Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F369591C/3474032EC24711EDAFA6C79FF1222468/875E0D6EA36311F0AA6DF4AEDAE4EC9C.roa
File: 875E0D6EA36311F0AA6DF4AEDAE4EC9C.roa (raw, json)
Hash identifier: 4efvNiFyfuNVE4eXc9fh1MtJHKt6dZYGX7ugnMN6zH0=
Subject key identifier: 6C:5A:43:20:23:49:52:29:AC:F0:73:86:30:79:CC:6C:B6:7B:FB:FC
Certificate issuer: /CN=F369591CAF/serialNumber=C1090D37DA9FFEEE1A9C229BAFF1190BD22E8934
Certificate serial: 0418
Authority key identifier: C1:09:0D:37:DA:9F:FE:EE:1A:9C:22:9B:AF:F1:19:0B:D2:2E:89:34
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/wQkNN9qf_u4anCKbr_EZC9IuiTQ.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F369591C/3474032EC24711EDAFA6C79FF1222468/875E0D6EA36311F0AA6DF4AEDAE4EC9C.roa
Signing time: Tue 07 Oct 2025 09:53:52 +0000
ROA not before: Tue 07 Oct 2025 09:53:44 +0000
ROA not after: Tue 31 Dec 2030 09:53:44 +0000
asID: 15964
IP address blocks: 41.204.64.0/19 maxlen: 19
41.204.64.0/24 maxlen: 24
41.204.71.0/24 maxlen: 24
41.204.83.0/24 maxlen: 24
41.204.85.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F369591C/3474032EC24711EDAFA6C79FF1222468/wQkNN9qf_u4anCKbr_EZC9IuiTQ.crl
rsync://rpki.afrinic.net/repository/member_repository/F369591C/3474032EC24711EDAFA6C79FF1222468/wQkNN9qf_u4anCKbr_EZC9IuiTQ.mft
rsync://rpki.afrinic.net/repository/afrinic/wQkNN9qf_u4anCKbr_EZC9IuiTQ.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 22 Oct 2025 00:06:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1048 (0x418)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F369591CAF, serialNumber=C1090D37DA9FFEEE1A9C229BAFF1190BD22E8934
Validity
Not Before: Oct 7 09:53:44 2025 GMT
Not After : Dec 31 09:53:44 2030 GMT
Subject: CN=68e4e330-0d0a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:a8:8e:92:2a:c3:3b:1d:3f:e3:fd:21:e7:bd:
67:ba:55:7f:f8:c0:16:72:21:11:b7:75:8b:34:0a:
8f:7c:65:ae:18:9e:e9:9c:19:13:49:4a:2a:ed:ce:
2a:05:89:20:de:dd:66:ff:c8:ac:4c:e1:74:34:29:
74:12:aa:7d:c0:6b:ea:49:76:a5:0e:4f:f2:d0:67:
aa:99:ea:66:5a:e0:54:73:72:bb:ce:87:d2:f3:6c:
74:bf:9d:83:a0:97:ba:a2:c5:4e:86:08:94:a1:6e:
39:8a:10:c8:de:cd:be:56:b1:f2:eb:c3:b6:db:dc:
e0:2a:f7:42:7b:0a:d3:08:dc:6e:1d:1d:17:b2:ad:
07:5f:20:ee:d6:21:5f:4b:7b:a1:a3:9d:c5:3d:d6:
2d:6e:38:b5:50:60:7e:a7:68:ae:96:5e:4c:68:28:
6e:c2:45:61:de:a8:d2:50:f1:cc:78:59:d4:b7:ef:
e2:50:ac:f0:4f:11:37:c0:fe:6f:a2:60:1e:4d:d8:
8f:e2:bc:74:75:84:5e:26:f9:44:10:dd:0c:e4:74:
31:c0:0a:ed:66:54:58:db:41:0c:fc:25:8e:9a:ad:
f0:bc:5f:8d:1c:e9:f6:42:6a:44:d3:4d:3f:45:86:
ce:f1:2f:6e:fd:ad:c6:c0:f1:62:dd:eb:6b:ce:3e:
8a:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:5A:43:20:23:49:52:29:AC:F0:73:86:30:79:CC:6C:B6:7B:FB:FC
X509v3 Authority Key Identifier:
keyid:C1:09:0D:37:DA:9F:FE:EE:1A:9C:22:9B:AF:F1:19:0B:D2:2E:89:34
