
Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F361F0D8/DFB88F80A3BC11F0AC8272E5DAE4EC9C/5598B34AA8D311F09951D4DFDAE4EC9C.roa
File: 5598B34AA8D311F09951D4DFDAE4EC9C.roa (raw, json)
Hash identifier: ekkmLGUII3HkbjQJ5DqbrnE5zNaEvepsyMeJezGqRJY=
Subject key identifier: 73:16:48:04:EF:E8:65:F6:29:4E:7C:C9:0E:7D:29:D6:C2:AC:E2:CC
Certificate issuer: /CN=F361F0D8AF/serialNumber=C83989863267D1364BC73F75E37CD6D2B7FEC987
Certificate serial: 0C
Authority key identifier: C8:39:89:86:32:67:D1:36:4B:C7:3F:75:E3:7C:D6:D2:B7:FE:C9:87
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/yDmJhjJn0TZLxz9143zW0rf-yYc.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F361F0D8/DFB88F80A3BC11F0AC8272E5DAE4EC9C/5598B34AA8D311F09951D4DFDAE4EC9C.roa
Signing time: Tue 14 Oct 2025 07:56:48 +0000
ROA not before: Tue 14 Oct 2025 07:56:41 +0000
ROA not after: Mon 07 Oct 2030 07:56:41 +0000
asID: 396982
IP address blocks: 102.204.125.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F361F0D8/DFB88F80A3BC11F0AC8272E5DAE4EC9C/yDmJhjJn0TZLxz9143zW0rf-yYc.crl
rsync://rpki.afrinic.net/repository/member_repository/F361F0D8/DFB88F80A3BC11F0AC8272E5DAE4EC9C/yDmJhjJn0TZLxz9143zW0rf-yYc.mft
rsync://rpki.afrinic.net/repository/afrinic/yDmJhjJn0TZLxz9143zW0rf-yYc.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 22 Oct 2025 00:06:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 12 (0xc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F361F0D8AF, serialNumber=C83989863267D1364BC73F75E37CD6D2B7FEC987
Validity
Not Before: Oct 14 07:56:41 2025 GMT
Not After : Oct 7 07:56:41 2030 GMT
Subject: CN=68ee0240-82e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:79:29:f6:c9:e3:73:22:66:36:8e:e7:2c:d7:
d4:c6:3e:0d:2d:26:3d:0a:66:81:5b:17:a8:7f:11:
c0:6c:c5:35:fe:df:24:9c:4f:9a:22:5f:9d:1d:ce:
89:31:c3:03:f9:1a:be:ad:34:19:08:ee:71:a5:cf:
91:54:66:6a:7e:a6:57:b7:c1:64:9a:89:3f:45:a0:
48:d9:7b:9f:4d:d1:c3:8d:12:c2:ea:9c:3e:7b:1a:
cb:af:4c:64:8d:69:d1:92:d1:c4:f1:0d:a6:6b:b3:
1b:e7:42:c3:dc:1b:9f:d8:cc:c1:bc:a0:62:5e:a8:
a4:67:53:dc:52:3a:75:64:e1:ee:f7:07:08:70:f4:
c5:29:03:22:d4:63:ad:d2:2c:bc:fa:37:4b:25:9d:
51:c3:d6:8e:a5:38:2d:db:ad:04:8f:0a:ef:a5:59:
6e:a8:d5:c8:f0:d5:5f:28:39:90:2a:29:74:6a:5f:
4f:08:7f:2a:11:36:cd:b4:49:77:f0:7c:57:e4:f1:
e9:30:87:e0:b4:7f:f9:6c:93:7e:45:3f:fb:09:5d:
bc:33:a6:20:8d:04:f9:93:c5:74:59:6d:12:28:b7:
cc:89:d3:5d:d8:37:3b:5c:1b:bf:5f:aa:32:e1:8a:
82:d9:46:97:af:a8:25:f8:b4:7a:31:f2:6d:62:0c:
34:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:16:48:04:EF:E8:65:F6:29:4E:7C:C9:0E:7D:29:D6:C2:AC:E2:CC
X509v3 Authority Key Identifier:
keyid:C8:39:89:86:32:67:D1:36:4B:C7:3F:75:E3:7C:D6:D2:B7:FE:C9:87
