Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F369591C/672357D4C24711ED959790A0F1222468/EA8394FEA84011F0A123C6ADDAE4EC9C.roa
File: EA8394FEA84011F0A123C6ADDAE4EC9C.roa (raw, json)
Hash identifier: BlN6ZCd0jXJwuiZMNu47rtCr+FOtsw3oe++3RgGL1q4=
Subject key identifier: AD:C3:9A:68:69:D7:49:8F:58:60:AA:38:3E:38:B3:4C:0E:51:98:FC
Certificate issuer: /CN=F369591CRI/serialNumber=DCFEA3847722D2FEC7A039E99038F7538259D031
Certificate serial: 03F1
Authority key identifier: DC:FE:A3:84:77:22:D2:FE:C7:A0:39:E9:90:38:F7:53:82:59:D0:31
Authority info access: rsync://rpki.afrinic.net/repository/ripe/3P6jhHci0v7HoDnpkDj3U4JZ0DE.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F369591C/672357D4C24711ED959790A0F1222468/EA8394FEA84011F0A123C6ADDAE4EC9C.roa
Signing time: Mon 13 Oct 2025 14:28:42 +0000
ROA not before: Mon 13 Oct 2025 14:28:37 +0000
ROA not after: Tue 31 Dec 2030 14:28:37 +0000
asID: 15964
IP address blocks: 195.24.192.0/20 maxlen: 20
195.24.192.0/21 maxlen: 21
195.24.192.0/22 maxlen: 22
195.24.196.0/22 maxlen: 22
195.24.200.0/22 maxlen: 22
195.24.204.0/22 maxlen: 22
195.24.208.0/20 maxlen: 20
195.24.216.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F369591C/672357D4C24711ED959790A0F1222468/3P6jhHci0v7HoDnpkDj3U4JZ0DE.crl
rsync://rpki.afrinic.net/repository/member_repository/F369591C/672357D4C24711ED959790A0F1222468/3P6jhHci0v7HoDnpkDj3U4JZ0DE.mft
rsync://rpki.afrinic.net/repository/ripe/3P6jhHci0v7HoDnpkDj3U4JZ0DE.cer
rsync://rpki.afrinic.net/repository/ripe/f3rBgIl5g-Kek3wKGHgDwHJ1VUU.crl
rsync://rpki.afrinic.net/repository/ripe/f3rBgIl5g-Kek3wKGHgDwHJ1VUU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/ripe-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 22 Oct 2025 00:45:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1009 (0x3f1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F369591CRI, serialNumber=DCFEA3847722D2FEC7A039E99038F7538259D031
Validity
Not Before: Oct 13 14:28:37 2025 GMT
Not After : Dec 31 14:28:37 2030 GMT
Subject: CN=68ed0c9a-6c94
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:43:59:71:81:29:98:5d:24:37:f5:ba:71:f0:
d1:1f:8b:b4:07:7d:87:00:6f:34:df:92:f3:4b:81:
cc:4c:1b:97:64:74:cd:86:fe:41:b5:f8:d0:b5:1b:
59:ca:e9:f3:21:8f:29:d6:91:4a:bc:6e:b9:ca:a1:
bf:07:19:b4:e9:2c:57:c7:ed:cb:cc:4e:28:16:90:
24:45:b5:74:cd:94:a8:2b:40:74:ee:58:44:39:b6:
ca:04:87:53:8b:df:c9:7b:d1:50:c1:29:b0:51:63:
ca:aa:32:60:6c:0b:81:db:83:1d:28:0b:be:b9:bc:
21:af:8b:11:ba:96:b2:e0:c8:c5:f0:6f:44:3b:04:
45:fd:13:0c:7f:da:bd:59:97:dc:e6:48:f1:21:8d:
fc:b1:da:4d:20:75:05:8d:4d:a4:50:eb:10:c9:ec:
f6:a9:6a:63:b5:4d:34:85:bc:74:b8:d2:f5:95:41:
0f:cd:4d:3d:38:35:c2:e7:46:e2:8e:f5:78:e6:3b:
f0:ed:5c:c8:fa:b8:ca:f5:f5:5b:e7:c3:c5:46:91:
ef:8a:0f:3e:e6:a3:38:99:53:68:60:59:1d:d4:54:
9d:5f:a8:b0:83:7f:dc:4a:2b:13:aa:5c:a9:40:27:
e6:93:b7:b8:8b:69:3d:29:25:10:2b:9d:f4:0f:5f:
48:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:C3:9A:68:69:D7:49:8F:58:60:AA:38:3E:38:B3:4C:0E:51:98:FC
X509v3 Authority Key Identifier:
