Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F361F0D8/DFB88F80A3BC11F0AC8272E5DAE4EC9C/8FDC3D26A3BD11F0B640C8E9DAE4EC9C.roa
File: 8FDC3D26A3BD11F0B640C8E9DAE4EC9C.roa (raw, json)
Hash identifier: z+EMCGVRvbS1M60Ygkphk04UU0Xnx+NfxQ7EP0ilmi0=
Subject key identifier: 7C:3C:E6:D8:B2:16:F9:1B:3E:E0:77:70:7A:E8:7D:F2:65:52:24:3F
Certificate issuer: /CN=F361F0D8AF/serialNumber=C83989863267D1364BC73F75E37CD6D2B7FEC987
Certificate serial: 02
Authority key identifier: C8:39:89:86:32:67:D1:36:4B:C7:3F:75:E3:7C:D6:D2:B7:FE:C9:87
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/yDmJhjJn0TZLxz9143zW0rf-yYc.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F361F0D8/DFB88F80A3BC11F0AC8272E5DAE4EC9C/8FDC3D26A3BD11F0B640C8E9DAE4EC9C.roa
Signing time: Tue 07 Oct 2025 20:38:21 +0000
ROA not before: Tue 07 Oct 2025 20:38:15 +0000
ROA not after: Mon 07 Oct 2030 20:38:15 +0000
asID: 329633
IP address blocks: 102.204.125.0/24 maxlen: 24
2c0f:39c0::/32 maxlen: 64
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F361F0D8/DFB88F80A3BC11F0AC8272E5DAE4EC9C/yDmJhjJn0TZLxz9143zW0rf-yYc.crl
rsync://rpki.afrinic.net/repository/member_repository/F361F0D8/DFB88F80A3BC11F0AC8272E5DAE4EC9C/yDmJhjJn0TZLxz9143zW0rf-yYc.mft
rsync://rpki.afrinic.net/repository/afrinic/yDmJhjJn0TZLxz9143zW0rf-yYc.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 05:17:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F361F0D8AF, serialNumber=C83989863267D1364BC73F75E37CD6D2B7FEC987
Validity
Not Before: Oct 7 20:38:15 2025 GMT
Not After : Oct 7 20:38:15 2030 GMT
Subject: CN=68e57a3d-8bde
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:08:eb:7e:ea:81:8a:53:34:13:6b:07:e5:26:
b5:eb:78:7f:97:6d:ad:52:03:ec:d0:06:97:4f:3d:
8f:98:f8:38:ef:ad:73:c7:73:30:d6:0c:88:8b:a3:
cc:1b:e3:a2:47:75:77:81:b9:15:b1:29:39:97:75:
11:65:35:40:08:f0:da:42:be:b2:3e:0f:a5:91:a7:
a5:52:74:8e:72:8c:69:a9:3c:dc:c9:68:33:ca:5d:
54:11:52:d8:5a:fd:da:a9:5e:53:18:39:ad:b1:e7:
66:17:35:e5:8b:8d:2a:eb:41:ff:c8:37:3d:bc:dd:
f3:6f:22:bf:c1:7f:8e:3b:f0:12:ea:0c:ff:99:b7:
f1:1b:36:6b:ae:5f:d5:da:84:84:d8:85:d8:cb:a8:
22:e9:97:07:ad:72:15:32:66:dc:36:7e:b5:80:4f:
ee:8f:1e:38:2c:56:da:c7:4b:40:b6:34:b5:63:84:
56:f1:8a:25:8a:d1:45:fd:fb:41:2e:4c:3f:63:dc:
f2:cc:c9:a6:3d:2b:38:17:f6:d7:ff:99:9f:2e:44:
87:69:25:d7:65:5d:0e:6e:9d:8f:f1:5f:99:d9:9c:
40:5d:3e:fe:6e:2b:5a:00:f9:29:27:29:8a:0a:3f:
4a:94:18:59:77:40:9a:39:2a:44:dd:a9:a5:50:c1:
85:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:3C:E6:D8:B2:16:F9:1B:3E:E0:77:70:7A:E8:7D:F2:65:52:24:3F
X509v3 Authority Key Identifier:
keyid:C8:39:89:86:32:67:D1:36:4B:C7:3F:75:E3:7C:D6:D2:B7:FE:C9:87
