Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3674376/1340A870A5A611F0B96EAFD7DAE4EC9C/C12F71DCA5A611F0BB0100DCDAE4EC9C.roa
File: C12F71DCA5A611F0BB0100DCDAE4EC9C.roa (raw, json)
Hash identifier: w1R/Z75m4LwLFTF/R9uWaQzBzmjS2340Mo7wnJRbDMU=
Subject key identifier: 83:91:F0:E0:61:84:43:12:12:15:64:50:F1:79:C6:CA:22:48:95:85
Certificate issuer: /CN=F3674376AF/serialNumber=5A8F1BB960808858FC424A9FC9C06D4812DBA5C9
Certificate serial: 02
Authority key identifier: 5A:8F:1B:B9:60:80:88:58:FC:42:4A:9F:C9:C0:6D:48:12:DB:A5:C9
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/Wo8buWCAiFj8QkqfycBtSBLbpck.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3674376/1340A870A5A611F0B96EAFD7DAE4EC9C/C12F71DCA5A611F0BB0100DCDAE4EC9C.roa
Signing time: Fri 10 Oct 2025 07:00:08 +0000
ROA not before: Fri 10 Oct 2025 07:00:03 +0000
ROA not after: Mon 31 Dec 2035 07:00:03 +0000
asID: 329631
IP address blocks: 102.204.164.0/22 maxlen: 22
2c0f:78c0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3674376/1340A870A5A611F0B96EAFD7DAE4EC9C/Wo8buWCAiFj8QkqfycBtSBLbpck.crl
rsync://rpki.afrinic.net/repository/member_repository/F3674376/1340A870A5A611F0B96EAFD7DAE4EC9C/Wo8buWCAiFj8QkqfycBtSBLbpck.mft
rsync://rpki.afrinic.net/repository/afrinic/Wo8buWCAiFj8QkqfycBtSBLbpck.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 05:17:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3674376AF, serialNumber=5A8F1BB960808858FC424A9FC9C06D4812DBA5C9
Validity
Not Before: Oct 10 07:00:03 2025 GMT
Not After : Dec 31 07:00:03 2035 GMT
Subject: CN=68e8aef7-6c8e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:04:24:fa:67:be:e7:0b:2a:55:ca:13:46:ce:
c1:b7:6b:e2:f2:65:82:cc:91:4b:fb:97:b2:5d:07:
db:5a:f3:32:7b:ff:2f:9e:24:94:20:29:17:d7:5c:
47:4f:fd:47:19:be:0f:a6:3e:56:97:2d:be:c6:c5:
49:51:cd:6f:09:7b:b6:2d:9c:0c:db:8e:db:12:7a:
60:3b:ea:9f:63:63:9a:0e:26:da:62:a7:08:7c:99:
57:6f:ba:4f:f1:27:eb:f3:ea:6a:86:9b:62:b6:6a:
b9:04:f5:71:97:0f:de:bd:5d:62:8d:7c:c2:dc:5b:
50:07:63:c5:89:5c:23:ea:2a:4e:b2:ed:c8:78:15:
a8:63:d3:ea:31:c2:90:a2:02:93:f3:fc:7b:37:c4:
b7:23:58:67:38:08:66:e3:c6:d2:2e:e6:b6:b4:f3:
ca:01:f1:4f:e3:30:31:7b:7e:b7:05:e3:18:15:ba:
84:c5:c8:d8:40:d7:9c:86:15:be:03:95:bd:74:5a:
34:b6:5e:76:6b:9f:60:1f:83:66:1f:9f:14:c9:b0:
a4:8b:0a:8d:cd:76:3e:17:cf:25:13:61:41:e2:dd:
d6:46:5e:62:20:e9:35:b6:38:72:6c:66:ce:c9:a0:
64:ec:65:ab:ac:05:7e:3f:a5:56:45:cf:36:9a:96:
e7:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:91:F0:E0:61:84:43:12:12:15:64:50:F1:79:C6:CA:22:48:95:85
X509v3 Authority Key Identifier:
keyid:5A:8F:1B:B9:60:80:88:58:FC:42:4A:9F:C9:C0:6D:48:12:DB:A5:C9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3674376/1340A870A5A611F0B96EAFD7DAE4EC9C/Wo8buWCAiFj8QkqfycBtSBLbpck.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/Wo8buWCAiFj8QkqfycBtSBLbpck.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3674376/1340A870A5A611F0B96EAFD7DAE4EC9C/C12F71DCA5A611F0BB0100DCDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.204.164.0/22
IPv6:
2c0f:78c0::/32
Signature Algorithm: sha256WithRSAEncryption
92:f5:81:34:fb:a9:5a:6e:d3:9f:51:cb:a2:19:42:da:7c:ed:
fc:d1:cf:1a:c0:c5:da:44:b6:ee:2f:36:d3:ab:d7:33:df:ea:
ba:30:89:a7:ad:b9:b6:8d:b7:2b:c3:dc:be:07:ee:ee:7c:11:
f3:86:3d:d5:54:9e:a6:b5:b2:63:64:6d:27:2b:a3:87:48:b3:
ef:b1:ca:c5:0e:49:f0:9e:ce:2d:9b:e4:64:61:b1:05:87:36:
2d:19:b2:c5:6f:48:03:51:0d:80:f0:46:63:0f:a4:6a:a6:19:
fa:44:0a:fc:65:3f:28:01:a1:2b:2b:6f:f6:5c:d6:2f:c0:7d:
58:98:14:0f:96:1d:c5:f5:bb:f1:c8:8f:1a:9a:13:01:31:e8:
bb:45:2d:f6:b9:c5:6a:02:59:7e:5e:5b:2b:a9:f8:61:71:63:
3c:a8:da:27:c1:38:10:16:23:cc:2b:f3:9f:47:bd:62:6c:4f:
2b:cf:49:0e:22:49:ca:32:37:74:51:a3:60:ea:42:1a:db:fc:
83:81:c0:c9:34:a3:17:11:ec:2e:5b:8b:0b:79:a7:0e:7a:50:
ea:38:e5:d4:ac:2d:9a:db:ee:c1:6d:cd:2c:a6:1c:4e:78:4a:
8e:2a:da:d2:db:13:14:9a:74:ff:33:f5:21:3f:e1:77:71:f5:
08:51:9a:0d
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY3
NDM3NkFGMTEwLwYDVQQFEyg1QThGMUJCOTYwODA4ODU4RkM0MjRBOUZDOUMwNkQ0
ODEyREJBNUM5MB4XDTI1MTAxMDA3MDAwM1oXDTM1MTIzMTA3MDAwM1owGDEWMBQG
A1UEAxMNNjhlOGFlZjctNmM4ZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANMEJPpnvucLKlXKE0bOwbdr4vJlgsyRS/uXsl0H21rzMnv/L54klCApF9dc
R0/9Rxm+D6Y+VpctvsbFSVHNbwl7ti2cDNuO2xJ6YDvqn2Njmg4m2mKnCHyZV2+6
T/En6/PqaoabYrZquQT1cZcP3r1dYo18wtxbUAdjxYlcI+oqTrLtyHgVqGPT6jHC
kKICk/P8ezfEtyNYZzgIZuPG0i7mtrTzygHxT+MwMXt+twXjGBW6hMXI2EDXnIYV
vgOVvXRaNLZedmufYB+DZh+fFMmwpIsKjc12PhfPJRNhQeLd1kZeYiDpNbY4cmxm
zsmgZOxlq6wFfj+lVkXPNpqW56kCAwEAAaOCArQwggKwMB0GA1UdDgQWBBSDkfDg
YYRDEhIVZFDxecbKIkiVhTAfBgNVHSMEGDAWgBRajxu5YICIWPxCSp/JwG1IEtul
yTAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NzQzNzYvMTM0MEE4NzBBNUE2MTFGMEI5NkVBRkQ3REFFNEVDOUMvV284YnVX
Q0FpRmo4UWtxZnljQnRTQkxicGNrLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvV284YnVXQ0FpRmo4UWtxZnljQnRTQkxicGNrLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2NzQzNzYvMTM0MEE4NzBBNUE2MTFGMEI5NkVBRkQ3REFF
NEVDOUMvQzEyRjcxRENBNUE2MTFGMEJCMDEwMERDREFFNEVDOUMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAmbMpDANBAIAAjAHAwUALA94
wDANBgkqhkiG9w0BAQsFAAOCAQEAkvWBNPupWm7Tn1HLohlC2nzt/NHPGsDF2kS2
7i8206vXM9/qujCJp625to23K8Pcvgfu7nwR84Y91VSeprWyY2RtJyujh0iz77HK
xQ5J8J7OLZvkZGGxBYc2LRmyxW9IA1ENgPBGYw+kaqYZ+kQK/GU/KAGhKytv9lzW
L8B9WJgUD5YdxfW78ciPGpoTATHou0Ut9rnFagJZfl5bK6n4YXFjPKjaJ8E4EBYj
zCvzn0e9YmxPK89JDiJJyjI3dFGjYOpCGtv8g4HAyTSjFxHsLluLC3mnDnpQ6jjl
1KwtmtvuwW3NLKYcTnhKjira0tsTFJp0/zP1IT/hd3H1CFGaDQ==
-----END CERTIFICATE-----
Generated at Mon Oct 20 02:05:35 2025 by rpki-client