Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3676134/3362C1AA567E11F0B014F9DEDAE4EC9C/8ECCBE949E9D11F086DF85BADAE4EC9C.roa
File: 8ECCBE949E9D11F086DF85BADAE4EC9C.roa (raw, json)
Hash identifier: kKrZ81PCn2m+za7JHhmjM4tkepM4BFJV4gSi/pF/HxI=
Subject key identifier: 8B:33:E4:E1:A9:A1:0C:61:9F:04:60:97:B5:1A:BC:5B:9E:8F:7A:67
Certificate issuer: /CN=F3676134AF/serialNumber=74B03B8FD8F53BEF4887B78698F9ECAB1B1F69B0
Certificate serial: 69
Authority key identifier: 74:B0:3B:8F:D8:F5:3B:EF:48:87:B7:86:98:F9:EC:AB:1B:1F:69:B0
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/dLA7j9j1O-9Ih7eGmPnsqxsfabA.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3676134/3362C1AA567E11F0B014F9DEDAE4EC9C/8ECCBE949E9D11F086DF85BADAE4EC9C.roa
Signing time: Wed 01 Oct 2025 08:06:39 +0000
ROA not before: Wed 01 Oct 2025 08:06:35 +0000
ROA not after: Fri 28 Aug 2026 08:06:35 +0000
asID: 213481
IP address blocks: 102.205.240.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3676134/3362C1AA567E11F0B014F9DEDAE4EC9C/dLA7j9j1O-9Ih7eGmPnsqxsfabA.crl
rsync://rpki.afrinic.net/repository/member_repository/F3676134/3362C1AA567E11F0B014F9DEDAE4EC9C/dLA7j9j1O-9Ih7eGmPnsqxsfabA.mft
rsync://rpki.afrinic.net/repository/afrinic/dLA7j9j1O-9Ih7eGmPnsqxsfabA.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 22 Oct 2025 00:06:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 105 (0x69)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3676134AF, serialNumber=74B03B8FD8F53BEF4887B78698F9ECAB1B1F69B0
Validity
Not Before: Oct 1 08:06:35 2025 GMT
Not After : Aug 28 08:06:35 2026 GMT
Subject: CN=68dce10f-7202
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:cf:0c:3d:a3:c6:4e:7c:62:66:a9:cc:6f:ce:
8e:d0:d7:a7:c1:fe:d8:d1:1e:5a:87:3b:7f:16:72:
c6:b2:3b:2f:0f:bb:56:cf:e5:3e:a5:43:bc:dc:5c:
ef:96:61:49:83:70:f2:07:32:07:34:70:94:61:f7:
47:00:7b:7c:61:ed:95:f6:03:88:99:1d:83:8b:35:
d8:62:d1:6e:ab:e0:85:91:09:0b:0a:80:f1:78:60:
f6:24:8a:83:d0:b9:63:8f:44:d6:2b:93:51:33:f7:
bb:59:44:87:73:8a:80:d7:8f:aa:ce:e1:41:fd:e7:
dd:cc:31:d9:06:e3:14:87:75:1f:60:fb:a3:f2:15:
f7:74:90:79:3c:f2:0a:18:b2:98:16:08:30:aa:64:
31:fa:54:b1:48:84:ee:80:0b:37:77:71:4d:fb:70:
8e:08:03:50:ce:63:1b:6e:f7:08:da:a7:a4:18:00:
bb:b0:e4:78:97:b7:ea:40:bf:05:ba:c9:2b:29:db:
37:5c:47:f4:00:06:df:c4:6b:1a:46:09:97:db:83:
90:73:e4:1f:c4:13:00:bf:ff:29:a9:b6:84:7b:8c:
b8:b3:ca:e1:b2:75:86:a7:c2:7f:d1:15:4f:3a:9a:
8f:30:b5:00:36:55:8d:a1:97:94:3a:31:34:bd:f9:
9f:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:33:E4:E1:A9:A1:0C:61:9F:04:60:97:B5:1A:BC:5B:9E:8F:7A:67
X509v3 Authority Key Identifier:
