Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C3E5FFD4993C11F09A0026DBDAE4EC9C.roa
File: C3E5FFD4993C11F09A0026DBDAE4EC9C.roa (raw, json)
Hash identifier: E0EbTva5a5TfXovm0x5YDhYQp/i9tY6Yy3TSrO9GCK0=
Subject key identifier: 2A:F2:3C:14:8D:22:A2:DE:21:BA:7F:FA:E0:1F:43:59:86:64:45:C2
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01A05C
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C3E5FFD4993C11F09A0026DBDAE4EC9C.roa
Signing time: Wed 24 Sep 2025 11:51:11 +0000
ROA not before: Wed 24 Sep 2025 11:51:07 +0000
ROA not after: Mon 08 Dec 2025 11:51:07 +0000
asID: 23674
IP address blocks: 154.192.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 106588 (0x1a05c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Sep 24 11:51:07 2025 GMT
Not After : Dec 8 11:51:07 2025 GMT
Subject: CN=68d3db2f-8828
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:2b:ec:d4:65:0f:00:10:98:5b:1b:69:47:39:
f3:f3:9c:ed:6a:38:d5:e9:4d:89:fd:e1:5f:37:9e:
51:5a:50:19:a2:55:2a:d7:46:08:35:e9:bc:00:33:
e5:ac:ab:48:13:7c:f9:93:47:fd:7d:d7:74:f0:d5:
1e:a9:3f:9e:95:2b:ea:7e:16:3d:51:89:e3:2e:fc:
ce:93:1c:e3:2b:39:b1:77:8c:46:37:f2:06:05:4e:
81:df:85:c6:c3:81:92:44:c7:25:c3:a8:17:48:d9:
d2:60:7d:95:1d:0e:92:c2:5e:71:b1:08:63:3a:bc:
92:bc:b8:4c:74:18:91:41:2e:91:5a:b2:af:f0:f1:
64:b3:56:1e:2e:dd:71:b6:e1:65:c2:3a:8a:a7:ff:
f4:36:2c:95:70:b8:8a:59:24:f9:35:68:f9:4c:73:
39:37:6b:c7:2e:e3:4d:23:16:90:12:ef:ed:75:e5:
66:81:28:20:34:e3:a9:d0:07:1d:16:1b:89:fe:e9:
2a:32:c0:1d:b3:29:54:43:d7:56:63:9a:bf:fa:23:
88:e4:e0:10:9b:8e:0d:4e:1a:be:09:4a:91:42:76:
3d:b4:4f:f9:cf:b2:4d:2e:70:cb:8b:31:78:db:77:
4b:bb:a6:b3:59:43:1c:de:0c:e3:d6:b0:ac:f2:de:
74:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:F2:3C:14:8D:22:A2:DE:21:BA:7F:FA:E0:1F:43:59:86:64:45:C2
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C3E5FFD4993C11F09A0026DBDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.192.0.0/16
Signature Algorithm: sha256WithRSAEncryption
3c:b7:b5:05:6c:8d:d7:15:1a:63:00:ed:79:f8:c3:06:65:d7:
36:ae:d4:7d:dd:e7:52:10:34:9f:d9:57:4a:4b:75:62:c3:a1:
d6:f6:e7:49:bc:dc:cf:20:6f:5d:bb:fe:fa:23:0f:f2:39:85:
3e:0e:ec:b5:bd:0e:0c:8d:59:a0:75:73:ff:c9:b3:12:d1:f9:
33:60:14:9b:e7:95:05:ea:3c:ad:70:53:f7:0c:77:7d:95:e9:
21:6e:09:e7:d3:85:b6:3d:43:8e:75:79:db:89:7b:fe:16:5b:
29:c8:e4:15:72:88:b6:ec:80:b4:04:18:cf:be:d1:d1:d5:20:
04:ee:12:ba:d5:8b:74:b2:ec:14:5b:d9:5b:46:20:74:60:0e:
c9:6b:c9:98:aa:28:d3:80:3d:57:f8:b1:1c:a1:91:13:56:b5:
d8:aa:7d:91:58:48:0d:5e:65:17:35:5b:cd:f9:ae:16:e2:56:
33:6b:09:99:83:c7:79:2a:64:e5:76:47:71:7c:39:c7:36:14:
20:2b:64:ec:87:4e:07:97:82:c3:ee:52:16:82:76:03:5e:8a:
76:57:59:e4:26:0c:07:34:df:67:eb:84:b4:f5:47:b8:f0:07:
0e:88:34:f7:cd:f1:f1:ae:b5:67:91:ac:5e:7c:5b:2a:93:cb:
6b:b3:c2:dd
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgIDAaBcMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwOTI0MTE1MTA3WhcNMjUxMjA4MTE1MTA3WjAYMRYw
FAYDVQQDEw02OGQzZGIyZi04ODI4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwyvs1GUPABCYWxtpRznz85ztajjV6U2J/eFfN55RWlAZolUq10YINem8
ADPlrKtIE3z5k0f9fdd08NUeqT+elSvqfhY9UYnjLvzOkxzjKzmxd4xGN/IGBU6B
34XGw4GSRMclw6gXSNnSYH2VHQ6Swl5xsQhjOrySvLhMdBiRQS6RWrKv8PFks1Ye
Lt1xtuFlwjqKp//0NiyVcLiKWST5NWj5THM5N2vHLuNNIxaQEu/tdeVmgSggNOOp
0AcdFhuJ/ukqMsAdsylUQ9dWY5q/+iOI5OAQm44NThq+CUqRQnY9tE/5z7JNLnDL
izF423dLu6azWUMc3gzj1rCs8t50EwIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFCry
PBSNIqLeIbp/+uAfQ1mGZEXCMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DM0U1RkZENDk5M0MxMUYwOUEwMDI2REJEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAmsAwDQYJKoZIhvcNAQEL
BQADggEBADy3tQVsjdcVGmMA7Xn4wwZl1zau1H3d51IQNJ/ZV0pLdWLDodb250m8
3M8gb127/vojD/I5hT4O7LW9DgyNWaB1c//JsxLR+TNgFJvnlQXqPK1wU/cMd32V
6SFuCefThbY9Q451eduJe/4WWynI5BVyiLbsgLQEGM++0dHVIATuErrVi3Sy7BRb
2VtGIHRgDslryZiqKNOAPVf4sRyhkRNWtdiqfZFYSA1eZRc1W835rhbiVjNrCZmD
x3kqZOV2R3F8Occ2FCArZOyHTgeXgsPuUhaCdgNeinZXWeQmDAc032frhLT1R7jw
Bw6INPfN8fGutWeRrF58WyqTy2uzwt0=
-----END CERTIFICATE-----
Generated at Sun Oct 19 08:52:07 2025 by rpki-client