Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3671DBD/26986406124411EDAD5815B4F1222468/CD41BC4C987611F090377BD7DAE4EC9C.roa
File: CD41BC4C987611F090377BD7DAE4EC9C.roa (raw, json)
Hash identifier: WIelbzepq8miuTgT/TViuYjo/4OwJv5AvUtvY4ekc/U=
Subject key identifier: 9E:21:F6:D7:75:60:56:FD:55:51:17:03:B3:99:1B:EA:8B:15:78:26
Certificate issuer: /CN=F3671DBDAF/serialNumber=FFA83FF9F0F6CE21715BDBF5C737CDDCE954E77C
Certificate serial: 04A0
Authority key identifier: FF:A8:3F:F9:F0:F6:CE:21:71:5B:DB:F5:C7:37:CD:DC:E9:54:E7:7C
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/_6g_-fD2ziFxW9v1xzfN3OlU53w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3671DBD/26986406124411EDAD5815B4F1222468/CD41BC4C987611F090377BD7DAE4EC9C.roa
Signing time: Tue 23 Sep 2025 12:14:07 +0000
ROA not before: Tue 23 Sep 2025 12:14:02 +0000
ROA not after: Mon 31 Dec 2035 12:14:02 +0000
asID: 327896
IP address blocks: 102.223.236.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3671DBD/26986406124411EDAD5815B4F1222468/_6g_-fD2ziFxW9v1xzfN3OlU53w.crl
rsync://rpki.afrinic.net/repository/member_repository/F3671DBD/26986406124411EDAD5815B4F1222468/_6g_-fD2ziFxW9v1xzfN3OlU53w.mft
rsync://rpki.afrinic.net/repository/afrinic/_6g_-fD2ziFxW9v1xzfN3OlU53w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Nov 2025 00:06:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1184 (0x4a0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3671DBDAF, serialNumber=FFA83FF9F0F6CE21715BDBF5C737CDDCE954E77C
Validity
Not Before: Sep 23 12:14:02 2025 GMT
Not After : Dec 31 12:14:02 2035 GMT
Subject: CN=68d28f0f-fef5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:1e:c2:40:cd:42:76:3e:11:9d:14:4b:c2:e1:
6a:4b:9b:cf:d5:09:86:43:71:67:36:29:24:14:2a:
ca:40:10:db:ea:56:da:8a:cb:7a:df:44:36:7f:3c:
19:a1:82:02:21:e8:12:0c:87:a9:60:34:7f:ab:f2:
c9:9c:74:ca:c3:0d:b0:6b:fe:c6:f3:51:bd:e6:b5:
25:87:ce:9a:ba:8b:7f:d3:b1:aa:10:7c:b2:bf:e8:
3b:6f:cd:3c:39:ed:bb:f3:e5:b5:66:cb:5c:86:3a:
d6:fe:9c:1a:cf:7f:44:05:71:51:85:49:65:9a:9e:
58:4b:a5:f2:a1:aa:15:15:51:52:97:d1:0f:36:4f:
b5:27:29:83:09:25:e3:4e:32:d2:16:80:93:02:58:
33:64:59:75:90:ea:5d:ee:a5:49:3b:73:8a:23:7a:
5c:f2:5d:6d:a5:cb:a8:19:5a:77:f7:74:f0:50:97:
2f:ac:9a:0b:5d:d9:9c:64:55:df:13:d0:eb:93:cb:
a5:b7:e4:ae:ec:a0:d9:66:cd:e7:b4:fd:7c:4a:81:
65:ed:97:54:a2:12:0b:d5:80:cb:40:36:88:f5:30:
c1:17:54:2d:fb:4b:4d:11:f2:a1:0e:7f:9b:32:d3:
b9:f7:aa:e5:e7:7a:4e:30:05:9a:33:cb:f9:35:b7:
ba:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:21:F6:D7:75:60:56:FD:55:51:17:03:B3:99:1B:EA:8B:15:78:26
X509v3 Authority Key Identifier:
keyid:FF:A8:3F:F9:F0:F6:CE:21:71:5B:DB:F5:C7:37:CD:DC:E9:54:E7:7C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3671DBD/26986406124411EDAD5815B4F1222468/_6g_-fD2ziFxW9v1xzfN3OlU53w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/_6g_-fD2ziFxW9v1xzfN3OlU53w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3671DBD/26986406124411EDAD5815B4F1222468/CD41BC4C987611F090377BD7DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.223.236.0/22
Signature Algorithm: sha256WithRSAEncryption
81:19:88:1f:41:1a:17:a3:67:09:25:ad:38:59:c0:88:dc:33:
f0:12:6d:f7:55:96:ae:00:b7:a1:0f:bb:0b:39:d8:a9:b7:14:
d8:f6:cf:f2:4e:12:49:d4:0d:c3:3f:74:44:a4:4e:bd:d2:50:
b4:c7:6f:40:bb:31:dd:de:d9:ba:f2:a3:53:5d:1c:3e:d3:e3:
03:84:d8:e6:6c:81:1c:e6:c6:76:eb:c4:5f:33:75:26:2d:c0:
ec:72:98:87:4e:05:1d:92:92:7d:5a:4c:8d:a6:0e:7f:67:3a:
d6:4e:bc:52:7f:a8:6c:0c:cb:d9:b3:f3:ff:b4:32:0f:ae:6f:
ec:96:0a:63:b4:e8:72:72:b2:19:bb:b9:00:c8:d3:72:fd:51:
47:10:d9:fe:2d:e1:4e:4c:e4:54:b6:29:c2:0c:aa:ee:2e:3d:
0d:ec:ff:15:9f:16:63:73:6f:62:b9:ab:bf:f2:c0:b4:db:6f:
84:0b:27:62:2b:a8:d8:40:21:c4:01:c3:7d:b1:6b:ed:96:86:
6d:4d:bf:7e:11:5c:0f:e6:60:73:83:56:8b:19:c2:5f:91:a1:
04:2c:93:90:e6:4d:cd:09:3c:c1:fa:22:8b:08:3e:6a:f4:ff:
45:c5:42:3c:00:75:3e:dd:0d:a5:9d:55:6c:2f:75:d3:91:bc:
03:92:5d:23
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICBKAwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
NzFEQkRBRjExMC8GA1UEBRMoRkZBODNGRjlGMEY2Q0UyMTcxNUJEQkY1QzczN0NE
RENFOTU0RTc3QzAeFw0yNTA5MjMxMjE0MDJaFw0zNTEyMzExMjE0MDJaMBgxFjAU
BgNVBAMTDTY4ZDI4ZjBmLWZlZjUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDGHsJAzUJ2PhGdFEvC4WpLm8/VCYZDcWc2KSQUKspAENvqVtqKy3rfRDZ/
PBmhggIh6BIMh6lgNH+r8smcdMrDDbBr/sbzUb3mtSWHzpq6i3/TsaoQfLK/6Dtv
zTw57bvz5bVmy1yGOtb+nBrPf0QFcVGFSWWanlhLpfKhqhUVUVKX0Q82T7UnKYMJ
JeNOMtIWgJMCWDNkWXWQ6l3upUk7c4ojelzyXW2ly6gZWnf3dPBQly+smgtd2Zxk
Vd8T0OuTy6W35K7soNlmzee0/XxKgWXtl1SiEgvVgMtANoj1MMEXVC37S00R8qEO
f5sy07n3quXnek4wBZozy/k1t7pDAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUniH2
13VgVv1VURcDs5kb6osVeCYwHwYDVR0jBBgwFoAU/6g/+fD2ziFxW9v1xzfN3OlU
53wwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjcxREJELzI2OTg2NDA2MTI0NDExRURBRDU4MTVCNEYxMjIyNDY4L182Z18t
ZkQyemlGeFc5djF4emZOM09sVTUzdy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL182Z18tZkQyemlGeFc5djF4emZOM09sVTUzdy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjcxREJELzI2OTg2NDA2MTI0NDExRURBRDU4MTVCNEYx
MjIyNDY4L0NENDFCQzRDOTg3NjExRjA5MDM3N0JEN0RBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJm3+wwDQYJKoZIhvcNAQEL
BQADggEBAIEZiB9BGhejZwklrThZwIjcM/ASbfdVlq4At6EPuws52Km3FNj2z/JO
EknUDcM/dESkTr3SULTHb0C7Md3e2bryo1NdHD7T4wOE2OZsgRzmxnbrxF8zdSYt
wOxymIdOBR2Skn1aTI2mDn9nOtZOvFJ/qGwMy9mz8/+0Mg+ub+yWCmO06HJyshm7
uQDI03L9UUcQ2f4t4U5M5FS2KcIMqu4uPQ3s/xWfFmNzb2K5q7/ywLTbb4QLJ2Ir
qNhAIcQBw32xa+2Whm1Nv34RXA/mYHODVosZwl+RoQQsk5DmTc0JPMH6IosIPmr0
/0XFQjwAdT7dDaWdVWwvddORvAOSXSM=
-----END CERTIFICATE-----
Generated at Wed Nov 5 18:13:39 2025 by rpki-client