Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F361D9FB/0B03F3D696D011F0857559ACDAE4EC9C/F0E25D4296D111F0B15D59B9DAE4EC9C.roa
File: F0E25D4296D111F0B15D59B9DAE4EC9C.roa (raw, json)
Hash identifier: vnm/ifaL7Ebf2vByDeiWlvUsn0dciMWBz8R2eRYAChk=
Subject key identifier: B8:B0:F5:47:10:F2:4F:2E:07:41:18:F8:38:B4:C7:DC:9A:52:54:84
Certificate issuer: /CN=F361D9FBAF/serialNumber=DB9FE3747FEB84268D60499E0BBE0F9BF43B2EA3
Certificate serial: 02
Authority key identifier: DB:9F:E3:74:7F:EB:84:26:8D:60:49:9E:0B:BE:0F:9B:F4:3B:2E:A3
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/25_jdH_rhCaNYEmeC74Pm_Q7LqM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F361D9FB/0B03F3D696D011F0857559ACDAE4EC9C/F0E25D4296D111F0B15D59B9DAE4EC9C.roa
Signing time: Sun 21 Sep 2025 10:01:29 +0000
ROA not before: Sun 21 Sep 2025 10:01:22 +0000
ROA not after: Tue 21 Sep 2027 10:01:22 +0000
asID: 329237
IP address blocks: 102.212.64.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F361D9FB/0B03F3D696D011F0857559ACDAE4EC9C/25_jdH_rhCaNYEmeC74Pm_Q7LqM.crl
rsync://rpki.afrinic.net/repository/member_repository/F361D9FB/0B03F3D696D011F0857559ACDAE4EC9C/25_jdH_rhCaNYEmeC74Pm_Q7LqM.mft
rsync://rpki.afrinic.net/repository/afrinic/25_jdH_rhCaNYEmeC74Pm_Q7LqM.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 22 Oct 2025 00:06:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F361D9FBAF, serialNumber=DB9FE3747FEB84268D60499E0BBE0F9BF43B2EA3
Validity
Not Before: Sep 21 10:01:22 2025 GMT
Not After : Sep 21 10:01:22 2027 GMT
Subject: CN=68cfccf8-3971
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:e6:a9:a2:e5:5d:1b:80:c6:3f:83:c1:5a:60:
1a:05:15:25:bc:35:c2:d7:93:37:f5:48:01:7d:3f:
bb:16:02:55:84:e5:8a:2f:1f:27:64:a3:f7:1d:2b:
4d:5e:86:76:f6:86:7b:b6:fb:2d:46:8d:c4:5b:9d:
f4:e6:07:ea:b4:a1:6e:11:67:4c:33:2c:93:36:b5:
39:ff:39:9d:d0:23:d4:aa:fd:11:28:5a:d5:de:67:
77:9f:b2:5e:79:f0:4a:b3:61:82:f4:78:5d:fe:e8:
91:c8:7b:ef:a3:d8:94:f3:53:26:b4:c0:c8:99:9b:
51:33:af:b3:ce:06:0d:9f:25:81:1c:03:c9:ef:95:
92:cb:f8:9c:ad:3d:51:25:a5:66:76:bf:e0:7b:77:
82:c5:7d:2c:6e:f7:42:b2:62:a2:76:4d:bf:b0:9d:
ba:31:0b:06:4f:30:0f:56:78:d5:20:2e:80:0e:57:
41:11:b5:d5:6b:7d:ab:ef:2b:cb:f8:77:52:b3:00:
b4:07:ec:db:ce:16:9f:95:91:c8:69:45:a6:d5:5e:
bf:c1:1a:c2:db:95:b7:90:f3:68:79:92:26:62:d7:
0c:eb:14:5b:94:e7:8a:fb:86:b5:76:82:09:7e:74:
57:0b:12:8e:14:1e:01:a7:de:ce:d9:2b:ed:5f:47:
6e:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:B0:F5:47:10:F2:4F:2E:07:41:18:F8:38:B4:C7:DC:9A:52:54:84
X509v3 Authority Key Identifier:
