Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36140BE/460BB22890C911F0B205E2A2DAE4EC9C/D704627E9FA711F0AE676DECDAE4EC9C.roa
File: D704627E9FA711F0AE676DECDAE4EC9C.roa (raw, json)
Hash identifier: BqV/lP8uuL2ApbHKzJeE3D1q4Mc4xs/Cra4YjPUTjuE=
Subject key identifier: FE:75:DB:E8:FE:36:92:59:89:C4:C4:8C:46:B4:01:0D:EE:D8:F6:55
Certificate issuer: /CN=F36140BEAF/serialNumber=984574043D91AF402827B7DA4C9924F456CE4ADE
Certificate serial: 18
Authority key identifier: 98:45:74:04:3D:91:AF:40:28:27:B7:DA:4C:99:24:F4:56:CE:4A:DE
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/mEV0BD2Rr0AoJ7faTJkk9FbOSt4.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36140BE/460BB22890C911F0B205E2A2DAE4EC9C/D704627E9FA711F0AE676DECDAE4EC9C.roa
Signing time: Thu 02 Oct 2025 15:52:47 +0000
ROA not before: Thu 02 Oct 2025 15:52:42 +0000
ROA not after: Mon 01 Oct 2040 15:52:42 +0000
asID: 329539
IP address blocks: 102.205.216.0/24 maxlen: 24
102.205.217.0/24 maxlen: 24
102.205.218.0/24 maxlen: 24
102.205.219.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36140BE/460BB22890C911F0B205E2A2DAE4EC9C/mEV0BD2Rr0AoJ7faTJkk9FbOSt4.crl
rsync://rpki.afrinic.net/repository/member_repository/F36140BE/460BB22890C911F0B205E2A2DAE4EC9C/mEV0BD2Rr0AoJ7faTJkk9FbOSt4.mft
rsync://rpki.afrinic.net/repository/afrinic/mEV0BD2Rr0AoJ7faTJkk9FbOSt4.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 05:16:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 24 (0x18)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36140BEAF, serialNumber=984574043D91AF402827B7DA4C9924F456CE4ADE
Validity
Not Before: Oct 2 15:52:42 2025 GMT
Not After : Oct 1 15:52:42 2040 GMT
Subject: CN=68de9fcf-fdb4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:cc:f9:7d:eb:99:04:c5:9a:e2:6f:1d:4f:d2:
ff:5d:e8:5f:b6:69:94:37:5d:c1:4a:e9:4f:e1:c0:
ef:84:0d:38:73:16:12:dd:a0:e0:59:93:d4:32:75:
0c:73:0a:d0:cf:39:bb:47:53:43:fa:87:cd:44:89:
9e:68:30:a1:70:59:ca:05:97:9c:81:7b:4b:10:33:
5a:1b:47:98:9b:77:e6:d4:26:60:48:e3:91:b5:b8:
d1:e5:d1:b6:1c:a2:d7:89:de:7d:60:13:36:9f:6f:
51:6a:8b:e0:31:c7:29:cd:e0:fe:c2:73:91:34:a4:
8d:58:18:d2:12:17:fa:75:69:10:d5:7f:3c:89:41:
d5:89:a7:ef:e1:b2:50:b3:c9:ba:e1:5b:79:ce:39:
58:85:cc:f6:ca:f6:3c:dc:5b:11:39:d0:be:35:28:
e5:f2:20:68:59:77:f4:0f:a9:02:e0:4a:54:9a:e0:
b5:f6:2c:f6:d7:ca:2e:4f:6c:2b:36:ed:36:96:8f:
9a:de:b7:18:25:99:ae:12:5d:d7:1b:11:b2:7b:46:
e2:0f:ec:55:81:37:19:94:ee:e0:cc:15:b8:28:82:
b6:02:1b:13:2a:6a:2f:5c:28:b5:a2:64:a4:d6:e0:
b2:57:a9:ab:cc:46:5a:90:a7:e3:17:b0:0e:51:55:
84:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:75:DB:E8:FE:36:92:59:89:C4:C4:8C:46:B4:01:0D:EE:D8:F6:55
X509v3 Authority Key Identifier:
