Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36BC80A/472EF5B2E75C11EC9D7F90D8F1222468/A3F519ECB5D111F099E55E98DAE4EC9C.roa
File: A3F519ECB5D111F099E55E98DAE4EC9C.roa (raw, json)
Hash identifier: N2S0kcv9ynYD8ccz/SB7pJXYn4dSI1K0kSCmPaGO2N4=
Subject key identifier: A5:3E:4C:63:0F:92:F6:8A:D4:71:0A:83:78:60:C5:E3:B9:3F:46:74
Certificate issuer: /CN=F36BC80AAF/serialNumber=8C8F8CE2AD55B9366BEC6EDF492CD9C1498E0664
Certificate serial: 0557
Authority key identifier: 8C:8F:8C:E2:AD:55:B9:36:6B:EC:6E:DF:49:2C:D9:C1:49:8E:06:64
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/jI-M4q1VuTZr7G7fSSzZwUmOBmQ.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36BC80A/472EF5B2E75C11EC9D7F90D8F1222468/A3F519ECB5D111F099E55E98DAE4EC9C.roa
Signing time: Thu 30 Oct 2025 20:47:25 +0000
ROA not before: Thu 30 Oct 2025 20:47:21 +0000
ROA not after: Wed 31 Oct 2035 20:47:21 +0000
asID: 59895
IP address blocks: 41.215.243.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36BC80A/472EF5B2E75C11EC9D7F90D8F1222468/jI-M4q1VuTZr7G7fSSzZwUmOBmQ.crl
rsync://rpki.afrinic.net/repository/member_repository/F36BC80A/472EF5B2E75C11EC9D7F90D8F1222468/jI-M4q1VuTZr7G7fSSzZwUmOBmQ.mft
rsync://rpki.afrinic.net/repository/afrinic/jI-M4q1VuTZr7G7fSSzZwUmOBmQ.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 04 Nov 2025 00:06:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1367 (0x557)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36BC80AAF, serialNumber=8C8F8CE2AD55B9366BEC6EDF492CD9C1498E0664
Validity
Not Before: Oct 30 20:47:21 2025 GMT
Not After : Oct 31 20:47:21 2035 GMT
Subject: CN=6903cedd-da98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:dc:96:27:a3:74:33:ca:db:d9:26:7e:b4:b4:
43:0a:1b:22:cb:04:db:73:8d:10:86:81:0b:6e:b8:
b4:ed:2b:01:7b:61:ee:6e:80:5a:3e:98:03:9e:e0:
e0:06:95:cd:d9:53:12:44:f1:68:bc:dc:f7:0a:dd:
66:24:8f:31:45:74:3a:ee:0d:95:e0:b6:85:71:d8:
22:9a:ae:5f:c9:f9:a8:c9:f6:18:80:1c:ab:42:56:
b7:9c:52:ad:d2:72:2e:75:a8:ff:1e:0b:f3:0f:39:
75:f8:29:2c:43:3f:df:a6:66:73:5c:cf:51:45:5c:
60:15:db:9f:29:db:d5:8f:7f:7d:90:d0:48:ff:94:
a8:ff:0f:02:be:e8:ce:5d:25:33:a5:6e:29:31:8a:
e4:57:03:27:94:8f:7c:37:5d:36:2f:a7:22:48:7d:
e3:2b:a2:4b:2c:62:be:2a:a8:c1:fa:00:f2:6b:f5:
b2:7c:2b:9a:1d:11:26:68:96:d7:9e:8b:4f:8a:df:
31:a6:79:d3:b0:2a:29:ab:79:51:9a:90:80:75:ff:
34:71:ad:ba:d0:47:a6:66:9f:0d:1a:44:e5:8b:ae:
5b:26:81:0b:d4:3a:7c:18:23:45:7d:d1:cf:0e:42:
ea:90:5f:74:4e:47:96:89:6b:ce:0a:7f:49:94:dd:
7c:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:3E:4C:63:0F:92:F6:8A:D4:71:0A:83:78:60:C5:E3:B9:3F:46:74
X509v3 Authority Key Identifier:
keyid:8C:8F:8C:E2:AD:55:B9:36:6B:EC:6E:DF:49:2C:D9:C1:49:8E:06:64
