Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F369591C/3474032EC24711EDAFA6C79FF1222468/F43D6930A83511F0BC8A38E7DAE4EC9C.roa
File: F43D6930A83511F0BC8A38E7DAE4EC9C.roa (raw, json)
Hash identifier: XTw1rTEthgk2g59vYMTm9U70mr47Am47T/ne830ENLk=
Subject key identifier: C7:C8:20:C9:45:6A:B1:20:1B:30:37:65:20:61:D5:37:CA:32:6E:B9
Certificate issuer: /CN=F369591CAF/serialNumber=C1090D37DA9FFEEE1A9C229BAFF1190BD22E8934
Certificate serial: 0422
Authority key identifier: C1:09:0D:37:DA:9F:FE:EE:1A:9C:22:9B:AF:F1:19:0B:D2:2E:89:34
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/wQkNN9qf_u4anCKbr_EZC9IuiTQ.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F369591C/3474032EC24711EDAFA6C79FF1222468/F43D6930A83511F0BC8A38E7DAE4EC9C.roa
Signing time: Mon 13 Oct 2025 13:10:14 +0000
ROA not before: Mon 13 Oct 2025 13:10:08 +0000
ROA not after: Tue 31 Dec 2030 13:10:08 +0000
asID: 15964
IP address blocks: 197.159.0.0/21 maxlen: 21
197.159.0.0/22 maxlen: 22
197.159.0.0/24 maxlen: 24
197.159.3.0/24 maxlen: 24
197.159.4.0/22 maxlen: 22
197.159.8.0/23 maxlen: 23
197.159.9.0/24 maxlen: 24
197.159.10.0/24 maxlen: 24
197.159.11.0/24 maxlen: 24
197.159.14.0/24 maxlen: 24
197.159.17.0/24 maxlen: 24
197.159.18.0/23 maxlen: 23
197.159.21.0/24 maxlen: 24
197.159.22.0/24 maxlen: 24
197.159.23.0/24 maxlen: 24
197.159.24.0/24 maxlen: 24
197.159.25.0/24 maxlen: 24
197.159.26.0/24 maxlen: 24
197.159.27.0/24 maxlen: 24
197.159.28.0/22 maxlen: 22
197.159.31.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F369591C/3474032EC24711EDAFA6C79FF1222468/wQkNN9qf_u4anCKbr_EZC9IuiTQ.crl
rsync://rpki.afrinic.net/repository/member_repository/F369591C/3474032EC24711EDAFA6C79FF1222468/wQkNN9qf_u4anCKbr_EZC9IuiTQ.mft
rsync://rpki.afrinic.net/repository/afrinic/wQkNN9qf_u4anCKbr_EZC9IuiTQ.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 22 Oct 2025 00:06:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1058 (0x422)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F369591CAF, serialNumber=C1090D37DA9FFEEE1A9C229BAFF1190BD22E8934
Validity
Not Before: Oct 13 13:10:08 2025 GMT
Not After : Dec 31 13:10:08 2030 GMT
Subject: CN=68ecfa35-8242
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:ec:81:9b:78:42:3a:39:ee:da:bd:6a:ab:33:
d5:18:b8:9a:9d:8d:de:73:fa:d2:b3:74:13:7b:15:
ab:59:7c:08:83:1b:92:13:0e:c5:f8:4c:9f:af:73:
41:3e:f3:fe:cb:db:4b:f3:cb:b2:24:8e:26:43:fd:
7b:23:20:b7:54:db:3f:78:aa:64:18:e9:d8:fc:2f:
b0:a4:ba:1a:69:cb:b3:09:0d:69:e6:29:6a:8b:ac:
9f:1b:e6:5d:70:2f:2a:2f:cd:f9:26:a2:ce:ff:df:
93:19:ab:a6:b7:36:2d:28:23:8a:81:da:c8:8f:9e:
20:b2:01:d9:48:0e:e7:26:5d:11:04:cb:98:b3:c0:
4e:a3:35:d5:71:4c:7d:5d:7c:02:a3:38:7d:15:17:
ea:8e:36:60:65:c5:0b:b4:4c:2f:ea:20:e0:bd:6b:
41:d5:06:76:9d:76:b6:63:85:2d:ac:cf:fa:47:ea:
b2:d8:eb:ac:9a:43:95:f0:e1:4e:62:7a:7d:2a:86:
30:61:d8:ff:ad:e5:04:42:ad:cd:49:3e:19:d0:39:
07:92:61:07:18:10:20:a7:c5:f4:42:91:e3:56:ec:
f6:ad:08:29:e4:3f:e8:1f:25:9c:48:aa:a7:75:a7:
4b:88:96:19:ef:2c:9e:ea:bf:6f:ca:b7:66:79:df:
3d:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:C8:20:C9:45:6A:B1:20:1B:30:37:65:20:61:D5:37:CA:32:6E:B9
X509v3 Authority Key Identifier:
