Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36140BE/460BB22890C911F0B205E2A2DAE4EC9C/A9D5E30EA92011F096A97AC9DAE4EC9C.roa
File: A9D5E30EA92011F096A97AC9DAE4EC9C.roa (raw, json)
Hash identifier: xH/JduiytuX5M9F33QPJm5me1RpcZKW8kf1cpCEleYg=
Subject key identifier: 3A:F6:5B:E4:6D:39:99:12:77:88:E6:74:78:AD:48:0B:F8:09:75:D5
Certificate issuer: /CN=F36140BEAF/serialNumber=984574043D91AF402827B7DA4C9924F456CE4ADE
Certificate serial: 27
Authority key identifier: 98:45:74:04:3D:91:AF:40:28:27:B7:DA:4C:99:24:F4:56:CE:4A:DE
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/mEV0BD2Rr0AoJ7faTJkk9FbOSt4.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36140BE/460BB22890C911F0B205E2A2DAE4EC9C/A9D5E30EA92011F096A97AC9DAE4EC9C.roa
Signing time: Tue 14 Oct 2025 17:10:21 +0000
ROA not before: Tue 14 Oct 2025 17:10:14 +0000
ROA not after: Mon 31 Dec 2035 17:10:14 +0000
asID: 329539
IP address blocks: 102.205.216.0/22 maxlen: 24
2c0f:5fc0::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36140BE/460BB22890C911F0B205E2A2DAE4EC9C/mEV0BD2Rr0AoJ7faTJkk9FbOSt4.crl
rsync://rpki.afrinic.net/repository/member_repository/F36140BE/460BB22890C911F0B205E2A2DAE4EC9C/mEV0BD2Rr0AoJ7faTJkk9FbOSt4.mft
rsync://rpki.afrinic.net/repository/afrinic/mEV0BD2Rr0AoJ7faTJkk9FbOSt4.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 05:16:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 39 (0x27)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36140BEAF, serialNumber=984574043D91AF402827B7DA4C9924F456CE4ADE
Validity
Not Before: Oct 14 17:10:14 2025 GMT
Not After : Dec 31 17:10:14 2035 GMT
Subject: CN=68ee83fc-f279
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:ee:d7:b9:8f:ce:c0:c7:b9:3a:0f:90:12:bd:
c9:1c:72:c0:6e:88:8a:22:d7:2a:62:c0:11:c2:bf:
27:b4:43:f9:cb:e2:9d:f3:ce:5c:5d:09:8c:55:7a:
d0:81:10:cc:06:fe:1d:cc:ab:b2:74:40:f8:de:dd:
d5:13:0c:b8:f4:a9:3f:b3:12:31:09:21:63:fa:c1:
38:39:c5:2b:d0:76:c5:03:81:0f:8d:84:d7:95:c4:
72:09:1d:5f:43:7c:13:bf:a8:84:87:51:01:ff:aa:
48:8a:10:62:a5:9e:9a:87:3e:13:d5:d4:e2:43:f5:
33:23:bb:1d:17:ce:b3:33:a2:8c:9b:67:d4:47:38:
7b:61:1e:70:e6:53:3e:05:8f:f5:f2:51:c4:ec:8c:
29:d5:96:49:1c:13:bb:5c:34:63:92:63:62:cf:3c:
a7:8e:23:7d:c4:ee:ca:87:b6:50:79:8e:1f:f4:75:
01:c3:69:5f:c7:e2:51:81:61:20:bb:70:88:d3:c4:
32:f2:69:9a:60:60:e0:d9:7b:1c:55:cb:2f:b7:e8:
67:06:bd:0e:be:a7:3d:ea:91:8e:a8:54:99:e9:5f:
b0:8d:a3:ae:73:58:0b:19:b9:ad:1f:1e:5e:83:64:
b2:02:88:e9:5b:af:35:47:fe:5c:47:0d:4e:38:1e:
e2:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:F6:5B:E4:6D:39:99:12:77:88:E6:74:78:AD:48:0B:F8:09:75:D5
X509v3 Authority Key Identifier:
keyid:98:45:74:04:3D:91:AF:40:28:27:B7:DA:4C:99:24:F4:56:CE:4A:DE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36140BE/460BB22890C911F0B205E2A2DAE4EC9C/mEV0BD2Rr0AoJ7faTJkk9FbOSt4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/mEV0BD2Rr0AoJ7faTJkk9FbOSt4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36140BE/460BB22890C911F0B205E2A2DAE4EC9C/A9D5E30EA92011F096A97AC9DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.205.216.0/22
IPv6:
2c0f:5fc0::/32
Signature Algorithm: sha256WithRSAEncryption
10:e9:0d:89:70:24:b4:eb:a7:d5:9f:9b:ae:b3:3d:7d:6b:50:
fe:b9:32:41:8c:f2:56:3a:7e:42:9d:75:8b:7d:6a:1a:2d:da:
f2:0c:b9:f4:b9:46:ad:ee:19:4a:3f:62:68:8a:d8:91:35:25:
8d:0a:8a:b7:bb:05:81:f2:18:02:a7:97:a7:a8:7f:a8:7a:aa:
13:b2:5c:e8:af:90:ee:7a:46:ed:7d:65:90:c3:16:4f:39:0d:
4f:55:c4:9e:3e:90:4b:28:5e:a2:05:ed:7b:e3:8f:5a:6f:dc:
96:40:6f:6c:e6:06:0a:23:d2:e1:41:99:9d:8b:f2:45:d8:c3:
08:68:21:55:72:c5:a5:04:b3:ee:b6:84:8f:bf:f8:13:13:c8:
d2:c5:45:ed:31:43:c8:6b:42:bd:d8:48:98:e2:bc:90:d4:74:
0c:65:be:30:ce:75:23:d5:0b:15:f3:dc:8e:e4:46:19:1e:a3:
d5:20:92:54:5a:a1:12:3c:06:fb:03:37:82:b2:7c:e8:6e:74:
ad:1f:c9:ec:55:d1:1b:4d:f6:03:20:f2:15:59:7e:a2:c8:89:
63:25:08:eb:28:5b:f0:34:57:0e:6b:db:9b:88:3a:3a:b2:80:
bb:3a:86:e9:33:aa:ad:f2:39:b9:3c:77:5c:3b:8f:2a:cf:c6:
37:eb:1d:11
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgIBJzANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzYx
NDBCRUFGMTEwLwYDVQQFEyg5ODQ1NzQwNDNEOTFBRjQwMjgyN0I3REE0Qzk5MjRG
NDU2Q0U0QURFMB4XDTI1MTAxNDE3MTAxNFoXDTM1MTIzMTE3MTAxNFowGDEWMBQG
A1UEAxMNNjhlZTgzZmMtZjI3OTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMvu17mPzsDHuToPkBK9yRxywG6IiiLXKmLAEcK/J7RD+cvinfPOXF0JjFV6
0IEQzAb+HcyrsnRA+N7d1RMMuPSpP7MSMQkhY/rBODnFK9B2xQOBD42E15XEcgkd
X0N8E7+ohIdRAf+qSIoQYqWemoc+E9XU4kP1MyO7HRfOszOijJtn1Ec4e2EecOZT
PgWP9fJRxOyMKdWWSRwTu1w0Y5JjYs88p44jfcTuyoe2UHmOH/R1AcNpX8fiUYFh
ILtwiNPEMvJpmmBg4Nl7HFXLL7foZwa9Dr6nPeqRjqhUmelfsI2jrnNYCxm5rR8e
XoNksgKI6VuvNUf+XEcNTjge4lcCAwEAAaOCArQwggKwMB0GA1UdDgQWBBQ69lvk
bTmZEneI5nR4rUgL+Al11TAfBgNVHSMEGDAWgBSYRXQEPZGvQCgnt9pMmST0Vs5K
3jAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2MTQwQkUvNDYwQkIyMjg5MEM5MTFGMEIyMDVFMkEyREFFNEVDOUMvbUVWMEJE
MlJyMEFvSjdmYVRKa2s5RmJPU3Q0LmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvbUVWMEJEMlJyMEFvSjdmYVRKa2s5RmJPU3Q0LmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2MTQwQkUvNDYwQkIyMjg5MEM5MTFGMEIyMDVFMkEyREFF
NEVDOUMvQTlENUUzMEVBOTIwMTFGMDk2QTk3QUM5REFFNEVDOUMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAmbN2DANBAIAAjAHAwUALA9f
wDANBgkqhkiG9w0BAQsFAAOCAQEAEOkNiXAktOun1Z+brrM9fWtQ/rkyQYzyVjp+
Qp11i31qGi3a8gy59LlGre4ZSj9iaIrYkTUljQqKt7sFgfIYAqeXp6h/qHqqE7Jc
6K+Q7npG7X1lkMMWTzkNT1XEnj6QSyheogXte+OPWm/clkBvbOYGCiPS4UGZnYvy
RdjDCGghVXLFpQSz7raEj7/4ExPI0sVF7TFDyGtCvdhImOK8kNR0DGW+MM51I9UL
FfPcjuRGGR6j1SCSVFqhEjwG+wM3grJ86G50rR/J7FXRG032AyDyFVl+osiJYyUI
6yhb8DRXDmvbm4g6OrKAuzqG6TOqrfI5uTx3XDuPKs/GN+sdEQ==
-----END CERTIFICATE-----
Generated at Mon Oct 20 02:06:14 2025 by rpki-client