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F361F0D8/DFB88F80A3BC11F0AC8272E5DAE4EC9C/yDmJhjJn0TZLxz9143zW0rf-yYc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/yDmJhjJn0TZLxz9143zW0rf-yYc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F361F0D8/DFB88F80A3BC11F0AC8272E5DAE4EC9C/8FDC3D26A3BD11F0B640C8E9DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.204.125.0/24
IPv6:
2c0f:39c0::/32
Signature Algorithm: sha256WithRSAEncryption
93:c8:be:fc:55:6c:37:cd:81:44:ee:be:3c:c1:0f:09:ff:f8:
1d:ef:56:80:dc:7c:0f:5d:c1:68:70:01:10:e8:a8:ca:a8:74:
db:f0:23:cd:5e:45:b4:9d:3b:e1:c4:65:bc:1e:dd:d7:e5:0e:
54:0f:ea:1b:11:a4:e8:92:61:fe:8a:42:f9:b3:cd:62:8b:15:
49:df:3a:a2:7e:92:73:be:a2:08:91:4a:02:53:65:0b:d0:f1:
21:c1:8c:ec:fa:92:2e:2a:08:64:57:f1:08:3a:19:a3:bc:4a:
31:0a:22:aa:f9:2e:a3:26:2a:12:d7:b1:cb:33:a5:6d:11:e4:
2a:5c:f4:86:04:eb:0e:cf:7f:f8:17:4b:18:a2:28:24:1d:66:
8b:bf:25:c9:2b:18:77:dc:0d:0c:6a:e5:aa:39:7e:70:f8:cb:
92:12:25:f7:74:25:5c:af:35:d5:76:15:65:9f:56:c9:3a:11:
85:f5:04:76:95:65:65:89:62:d4:80:03:d4:35:2c:43:e6:ab:
03:2f:65:7b:43:10:bc:20:33:69:c3:7a:bd:55:10:12:0b:b4:
d0:e2:b4:68:9c:89:62:a9:18:12:0c:a6:61:74:aa:d9:31:03:
59:11:42:d0:88:cf:5e:d7:e4:74:76:09:44:c4:1d:ca:e3:85:
8f:74:13:e8
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzYx
RjBEOEFGMTEwLwYDVQQFEyhDODM5ODk4NjMyNjdEMTM2NEJDNzNGNzVFMzdDRDZE
MkI3RkVDOTg3MB4XDTI1MTAwNzIwMzgxNVoXDTMwMTAwNzIwMzgxNVowGDEWMBQG
A1UEAxMNNjhlNTdhM2QtOGJkZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALgI637qgYpTNBNrB+Umtet4f5dtrVID7NAGl089j5j4OO+tc8dzMNYMiIuj
zBvjokd1d4G5FbEpOZd1EWU1QAjw2kK+sj4PpZGnpVJ0jnKMaak83MloM8pdVBFS
2Fr92qleUxg5rbHnZhc15YuNKutB/8g3Pbzd828iv8F/jjvwEuoM/5m38Rs2a65f
1dqEhNiF2MuoIumXB61yFTJm3DZ+tYBP7o8eOCxW2sdLQLY0tWOEVvGKJYrRRf37
QS5MP2Pc8szJpj0rOBf21/+Zny5Eh2kl12VdDm6dj/FfmdmcQF0+/m4rWgD5KScp
igo/SpQYWXdAmjkqRN2ppVDBhUMCAwEAAaOCArQwggKwMB0GA1UdDgQWBBR8PObY
shb5Gz7gd3B66H3yZVIkPzAfBgNVHSMEGDAWgBTIOYmGMmfRNkvHP3XjfNbSt/7J
hzAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2MUYwRDgvREZCODhGODBBM0JDMTFGMEFDODI3MkU1REFFNEVDOUMveURtSmhq
Sm4wVFpMeHo5MTQzelcwcmYteVljLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMveURtSmhqSm4wVFpMeHo5MTQzelcwcmYteVljLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2MUYwRDgvREZCODhGODBBM0JDMTFGMEFDODI3MkU1REFF
NEVDOUMvOEZEQzNEMjZBM0JEMTFGMEI2NDBDOEU5REFFNEVDOUMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAGbMfTANBAIAAjAHAwUALA85
wDANBgkqhkiG9w0BAQsFAAOCAQEAk8i+/FVsN82BRO6+PMEPCf/4He9WgNx8D13B
aHABEOioyqh02/AjzV5FtJ074cRlvB7d1+UOVA/qGxGk6JJh/opC+bPNYosVSd86
on6Sc76iCJFKAlNlC9DxIcGM7PqSLioIZFfxCDoZo7xKMQoiqvkuoyYqEtexyzOl
bRHkKlz0hgTrDs9/+BdLGKIoJB1mi78lySsYd9wNDGrlqjl+cPjLkhIl93QlXK81
1XYVZZ9WyToRhfUEdpVlZYli1IAD1DUsQ+arAy9le0MQvCAzacN6vVUQEgu00OK0
aJyJYqkYEgymYXSq2TEDWRFC0IjPXtfkdHYJRMQdyuOFj3QT6A==
-----END CERTIFICATE-----
Generated at Mon Oct 20 02:05:53 2025 by rpki-client