Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3680C14/7707FAD65AE011E69FAE5E32F8AEA228/4AC87CE0B11911F0830CDBDFDAE4EC9C.roa
File: 4AC87CE0B11911F0830CDBDFDAE4EC9C.roa (raw, json)
Hash identifier: BbmEW7gIRevtuQq0qmlAx+V5iEy5gjhSfXPW6vQnAiw=
Subject key identifier: 67:3A:61:0A:37:B8:8A:EA:AA:0D:BF:47:97:25:4A:B1:8E:EB:AA:55
Certificate issuer: /CN=F3680C14AR/serialNumber=2657C0DAA444CCB9BEF8C2A8586A0E749CEA9B52
Certificate serial: 0D74
Authority key identifier: 26:57:C0:DA:A4:44:CC:B9:BE:F8:C2:A8:58:6A:0E:74:9C:EA:9B:52
Authority info access: rsync://rpki.afrinic.net/repository/arin/JlfA2qREzLm--MKoWGoOdJzqm1I.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3680C14/7707FAD65AE011E69FAE5E32F8AEA228/4AC87CE0B11911F0830CDBDFDAE4EC9C.roa
Signing time: Fri 24 Oct 2025 20:37:44 +0000
ROA not before: Fri 24 Oct 2025 20:37:36 +0000
ROA not after: Mon 31 Dec 2035 20:37:36 +0000
asID: 327966
IP address blocks: 169.239.164.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3680C14/7707FAD65AE011E69FAE5E32F8AEA228/JlfA2qREzLm--MKoWGoOdJzqm1I.crl
rsync://rpki.afrinic.net/repository/member_repository/F3680C14/7707FAD65AE011E69FAE5E32F8AEA228/JlfA2qREzLm--MKoWGoOdJzqm1I.mft
rsync://rpki.afrinic.net/repository/arin/JlfA2qREzLm--MKoWGoOdJzqm1I.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Nov 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3444 (0xd74)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3680C14AR, serialNumber=2657C0DAA444CCB9BEF8C2A8586A0E749CEA9B52
Validity
Not Before: Oct 24 20:37:36 2025 GMT
Not After : Dec 31 20:37:36 2035 GMT
Subject: CN=68fbe398-e7bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:6c:79:a7:2c:73:8d:49:53:bf:35:0d:5a:d5:
83:d4:ff:9d:af:4f:1c:3d:43:20:65:82:d1:2f:d9:
c5:f9:fc:9c:ba:e6:82:61:88:5b:84:bc:59:59:70:
af:60:b7:8d:50:d5:d7:e3:2c:55:dd:cd:83:b7:01:
aa:67:c8:f3:ad:52:f8:81:79:b5:e7:7f:95:e4:cd:
88:c8:0e:31:d9:98:fd:b2:79:9e:1d:0a:6f:cd:67:
e7:34:5c:de:b7:33:c5:bf:e4:8f:09:8b:30:18:76:
49:97:1d:ca:bb:72:ca:d9:f7:36:3d:85:41:54:cf:
df:4a:fd:29:d4:83:ca:58:91:6c:e9:9a:20:ef:23:
ab:bf:86:77:ff:4e:3d:22:fa:4b:67:6f:76:ac:63:
32:20:f3:63:dc:78:24:11:36:02:bd:3b:96:51:4f:
55:7b:de:70:81:b0:98:91:06:c0:72:dc:92:7e:7a:
c0:8b:dc:27:1d:f5:5e:1d:86:6a:d8:2b:a4:dd:8b:
9d:bd:dd:0f:c9:f6:50:d1:fd:b8:f0:d3:d3:cd:b3:
d4:ab:5f:2f:cc:33:50:0d:a0:db:82:5a:c0:b4:20:
f8:c7:c0:49:69:a4:aa:bd:87:bb:da:b5:64:06:37:
27:ba:48:e3:2e:ba:52:cb:93:f6:62:6f:1d:27:93:
1d:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:3A:61:0A:37:B8:8A:EA:AA:0D:BF:47:97:25:4A:B1:8E:EB:AA:55
X509v3 Authority Key Identifier:
keyid:26:57:C0:DA:A4:44:CC:B9:BE:F8:C2:A8:58:6A:0E:74:9C:EA:9B:52
