Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3626FA1/38CD12E87CB311F0A60F6AABDAE4EC9C/23AA3F847CB411F08F9595B0DAE4EC9C.roa
File: 23AA3F847CB411F08F9595B0DAE4EC9C.roa (raw, json)
Hash identifier: 3MSrx7uq5AEGHOWAFB7THkIOfn/SgWoN7PEmoZN2Nzo=
Subject key identifier: 20:72:FF:B4:35:31:7F:63:36:AB:72:0A:F3:3C:B4:E7:B0:67:EF:D0
Certificate issuer: /CN=F3626FA1AF/serialNumber=5FA12D71E96E2F818FB92490B3796F0B7701656D
Certificate serial: 02
Authority key identifier: 5F:A1:2D:71:E9:6E:2F:81:8F:B9:24:90:B3:79:6F:0B:77:01:65:6D
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/X6EtceluL4GPuSSQs3lvC3cBZW0.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3626FA1/38CD12E87CB311F0A60F6AABDAE4EC9C/23AA3F847CB411F08F9595B0DAE4EC9C.roa
Signing time: Tue 19 Aug 2025 04:22:39 +0000
ROA not before: Tue 19 Aug 2025 04:22:34 +0000
ROA not after: Mon 19 Aug 2030 04:22:34 +0000
asID: 329408
IP address blocks: 102.209.156.0/22 maxlen: 22
2c0f:2f40::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3626FA1/38CD12E87CB311F0A60F6AABDAE4EC9C/X6EtceluL4GPuSSQs3lvC3cBZW0.crl
rsync://rpki.afrinic.net/repository/member_repository/F3626FA1/38CD12E87CB311F0A60F6AABDAE4EC9C/X6EtceluL4GPuSSQs3lvC3cBZW0.mft
rsync://rpki.afrinic.net/repository/afrinic/X6EtceluL4GPuSSQs3lvC3cBZW0.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 25 Aug 2025 00:06:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3626FA1AF, serialNumber=5FA12D71E96E2F818FB92490B3796F0B7701656D
Validity
Not Before: Aug 19 04:22:34 2025 GMT
Not After : Aug 19 04:22:34 2030 GMT
Subject: CN=68a3fc0f-a46d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fc:34:37:1e:73:81:68:00:52:87:2a:2f:d0:0e:
99:b0:14:90:f3:1f:b9:5f:c0:93:6c:d3:1a:97:e6:
5f:93:f1:c7:38:b6:de:f9:e1:5c:f9:44:a2:80:39:
34:e2:36:a9:a1:53:e5:1e:db:76:09:06:f7:04:73:
00:88:8a:68:1d:8a:8c:ac:fc:0a:d4:80:b0:71:4c:
43:bc:c3:36:11:ca:df:48:1a:8f:ba:14:dd:d1:ac:
0c:38:d1:1c:4b:1d:5e:90:f7:55:5a:bc:3d:d2:e1:
9e:0c:8e:cc:ff:f3:f5:1a:27:7b:70:74:6a:70:f3:
0b:3b:98:6f:85:d8:a8:cd:5f:27:b4:d5:ba:15:51:
d4:bc:0b:c4:71:bc:80:76:cf:f5:4c:15:f8:72:a1:
36:17:f7:98:96:ad:72:20:b5:a6:7c:22:a5:11:d0:
08:94:6a:d5:8d:7b:fe:96:bc:6f:bd:0e:e9:b0:9d:
ae:d6:ec:64:06:68:2f:c8:d4:ce:45:b0:01:ac:e6:
82:c8:4c:43:e8:c0:64:4f:9a:7f:e7:54:16:c4:cb:
2a:16:1c:7d:a5:6d:92:48:5c:9b:34:d6:63:06:48:
d7:87:2d:1b:e4:bd:6c:6a:65:c6:90:f1:7b:e5:22:
f6:76:f2:59:a9:e1:e2:ca:91:e9:77:5c:7d:86:f8:
f1:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:72:FF:B4:35:31:7F:63:36:AB:72:0A:F3:3C:B4:E7:B0:67:EF:D0
X509v3 Authority Key Identifier:
keyid:5F:A1:2D:71:E9:6E:2F:81:8F:B9:24:90:B3:79:6F:0B:77:01:65:6D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3626FA1/38CD12E87CB311F0A60F6AABDAE4EC9C/X6EtceluL4GPuSSQs3lvC3cBZW0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/X6EtceluL4GPuSSQs3lvC3cBZW0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3626FA1/38CD12E87CB311F0A60F6AABDAE4EC9C/23AA3F847CB411F08F9595B0DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.209.156.0/22
IPv6:
2c0f:2f40::/32
Signature Algorithm: sha256WithRSAEncryption
65:77:b7:4c:57:51:73:67:34:ad:68:d1:f5:c0:96:73:c2:6d:
c3:92:f4:bb:49:6e:f4:cf:cd:20:c4:79:91:71:52:62:c1:ea:
e3:e7:0d:71:39:11:60:d7:54:c0:e3:9a:b4:1f:eb:78:d4:04:
e4:19:ee:22:ec:25:c6:05:36:d3:09:fc:b9:dc:f8:ed:c8:53:
5a:60:68:ca:9b:b0:4e:b8:cc:20:ff:54:21:0f:57:51:ec:25:
f5:0b:e4:87:84:f6:c9:79:a3:b2:32:e1:4f:8b:b9:8f:0e:c8:
5d:36:8b:d9:a4:f0:0b:d7:5d:1a:25:17:0d:16:14:5f:65:4c:
3b:12:d5:bb:f6:ef:96:fa:fd:e4:4e:d2:4a:50:e7:0b:1b:09:
92:40:72:c0:77:f9:c1:ec:e1:7b:f6:3f:74:2a:19:06:37:13:
f0:70:a9:46:1a:ff:f4:a4:fc:fc:c8:f2:89:e5:09:fa:8b:db:
f4:44:b9:38:04:94:a1:2c:ad:9c:33:67:98:6a:7a:6f:3d:ad:
06:ba:43:07:22:cb:2c:36:a1:df:6f:70:43:cd:60:80:4f:d1:
7c:20:30:df:88:b2:24:17:21:95:6a:bd:79:23:c3:08:fb:ea:
ee:6e:19:3a:58:ec:63:9d:75:ab:f2:84:42:07:19:c8:6a:05:
18:9b:b8:51
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzYy
NkZBMUFGMTEwLwYDVQQFEyg1RkExMkQ3MUU5NkUyRjgxOEZCOTI0OTBCMzc5NkYw
Qjc3MDE2NTZEMB4XDTI1MDgxOTA0MjIzNFoXDTMwMDgxOTA0MjIzNFowGDEWMBQG
A1UEAxMNNjhhM2ZjMGYtYTQ2ZDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPw0Nx5zgWgAUocqL9AOmbAUkPMfuV/Ak2zTGpfmX5Pxxzi23vnhXPlEooA5
NOI2qaFT5R7bdgkG9wRzAIiKaB2KjKz8CtSAsHFMQ7zDNhHK30gaj7oU3dGsDDjR
HEsdXpD3VVq8PdLhngyOzP/z9Rone3B0anDzCzuYb4XYqM1fJ7TVuhVR1LwLxHG8
gHbP9UwV+HKhNhf3mJatciC1pnwipRHQCJRq1Y17/pa8b70O6bCdrtbsZAZoL8jU
zkWwAazmgshMQ+jAZE+af+dUFsTLKhYcfaVtkkhcmzTWYwZI14ctG+S9bGplxpDx
e+Ui9nbyWanh4sqR6XdcfYb48UMCAwEAAaOCArQwggKwMB0GA1UdDgQWBBQgcv+0
NTF/YzarcgrzPLTnsGfv0DAfBgNVHSMEGDAWgBRfoS1x6W4vgY+5JJCzeW8LdwFl
bTAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2MjZGQTEvMzhDRDEyRTg3Q0IzMTFGMEE2MEY2QUFCREFFNEVDOUMvWDZFdGNl
bHVMNEdQdVNTUXMzbHZDM2NCWlcwLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvWDZFdGNlbHVMNEdQdVNTUXMzbHZDM2NCWlcwLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2MjZGQTEvMzhDRDEyRTg3Q0IzMTFGMEE2MEY2QUFCREFF
NEVDOUMvMjNBQTNGODQ3Q0I0MTFGMDhGOTU5NUIwREFFNEVDOUMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAmbRnDANBAIAAjAHAwUALA8v
QDANBgkqhkiG9w0BAQsFAAOCAQEAZXe3TFdRc2c0rWjR9cCWc8Jtw5L0u0lu9M/N
IMR5kXFSYsHq4+cNcTkRYNdUwOOatB/reNQE5BnuIuwlxgU20wn8udz47chTWmBo
ypuwTrjMIP9UIQ9XUewl9Qvkh4T2yXmjsjLhT4u5jw7IXTaL2aTwC9ddGiUXDRYU
X2VMOxLVu/bvlvr95E7SSlDnCxsJkkBywHf5wezhe/Y/dCoZBjcT8HCpRhr/9KT8
/MjyieUJ+ovb9ES5OASUoSytnDNnmGp6bz2tBrpDByLLLDah329wQ81ggE/RfCAw
34iyJBchlWq9eSPDCPvq7m4ZOljsY511q/KEQgcZyGoFGJu4UQ==
-----END CERTIFICATE-----
Generated at Sat Aug 23 16:10:42 2025 by rpki-client