keyid:74:B0:3B:8F:D8:F5:3B:EF:48:87:B7:86:98:F9:EC:AB:1B:1F:69:B0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3676134/3362C1AA567E11F0B014F9DEDAE4EC9C/dLA7j9j1O-9Ih7eGmPnsqxsfabA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/dLA7j9j1O-9Ih7eGmPnsqxsfabA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3676134/3362C1AA567E11F0B014F9DEDAE4EC9C/8ECCBE949E9D11F086DF85BADAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.205.240.0/22
Signature Algorithm: sha256WithRSAEncryption
a5:2c:63:5b:f3:6d:f8:b6:ea:6f:b5:c7:2c:2f:80:39:f6:e4:
86:ba:93:f9:05:97:9c:30:a7:43:ed:b5:02:d9:f3:e3:1f:c0:
d5:9c:2e:f9:fd:3f:a5:68:28:84:8a:e3:69:a3:80:c3:1e:c9:
c3:fe:a1:35:09:ec:23:62:6e:a5:8a:ef:af:72:40:f2:51:9e:
cf:11:56:25:e6:90:f4:d7:cf:19:58:ca:d5:e6:3f:2b:22:df:
b9:03:d5:b5:bc:94:08:11:3e:72:7b:4e:1f:46:3c:57:db:07:
41:65:fa:02:60:33:18:6f:81:ed:fc:96:dd:64:15:7d:d1:b8:
d3:79:a5:9e:28:c0:ef:27:c3:21:97:e9:a4:ff:85:43:7b:42:
7b:1c:44:a9:44:40:1c:8c:7c:6d:2b:4e:c8:51:30:91:d1:6b:
8a:a6:75:a1:2c:a4:1b:c4:2c:65:9e:5e:3e:9b:4c:10:99:e4:
66:5d:99:00:e0:42:b6:16:f3:e2:68:a0:4d:fb:07:70:59:03:
8c:65:47:e8:a4:93:f9:7e:e1:a8:8e:93:6a:55:1c:93:ea:38:
12:81:01:44:56:90:a0:53:1a:a1:c8:95:8a:08:ec:93:71:95:
56:c9:51:4e:dc:e4:8a:3d:22:08:4c:29:e9:ca:de:c0:91:ee:
c5:0c:4d:25
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBaTANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY3
NjEzNEFGMTEwLwYDVQQFEyg3NEIwM0I4RkQ4RjUzQkVGNDg4N0I3ODY5OEY5RUNB
QjFCMUY2OUIwMB4XDTI1MTAwMTA4MDYzNVoXDTI2MDgyODA4MDYzNVowGDEWMBQG
A1UEAxMNNjhkY2UxMGYtNzIwMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKfPDD2jxk58YmapzG/OjtDXp8H+2NEeWoc7fxZyxrI7Lw+7Vs/lPqVDvNxc
75ZhSYNw8gcyBzRwlGH3RwB7fGHtlfYDiJkdg4s12GLRbqvghZEJCwqA8Xhg9iSK
g9C5Y49E1iuTUTP3u1lEh3OKgNePqs7hQf3n3cwx2QbjFId1H2D7o/IV93SQeTzy
ChiymBYIMKpkMfpUsUiE7oALN3dxTftwjggDUM5jG273CNqnpBgAu7DkeJe36kC/
BbrJKynbN1xH9AAG38RrGkYJl9uDkHPkH8QTAL//Kam2hHuMuLPK4bJ1hqfCf9EV
TzqajzC1ADZVjaGXlDoxNL35n98CAwEAAaOCAqUwggKhMB0GA1UdDgQWBBSLM+Th
qaEMYZ8EYJe1Grxbno96ZzAfBgNVHSMEGDAWgBR0sDuP2PU770iHt4aY+eyrGx9p
sDAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NzYxMzQvMzM2MkMxQUE1NjdFMTFGMEIwMTRGOURFREFFNEVDOUMvZExBN2o5
ajFPLTlJaDdlR21QbnNxeHNmYWJBLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvZExBN2o5ajFPLTlJaDdlR21QbnNxeHNmYWJBLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2NzYxMzQvMzM2MkMxQUE1NjdFMTFGMEIwMTRGOURFREFF
NEVDOUMvOEVDQ0JFOTQ5RTlEMTFGMDg2REY4NUJBREFFNEVDOUMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAmbN8DANBgkqhkiG9w0BAQsF
AAOCAQEApSxjW/Nt+Lbqb7XHLC+AOfbkhrqT+QWXnDCnQ+21Atnz4x/A1Zwu+f0/
pWgohIrjaaOAwx7Jw/6hNQnsI2JupYrvr3JA8lGezxFWJeaQ9NfPGVjK1eY/KyLf
uQPVtbyUCBE+cntOH0Y8V9sHQWX6AmAzGG+B7fyW3WQVfdG403mlnijA7yfDIZfp
pP+FQ3tCexxEqURAHIx8bStOyFEwkdFriqZ1oSykG8QsZZ5ePptMEJnkZl2ZAOBC
thbz4migTfsHcFkDjGVH6KST+X7hqI6TalUck+o4EoEBRFaQoFMaociVigjsk3GV
VslRTtzkij0iCEwp6crewJHuxQxNJQ==
-----END CERTIFICATE-----
Generated at Mon Oct 20 13:18:11 2025 by rpki-client