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36BC80A/472EF5B2E75C11EC9D7F90D8F1222468/jI-M4q1VuTZr7G7fSSzZwUmOBmQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/jI-M4q1VuTZr7G7fSSzZwUmOBmQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36BC80A/472EF5B2E75C11EC9D7F90D8F1222468/A3F519ECB5D111F099E55E98DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
41.215.243.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:a5:c1:f4:4e:20:6a:1b:9c:a9:90:65:b2:b6:55:a7:ca:af:
9a:15:14:44:48:b6:c1:81:e4:8d:0a:c3:37:36:11:8d:df:54:
e1:e0:aa:57:49:7a:d9:ee:7d:09:44:38:fe:8b:40:3f:4c:c4:
6b:99:1b:e9:3e:64:e2:9d:e9:99:f9:28:41:18:6b:14:45:47:
aa:f2:60:64:c8:cf:ba:9f:83:ca:79:2b:5a:36:57:55:66:67:
b2:df:9c:93:ed:44:c7:dc:64:f1:30:e4:1c:91:e9:f3:2c:43:
23:dc:8c:da:2e:94:82:36:0a:30:a8:ef:fd:9d:47:c0:cd:7b:
e2:49:af:30:ae:a1:b3:c3:a8:66:02:c2:ec:69:9e:7a:27:82:
58:ba:8f:74:ea:1a:dd:b4:72:c3:77:a6:94:ef:76:0c:02:94:
99:b5:dd:00:3a:af:50:99:31:35:5e:97:2c:54:4f:80:89:3e:
09:4b:a4:03:6a:42:28:45:7a:40:31:56:d3:53:98:e1:48:99:
08:70:18:37:51:46:e9:98:85:ab:0f:d3:fd:cf:33:14:bc:40:
35:e3:52:3b:a6:61:2a:99:3e:5a:d9:e8:b8:60:8c:ce:e1:e0:
79:81:b5:3a:2e:10:34:a4:7b:b1:c0:c8:fa:1d:72:5b:c6:64:
28:b9:5a:c1
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICBVcwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
QkM4MEFBRjExMC8GA1UEBRMoOEM4RjhDRTJBRDU1QjkzNjZCRUM2RURGNDkyQ0Q5
QzE0OThFMDY2NDAeFw0yNTEwMzAyMDQ3MjFaFw0zNTEwMzEyMDQ3MjFaMBgxFjAU
BgNVBAMTDTY5MDNjZWRkLWRhOTgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDV3JYno3QzytvZJn60tEMKGyLLBNtzjRCGgQtuuLTtKwF7Ye5ugFo+mAOe
4OAGlc3ZUxJE8Wi83PcK3WYkjzFFdDruDZXgtoVx2CKarl/J+ajJ9hiAHKtCVrec
Uq3Sci51qP8eC/MPOXX4KSxDP9+mZnNcz1FFXGAV258p29WPf32Q0Ej/lKj/DwK+
6M5dJTOlbikxiuRXAyeUj3w3XTYvpyJIfeMrokssYr4qqMH6APJr9bJ8K5odESZo
lteei0+K3zGmedOwKimreVGakIB1/zRxrbrQR6Zmnw0aROWLrlsmgQvUOnwYI0V9
0c8OQuqQX3ROR5aJa84Kf0mU3XzNAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUpT5M
Yw+S9orUcQqDeGDF47k/RnQwHwYDVR0jBBgwFoAUjI+M4q1VuTZr7G7fSSzZwUmO
BmQwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkJDODBBLzQ3MkVGNUIyRTc1QzExRUM5RDdGOTBEOEYxMjIyNDY4L2pJLU00
cTFWdVRacjdHN2ZTU3pad1VtT0JtUS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL2pJLU00cTFWdVRacjdHN2ZTU3pad1VtT0JtUS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkJDODBBLzQ3MkVGNUIyRTc1QzExRUM5RDdGOTBEOEYx
MjIyNDY4L0EzRjUxOUVDQjVEMTExRjA5OUU1NUU5OERBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAp1/MwDQYJKoZIhvcNAQEL
BQADggEBAAqlwfROIGobnKmQZbK2VafKr5oVFERItsGB5I0Kwzc2EY3fVOHgqldJ
etnufQlEOP6LQD9MxGuZG+k+ZOKd6Zn5KEEYaxRFR6ryYGTIz7qfg8p5K1o2V1Vm
Z7LfnJPtRMfcZPEw5ByR6fMsQyPcjNoulII2CjCo7/2dR8DNe+JJrzCuobPDqGYC
wuxpnnongli6j3TqGt20csN3ppTvdgwClJm13QA6r1CZMTVelyxUT4CJPglLpANq
QihFekAxVtNTmOFImQhwGDdRRumYhasP0/3PMxS8QDXjUjumYSqZPlrZ6LhgjM7h
4HmBtTouEDSke7HAyPodclvGZCi5WsE=
-----END CERTIFICATE-----
Generated at Sun Nov 2 09:04:02 2025 by rpki-client