Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3644DAE/F71E7654970411EBB9363730F8AEA228/CA385ECC978E11F0A04E5980DAE4EC9C.roa
File: CA385ECC978E11F0A04E5980DAE4EC9C.roa (raw, json)
Hash identifier: O+sWw2ccWdiZcvRBVii039jCozcaeIkFVcemmzJTRYE=
Subject key identifier: E3:36:B6:77:F9:3E:31:BD:EC:C4:D0:18:F7:AB:0B:0B:75:22:E2:9E
Certificate issuer: /CN=F3644DAEAF/serialNumber=707A1F286AE2986DF64910C3034E5189A7C216DD
Certificate serial: 0698
Authority key identifier: 70:7A:1F:28:6A:E2:98:6D:F6:49:10:C3:03:4E:51:89:A7:C2:16:DD
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/cHofKGrimG32SRDDA05RiafCFt0.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3644DAE/F71E7654970411EBB9363730F8AEA228/CA385ECC978E11F0A04E5980DAE4EC9C.roa
Signing time: Mon 22 Sep 2025 08:33:19 +0000
ROA not before: Mon 22 Sep 2025 08:33:12 +0000
ROA not after: Sun 30 Sep 2035 08:33:12 +0000
asID: 328137
IP address blocks: 102.204.236.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3644DAE/F71E7654970411EBB9363730F8AEA228/cHofKGrimG32SRDDA05RiafCFt0.crl
rsync://rpki.afrinic.net/repository/member_repository/F3644DAE/F71E7654970411EBB9363730F8AEA228/cHofKGrimG32SRDDA05RiafCFt0.mft
rsync://rpki.afrinic.net/repository/afrinic/cHofKGrimG32SRDDA05RiafCFt0.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 22 Oct 2025 00:06:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1688 (0x698)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3644DAEAF, serialNumber=707A1F286AE2986DF64910C3034E5189A7C216DD
Validity
Not Before: Sep 22 08:33:12 2025 GMT
Not After : Sep 30 08:33:12 2035 GMT
Subject: CN=68d109ce-4b34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:f8:22:88:e9:21:b5:3b:2b:3f:f1:88:ef:30:
41:46:c5:21:cf:49:48:0b:8a:5c:37:db:6f:4f:ed:
86:c0:5b:d0:00:63:08:24:a6:f7:10:4c:68:a4:6d:
45:b2:7b:85:6f:71:4f:9a:a3:7a:90:a3:77:f0:bd:
fb:58:77:65:f3:f3:16:da:4a:f5:f0:b5:f3:c1:79:
16:72:c3:f5:b9:21:33:26:e9:18:88:87:0e:b7:53:
a0:2c:e3:71:0f:d9:7e:7d:f4:ab:0a:c3:90:3b:35:
d3:47:de:b4:06:8e:a4:fe:56:1f:b0:4e:25:ae:69:
a9:99:7c:48:e9:7d:ed:f5:dc:67:c2:61:6c:8d:33:
e0:46:52:63:a4:88:12:c8:22:d9:8e:5b:c7:16:d7:
9d:ac:f6:33:29:82:92:3a:ea:a9:b7:08:6d:df:ca:
b4:6f:2e:4c:77:0d:be:30:98:50:4b:50:e3:ac:ad:
7f:85:05:e7:3f:62:2d:67:93:56:49:a0:d5:63:a4:
a0:9e:39:ce:79:d9:25:e3:9b:09:59:c6:c4:d9:7a:
f9:d3:d3:d1:f5:65:85:d3:05:9f:dc:a0:c4:96:f6:
6d:d3:82:80:74:16:99:ea:76:0d:66:bc:67:14:eb:
2e:12:fc:cb:79:f1:7b:17:bc:fb:a7:d4:7d:00:c2:
2f:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:36:B6:77:F9:3E:31:BD:EC:C4:D0:18:F7:AB:0B:0B:75:22:E2:9E
X509v3 Authority Key Identifier:
keyid:70:7A:1F:28:6A:E2:98:6D:F6:49:10:C3:03:4E:51:89:A7:C2:16:DD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3644DAE/F71E7654970411EBB9363730F8AEA228/cHofKGrimG32SRDDA05RiafCFt0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/cHofKGrimG32SRDDA05RiafCFt0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3644DAE/F71E7654970411EBB9363730F8AEA228/CA385ECC978E11F0A04E5980DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.204.236.0/22
Signature Algorithm: sha256WithRSAEncryption
6f:2f:1a:a7:54:1d:13:18:d3:19:13:83:e4:60:67:23:18:5f:
c5:8b:03:57:f6:78:71:97:eb:e4:34:cd:58:ab:7a:1a:b0:28:
99:03:5d:7d:7a:2c:15:dd:14:6a:9a:f1:6b:27:72:4f:7f:3a:
38:27:1c:9a:0c:8b:1e:f6:ac:89:dd:fd:9e:e4:0f:b0:96:61:
7d:f4:ee:87:b9:19:2c:26:e9:55:8a:4f:bc:9c:6b:22:4f:f0:
f2:50:38:1a:93:e4:11:19:bf:eb:e3:3d:5c:08:77:19:03:ae:
fe:b1:3a:35:d3:43:eb:5b:87:1b:72:3c:09:a7:79:fd:aa:b4:
29:c1:1e:f9:ea:8d:bc:95:b7:e9:f1:c8:9a:b9:ae:7f:61:5a:
f0:6d:8f:ff:aa:41:52:e9:3f:23:3f:99:74:ba:60:c0:f3:90:
0f:2b:7e:a5:6e:05:6e:30:ea:74:a7:f3:8d:b0:f4:8b:e7:d1:
52:33:b8:d0:e8:7d:9d:3b:8b:f0:ca:e8:36:af:ea:51:64:d5:
c1:d4:b3:57:5b:c5:92:b8:73:4a:c4:c6:02:1a:0b:22:35:f3:
60:7d:67:ea:ac:9a:27:0e:04:b9:7b:0b:57:07:a6:3c:a7:a1:
b6:20:ef:a9:09:bd:12:05:18:41:74:71:1f:2b:01:f6:eb:f0:
84:32:2b:02
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICBpgwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
NDREQUVBRjExMC8GA1UEBRMoNzA3QTFGMjg2QUUyOTg2REY2NDkxMEMzMDM0RTUx
ODlBN0MyMTZERDAeFw0yNTA5MjIwODMzMTJaFw0zNTA5MzAwODMzMTJaMBgxFjAU
BgNVBAMTDTY4ZDEwOWNlLTRiMzQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDA+CKI6SG1Oys/8YjvMEFGxSHPSUgLilw3229P7YbAW9AAYwgkpvcQTGik
bUWye4VvcU+ao3qQo3fwvftYd2Xz8xbaSvXwtfPBeRZyw/W5ITMm6RiIhw63U6As
43EP2X599KsKw5A7NdNH3rQGjqT+Vh+wTiWuaamZfEjpfe313GfCYWyNM+BGUmOk
iBLIItmOW8cW152s9jMpgpI66qm3CG3fyrRvLkx3Db4wmFBLUOOsrX+FBec/Yi1n
k1ZJoNVjpKCeOc552SXjmwlZxsTZevnT09H1ZYXTBZ/coMSW9m3TgoB0Fpnqdg1m
vGcU6y4S/Mt58XsXvPun1H0Awi8xAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQU4za2
d/k+Mb3sxNAY96sLC3Ui4p4wHwYDVR0jBBgwFoAUcHofKGrimG32SRDDA05RiafC
Ft0wDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjQ0REFFL0Y3MUU3NjU0OTcwNDExRUJCOTM2MzczMEY4QUVBMjI4L2NIb2ZL
R3JpbUczMlNSRERBMDVSaWFmQ0Z0MC5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL2NIb2ZLR3JpbUczMlNSRERBMDVSaWFmQ0Z0MC5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjQ0REFFL0Y3MUU3NjU0OTcwNDExRUJCOTM2MzczMEY4
QUVBMjI4L0NBMzg1RUNDOTc4RTExRjBBMDRFNTk4MERBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJmzOwwDQYJKoZIhvcNAQEL
BQADggEBAG8vGqdUHRMY0xkTg+RgZyMYX8WLA1f2eHGX6+Q0zVirehqwKJkDXX16
LBXdFGqa8Wsnck9/OjgnHJoMix72rInd/Z7kD7CWYX307oe5GSwm6VWKT7ycayJP
8PJQOBqT5BEZv+vjPVwIdxkDrv6xOjXTQ+tbhxtyPAmnef2qtCnBHvnqjbyVt+nx
yJq5rn9hWvBtj/+qQVLpPyM/mXS6YMDzkA8rfqVuBW4w6nSn842w9Ivn0VIzuNDo
fZ07i/DK6Dav6lFk1cHUs1dbxZK4c0rExgIaCyI182B9Z+qsmicOBLl7C1cHpjyn
obYg76kJvRIFGEF0cR8rAfbr8IQyKwI=
-----END CERTIFICATE-----
Generated at Mon Oct 20 14:55:36 2025 by rpki-client