keyid:98:45:74:04:3D:91:AF:40:28:27:B7:DA:4C:99:24:F4:56:CE:4A:DE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36140BE/460BB22890C911F0B205E2A2DAE4EC9C/mEV0BD2Rr0AoJ7faTJkk9FbOSt4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/mEV0BD2Rr0AoJ7faTJkk9FbOSt4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36140BE/460BB22890C911F0B205E2A2DAE4EC9C/D704627E9FA711F0AE676DECDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.205.216.0/22
Signature Algorithm: sha256WithRSAEncryption
32:c1:53:9f:dc:cf:6c:4a:fc:7b:58:d4:44:9b:a5:02:3d:3a:
1d:73:35:06:41:46:e1:e0:47:51:a7:62:01:2a:1d:df:b1:f4:
58:49:23:fa:45:c2:62:85:66:21:e2:3d:01:21:9e:50:f7:26:
c7:3f:45:52:7e:6d:13:95:ca:d1:6b:72:19:50:41:79:f0:f5:
5a:8e:25:98:9f:b2:01:aa:db:60:97:12:73:33:dc:f1:bb:da:
91:d6:e9:7b:2f:57:4a:41:ab:9c:61:ed:fb:3d:89:1f:3a:f3:
d1:8b:3e:09:b9:c7:fd:e7:5c:dd:8a:9b:ed:b9:4b:53:01:9e:
05:77:99:4d:dc:9a:8d:e3:50:59:7e:53:17:44:4a:74:30:77:
bf:e3:92:ba:71:98:72:65:28:8d:f4:3c:53:31:36:03:74:82:
f5:65:e3:94:7b:c3:d1:3a:15:c4:ca:ba:83:89:4d:33:7f:fc:
f0:66:f0:87:6d:65:39:7c:31:7c:f8:11:b1:06:cd:ef:f9:2d:
b0:eb:a5:3b:f9:63:7a:9b:fb:ab:41:09:f3:2a:75:e1:86:97:
83:42:40:1f:82:b7:af:5f:fb:8b:f4:01:16:12:a3:2f:06:60:
58:e4:b5:1e:2a:df:ed:8b:b4:16:f2:ce:45:00:3d:8c:5a:5f:
b0:48:86:ca
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBGDANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzYx
NDBCRUFGMTEwLwYDVQQFEyg5ODQ1NzQwNDNEOTFBRjQwMjgyN0I3REE0Qzk5MjRG
NDU2Q0U0QURFMB4XDTI1MTAwMjE1NTI0MloXDTQwMTAwMTE1NTI0MlowGDEWMBQG
A1UEAxMNNjhkZTlmY2YtZmRiNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMnM+X3rmQTFmuJvHU/S/13oX7ZplDddwUrpT+HA74QNOHMWEt2g4FmT1DJ1
DHMK0M85u0dTQ/qHzUSJnmgwoXBZygWXnIF7SxAzWhtHmJt35tQmYEjjkbW40eXR
thyi14nefWATNp9vUWqL4DHHKc3g/sJzkTSkjVgY0hIX+nVpENV/PIlB1Ymn7+Gy
ULPJuuFbec45WIXM9sr2PNxbETnQvjUo5fIgaFl39A+pAuBKVJrgtfYs9tfKLk9s
KzbtNpaPmt63GCWZrhJd1xsRsntG4g/sVYE3GZTu4MwVuCiCtgIbEypqL1wotaJk
pNbgslepq8xGWpCn4xewDlFVhN0CAwEAAaOCAqUwggKhMB0GA1UdDgQWBBT+ddvo
/jaSWYnExIxGtAEN7tj2VTAfBgNVHSMEGDAWgBSYRXQEPZGvQCgnt9pMmST0Vs5K
3jAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2MTQwQkUvNDYwQkIyMjg5MEM5MTFGMEIyMDVFMkEyREFFNEVDOUMvbUVWMEJE
MlJyMEFvSjdmYVRKa2s5RmJPU3Q0LmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvbUVWMEJEMlJyMEFvSjdmYVRKa2s5RmJPU3Q0LmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2MTQwQkUvNDYwQkIyMjg5MEM5MTFGMEIyMDVFMkEyREFF
NEVDOUMvRDcwNDYyN0U5RkE3MTFGMEFFNjc2REVDREFFNEVDOUMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAmbN2DANBgkqhkiG9w0BAQsF
AAOCAQEAMsFTn9zPbEr8e1jURJulAj06HXM1BkFG4eBHUadiASod37H0WEkj+kXC
YoVmIeI9ASGeUPcmxz9FUn5tE5XK0WtyGVBBefD1Wo4lmJ+yAarbYJcSczPc8bva
kdbpey9XSkGrnGHt+z2JHzrz0Ys+CbnH/edc3Yqb7blLUwGeBXeZTdyajeNQWX5T
F0RKdDB3v+OSunGYcmUojfQ8UzE2A3SC9WXjlHvD0ToVxMq6g4lNM3/88Gbwh21l
OXwxfPgRsQbN7/ktsOulO/ljepv7q0EJ8yp14YaXg0JAH4K3r1/7i/QBFhKjLwZg
WOS1Hirf7Yu0FvLORQA9jFpfsEiGyg==
-----END CERTIFICATE-----
Generated at Mon Oct 20 02:05:54 2025 by rpki-client