keyid:DB:9F:E3:74:7F:EB:84:26:8D:60:49:9E:0B:BE:0F:9B:F4:3B:2E:A3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F361D9FB/0B03F3D696D011F0857559ACDAE4EC9C/25_jdH_rhCaNYEmeC74Pm_Q7LqM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/25_jdH_rhCaNYEmeC74Pm_Q7LqM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F361D9FB/0B03F3D696D011F0857559ACDAE4EC9C/F0E25D4296D111F0B15D59B9DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.212.64.0/23
Signature Algorithm: sha256WithRSAEncryption
50:ad:cd:3a:46:65:6f:e1:e3:72:8a:68:6b:67:da:17:1e:53:
c2:e9:a8:bd:6f:a3:82:ea:bd:01:cc:5c:d6:5b:d3:b6:ef:d5:
20:f4:10:ee:a3:84:e1:2c:84:49:63:05:97:53:3d:b1:dc:df:
97:b6:67:04:93:7d:bd:0a:58:01:90:bb:c8:80:58:e7:89:f5:
02:93:61:75:87:87:e1:d8:32:52:64:0b:55:4d:5c:b2:40:92:
4e:49:c7:9f:e4:78:62:58:e1:96:73:d5:38:0c:d4:dc:3d:3c:
b1:f2:d9:c0:b9:41:73:10:07:61:6c:41:9a:b1:b8:41:93:b6:
9e:43:44:96:ff:4d:74:f5:35:03:74:7b:ed:1a:0b:ae:57:a9:
ef:14:97:30:d2:56:02:1b:ac:a4:3f:18:ca:90:2b:ab:ec:10:
9a:ae:eb:bd:ce:42:ae:84:77:9b:88:25:82:91:e2:d1:60:23:
fb:6c:a9:48:10:ee:0b:a8:7f:6f:0f:a9:dc:3e:90:e9:6f:4d:
0a:1e:cc:9f:e4:1f:d0:40:13:b4:fe:70:4b:9b:4c:ba:55:ae:
7d:3b:b1:3b:e5:8b:b6:92:6e:7f:b8:55:df:ba:50:98:d6:f9:
af:56:7e:c3:da:a4:94:2e:54:34:ad:aa:16:75:70:65:f8:52:
b1:2f:2c:7a
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzYx
RDlGQkFGMTEwLwYDVQQFEyhEQjlGRTM3NDdGRUI4NDI2OEQ2MDQ5OUUwQkJFMEY5
QkY0M0IyRUEzMB4XDTI1MDkyMTEwMDEyMloXDTI3MDkyMTEwMDEyMlowGDEWMBQG
A1UEAxMNNjhjZmNjZjgtMzk3MTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL7mqaLlXRuAxj+DwVpgGgUVJbw1wteTN/VIAX0/uxYCVYTlii8fJ2Sj9x0r
TV6GdvaGe7b7LUaNxFud9OYH6rShbhFnTDMskza1Of85ndAj1Kr9ESha1d5nd5+y
XnnwSrNhgvR4Xf7okch776PYlPNTJrTAyJmbUTOvs84GDZ8lgRwDye+Vksv4nK09
USWlZna/4Ht3gsV9LG73QrJionZNv7CdujELBk8wD1Z41SAugA5XQRG11Wt9q+8r
y/h3UrMAtAfs284Wn5WRyGlFptVev8EawtuVt5DzaHmSJmLXDOsUW5TnivuGtXaC
CX50VwsSjhQeAafeztkr7V9HbjcCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBS4sPVH
EPJPLgdBGPg4tMfcmlJUhDAfBgNVHSMEGDAWgBTbn+N0f+uEJo1gSZ4Lvg+b9Dsu
ozAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2MUQ5RkIvMEIwM0YzRDY5NkQwMTFGMDg1NzU1OUFDREFFNEVDOUMvMjVfamRI
X3JoQ2FOWUVtZUM3NFBtX1E3THFNLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvMjVfamRIX3JoQ2FOWUVtZUM3NFBtX1E3THFNLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2MUQ5RkIvMEIwM0YzRDY5NkQwMTFGMDg1NzU1OUFDREFF
NEVDOUMvRjBFMjVENDI5NkQxMTFGMEIxNUQ1OUI5REFFNEVDOUMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAWbUQDANBgkqhkiG9w0BAQsF
AAOCAQEAUK3NOkZlb+Hjcopoa2faFx5TwumovW+jguq9Acxc1lvTtu/VIPQQ7qOE
4SyESWMFl1M9sdzfl7ZnBJN9vQpYAZC7yIBY54n1ApNhdYeH4dgyUmQLVU1cskCS
TknHn+R4YljhlnPVOAzU3D08sfLZwLlBcxAHYWxBmrG4QZO2nkNElv9NdPU1A3R7
7RoLrlep7xSXMNJWAhuspD8YypArq+wQmq7rvc5CroR3m4glgpHi0WAj+2ypSBDu
C6h/bw+p3D6Q6W9NCh7Mn+Qf0EATtP5wS5tMulWufTuxO+WLtpJuf7hV37pQmNb5
r1Z+w9qklC5UNK2qFnVwZfhSsS8seg==
-----END CERTIFICATE-----
Generated at Mon Oct 20 22:16:42 2025 by rpki-client