keyid:C1:09:0D:37:DA:9F:FE:EE:1A:9C:22:9B:AF:F1:19:0B:D2:2E:89:34
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F369591C/3474032EC24711EDAFA6C79FF1222468/wQkNN9qf_u4anCKbr_EZC9IuiTQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/wQkNN9qf_u4anCKbr_EZC9IuiTQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F369591C/3474032EC24711EDAFA6C79FF1222468/F43D6930A83511F0BC8A38E7DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
197.159.0.0-197.159.11.255
197.159.14.0/24
197.159.17.0-197.159.19.255
197.159.21.0-197.159.31.255
Signature Algorithm: sha256WithRSAEncryption
4b:e4:f2:37:1a:ad:b9:c6:43:2a:23:db:44:df:46:f9:0c:74:
b4:db:b5:fe:33:d6:e9:1d:1a:26:7a:64:3c:6b:86:f5:8d:35:
97:43:22:5f:37:f3:b3:b0:ba:be:70:ff:29:39:8b:b0:5d:56:
64:32:83:38:e5:b4:6c:d9:a1:b9:12:90:f2:68:37:89:a6:07:
6e:a2:2d:db:09:18:74:2f:dc:93:25:9e:13:08:02:71:d4:40:
27:17:ef:b6:ee:fe:e9:9a:bc:bc:97:49:af:d1:bb:4f:24:09:
3c:d1:56:56:83:82:6e:f0:81:4a:ea:87:fa:52:c4:e7:f6:5c:
69:d7:2f:24:76:2e:c3:05:c1:cf:3a:cd:87:58:5c:9c:e9:88:
d1:20:48:5d:5a:09:42:a5:b6:ca:31:ed:89:15:f7:98:f5:90:
47:6e:77:c0:ed:e7:40:3a:f7:b9:d7:cd:21:a2:d6:bd:37:22:
86:c6:8a:39:e2:2c:e4:39:92:5e:e1:00:4f:d7:64:80:1c:47:
a3:e4:af:aa:1b:90:78:33:cb:ab:ce:20:a3:b1:bd:ec:78:6a:
47:2f:15:e9:05:c4:21:5f:77:ee:2c:2e:a2:58:08:96:5d:9d:
11:dd:4d:2f:79:28:0b:c9:b5:52:ad:25:e7:cb:5c:27:35:fe:
e3:a0:df:99
-----BEGIN CERTIFICATE-----
MIIFrDCCBJSgAwIBAgICBCIwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
OTU5MUNBRjExMC8GA1UEBRMoQzEwOTBEMzdEQTlGRkVFRTFBOUMyMjlCQUZGMTE5
MEJEMjJFODkzNDAeFw0yNTEwMTMxMzEwMDhaFw0zMDEyMzExMzEwMDhaMBgxFjAU
BgNVBAMTDTY4ZWNmYTM1LTgyNDIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC77IGbeEI6Oe7avWqrM9UYuJqdjd5z+tKzdBN7FatZfAiDG5ITDsX4TJ+v
c0E+8/7L20vzy7IkjiZD/XsjILdU2z94qmQY6dj8L7Ckuhppy7MJDWnmKWqLrJ8b
5l1wLyovzfkmos7/35MZq6a3Ni0oI4qB2siPniCyAdlIDucmXREEy5izwE6jNdVx
TH1dfAKjOH0VF+qONmBlxQu0TC/qIOC9a0HVBnaddrZjhS2sz/pH6rLY66yaQ5Xw
4U5ien0qhjBh2P+t5QRCrc1JPhnQOQeSYQcYECCnxfRCkeNW7PatCCnkP+gfJZxI
qqd1p0uIlhnvLJ7qv2/Kt2Z53z2JAgMBAAGjggLOMIICyjAdBgNVHQ4EFgQUx8gg
yUVqsSAbMDdlIGHVN8oybrkwHwYDVR0jBBgwFoAUwQkNN9qf/u4anCKbr/EZC9Iu
iTQwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjk1OTFDLzM0NzQwMzJFQzI0NzExRURBRkE2Qzc5RkYxMjIyNDY4L3dRa05O
OXFmX3U0YW5DS2JyX0VaQzlJdWlUUS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL3dRa05OOXFmX3U0YW5DS2JyX0VaQzlJdWlUUS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjk1OTFDLzM0NzQwMzJFQzI0NzExRURBRkE2Qzc5RkYx
MjIyNDY4L0Y0M0Q2OTMwQTgzNTExRjBCQzhBMzhFN0RBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwSAYIKwYBBQUHAQcBAf8EOTA3MDUEAgABMC8wCwMDAMWfAwQCxZ8IAwQAxZ8O
MAwDBADFnxEDBALFnxAwDAMEAMWfFQMEBcWfADANBgkqhkiG9w0BAQsFAAOCAQEA
S+TyNxqtucZDKiPbRN9G+Qx0tNu1/jPW6R0aJnpkPGuG9Y01l0MiXzfzs7C6vnD/
KTmLsF1WZDKDOOW0bNmhuRKQ8mg3iaYHbqIt2wkYdC/ckyWeEwgCcdRAJxfvtu7+
6Zq8vJdJr9G7TyQJPNFWVoOCbvCBSuqH+lLE5/ZcadcvJHYuwwXBzzrNh1hcnOmI
0SBIXVoJQqW2yjHtiRX3mPWQR253wO3nQDr3udfNIaLWvTcihsaKOeIs5DmSXuEA
T9dkgBxHo+SvqhuQeDPLq84go7G97HhqRy8V6QXEIV937iwuolgIll2dEd1NL3ko
C8m1Uq0l58tcJzX+46DfmQ==
-----END CERTIFICATE-----
Generated at Mon Oct 20 14:50:06 2025 by rpki-client