Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/E4AD8AB2BC7211F09CC902E7DAE4EC9C.roa
File: E4AD8AB2BC7211F09CC902E7DAE4EC9C.roa (raw, json)
Hash identifier: dJ6ezI7UTHOlVN83aD1uBmNSXyJVRLVbAch7DsHOFKs=
Subject key identifier: B6:85:74:23:2B:B2:C5:0D:E1:1A:F6:1D:BB:63:C5:52:B2:CC:BF:94
Certificate issuer: /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial: 1C8B
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/E4AD8AB2BC7211F09CC902E7DAE4EC9C.roa
Signing time: Sat 08 Nov 2025 07:16:50 +0000
ROA not before: Sat 08 Nov 2025 07:16:45 +0000
ROA not after: Sat 06 Nov 2027 07:16:45 +0000
asID: 834
IP address blocks: 154.16.216.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 16 Nov 2025 00:06:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7307 (0x1c8b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3682B65AF, serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Validity
Not Before: Nov 8 07:16:45 2025 GMT
Not After : Nov 6 07:16:45 2027 GMT
Subject: CN=690eee62-0983
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:e2:10:30:0f:dc:43:99:28:7c:07:9c:dc:72:
e3:58:75:3e:d6:21:c5:bc:3b:9a:49:8c:66:50:6b:
98:66:09:aa:6f:a7:da:89:84:e1:05:38:67:a3:dd:
31:cf:95:c7:6b:54:0b:cd:12:7b:9b:83:23:3f:1e:
ef:69:60:a0:66:58:d8:c9:19:a9:a2:ce:a8:ba:59:
b4:ca:b5:ae:a2:88:77:64:62:a6:5d:82:f4:3e:5d:
1e:d1:90:25:7a:bb:79:3d:2e:8f:fc:c8:9c:23:7d:
8f:c2:6f:bb:4f:93:82:b7:fa:f6:10:a9:36:f0:a4:
82:7f:5c:5c:e0:91:91:1b:fd:c3:55:a7:3b:85:67:
75:b9:62:ab:d8:db:52:4d:0d:60:85:70:5c:33:b5:
d3:21:dc:5e:c6:b7:6f:0d:27:61:5d:23:ba:93:b1:
1c:16:35:a6:80:d3:12:58:5e:f4:42:fe:51:f5:a4:
75:1f:87:bc:eb:bc:92:2e:ee:a6:d4:f9:e7:92:f6:
2b:39:87:5e:00:7a:94:a6:9a:b8:60:5c:dc:00:d0:
38:84:99:45:c0:7b:93:ef:26:19:a6:a3:65:66:be:
25:54:c5:5b:00:b4:0f:d3:d7:dc:d2:45:d8:ea:4f:
c8:bc:29:3b:bf:9a:b9:8e:fc:10:64:35:18:c2:08:
ef:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:85:74:23:2B:B2:C5:0D:E1:1A:F6:1D:BB:63:C5:52:B2:CC:BF:94
X509v3 Authority Key Identifier:
keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/E4AD8AB2BC7211F09CC902E7DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.16.216.0/24
Signature Algorithm: sha256WithRSAEncryption
c8:76:78:49:7a:d5:f4:7e:ab:b7:f1:f6:a7:11:01:66:9a:78:
70:59:98:3f:85:64:f9:e2:3d:73:b0:de:d3:6b:6a:e2:9c:0b:
8f:8a:c8:f3:6b:da:bb:02:b9:c3:68:95:63:19:f4:f0:56:20:
1e:65:7c:28:7c:f7:d0:75:58:e0:85:7b:b7:89:cd:f7:94:bc:
bb:f8:c1:4e:09:ea:a2:de:88:5f:f1:2e:9d:2e:d1:b1:c4:df:
3a:ea:52:f0:f3:f9:4b:9f:d5:25:18:66:e8:15:01:c1:89:f3:
07:0a:2d:cb:6e:0c:67:59:54:65:48:b9:61:da:5e:d9:08:6e:
1d:8b:6a:f5:90:fe:e6:fa:e6:7c:31:ee:d1:e9:a3:4a:b6:d6:
5e:5b:16:94:a4:e0:ff:66:02:b1:33:f6:42:f3:dc:d3:82:32:
1c:fa:30:be:26:7f:1a:b0:0f:93:29:51:4f:b3:9f:78:4d:14:
8c:e5:8d:6e:08:6c:15:d6:5c:3c:91:40:07:90:2c:ce:3c:b6:
7e:a5:a1:66:58:25:ef:d5:94:f4:d5:ab:94:b3:1f:c2:91:fc:
ad:45:9c:3d:95:b9:90:e6:4f:af:b4:b4:e6:41:4d:b9:5c:da:
09:5c:4e:b7:4a:f8:3d:95:73:5b:e8:e7:df:80:8f:e4:7e:c8:
ea:d9:f4:0a
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICHIswDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNTExMDgwNzE2NDVaFw0yNzExMDYwNzE2NDVaMBgxFjAU
BgNVBAMTDTY5MGVlZTYyLTA5ODMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC44hAwD9xDmSh8B5zccuNYdT7WIcW8O5pJjGZQa5hmCapvp9qJhOEFOGej
3THPlcdrVAvNEnubgyM/Hu9pYKBmWNjJGamizqi6WbTKta6iiHdkYqZdgvQ+XR7R
kCV6u3k9Lo/8yJwjfY/Cb7tPk4K3+vYQqTbwpIJ/XFzgkZEb/cNVpzuFZ3W5YqvY
21JNDWCFcFwztdMh3F7Gt28NJ2FdI7qTsRwWNaaA0xJYXvRC/lH1pHUfh7zrvJIu
7qbU+eeS9is5h14AepSmmrhgXNwA0DiEmUXAe5PvJhmmo2VmviVUxVsAtA/T19zS
RdjqT8i8KTu/mrmO/BBkNRjCCO8/AgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUtoV0
IyuyxQ3hGvYdu2PFUrLMv5QwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4L0U0QUQ4QUIyQkM3MjExRjA5Q0M5MDJFN0RBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaENgwDQYJKoZIhvcNAQEL
BQADggEBAMh2eEl61fR+q7fx9qcRAWaaeHBZmD+FZPniPXOw3tNrauKcC4+KyPNr
2rsCucNolWMZ9PBWIB5lfCh899B1WOCFe7eJzfeUvLv4wU4J6qLeiF/xLp0u0bHE
3zrqUvDz+Uuf1SUYZugVAcGJ8wcKLctuDGdZVGVIuWHaXtkIbh2LavWQ/ub65nwx
7tHpo0q21l5bFpSk4P9mArEz9kLz3NOCMhz6ML4mfxqwD5MpUU+zn3hNFIzljW4I
bBXWXDyRQAeQLM48tn6loWZYJe/VlPTVq5SzH8KR/K1FnD2VuZDmT6+0tOZBTblc
2glcTrdK+D2Vc1vo59+Aj+R+yOrZ9Ao=
-----END CERTIFICATE-----
Generated at Fri Nov 14 03:52:46 2025 by rpki-client