Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F364F714/2E9B8574A38311F08B607579DAE4EC9C/05D144F2A3A211F094EF37BEDAE4EC9C.roa
File: 05D144F2A3A211F094EF37BEDAE4EC9C.roa (raw, json)
Hash identifier: ERKxiBeXIZ1puerCbC2zy0myehcFDS/HMq7A0ouJ9MA=
Subject key identifier: AB:46:BD:89:B4:53:6A:6E:97:68:93:FA:5A:92:06:06:61:35:C3:E8
Certificate issuer: /CN=F364F714AF/serialNumber=0AEC68A3A9828BB0834AE9A7A5D7E7744588D4B2
Certificate serial: 03
Authority key identifier: 0A:EC:68:A3:A9:82:8B:B0:83:4A:E9:A7:A5:D7:E7:74:45:88:D4:B2
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/Cuxoo6mCi7CDSumnpdfndEWI1LI.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F364F714/2E9B8574A38311F08B607579DAE4EC9C/05D144F2A3A211F094EF37BEDAE4EC9C.roa
Signing time: Tue 07 Oct 2025 17:21:13 +0000
ROA not before: Tue 07 Oct 2025 17:21:08 +0000
ROA not after: Mon 07 Oct 2030 17:21:08 +0000
asID: 329614
IP address blocks: 102.204.253.0/24 maxlen: 24
2c0f:72c0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F364F714/2E9B8574A38311F08B607579DAE4EC9C/Cuxoo6mCi7CDSumnpdfndEWI1LI.crl
rsync://rpki.afrinic.net/repository/member_repository/F364F714/2E9B8574A38311F08B607579DAE4EC9C/Cuxoo6mCi7CDSumnpdfndEWI1LI.mft
rsync://rpki.afrinic.net/repository/afrinic/Cuxoo6mCi7CDSumnpdfndEWI1LI.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 05:17:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3 (0x3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F364F714AF, serialNumber=0AEC68A3A9828BB0834AE9A7A5D7E7744588D4B2
Validity
Not Before: Oct 7 17:21:08 2025 GMT
Not After : Oct 7 17:21:08 2030 GMT
Subject: CN=68e54c09-22c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:81:05:a1:d3:2e:ee:23:97:47:3b:bc:57:1f:
f9:05:db:03:5a:41:d6:1f:83:1b:de:05:7a:36:4a:
a1:c0:9f:a4:bb:9a:ed:03:e5:dc:6f:ca:f3:ab:18:
bd:67:2c:36:8c:3b:9f:8a:10:e1:9f:ab:8e:36:c4:
25:16:90:33:39:2a:f6:9f:bb:40:6d:82:d1:d5:0c:
d0:4a:0b:40:33:a6:d2:0c:1a:bc:5d:75:cd:b5:e3:
34:17:89:76:53:46:eb:7f:c0:07:13:b4:31:44:a9:
aa:30:d7:f0:9b:4d:f7:6e:8e:64:fa:4b:8f:6e:53:
98:de:0f:13:4d:18:42:f9:09:bb:fe:d1:a3:0b:e4:
a0:60:66:5f:77:68:8d:77:48:28:78:ab:68:2d:ce:
0a:54:0b:62:94:a9:49:ef:ab:40:52:bb:25:9f:fc:
42:0c:10:0b:a5:41:17:7e:42:6f:7b:98:5e:9b:e1:
e8:23:8a:a0:ef:15:e1:17:59:37:e4:fa:df:a3:85:
4c:24:a1:9f:b1:f2:92:79:53:52:9e:af:c4:06:9e:
18:5c:a7:0b:8f:0a:22:10:54:80:0e:8a:ec:87:c1:
59:1e:dc:81:c0:06:e0:3e:8f:e9:4c:e7:43:36:ad:
e9:3e:a7:db:62:5a:8c:b3:f4:3e:b8:93:7d:11:82:
54:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:46:BD:89:B4:53:6A:6E:97:68:93:FA:5A:92:06:06:61:35:C3:E8
X509v3 Authority Key Identifier:
keyid:0A:EC:68:A3:A9:82:8B:B0:83:4A:E9:A7:A5:D7:E7:74:45:88:D4:B2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F364F714/2E9B8574A38311F08B607579DAE4EC9C/Cuxoo6mCi7CDSumnpdfndEWI1LI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/Cuxoo6mCi7CDSumnpdfndEWI1LI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F364F714/2E9B8574A38311F08B607579DAE4EC9C/05D144F2A3A211F094EF37BEDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.204.253.0/24
IPv6:
2c0f:72c0::/32
Signature Algorithm: sha256WithRSAEncryption
17:a9:61:94:7c:76:a1:fe:0e:ca:c4:78:9d:ee:1c:07:aa:38:
e3:85:5c:d4:fb:78:52:d0:50:6b:fe:85:a4:ae:27:c2:d0:0f:
6a:f5:9a:9e:fb:c2:75:14:e9:0b:f9:ed:05:8a:ce:c7:2f:ae:
4f:b7:4b:15:12:70:8b:df:59:03:1b:42:84:ba:bb:71:4e:89:
78:dd:c6:19:87:95:9e:60:ac:67:69:22:87:d1:4b:f8:d5:19:
c3:c6:b5:69:af:9e:98:8f:67:38:e6:99:02:a7:b3:2b:b4:5e:
5f:80:ef:20:f4:7f:99:79:24:99:44:f9:11:4a:1c:2b:8a:0c:
fd:d8:83:9a:c8:f6:83:96:3c:05:eb:cf:02:84:87:1c:b5:2f:
e4:d6:57:a3:74:cd:96:4b:eb:f7:f0:c9:f6:93:01:c6:49:e3:
c8:56:57:73:ed:4a:ae:d4:b5:4d:cb:65:7d:67:aa:c2:c1:16:
3c:f4:c1:f8:18:67:71:d3:d9:2f:cd:78:f1:3b:1d:be:23:1a:
59:ed:dc:7c:5a:46:55:60:27:42:51:b2:b7:2e:ba:de:65:f3:
c5:4b:06:9e:d9:24:ff:0f:a8:7d:a3:bd:62:0a:90:19:5d:99:
e6:c9:17:60:59:92:19:50:bb:49:4b:41:47:fa:a1:2f:55:77:
16:ae:8b:d5
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgIBAzANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY0
RjcxNEFGMTEwLwYDVQQFEygwQUVDNjhBM0E5ODI4QkIwODM0QUU5QTdBNUQ3RTc3
NDQ1ODhENEIyMB4XDTI1MTAwNzE3MjEwOFoXDTMwMTAwNzE3MjEwOFowGDEWMBQG
A1UEAxMNNjhlNTRjMDktMjJjMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANGBBaHTLu4jl0c7vFcf+QXbA1pB1h+DG94FejZKocCfpLua7QPl3G/K86sY
vWcsNow7n4oQ4Z+rjjbEJRaQMzkq9p+7QG2C0dUM0EoLQDOm0gwavF11zbXjNBeJ
dlNG63/ABxO0MUSpqjDX8JtN926OZPpLj25TmN4PE00YQvkJu/7RowvkoGBmX3do
jXdIKHiraC3OClQLYpSpSe+rQFK7JZ/8QgwQC6VBF35Cb3uYXpvh6COKoO8V4RdZ
N+T636OFTCShn7HyknlTUp6vxAaeGFynC48KIhBUgA6K7IfBWR7cgcAG4D6P6Uzn
Qzat6T6n22JajLP0PriTfRGCVBECAwEAAaOCArQwggKwMB0GA1UdDgQWBBSrRr2J
tFNqbpdok/pakgYGYTXD6DAfBgNVHSMEGDAWgBQK7GijqYKLsINK6ael1+d0RYjU
sjAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NEY3MTQvMkU5Qjg1NzRBMzgzMTFGMDhCNjA3NTc5REFFNEVDOUMvQ3V4b282
bUNpN0NEU3VtbnBkZm5kRVdJMUxJLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvQ3V4b282bUNpN0NEU3VtbnBkZm5kRVdJMUxJLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2NEY3MTQvMkU5Qjg1NzRBMzgzMTFGMDhCNjA3NTc5REFF
NEVDOUMvMDVEMTQ0RjJBM0EyMTFGMDk0RUYzN0JFREFFNEVDOUMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAGbM/TANBAIAAjAHAwUALA9y
wDANBgkqhkiG9w0BAQsFAAOCAQEAF6lhlHx2of4OysR4ne4cB6o444Vc1Pt4UtBQ
a/6FpK4nwtAPavWanvvCdRTpC/ntBYrOxy+uT7dLFRJwi99ZAxtChLq7cU6JeN3G
GYeVnmCsZ2kih9FL+NUZw8a1aa+emI9nOOaZAqezK7ReX4DvIPR/mXkkmUT5EUoc
K4oM/diDmsj2g5Y8BevPAoSHHLUv5NZXo3TNlkvr9/DJ9pMBxknjyFZXc+1KrtS1
TctlfWeqwsEWPPTB+BhncdPZL8148TsdviMaWe3cfFpGVWAnQlGyty663mXzxUsG
ntkk/w+ofaO9YgqQGV2Z5skXYFmSGVC7SUtBR/qhL1V3Fq6L1Q==
-----END CERTIFICATE-----
Generated at Mon Oct 20 02:06:07 2025 by rpki-client