Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3678967/4AA442F478D911EA9A80955CF8AEA228/420B22A27D0111F0BA56A0A5DAE4EC9C.roa
File: 420B22A27D0111F0BA56A0A5DAE4EC9C.roa (raw, json)
Hash identifier: FgbgmTnolN1lRJKNhlZr9zZr69rYAV0zr0aJY9PwsCo=
Subject key identifier: FA:5D:AE:A3:DF:5D:43:30:2D:DA:F1:9E:4B:70:42:C9:EC:08:8B:F5
Certificate issuer: /CN=F3678967AF/serialNumber=5CAA982C03179326332D6B770A58E8795CB8459F
Certificate serial: 07E4
Authority key identifier: 5C:AA:98:2C:03:17:93:26:33:2D:6B:77:0A:58:E8:79:5C:B8:45:9F
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/XKqYLAMXkyYzLWt3CljoeVy4RZ8.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3678967/4AA442F478D911EA9A80955CF8AEA228/420B22A27D0111F0BA56A0A5DAE4EC9C.roa
Signing time: Tue 19 Aug 2025 13:34:41 +0000
ROA not before: Tue 19 Aug 2025 13:34:34 +0000
ROA not after: Sat 18 Aug 2035 13:34:34 +0000
asID: 328633
IP address blocks: 102.217.184.0/22 maxlen: 24
102.223.104.0/22 maxlen: 24
2c0f:e848::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3678967/4AA442F478D911EA9A80955CF8AEA228/XKqYLAMXkyYzLWt3CljoeVy4RZ8.crl
rsync://rpki.afrinic.net/repository/member_repository/F3678967/4AA442F478D911EA9A80955CF8AEA228/XKqYLAMXkyYzLWt3CljoeVy4RZ8.mft
rsync://rpki.afrinic.net/repository/afrinic/XKqYLAMXkyYzLWt3CljoeVy4RZ8.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 25 Aug 2025 00:06:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2020 (0x7e4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3678967AF, serialNumber=5CAA982C03179326332D6B770A58E8795CB8459F
Validity
Not Before: Aug 19 13:34:34 2025 GMT
Not After : Aug 18 13:34:34 2035 GMT
Subject: CN=68a47d71-c332
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:e7:e2:a1:11:44:cd:f1:87:38:12:5a:e9:8b:
2e:6b:c1:e4:5c:9b:5b:df:18:ff:50:a9:b4:74:fa:
a5:dd:ad:b6:4a:4e:54:85:1a:07:09:9b:cc:77:00:
bd:e7:f4:d1:1f:f8:84:9f:a4:ba:0c:b0:83:d6:32:
00:04:a1:80:90:8a:52:90:aa:a0:1e:e3:2e:f0:e9:
6d:08:e3:e8:da:76:09:48:bb:b5:ff:8c:36:e8:a5:
e9:02:4f:36:42:47:b7:d1:d5:96:9d:e7:04:ba:1a:
63:aa:62:1b:72:9b:be:60:03:5b:ff:f3:64:6b:9c:
e4:83:fc:1b:2d:68:c2:78:3f:b4:f3:45:ff:86:f0:
f3:a3:55:92:e3:de:9f:d1:8d:14:0e:53:3e:66:39:
fc:16:ea:a0:cd:16:aa:1b:a1:36:21:e1:2e:30:a4:
8b:5c:ea:52:99:9f:70:89:90:13:e5:6c:9c:2b:4a:
63:84:80:56:55:66:bd:a2:49:02:0b:71:a7:cd:b4:
48:40:d5:ee:be:9a:4e:8a:ec:1b:a7:56:87:04:bb:
b6:c6:81:74:05:51:0d:7e:bf:15:27:3b:a4:5b:a0:
a4:44:94:2c:a4:27:c3:da:41:2e:ca:af:01:9e:b5:
74:5c:db:a0:f6:f5:55:08:0e:72:7c:3b:96:72:58:
53:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:5D:AE:A3:DF:5D:43:30:2D:DA:F1:9E:4B:70:42:C9:EC:08:8B:F5
X509v3 Authority Key Identifier:
