Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/91445CC0BEED11F0AAD5118CDAE4EC9C.roa
File: 91445CC0BEED11F0AAD5118CDAE4EC9C.roa (raw, json)
Hash identifier: YQQ4OrBmockg2vacRJ5TaJ1DCZ0vuFHu6IceihYJGSQ=
Subject key identifier: 44:02:B6:5B:49:AB:49:3C:77:36:D9:69:F7:10:D9:4C:10:44:FE:FF
Certificate issuer: /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial: 1C9C
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/91445CC0BEED11F0AAD5118CDAE4EC9C.roa
Signing time: Tue 11 Nov 2025 11:00:00 +0000
ROA not before: Tue 11 Nov 2025 10:59:56 +0000
ROA not after: Sat 06 Nov 2027 10:59:56 +0000
asID: 834
IP address blocks: 154.16.231.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 16 Nov 2025 00:06:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7324 (0x1c9c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3682B65AF, serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Validity
Not Before: Nov 11 10:59:56 2025 GMT
Not After : Nov 6 10:59:56 2027 GMT
Subject: CN=69131730-af14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:25:eb:79:88:09:9e:53:f8:e8:fb:e2:2a:72:
d9:46:8a:a1:fc:63:93:8b:81:28:d3:5a:c7:4c:e3:
26:e4:8e:29:ac:78:3f:c1:d3:86:33:21:b7:cd:50:
a1:eb:8d:8a:15:e2:f4:b6:18:be:60:59:39:1a:72:
c1:00:bc:70:fc:0e:41:e2:f4:09:2f:5b:96:4c:79:
b4:16:62:63:de:97:93:d2:2e:b8:1f:83:7b:98:b1:
60:94:38:e6:c8:92:f0:bb:1a:0a:4a:b6:84:4b:d3:
79:f1:4c:d6:fb:ac:ca:33:85:98:da:19:4d:3c:56:
87:64:25:30:8d:33:ec:db:d0:0f:4e:31:d0:7e:fc:
62:01:0a:28:22:a2:51:ba:f2:60:f2:dd:6a:ce:f1:
36:be:8b:79:b8:88:de:29:5d:ae:02:2a:02:24:03:
d4:52:12:d9:e7:37:32:ba:6e:09:02:36:94:e3:6c:
01:7c:62:ca:cb:92:64:56:51:41:35:f6:4c:95:8a:
be:6c:81:e4:f0:57:e1:de:da:ab:ca:ac:38:63:b4:
e3:8c:06:c1:96:76:76:3c:af:3c:43:40:0e:d5:92:
aa:97:72:d4:6d:5d:83:23:dc:96:04:e0:59:c9:d9:
b3:12:48:3d:ab:47:c8:0f:a4:14:7a:70:07:0b:a8:
c0:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:02:B6:5B:49:AB:49:3C:77:36:D9:69:F7:10:D9:4C:10:44:FE:FF
X509v3 Authority Key Identifier:
keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/91445CC0BEED11F0AAD5118CDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.16.231.0/24
Signature Algorithm: sha256WithRSAEncryption
a3:21:70:2c:a0:ce:9d:6c:c5:7a:6c:08:31:8a:e2:8a:d3:c6:
73:7b:6a:11:a9:6b:d4:4b:37:e6:24:20:40:2f:0b:4c:1a:86:
75:c4:93:41:88:c4:e9:05:a1:6b:b0:bb:4b:b7:d9:33:76:de:
bf:a5:37:e7:11:8a:ff:06:a2:64:8d:02:8f:d8:8e:c6:96:64:
33:3f:41:43:2b:d6:41:3b:89:d5:be:7a:9c:6b:ca:e6:aa:d5:
74:39:ab:be:cc:1a:2e:f5:c7:97:d5:26:65:05:e8:77:ad:2e:
7e:3f:b4:a1:8b:ac:37:32:3b:0e:99:6d:b3:0e:90:5c:8a:fc:
d7:3c:aa:0c:ad:91:6e:2e:3f:2a:6a:76:a8:07:a5:21:d4:96:
d9:6e:ad:74:01:e7:18:a3:3b:6d:02:49:2c:64:98:31:d1:d7:
41:eb:23:6e:70:8d:a8:62:5f:b4:62:8d:5d:97:bd:99:4b:a1:
5a:56:73:65:f9:36:73:12:32:94:93:2c:71:54:31:1d:b6:fe:
3a:3c:27:20:40:e6:eb:26:63:eb:25:ca:fb:18:c7:a4:62:ce:
a6:8b:9a:4a:09:62:8f:b6:96:1e:d6:16:b1:be:5d:62:d4:53:
7b:e3:c7:ac:48:7e:12:b9:84:bf:cc:c7:cc:5d:5d:8e:52:89:
a3:73:c7:7c
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICHJwwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNTExMTExMDU5NTZaFw0yNzExMDYxMDU5NTZaMBgxFjAU
BgNVBAMTDTY5MTMxNzMwLWFmMTQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC4Jet5iAmeU/jo++IqctlGiqH8Y5OLgSjTWsdM4ybkjimseD/B04YzIbfN
UKHrjYoV4vS2GL5gWTkacsEAvHD8DkHi9AkvW5ZMebQWYmPel5PSLrgfg3uYsWCU
OObIkvC7GgpKtoRL03nxTNb7rMozhZjaGU08VodkJTCNM+zb0A9OMdB+/GIBCigi
olG68mDy3WrO8Ta+i3m4iN4pXa4CKgIkA9RSEtnnNzK6bgkCNpTjbAF8YsrLkmRW
UUE19kyVir5sgeTwV+He2qvKrDhjtOOMBsGWdnY8rzxDQA7VkqqXctRtXYMj3JYE
4FnJ2bMSSD2rR8gPpBR6cAcLqMCBAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQURAK2
W0mrSTx3Ntlp9xDZTBBE/v8wHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzkxNDQ1Q0MwQkVFRDExRjBBQUQ1MTE4Q0RBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEOcwDQYJKoZIhvcNAQEL
BQADggEBAKMhcCygzp1sxXpsCDGK4orTxnN7ahGpa9RLN+YkIEAvC0wahnXEk0GI
xOkFoWuwu0u32TN23r+lN+cRiv8GomSNAo/YjsaWZDM/QUMr1kE7idW+epxryuaq
1XQ5q77MGi71x5fVJmUF6HetLn4/tKGLrDcyOw6ZbbMOkFyK/Nc8qgytkW4uPypq
dqgHpSHUltlurXQB5xijO20CSSxkmDHR10HrI25wjahiX7RijV2XvZlLoVpWc2X5
NnMSMpSTLHFUMR22/jo8JyBA5usmY+slyvsYx6RizqaLmkoJYo+2lh7WFrG+XWLU
U3vjx6xIfhK5hL/Mx8xdXY5SiaNzx3w=
-----END CERTIFICATE-----
Generated at Fri Nov 14 03:54:58 2025 by rpki-client