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F361F0D8/DFB88F80A3BC11F0AC8272E5DAE4EC9C/yDmJhjJn0TZLxz9143zW0rf-yYc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/yDmJhjJn0TZLxz9143zW0rf-yYc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F361F0D8/DFB88F80A3BC11F0AC8272E5DAE4EC9C/5598B34AA8D311F09951D4DFDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.204.125.0/24
Signature Algorithm: sha256WithRSAEncryption
20:d0:e9:43:4d:5d:c5:c6:d8:06:3e:5b:68:d2:d7:8a:15:1c:
16:ab:a1:09:36:db:16:d9:45:89:25:e4:42:6b:f4:75:f2:77:
5a:13:c6:05:14:7a:74:39:9b:ce:81:fc:ee:b5:8e:fc:87:86:
d3:37:de:69:cd:83:3a:b5:4a:a1:c8:f5:06:c7:a3:50:42:73:
87:f3:2f:39:db:71:d4:0d:32:87:d1:76:c3:75:2e:7e:8b:1d:
d1:77:69:9b:6f:35:59:93:e4:89:8a:26:31:67:9b:3f:60:a1:
2a:6a:da:c6:22:87:97:e0:e4:f4:fc:0c:ea:2a:72:65:22:72:
e6:fb:fe:23:38:e3:29:e4:ca:34:66:4e:0e:6c:6e:a4:a3:eb:
0c:ed:22:96:8f:a4:42:ca:8d:32:0e:22:7b:69:43:c7:3b:43:
57:4e:d3:1f:9e:38:49:0f:a5:9e:ee:53:f3:10:16:85:b2:38:
d0:c4:d5:30:11:41:6a:74:74:e0:3e:cf:03:a8:eb:66:05:d0:
5a:95:c7:38:23:00:2b:d2:fa:66:24:a1:75:2a:9c:d9:8c:72:
e1:bb:58:d8:68:7a:52:23:61:c8:bd:1a:b5:0c:ad:f3:b2:68:
d5:2a:0f:61:ff:70:f1:5e:46:ee:14:e1:84:a9:78:5c:ee:ad:
1f:ca:1c:bd
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBDDANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzYx
RjBEOEFGMTEwLwYDVQQFEyhDODM5ODk4NjMyNjdEMTM2NEJDNzNGNzVFMzdDRDZE
MkI3RkVDOTg3MB4XDTI1MTAxNDA3NTY0MVoXDTMwMTAwNzA3NTY0MVowGDEWMBQG
A1UEAxMNNjhlZTAyNDAtODJlNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKl5KfbJ43MiZjaO5yzX1MY+DS0mPQpmgVsXqH8RwGzFNf7fJJxPmiJfnR3O
iTHDA/kavq00GQjucaXPkVRman6mV7fBZJqJP0WgSNl7n03Rw40SwuqcPnsay69M
ZI1p0ZLRxPENpmuzG+dCw9wbn9jMwbygYl6opGdT3FI6dWTh7vcHCHD0xSkDItRj
rdIsvPo3SyWdUcPWjqU4LdutBI8K76VZbqjVyPDVXyg5kCopdGpfTwh/KhE2zbRJ
d/B8V+Tx6TCH4LR/+WyTfkU/+wldvDOmII0E+ZPFdFltEii3zInTXdg3O1wbv1+q
MuGKgtlGl6+oJfi0ejHybWIMNIUCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBRzFkgE
7+hl9ilOfMkOfSnWwqzizDAfBgNVHSMEGDAWgBTIOYmGMmfRNkvHP3XjfNbSt/7J
hzAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2MUYwRDgvREZCODhGODBBM0JDMTFGMEFDODI3MkU1REFFNEVDOUMveURtSmhq
Sm4wVFpMeHo5MTQzelcwcmYteVljLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMveURtSmhqSm4wVFpMeHo5MTQzelcwcmYteVljLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2MUYwRDgvREZCODhGODBBM0JDMTFGMEFDODI3MkU1REFF
NEVDOUMvNTU5OEIzNEFBOEQzMTFGMDk5NTFENERGREFFNEVDOUMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAGbMfTANBgkqhkiG9w0BAQsF
AAOCAQEAINDpQ01dxcbYBj5baNLXihUcFquhCTbbFtlFiSXkQmv0dfJ3WhPGBRR6
dDmbzoH87rWO/IeG0zfeac2DOrVKocj1BsejUEJzh/MvOdtx1A0yh9F2w3Uufosd
0Xdpm281WZPkiYomMWebP2ChKmraxiKHl+Dk9PwM6ipyZSJy5vv+IzjjKeTKNGZO
DmxupKPrDO0ilo+kQsqNMg4ie2lDxztDV07TH544SQ+lnu5T8xAWhbI40MTVMBFB
anR04D7PA6jrZgXQWpXHOCMAK9L6ZiShdSqc2Yxy4btY2Gh6UiNhyL0atQyt87Jo
1SoPYf9w8V5G7hThhKl4XO6tH8ocvQ==
-----END CERTIFICATE-----
Generated at Mon Oct 20 14:52:26 2025 by rpki-client