keyid:5C:AA:98:2C:03:17:93:26:33:2D:6B:77:0A:58:E8:79:5C:B8:45:9F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3678967/4AA442F478D911EA9A80955CF8AEA228/XKqYLAMXkyYzLWt3CljoeVy4RZ8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/XKqYLAMXkyYzLWt3CljoeVy4RZ8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3678967/4AA442F478D911EA9A80955CF8AEA228/420B22A27D0111F0BA56A0A5DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.217.184.0/22
102.223.104.0/22
IPv6:
2c0f:e848::/32
Signature Algorithm: sha256WithRSAEncryption
bc:24:8e:93:30:0d:8c:62:c4:b3:c7:a2:8f:21:39:09:ff:d9:
37:6e:52:23:34:06:90:fa:14:31:69:d2:37:43:db:2f:b5:e1:
92:30:84:05:78:ad:36:8c:a8:36:4c:a0:e8:19:1c:fa:66:9d:
58:62:71:fd:6c:74:e5:61:ad:18:74:6b:c7:4c:bc:51:70:1c:
22:70:c0:57:cb:5c:0e:01:e5:3d:99:f6:42:bc:ff:21:61:1f:
ad:c4:d7:75:75:ef:3e:1f:0f:88:33:ec:51:48:1d:bc:17:17:
cb:ab:b8:55:63:36:2b:09:dc:61:1e:72:a3:c2:11:f8:33:13:
0d:51:13:a8:79:a0:2b:fe:5e:be:f3:79:ba:dd:06:4f:cd:11:
63:0b:63:c9:27:57:b5:79:64:89:bf:0a:a5:5f:bb:67:52:cf:
1c:b0:f8:7a:d3:b2:47:11:c3:c1:4f:e2:cd:17:8f:eb:a1:91:
26:88:be:fe:e1:f0:bc:5b:6b:35:6a:33:2e:b1:b5:75:25:5b:
8f:4d:21:ec:ed:92:1e:a6:3f:89:da:c9:47:8d:59:3d:46:6d:
d9:d3:ce:5b:d3:ff:62:28:3b:0a:f8:6d:1f:41:17:74:e1:2d:
14:fc:3f:88:d5:15:fc:df:a3:3c:89:c6:de:01:27:f9:8e:17:
71:b4:4d:80
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgICB+QwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
Nzg5NjdBRjExMC8GA1UEBRMoNUNBQTk4MkMwMzE3OTMyNjMzMkQ2Qjc3MEE1OEU4
Nzk1Q0I4NDU5RjAeFw0yNTA4MTkxMzM0MzRaFw0zNTA4MTgxMzM0MzRaMBgxFjAU
BgNVBAMTDTY4YTQ3ZDcxLWMzMzIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCu5+KhEUTN8Yc4Elrpiy5rweRcm1vfGP9QqbR0+qXdrbZKTlSFGgcJm8x3
AL3n9NEf+ISfpLoMsIPWMgAEoYCQilKQqqAe4y7w6W0I4+jadglIu7X/jDbopekC
TzZCR7fR1Zad5wS6GmOqYhtym75gA1v/82RrnOSD/BstaMJ4P7TzRf+G8POjVZLj
3p/RjRQOUz5mOfwW6qDNFqoboTYh4S4wpItc6lKZn3CJkBPlbJwrSmOEgFZVZr2i
SQILcafNtEhA1e6+mk6K7BunVocEu7bGgXQFUQ1+vxUnO6RboKRElCykJ8PaQS7K
rwGetXRc26D29VUIDnJ8O5ZyWFPfAgMBAAGjggK6MIICtjAdBgNVHQ4EFgQU+l2u
o99dQzAt2vGeS3BCyewIi/UwHwYDVR0jBBgwFoAUXKqYLAMXkyYzLWt3CljoeVy4
RZ8wDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjc4OTY3LzRBQTQ0MkY0NzhEOTExRUE5QTgwOTU1Q0Y4QUVBMjI4L1hLcVlM
QU1Ya3lZekxXdDNDbGpvZVZ5NFJaOC5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL1hLcVlMQU1Ya3lZekxXdDNDbGpvZVZ5NFJaOC5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjc4OTY3LzRBQTQ0MkY0NzhEOTExRUE5QTgwOTU1Q0Y4
QUVBMjI4LzQyMEIyMkEyN0QwMTExRjBCQTU2QTBBNURBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwNAYIKwYBBQUHAQcBAf8EJTAjMBIEAgABMAwDBAJm2bgDBAJm32gwDQQCAAIw
BwMFACwP6EgwDQYJKoZIhvcNAQELBQADggEBALwkjpMwDYxixLPHoo8hOQn/2Tdu
UiM0BpD6FDFp0jdD2y+14ZIwhAV4rTaMqDZMoOgZHPpmnVhicf1sdOVhrRh0a8dM
vFFwHCJwwFfLXA4B5T2Z9kK8/yFhH63E13V17z4fD4gz7FFIHbwXF8uruFVjNisJ
3GEecqPCEfgzEw1RE6h5oCv+Xr7zebrdBk/NEWMLY8knV7V5ZIm/CqVfu2dSzxyw
+HrTskcRw8FP4s0Xj+uhkSaIvv7h8LxbazVqMy6xtXUlW49NIeztkh6mP4nayUeN
WT1GbdnTzlvT/2IoOwr4bR9BF3ThLRT8P4jVFfzfozyJxt4BJ/mOF3G0TYA=
-----END CERTIFICATE-----
Generated at Sat Aug 23 17:17:57 2025 by rpki-client