6a:42:08:8d:d1:c8:8a:8e:14:
19:c4:b7:0d:89:fd:25:15:4a:52:4c:77:5f:c0:b8:
82:2e:4d:34:07:0f:94:f9:54:1f:a3:03:0d:28:a2:
34:ed:90:a5:27:44:68:4d:72:8c:68:d2:1d:ee:c8:
00:e0:41:90:8c:b0:af:8f:ce:2a:f3:57:1a:59:62:
a3:d6:fa:1c:68:76:33:bb:a6:c6:47:54:db:d0:5c:
fa:60:8b:c7:ab:08:e5:b7:68:77:03:71:c3:a3:7a:
5b:a3:9d:39:5e:6c:cb:31:03:94:cb:65:03:2a:39:
11:db:07:e3:70:bf:23:43:51:e2:ea:6d:f2:11:95:
54:50:d3:01:be:e3:59:d7:31:cd:9b:15:89:f5:30:
ef:02:9f:8a:0b:83:de:da:eb:3e:0a:9c:16:34:c7:
32:a7:c9:6f:7d:91:f0:93:59:b6:cc:d3:ac:42:8e:
f8:ac:95:ce:96:aa:c1:da:a6:6d:20:72:73:1c:8c:
46:c9:df:4d:37:cd:7e:c3:fd:f1:ba:c4:1e:f9:ed:
d1:88:d4:3d:d6:a6:88:ea:25:c6:57:54:1a:9a:c6:
b9:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:B8:F1:0F:8C:61:BC:D1:FB:6C:66:6F:39:1B:17:5A:84:22:88:E4
X509v3 Authority Key Identifier:
keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/DADD2410A6A211F0B5EFC6B7DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.16.231.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:56:6e:2e:72:75:13:db:48:15:1b:7b:98:fc:d0:b3:70:c0:
d3:1f:f8:b0:19:89:ce:bb:89:0d:2f:c5:1c:18:6d:d6:73:0f:
9d:d0:2e:27:4c:ee:42:1a:d7:28:25:47:71:37:bf:e8:81:0f:
d3:21:ad:3a:83:db:09:31:e2:bc:fe:7b:02:61:5f:7e:af:eb:
cd:fa:2b:69:f8:3b:fa:22:e9:84:3d:a0:c2:d1:b4:09:76:a4:
00:f1:54:02:45:a3:a1:f8:48:e8:76:b6:2a:f1:06:5d:33:62:
1b:f4:43:50:4c:50:5c:56:59:e7:dd:57:63:cc:6a:5d:24:5b:
7d:f4:35:2c:74:0a:ed:a7:9e:a4:c6:63:96:62:06:42:c9:5e:
05:7b:36:48:5c:04:09:cf:4e:d2:42:60:11:23:c2:e2:6f:ba:
98:f3:8a:3b:37:0d:73:f4:cb:27:b1:19:47:35:f6:16:19:f3:
3f:ea:11:2b:1f:9c:e6:f8:2c:58:25:31:d6:a7:f9:75:ef:13:
fa:e2:db:04:ff:35:88:b7:82:a2:46:9b:31:e0:c4:2f:bf:87:
3b:db:da:3f:f0:81:08:87:42:cc:e6:f9:53:49:82:52:b0:0d:
58:6d:56:d0:51:02:73:cf:93:1f:24:c6:41:2d:73:90:08:16:
f0:76:8c:cb
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICHFwwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNTEwMTExMzA0MzdaFw0yNzEwMTExMzA0MzdaMBgxFjAU
BgNVBAMTDTY4ZWE1NWVjLThhZDUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCsu6psTcIMaYg8r/SUSZUsLasiRv2AEAAQT0q2Iv0kLkMQY2pCCI3RyIqO
FBnEtw2J/SUVSlJMd1/AuIIuTTQHD5T5VB+jAw0oojTtkKUnRGhNcoxo0h3uyADg
QZCMsK+PzirzVxpZYqPW+hxodjO7psZHVNvQXPpgi8erCOW3aHcDccOjelujnTle
bMsxA5TLZQMqORHbB+NwvyNDUeLqbfIRlVRQ0wG+41nXMc2bFYn1MO8Cn4oLg97a
6z4KnBY0xzKnyW99kfCTWbbM06xCjvislc6WqsHapm0gcnMcjEbJ3003zX7D/fG6
xB757dGI1D3WpojqJcZXVBqaxrkXAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUKLjx
D4xhvNH7bGZvORsXWoQiiOQwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4L0RBREQyNDEwQTZBMjExRjBCNUVGQzZCN0RBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEOcwDQYJKoZIhvcNAQEL
BQADggEBADxWbi5ydRPbSBUbe5j80LNwwNMf+LAZic67iQ0vxRwYbdZzD53QLidM
7kIa1yglR3E3v+iBD9MhrTqD2wkx4rz+ewJhX36v6836K2n4O/oi6YQ9oMLRtAl2
pADxVAJFo6H4SOh2tirxBl0zYhv0Q1BMUFxWWefdV2PMal0kW330NSx0Cu2nnqTG
Y5ZiBkLJXgV7NkhcBAnPTtJCYBEjwuJvupjzijs3DXP0yyexGUc19hYZ8z/qESsf
nOb4LFglMdan+XXvE/ri2wT/NYi3gqJGmzHgxC+/hzvb2j/wgQiHQszm+VNJglKw
DVhtVtBRAnPPkx8kxkEtc5AIFvB2jMs=
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:03:22 2025 by rpki-client