Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3674376/1340A870A5A611F0B96EAFD7DAE4EC9C/A76D8A26A5A711F0A78F18E4DAE4EC9C.roa
File: A76D8A26A5A711F0A78F18E4DAE4EC9C.roa (raw, json)
Hash identifier: 6CaRM2rDr+QwVYyHhyo41L4CTKodqz58c3JN0Cxc7P4=
Subject key identifier: C6:B4:08:C0:EC:22:79:0B:E8:D2:6E:FA:90:C5:EE:99:1F:A5:B9:7E
Certificate issuer: /CN=F3674376AF/serialNumber=5A8F1BB960808858FC424A9FC9C06D4812DBA5C9
Certificate serial: 0C
Authority key identifier: 5A:8F:1B:B9:60:80:88:58:FC:42:4A:9F:C9:C0:6D:48:12:DB:A5:C9
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/Wo8buWCAiFj8QkqfycBtSBLbpck.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3674376/1340A870A5A611F0B96EAFD7DAE4EC9C/A76D8A26A5A711F0A78F18E4DAE4EC9C.roa
Signing time: Fri 10 Oct 2025 07:06:34 +0000
ROA not before: Fri 10 Oct 2025 07:06:29 +0000
ROA not after: Mon 31 Dec 2035 07:06:29 +0000
asID: 329631
IP address blocks: 2c0f:78c0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3674376/1340A870A5A611F0B96EAFD7DAE4EC9C/Wo8buWCAiFj8QkqfycBtSBLbpck.crl
rsync://rpki.afrinic.net/repository/member_repository/F3674376/1340A870A5A611F0B96EAFD7DAE4EC9C/Wo8buWCAiFj8QkqfycBtSBLbpck.mft
rsync://rpki.afrinic.net/repository/afrinic/Wo8buWCAiFj8QkqfycBtSBLbpck.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 22 Oct 2025 00:06:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 12 (0xc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3674376AF, serialNumber=5A8F1BB960808858FC424A9FC9C06D4812DBA5C9
Validity
Not Before: Oct 10 07:06:29 2025 GMT
Not After : Dec 31 07:06:29 2035 GMT
Subject: CN=68e8b07a-65c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fa:fb:02:ae:82:d5:ff:a8:e2:40:da:95:00:bd:
55:23:f8:60:7d:26:10:9d:10:c0:d7:9d:2b:02:ea:
c9:3b:dd:2d:c9:26:d5:1b:64:6b:dd:50:a5:aa:40:
2a:96:1d:e6:2a:44:01:4f:f1:0d:a8:e9:c7:0e:4f:
8a:43:83:ed:a2:88:60:d3:46:a3:66:f7:2b:39:47:
d5:75:11:0b:d4:8d:7a:43:da:49:f4:eb:ec:ee:1d:
e7:0b:fb:6f:f7:00:3e:34:81:c9:e0:cc:cb:6d:dd:
d6:56:c7:11:d5:04:e2:14:b4:a8:47:24:2e:e1:92:
4e:f6:8a:90:d4:4f:56:50:93:02:a0:63:f9:24:6a:
22:66:03:33:f7:be:4b:88:6f:53:1f:a0:45:fa:12:
07:9f:38:d9:33:ea:1e:62:4f:76:a2:fa:6b:ef:c1:
7b:52:10:b6:16:a6:df:f5:64:dd:3a:f8:63:1e:3c:
ff:2e:10:fe:44:a0:42:67:f3:36:de:36:3a:36:3f:
1a:71:5c:d7:d3:40:09:c5:7e:74:bf:e6:32:4d:62:
2c:e0:50:fa:ea:6b:c7:fb:dc:8a:43:fc:4c:e7:ac:
80:38:94:bb:e5:bf:06:3a:26:85:0b:5a:a1:96:e7:
dc:e3:c5:f6:ad:42:3b:7d:f5:db:1c:08:d2:f7:ff:
62:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:B4:08:C0:EC:22:79:0B:E8:D2:6E:FA:90:C5:EE:99:1F:A5:B9:7E
X509v3 Authority Key Identifier:
keyid:5A:8F:1B:B9:60:80:88:58:FC:42:4A:9F:C9:C0:6D:48:12:DB:A5:C9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3674376/1340A870A5A611F0B96EAFD7DAE4EC9C/Wo8buWCAiFj8QkqfycBtSBLbpck.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/Wo8buWCAiFj8QkqfycBtSBLbpck.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3674376/1340A870A5A611F0B96EAFD7DAE4EC9C/A76D8A26A5A711F0A78F18E4DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2c0f:78c0::/32
Signature Algorithm: sha256WithRSAEncryption
f1:3a:da:ae:91:59:a6:c5:a7:d2:94:1a:e6:dc:17:d4:69:8a:
39:f8:7b:a9:53:0f:7a:52:08:78:f0:12:2e:11:50:80:06:88:
c0:70:db:51:42:5c:45:c6:b0:13:0a:0e:d2:9f:f7:d6:f8:cb:
2e:1d:cb:c9:c3:9c:eb:22:cd:cd:0c:0a:cf:c6:a7:07:1b:9b:
bd:65:8b:6e:91:ef:53:65:e7:72:b9:c6:62:76:a6:7d:08:b5:
f5:2a:e4:59:3c:41:70:25:14:d5:58:75:d6:4a:32:4e:5b:1a:
27:7d:a4:ae:a5:df:05:7c:03:80:fe:d0:85:54:2a:28:b3:c0:
c9:60:74:19:86:6d:b2:b2:9d:bc:0e:23:55:58:7b:e8:86:1d:
2b:21:dd:4a:70:8a:63:ea:2e:48:2d:65:2e:84:bd:a0:ba:ac:
98:55:e5:36:3e:9b:74:33:65:d0:3f:c5:8a:b9:db:bd:be:f7:
35:29:79:28:3d:01:2c:fd:ed:a8:02:82:7a:b6:12:15:f0:56:
43:ff:dd:b5:5f:1a:21:60:54:7a:e7:98:2e:92:fa:cd:48:e7:
ec:41:fb:f7:a0:5d:82:ce:a7:e4:61:1c:8f:ce:88:81:12:e4:
cb:fc:f6:76:2f:5b:d1:36:e8:eb:0d:11:ef:66:a4:03:02:48:
b1:54:62:4e
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgIBDDANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY3
NDM3NkFGMTEwLwYDVQQFEyg1QThGMUJCOTYwODA4ODU4RkM0MjRBOUZDOUMwNkQ0
ODEyREJBNUM5MB4XDTI1MTAxMDA3MDYyOVoXDTM1MTIzMTA3MDYyOVowGDEWMBQG
A1UEAxMNNjhlOGIwN2EtNjVjNTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPr7Aq6C1f+o4kDalQC9VSP4YH0mEJ0QwNedKwLqyTvdLckm1Rtka91QpapA
KpYd5ipEAU/xDajpxw5PikOD7aKIYNNGo2b3KzlH1XURC9SNekPaSfTr7O4d5wv7
b/cAPjSByeDMy23d1lbHEdUE4hS0qEckLuGSTvaKkNRPVlCTAqBj+SRqImYDM/e+
S4hvUx+gRfoSB5842TPqHmJPdqL6a+/Be1IQtham3/Vk3Tr4Yx48/y4Q/kSgQmfz
Nt42OjY/GnFc19NACcV+dL/mMk1iLOBQ+uprx/vcikP8TOesgDiUu+W/BjomhQta
oZbn3OPF9q1CO3312xwI0vf/YtsCAwEAAaOCAqYwggKiMB0GA1UdDgQWBBTGtAjA
7CJ5C+jSbvqQxe6ZH6W5fjAfBgNVHSMEGDAWgBRajxu5YICIWPxCSp/JwG1IEtul
yTAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NzQzNzYvMTM0MEE4NzBBNUE2MTFGMEI5NkVBRkQ3REFFNEVDOUMvV284YnVX
Q0FpRmo4UWtxZnljQnRTQkxicGNrLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvV284YnVXQ0FpRmo4UWtxZnljQnRTQkxicGNrLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2NzQzNzYvMTM0MEE4NzBBNUE2MTFGMEI5NkVBRkQ3REFF
NEVDOUMvQTc2RDhBMjZBNUE3MTFGMEE3OEYxOEU0REFFNEVDOUMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACwPeMAwDQYJKoZIhvcNAQEL
BQADggEBAPE62q6RWabFp9KUGubcF9Rpijn4e6lTD3pSCHjwEi4RUIAGiMBw21FC
XEXGsBMKDtKf99b4yy4dy8nDnOsizc0MCs/Gpwcbm71li26R71Nl53K5xmJ2pn0I
tfUq5Fk8QXAlFNVYddZKMk5bGid9pK6l3wV8A4D+0IVUKiizwMlgdBmGbbKynbwO
I1VYe+iGHSsh3UpwimPqLkgtZS6EvaC6rJhV5TY+m3QzZdA/xYq5272+9zUpeSg9
ASz97agCgnq2EhXwVkP/3bVfGiFgVHrnmC6S+s1I5+xB+/egXYLOp+RhHI/OiIES
5Mv89nYvW9E26OsNEe9mpAMCSLFUYk4=
-----END CERTIFICATE-----
Generated at Mon Oct 20 08:28:50 2025 by rpki-client