keyid:DC:FE:A3:84:77:22:D2:FE:C7:A0:39:E9:90:38:F7:53:82:59:D0:31
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F369591C/672357D4C24711ED959790A0F1222468/3P6jhHci0v7HoDnpkDj3U4JZ0DE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/ripe/3P6jhHci0v7HoDnpkDj3U4JZ0DE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F369591C/672357D4C24711ED959790A0F1222468/EA8394FEA84011F0A123C6ADDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
195.24.192.0/19
Signature Algorithm: sha256WithRSAEncryption
60:c9:73:f3:d8:c0:f4:57:4d:1b:00:a9:87:88:8a:b5:ec:48:
46:e6:81:91:dd:6a:e1:ec:6e:34:c6:93:82:72:0a:bb:61:d8:
94:94:68:f9:8f:b4:cd:21:9f:74:b4:0e:1d:d6:49:26:b6:3c:
b7:96:01:26:f2:d2:4a:0c:dc:d1:89:95:b5:1c:d0:83:d2:27:
b1:05:76:84:50:a8:f1:22:3c:8c:eb:32:c1:75:70:cc:42:1a:
94:20:b0:0d:32:29:ef:47:47:6b:fd:f0:05:1f:c4:7d:2c:ab:
9f:06:1b:04:e8:fb:cc:bb:24:09:09:ae:6a:97:1e:a3:a1:65:
c2:b6:d7:27:77:11:73:7e:fa:5e:83:37:fb:31:0e:e4:a1:f7:
0f:2f:92:31:4e:e3:b4:2d:67:48:7b:b2:f9:49:7c:6d:c6:8b:
5e:41:7b:76:fd:8e:04:db:5d:d5:74:88:ae:39:23:7b:37:07:
cf:4b:c7:c4:fd:dc:4d:14:4a:80:a7:aa:62:04:3b:e9:86:6c:
3a:5c:e8:9d:c4:7f:3c:9c:e3:1e:e3:be:20:60:47:b0:f0:8f:
82:56:45:9c:40:bb:3e:8b:ea:72:a3:bb:c0:5b:e1:0b:6a:1d:
a4:19:02:9d:ca:e3:c2:11:e0:50:cc:16:96:45:29:3d:50:70:
7d:81:99:ef
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICA/EwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
OTU5MUNSSTExMC8GA1UEBRMoRENGRUEzODQ3NzIyRDJGRUM3QTAzOUU5OTAzOEY3
NTM4MjU5RDAzMTAeFw0yNTEwMTMxNDI4MzdaFw0zMDEyMzExNDI4MzdaMBgxFjAU
BgNVBAMTDTY4ZWQwYzlhLTZjOTQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDNQ1lxgSmYXSQ39bpx8NEfi7QHfYcAbzTfkvNLgcxMG5dkdM2G/kG1+NC1
G1nK6fMhjynWkUq8brnKob8HGbTpLFfH7cvMTigWkCRFtXTNlKgrQHTuWEQ5tsoE
h1OL38l70VDBKbBRY8qqMmBsC4Hbgx0oC765vCGvixG6lrLgyMXwb0Q7BEX9Ewx/
2r1Zl9zmSPEhjfyx2k0gdQWNTaRQ6xDJ7PapamO1TTSFvHS40vWVQQ/NTT04NcLn
RuKO9XjmO/DtXMj6uMr19Vvnw8VGke+KDz7moziZU2hgWR3UVJ1fqLCDf9xKKxOq
XKlAJ+aTt7iLaT0pJRArnfQPX0jvAgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUrcOa
aGnXSY9YYKo4PjizTA5RmPwwHwYDVR0jBBgwFoAU3P6jhHci0v7HoDnpkDj3U4JZ
0DEwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjk1OTFDLzY3MjM1N0Q0QzI0NzExRUQ5NTk3OTBBMEYxMjIyNDY4LzNQNmpo
SGNpMHY3SG9EbnBrRGozVTRKWjBERS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9yaXBl
LzNQNmpoSGNpMHY3SG9EbnBrRGozVTRKWjBERS5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjk1OTFDLzY3MjM1N0Q0QzI0NzExRUQ5NTk3OTBBMEYxMjIy
NDY4L0VBODM5NEZFQTg0MDExRjBBMTIzQzZBRERBRTRFQzlDLnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAXDGMAwDQYJKoZIhvcNAQELBQAD
ggEBAGDJc/PYwPRXTRsAqYeIirXsSEbmgZHdauHsbjTGk4JyCrth2JSUaPmPtM0h
n3S0Dh3WSSa2PLeWASby0koM3NGJlbUc0IPSJ7EFdoRQqPEiPIzrMsF1cMxCGpQg
sA0yKe9HR2v98AUfxH0sq58GGwTo+8y7JAkJrmqXHqOhZcK21yd3EXN++l6DN/sx
DuSh9w8vkjFO47QtZ0h7svlJfG3Gi15Be3b9jgTbXdV0iK45I3s3B89Lx8T93E0U
SoCnqmIEO+mGbDpc6J3Efzyc4x7jviBgR7Dwj4JWRZxAuz6L6nKju8Bb4QtqHaQZ
Ap3K48IR4FDMFpZFKT1QcH2Bme8=
-----END CERTIFICATE-----
Generated at Tue Oct 21 01:54:45 2025 by rpki-client