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F369591C/3474032EC24711EDAFA6C79FF1222468/wQkNN9qf_u4anCKbr_EZC9IuiTQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/wQkNN9qf_u4anCKbr_EZC9IuiTQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F369591C/3474032EC24711EDAFA6C79FF1222468/875E0D6EA36311F0AA6DF4AEDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
41.204.64.0/19
Signature Algorithm: sha256WithRSAEncryption
35:8a:d3:39:13:9c:c5:72:5e:1a:3a:65:14:13:35:3c:69:f6:
5d:49:13:05:0d:c4:28:be:72:39:bb:2c:3a:ba:4c:b3:b7:40:
e7:c0:24:0e:73:c8:d3:b7:83:79:9b:e9:11:4a:3f:04:20:e1:
08:08:9c:2d:7d:a7:6a:08:f0:6d:0e:ff:1e:e3:9f:b5:77:29:
24:cc:0e:1e:7e:00:1f:4a:06:91:6b:c7:6b:9d:e8:a0:b3:63:
12:8b:2d:ed:29:14:6e:b3:01:3c:93:53:0e:08:12:63:1d:c9:
23:bf:ad:d2:fc:e9:2e:c2:1d:1e:1d:43:ba:b5:22:f3:a7:e0:
f5:45:9e:36:c4:09:80:1d:c3:d9:7d:39:53:86:79:de:d9:90:
18:04:ae:c5:9d:54:19:b1:0b:34:51:0e:b9:85:b3:f6:f8:e2:
d0:2c:d4:dc:75:68:83:8c:16:2c:ef:68:3e:75:2e:57:7b:33:
61:51:bc:4b:b0:d9:83:25:c8:8e:8b:ee:48:7e:d6:66:fa:c7:
61:1c:bd:4d:95:2a:66:74:29:75:36:01:74:bc:67:dc:e6:01:
da:85:28:0a:23:a4:7a:13:93:bb:09:57:ef:94:67:0c:fb:9b:
ab:ee:fb:8e:c2:ec:c6:92:e1:5e:fb:21:a9:64:21:d3:b2:8e:
f7:e1:6a:a7
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICBBgwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
OTU5MUNBRjExMC8GA1UEBRMoQzEwOTBEMzdEQTlGRkVFRTFBOUMyMjlCQUZGMTE5
MEJEMjJFODkzNDAeFw0yNTEwMDcwOTUzNDRaFw0zMDEyMzEwOTUzNDRaMBgxFjAU
BgNVBAMTDTY4ZTRlMzMwLTBkMGEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQClqI6SKsM7HT/j/SHnvWe6VX/4wBZyIRG3dYs0Co98Za4YnumcGRNJSirt
zioFiSDe3Wb/yKxM4XQ0KXQSqn3Aa+pJdqUOT/LQZ6qZ6mZa4FRzcrvOh9LzbHS/
nYOgl7qixU6GCJShbjmKEMjezb5WsfLrw7bb3OAq90J7CtMI3G4dHReyrQdfIO7W
IV9Le6GjncU91i1uOLVQYH6naK6WXkxoKG7CRWHeqNJQ8cx4WdS37+JQrPBPETfA
/m+iYB5N2I/ivHR1hF4m+UQQ3QzkdDHACu1mVFjbQQz8JY6arfC8X40c6fZCakTT
TT9Fhs7xL279rcbA8WLd62vOPor1AgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUbFpD
ICNJUims8HOGMHnMbLZ7+/wwHwYDVR0jBBgwFoAUwQkNN9qf/u4anCKbr/EZC9Iu
iTQwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjk1OTFDLzM0NzQwMzJFQzI0NzExRURBRkE2Qzc5RkYxMjIyNDY4L3dRa05O
OXFmX3U0YW5DS2JyX0VaQzlJdWlUUS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL3dRa05OOXFmX3U0YW5DS2JyX0VaQzlJdWlUUS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjk1OTFDLzM0NzQwMzJFQzI0NzExRURBRkE2Qzc5RkYx
MjIyNDY4Lzg3NUUwRDZFQTM2MzExRjBBQTZERjRBRURBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAUpzEAwDQYJKoZIhvcNAQEL
BQADggEBADWK0zkTnMVyXho6ZRQTNTxp9l1JEwUNxCi+cjm7LDq6TLO3QOfAJA5z
yNO3g3mb6RFKPwQg4QgInC19p2oI8G0O/x7jn7V3KSTMDh5+AB9KBpFrx2ud6KCz
YxKLLe0pFG6zATyTUw4IEmMdySO/rdL86S7CHR4dQ7q1IvOn4PVFnjbECYAdw9l9
OVOGed7ZkBgErsWdVBmxCzRRDrmFs/b44tAs1Nx1aIOMFizvaD51Lld7M2FRvEuw
2YMlyI6L7kh+1mb6x2EcvU2VKmZ0KXU2AXS8Z9zmAdqFKAojpHoTk7sJV++UZwz7
m6vu+47C7MaS4V77IalkIdOyjvfhaqc=
-----END CERTIFICATE-----
Generated at Mon Oct 20 19:53:44 2025 by rpki-client