Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3651B12/040F5AC25BF011F0ABEB4ED6DAE4EC9C/F0416B6A872E11F09C305CA6DAE4EC9C.roa
File: F0416B6A872E11F09C305CA6DAE4EC9C.roa (raw, json)
Hash identifier: sbjPctYuxcoCXndPVrSf82IVOXhzZFouCepGcp4OYzE=
Subject key identifier: 8E:D9:F6:DA:7F:E1:E5:59:05:8F:85:39:60:74:D4:E9:D7:19:DF:02
Certificate issuer: /CN=F3651B12AF/serialNumber=797B59395874D2EE6EC8CBFD076B2ABC613D89B4
Certificate serial: 3B
Authority key identifier: 79:7B:59:39:58:74:D2:EE:6E:C8:CB:FD:07:6B:2A:BC:61:3D:89:B4
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/eXtZOVh00u5uyMv9B2sqvGE9ibQ.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3651B12/040F5AC25BF011F0ABEB4ED6DAE4EC9C/F0416B6A872E11F09C305CA6DAE4EC9C.roa
Signing time: Mon 01 Sep 2025 12:26:52 +0000
ROA not before: Mon 01 Sep 2025 12:26:47 +0000
ROA not after: Wed 01 Sep 2027 12:26:47 +0000
asID: 33779
IP address blocks: 41.221.16.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3651B12/040F5AC25BF011F0ABEB4ED6DAE4EC9C/eXtZOVh00u5uyMv9B2sqvGE9ibQ.crl
rsync://rpki.afrinic.net/repository/member_repository/F3651B12/040F5AC25BF011F0ABEB4ED6DAE4EC9C/eXtZOVh00u5uyMv9B2sqvGE9ibQ.mft
rsync://rpki.afrinic.net/repository/afrinic/eXtZOVh00u5uyMv9B2sqvGE9ibQ.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 18 Sep 2025 00:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 59 (0x3b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3651B12AF, serialNumber=797B59395874D2EE6EC8CBFD076B2ABC613D89B4
Validity
Not Before: Sep 1 12:26:47 2025 GMT
Not After : Sep 1 12:26:47 2027 GMT
Subject: CN=68b5910c-b55e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:ea:6e:ff:69:8f:40:19:0b:14:12:98:7e:ec:
16:90:6a:81:6e:66:e6:31:e1:5d:2f:e1:a1:38:3e:
cd:7f:29:09:29:66:60:04:d0:d9:56:3a:b6:0f:39:
52:0a:0e:73:c9:73:58:a2:90:3d:ce:af:46:31:a7:
50:e0:89:d7:c0:3e:bf:37:d7:98:16:d7:69:85:5f:
ed:9c:8f:9f:18:13:cd:66:2d:4b:b7:60:45:60:42:
4b:a5:97:ef:14:05:f0:be:53:c4:51:87:ca:20:29:
17:85:68:81:74:8e:90:c9:b6:7c:77:c2:e9:6e:e5:
b0:1d:97:02:1c:8d:51:e9:93:c9:bc:54:91:56:55:
b5:a0:50:7b:29:4e:b5:d8:e9:2c:39:9e:8a:1b:a1:
93:c7:51:8a:af:80:ec:66:ff:2e:0c:d3:b7:14:1c:
be:b0:43:83:79:61:fa:cf:80:ff:97:cb:87:44:df:
6b:09:c8:6b:7f:ee:43:19:f1:ee:31:69:85:8e:b6:
3b:95:77:0a:47:bc:9e:c5:a4:74:8b:ca:a2:4d:c2:
ac:2f:72:1a:9c:16:66:a0:b8:08:a8:44:c1:ff:f6:
b9:86:3f:00:05:c5:48:ee:9a:cb:b0:59:ab:30:20:
ec:37:c1:be:6c:22:d9:20:5e:b1:cd:0a:50:67:82:
9e:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:D9:F6:DA:7F:E1:E5:59:05:8F:85:39:60:74:D4:E9:D7:19:DF:02
X509v3 Authority Key Identifier:
keyid:79:7B:59:39:58:74:D2:EE:6E:C8:CB:FD:07:6B:2A:BC:61:3D:89:B4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3651B12/040F5AC25BF011F0ABEB4ED6DAE4EC9C/eXtZOVh00u5uyMv9B2sqvGE9ibQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/eXtZOVh00u5uyMv9B2sqvGE9ibQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3651B12/040F5AC25BF011F0ABEB4ED6DAE4EC9C/F0416B6A872E11F09C305CA6DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
41.221.16.0/20
Signature Algorithm: sha256WithRSAEncryption
31:20:2f:97:8d:10:28:88:27:ce:f7:b7:f6:2c:93:ca:fc:14:
51:ed:a6:37:1d:dc:a2:5f:19:03:7c:0c:22:12:d7:9a:2e:33:
3b:68:7a:05:c7:d5:04:80:5b:5e:0e:df:fe:e0:4b:11:99:50:
ad:20:cf:84:b0:5d:3b:ef:f9:7a:41:50:95:95:4e:f6:af:a2:
67:30:e9:bb:54:36:b5:44:a8:80:8b:70:0b:b7:68:38:9d:10:
c1:92:17:35:d0:86:59:03:ed:10:7a:0f:b9:c7:55:e7:e0:b5:
29:cd:50:83:a2:4e:2a:49:18:f4:9a:26:70:ac:32:2a:56:b1:
ef:de:f9:81:30:c2:47:aa:8d:ee:34:8c:b7:6f:11:1c:86:86:
2b:7a:9c:c1:c7:36:51:56:77:74:29:59:40:34:7c:07:6f:de:
04:4e:bf:8a:ef:10:d5:ef:da:b5:fe:fe:19:51:c9:8a:ac:b6:
dc:25:8f:80:59:e2:99:c2:81:c4:59:af:5b:7e:85:85:b6:7b:
1d:e4:87:04:f4:26:50:20:00:f6:1e:41:62:dc:6f:84:3c:60:
b0:25:c4:8c:5c:26:bd:9a:40:ab:8b:95:96:51:76:32:0a:97:
34:86:16:54:4e:02:07:e4:1f:7c:5a:5a:54:65:09:fa:6b:0e:
69:e1:04:54
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBOzANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY1
MUIxMkFGMTEwLwYDVQQFEyg3OTdCNTkzOTU4NzREMkVFNkVDOENCRkQwNzZCMkFC
QzYxM0Q4OUI0MB4XDTI1MDkwMTEyMjY0N1oXDTI3MDkwMTEyMjY0N1owGDEWMBQG
A1UEAxMNNjhiNTkxMGMtYjU1ZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK/qbv9pj0AZCxQSmH7sFpBqgW5m5jHhXS/hoTg+zX8pCSlmYATQ2VY6tg85
UgoOc8lzWKKQPc6vRjGnUOCJ18A+vzfXmBbXaYVf7ZyPnxgTzWYtS7dgRWBCS6WX
7xQF8L5TxFGHyiApF4VogXSOkMm2fHfC6W7lsB2XAhyNUemTybxUkVZVtaBQeylO
tdjpLDmeihuhk8dRiq+A7Gb/LgzTtxQcvrBDg3lh+s+A/5fLh0TfawnIa3/uQxnx
7jFphY62O5V3Cke8nsWkdIvKok3CrC9yGpwWZqC4CKhEwf/2uYY/AAXFSO6ay7BZ
qzAg7DfBvmwi2SBesc0KUGeCnhECAwEAAaOCAqUwggKhMB0GA1UdDgQWBBSO2fba
f+HlWQWPhTlgdNTp1xnfAjAfBgNVHSMEGDAWgBR5e1k5WHTS7m7Iy/0Hayq8YT2J
tDAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NTFCMTIvMDQwRjVBQzI1QkYwMTFGMEFCRUI0RUQ2REFFNEVDOUMvZVh0Wk9W
aDAwdTV1eU12OUIyc3F2R0U5aWJRLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvZVh0Wk9WaDAwdTV1eU12OUIyc3F2R0U5aWJRLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2NTFCMTIvMDQwRjVBQzI1QkYwMTFGMEFCRUI0RUQ2REFF
NEVDOUMvRjA0MTZCNkE4NzJFMTFGMDlDMzA1Q0E2REFFNEVDOUMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBCndEDANBgkqhkiG9w0BAQsF
AAOCAQEAMSAvl40QKIgnzve39iyTyvwUUe2mNx3col8ZA3wMIhLXmi4zO2h6BcfV
BIBbXg7f/uBLEZlQrSDPhLBdO+/5ekFQlZVO9q+iZzDpu1Q2tUSogItwC7doOJ0Q
wZIXNdCGWQPtEHoPucdV5+C1Kc1Qg6JOKkkY9JomcKwyKlax7975gTDCR6qN7jSM
t28RHIaGK3qcwcc2UVZ3dClZQDR8B2/eBE6/iu8Q1e/atf7+GVHJiqy23CWPgFni
mcKBxFmvW36FhbZ7HeSHBPQmUCAA9h5BYtxvhDxgsCXEjFwmvZpAq4uVllF2MgqX
NIYWVE4CB+QffFpaVGUJ+msOaeEEVA==
-----END CERTIFICATE-----
Generated at Tue Sep 16 23:06:12 2025 by rpki-client