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3680C14/7707FAD65AE011E69FAE5E32F8AEA228/JlfA2qREzLm--MKoWGoOdJzqm1I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/JlfA2qREzLm--MKoWGoOdJzqm1I.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3680C14/7707FAD65AE011E69FAE5E32F8AEA228/4AC87CE0B11911F0830CDBDFDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
169.239.164.0/22
Signature Algorithm: sha256WithRSAEncryption
06:86:04:ea:74:69:91:6b:ef:4f:28:4e:e6:6f:7e:d1:4a:e3:
24:25:db:3e:39:a8:26:78:17:bb:31:4a:6c:44:32:f7:97:66:
70:d0:0b:f3:de:72:08:9d:f9:d0:73:1e:8a:f3:68:8f:9f:1a:
90:3f:5e:15:84:0a:69:ab:1b:a9:9e:e6:13:89:eb:23:df:cb:
29:3b:0f:06:84:02:bd:7f:0b:af:e1:79:f0:9f:d9:f9:e2:38:
43:a5:c8:43:0a:39:2f:b0:99:96:af:e5:2f:8e:65:ac:34:64:
73:6a:d1:00:51:34:f3:fc:82:23:b4:41:4f:d3:26:c1:d1:fc:
8e:2c:1f:75:d5:ef:33:eb:8c:fc:7c:85:c4:4e:83:89:50:b8:
80:05:92:46:72:ae:73:af:7a:0e:11:03:d1:d8:6c:ad:54:b4:
55:16:b4:fe:2a:a5:85:e5:61:d8:40:35:fa:93:6c:48:96:2e:
0f:d2:0f:d6:b4:9b:2d:2a:1c:c0:d6:8a:12:15:8c:be:de:9c:
7f:e9:70:56:e6:3f:88:79:d4:3b:45:df:76:3b:fe:d6:7b:ea:
e2:5d:01:83:1c:f9:dc:bb:13:28:71:7f:d1:b2:d9:1e:3f:63:
38:f2:99:f3:dd:c0:2b:78:39:01:8d:01:d2:b0:3d:c6:3d:13:
e7:e4:2a:22
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICDXQwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODBDMTRBUjExMC8GA1UEBRMoMjY1N0MwREFBNDQ0Q0NCOUJFRjhDMkE4NTg2QTBF
NzQ5Q0VBOUI1MjAeFw0yNTEwMjQyMDM3MzZaFw0zNTEyMzEyMDM3MzZaMBgxFjAU
BgNVBAMTDTY4ZmJlMzk4LWU3YmMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDCbHmnLHONSVO/NQ1a1YPU/52vTxw9QyBlgtEv2cX5/Jy65oJhiFuEvFlZ
cK9gt41Q1dfjLFXdzYO3AapnyPOtUviBebXnf5XkzYjIDjHZmP2yeZ4dCm/NZ+c0
XN63M8W/5I8JizAYdkmXHcq7csrZ9zY9hUFUz99K/SnUg8pYkWzpmiDvI6u/hnf/
Tj0i+ktnb3asYzIg82PceCQRNgK9O5ZRT1V73nCBsJiRBsBy3JJ+esCL3Ccd9V4d
hmrYK6Tdi5293Q/J9lDR/bjw09PNs9SrXy/MM1ANoNuCWsC0IPjHwElppKq9h7va
tWQGNye6SOMuulLLk/Zibx0nkx2RAgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUZzph
Cje4iuqqDb9HlyVKsY7rqlUwHwYDVR0jBBgwFoAUJlfA2qREzLm++MKoWGoOdJzq
m1IwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgwQzE0Lzc3MDdGQUQ2NUFFMDExRTY5RkFFNUUzMkY4QUVBMjI4L0psZkEy
cVJFekxtLS1NS29XR29PZEp6cW0xSS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L0psZkEycVJFekxtLS1NS29XR29PZEp6cW0xSS5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjgwQzE0Lzc3MDdGQUQ2NUFFMDExRTY5RkFFNUUzMkY4QUVB
MjI4LzRBQzg3Q0UwQjExOTExRjA4MzBDREJERkRBRTRFQzlDLnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAKp76QwDQYJKoZIhvcNAQELBQAD
ggEBAAaGBOp0aZFr708oTuZvftFK4yQl2z45qCZ4F7sxSmxEMveXZnDQC/Pecgid
+dBzHorzaI+fGpA/XhWECmmrG6me5hOJ6yPfyyk7DwaEAr1/C6/hefCf2fniOEOl
yEMKOS+wmZav5S+OZaw0ZHNq0QBRNPP8giO0QU/TJsHR/I4sH3XV7zPrjPx8hcRO
g4lQuIAFkkZyrnOveg4RA9HYbK1UtFUWtP4qpYXlYdhANfqTbEiWLg/SD9a0my0q
HMDWihIVjL7enH/pcFbmP4h51DtF33Y7/tZ76uJdAYMc+dy7Eyhxf9Gy2R4/Yzjy
mfPdwCt4OQGNAdKwPcY9E+fkKiI=
-----END CERTIFICATE-----
Generated at Wed Nov 5 18:12:26 2025 by rpki-client