Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3674376/1340A870A5A611F0B96EAFD7DAE4EC9C/8C8563DCA5A711F094950AE4DAE4EC9C.roa
File: 8C8563DCA5A711F094950AE4DAE4EC9C.roa (raw, json)
Hash identifier: uGJxn0kxFVH+xnXPU0sjbovtNrHfisJTKGGgqWfUSLs=
Subject key identifier: 60:0B:17:46:EF:2A:75:4A:B8:15:1D:6C:74:DC:39:25:8E:85:66:EA
Certificate issuer: /CN=F3674376AF/serialNumber=5A8F1BB960808858FC424A9FC9C06D4812DBA5C9
Certificate serial: 0A
Authority key identifier: 5A:8F:1B:B9:60:80:88:58:FC:42:4A:9F:C9:C0:6D:48:12:DB:A5:C9
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/Wo8buWCAiFj8QkqfycBtSBLbpck.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3674376/1340A870A5A611F0B96EAFD7DAE4EC9C/8C8563DCA5A711F094950AE4DAE4EC9C.roa
Signing time: Fri 10 Oct 2025 07:05:49 +0000
ROA not before: Fri 10 Oct 2025 07:05:44 +0000
ROA not after: Mon 31 Dec 2035 07:05:44 +0000
asID: 329631
IP address blocks: 102.204.167.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3674376/1340A870A5A611F0B96EAFD7DAE4EC9C/Wo8buWCAiFj8QkqfycBtSBLbpck.crl
rsync://rpki.afrinic.net/repository/member_repository/F3674376/1340A870A5A611F0B96EAFD7DAE4EC9C/Wo8buWCAiFj8QkqfycBtSBLbpck.mft
rsync://rpki.afrinic.net/repository/afrinic/Wo8buWCAiFj8QkqfycBtSBLbpck.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 05:17:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10 (0xa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3674376AF, serialNumber=5A8F1BB960808858FC424A9FC9C06D4812DBA5C9
Validity
Not Before: Oct 10 07:05:44 2025 GMT
Not After : Dec 31 07:05:44 2035 GMT
Subject: CN=68e8b04d-0c13
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:24:8c:cd:a3:c5:ca:98:29:2e:4d:92:53:a7:
ae:b9:09:ab:5e:f3:e1:31:7e:90:2a:4a:50:a9:ea:
7b:a3:0c:d8:13:2b:32:7e:bc:49:a6:58:d7:58:ef:
d7:f8:50:de:b2:22:62:9a:69:11:af:b6:d9:2e:b2:
32:e4:b8:ff:0f:0d:b3:22:0c:16:fd:b1:3e:4e:82:
ca:dc:67:44:88:b4:f3:c9:58:cb:0d:81:4b:8c:d1:
5e:65:55:0f:f3:4c:40:39:57:8f:3e:9f:50:66:fc:
00:db:47:63:27:71:ca:7a:c6:46:ad:c8:02:6a:d0:
a8:77:3f:ed:62:54:f4:56:7b:6b:88:8b:33:19:bd:
03:52:d0:c3:f6:7c:9b:48:5b:ca:75:5d:bf:ab:a8:
8a:77:7f:cb:82:1c:77:8a:af:2a:67:22:b1:89:7c:
54:68:72:9d:8d:75:44:23:c6:db:59:6a:af:72:0c:
bb:39:38:11:06:5f:ce:0b:8a:7a:12:5f:22:ed:68:
1a:ae:66:bc:b2:02:03:1c:2b:24:5a:de:f9:39:c5:
7e:0d:fc:ad:b7:3b:97:1a:c2:98:4e:5c:13:ad:00:
05:df:fe:50:5e:f9:c8:eb:9c:25:b1:f2:a0:22:b5:
4a:f2:67:9e:a5:ff:a5:0d:7f:33:78:fa:33:ee:bb:
70:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:0B:17:46:EF:2A:75:4A:B8:15:1D:6C:74:DC:39:25:8E:85:66:EA
X509v3 Authority Key Identifier:
keyid:5A:8F:1B:B9:60:80:88:58:FC:42:4A:9F:C9:C0:6D:48:12:DB:A5:C9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3674376/1340A870A5A611F0B96EAFD7DAE4EC9C/Wo8buWCAiFj8QkqfycBtSBLbpck.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/Wo8buWCAiFj8QkqfycBtSBLbpck.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3674376/1340A870A5A611F0B96EAFD7DAE4EC9C/8C8563DCA5A711F094950AE4DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.204.167.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:1e:f0:fe:1b:0f:df:0c:ed:96:26:2f:fd:78:4e:26:f8:41:
85:41:ce:4d:d5:7c:90:6b:e3:11:3e:49:b1:07:de:14:5e:b1:
80:55:07:7a:12:10:c9:f1:fb:8d:6a:96:3e:ac:87:0e:dd:ba:
87:62:35:2e:3d:8f:f9:a8:79:b4:28:c8:16:77:ec:f6:a0:39:
f8:0c:e9:84:48:95:db:d6:f2:e2:74:ba:96:a1:52:23:a2:87:
0d:eb:f5:d4:0c:f0:de:62:b5:b6:04:0d:4c:24:e3:06:ed:14:
c3:7d:26:e9:af:0d:a5:04:cd:d0:e9:5a:07:51:f1:85:ae:7f:
5a:b0:ad:4e:5a:1c:07:35:90:23:65:b0:67:24:a8:c1:67:c3:
4f:a9:7e:03:a1:13:32:02:9d:a4:13:03:9e:bb:7c:cc:f5:ba:
ae:2c:b0:85:e3:e3:8b:8d:09:86:7e:b7:2d:51:29:d2:5b:15:
1c:a1:49:4d:a5:75:e6:df:3a:e0:9f:54:14:e6:a4:5c:a6:e7:
fd:da:fe:6d:ec:0a:e0:ee:9c:9b:7e:c8:43:26:76:ba:27:b1:
58:8c:f0:fb:66:6b:59:9c:15:46:3e:9a:e0:ca:21:9f:f8:50:
e3:01:c5:cb:29:bf:83:5a:4e:b2:eb:85:3a:74:07:a8:db:74:
e1:fc:65:1d
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBCjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY3
NDM3NkFGMTEwLwYDVQQFEyg1QThGMUJCOTYwODA4ODU4RkM0MjRBOUZDOUMwNkQ0
ODEyREJBNUM5MB4XDTI1MTAxMDA3MDU0NFoXDTM1MTIzMTA3MDU0NFowGDEWMBQG
A1UEAxMNNjhlOGIwNGQtMGMxMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALckjM2jxcqYKS5NklOnrrkJq17z4TF+kCpKUKnqe6MM2BMrMn68SaZY11jv
1/hQ3rIiYpppEa+22S6yMuS4/w8NsyIMFv2xPk6CytxnRIi088lYyw2BS4zRXmVV
D/NMQDlXjz6fUGb8ANtHYydxynrGRq3IAmrQqHc/7WJU9FZ7a4iLMxm9A1LQw/Z8
m0hbynVdv6uoind/y4Icd4qvKmcisYl8VGhynY11RCPG21lqr3IMuzk4EQZfzguK
ehJfIu1oGq5mvLICAxwrJFre+TnFfg38rbc7lxrCmE5cE60ABd/+UF75yOucJbHy
oCK1SvJnnqX/pQ1/M3j6M+67cAECAwEAAaOCAqUwggKhMB0GA1UdDgQWBBRgCxdG
7yp1SrgVHWx03DkljoVm6jAfBgNVHSMEGDAWgBRajxu5YICIWPxCSp/JwG1IEtul
yTAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NzQzNzYvMTM0MEE4NzBBNUE2MTFGMEI5NkVBRkQ3REFFNEVDOUMvV284YnVX
Q0FpRmo4UWtxZnljQnRTQkxicGNrLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvV284YnVXQ0FpRmo4UWtxZnljQnRTQkxicGNrLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2NzQzNzYvMTM0MEE4NzBBNUE2MTFGMEI5NkVBRkQ3REFF
NEVDOUMvOEM4NTYzRENBNUE3MTFGMDk0OTUwQUU0REFFNEVDOUMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAGbMpzANBgkqhkiG9w0BAQsF
AAOCAQEAbB7w/hsP3wztliYv/XhOJvhBhUHOTdV8kGvjET5JsQfeFF6xgFUHehIQ
yfH7jWqWPqyHDt26h2I1Lj2P+ah5tCjIFnfs9qA5+AzphEiV29by4nS6lqFSI6KH
Dev11Azw3mK1tgQNTCTjBu0Uw30m6a8NpQTN0OlaB1Hxha5/WrCtTlocBzWQI2Ww
ZySowWfDT6l+A6ETMgKdpBMDnrt8zPW6riywhePji40Jhn63LVEp0lsVHKFJTaV1
5t864J9UFOakXKbn/dr+bewK4O6cm37IQyZ2uiexWIzw+2ZrWZwVRj6a4Mohn/hQ
4wHFyym/g1pOsuuFOnQHqNt04fxlHQ==
-----END CERTIFICATE-----
Generated at Mon Oct 20 02:05:25 2025 by rpki-client