Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36797C7/DEACBA2E94E011ECBFBC4E955A40D577/EA7C8B00A05C11F09DBAF186DAE4EC9C.roa
File: EA7C8B00A05C11F09DBAF186DAE4EC9C.roa (raw, json)
Hash identifier: nyTYwtfqRuxnUdul9eLFpyBMx56jYP4EyI39iQVEpwc=
Subject key identifier: 2D:4F:43:40:EF:F2:6E:64:83:2E:37:ED:DE:EE:66:CB:90:A6:5F:44
Certificate issuer: /CN=F36797C7AF/serialNumber=F4171D4EA249CA147AB8DEC205DCB51F49988B50
Certificate serial: 056B
Authority key identifier: F4:17:1D:4E:A2:49:CA:14:7A:B8:DE:C2:05:DC:B5:1F:49:98:8B:50
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/9BcdTqJJyhR6uN7CBdy1H0mYi1A.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36797C7/DEACBA2E94E011ECBFBC4E955A40D577/EA7C8B00A05C11F09DBAF186DAE4EC9C.roa
Signing time: Fri 03 Oct 2025 13:28:58 +0000
ROA not before: Fri 03 Oct 2025 13:28:53 +0000
ROA not after: Fri 31 Dec 2049 13:28:53 +0000
asID: 328964
IP address blocks: 102.208.204.0/23 maxlen: 24
102.217.253.0/24 maxlen: 24
2c0f:4880::/32 maxlen: 34
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36797C7/DEACBA2E94E011ECBFBC4E955A40D577/9BcdTqJJyhR6uN7CBdy1H0mYi1A.crl
rsync://rpki.afrinic.net/repository/member_repository/F36797C7/DEACBA2E94E011ECBFBC4E955A40D577/9BcdTqJJyhR6uN7CBdy1H0mYi1A.mft
rsync://rpki.afrinic.net/repository/afrinic/9BcdTqJJyhR6uN7CBdy1H0mYi1A.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 22 Oct 2025 00:06:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1387 (0x56b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36797C7AF, serialNumber=F4171D4EA249CA147AB8DEC205DCB51F49988B50
Validity
Not Before: Oct 3 13:28:53 2025 GMT
Not After : Dec 31 13:28:53 2049 GMT
Subject: CN=68dfcf9a-d578
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:14:64:08:74:8e:60:b7:a3:3f:85:91:f1:4c:
a8:d4:9d:4f:b4:cf:99:06:5e:a1:c3:8d:b2:63:6b:
c0:56:65:82:3a:ab:70:a0:98:03:ac:4c:2e:ec:c9:
2f:85:95:f0:98:08:b2:10:a3:5c:64:04:25:bb:81:
2b:2f:5c:11:bc:fe:cf:22:11:af:c2:94:e2:72:f9:
78:74:e8:14:4c:e1:d3:15:28:d1:6f:97:95:76:85:
48:ad:8d:4e:79:45:85:fb:ce:cf:fe:ad:04:b9:8d:
e5:97:68:59:a1:77:c0:ee:5d:bc:b2:e7:ff:de:bd:
61:8b:25:45:ac:dd:1b:ad:24:9b:e9:99:b2:ea:88:
9f:a4:dd:9b:dd:87:24:57:eb:98:86:2a:f7:4a:03:
9e:fa:0d:9a:40:9d:83:83:74:96:bc:9e:ee:c1:2f:
75:80:0b:fd:dc:8a:ce:0b:28:a9:d0:dc:ad:7a:64:
08:f9:fe:b8:52:61:10:ef:5d:e2:60:51:ec:59:2a:
51:26:f6:e1:5a:9a:f7:ea:28:4e:e6:07:7b:a8:50:
83:e0:47:d9:34:bf:b7:e7:ed:e4:b9:1b:b2:51:c1:
ce:f8:c6:45:69:69:a0:7e:ed:2d:c5:62:2b:32:f2:
8f:b0:34:2d:20:70:a4:af:65:57:e5:b7:d5:9c:92:
10:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:4F:43:40:EF:F2:6E:64:83:2E:37:ED:DE:EE:66:CB:90:A6:5F:44
X509v3 Authority Key Identifier:
keyid:F4:17:1D:4E:A2:49:CA:14:7A:B8:DE:C2:05:DC:B5:1F:49:98:8B:50
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36797C7/DEACBA2E94E011ECBFBC4E955A40D577/9BcdTqJJyhR6uN7CBdy1H0mYi1A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/9BcdTqJJyhR6uN7CBdy1H0mYi1A.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36797C7/DEACBA2E94E011ECBFBC4E955A40D577/EA7C8B00A05C11F09DBAF186DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.208.204.0/23
102.217.253.0/24
IPv6:
2c0f:4880::/32
Signature Algorithm: sha256WithRSAEncryption
34:16:2a:ee:55:44:d3:25:19:65:30:2f:be:c5:80:4c:14:2c:
18:ea:dd:d3:98:1c:fb:96:a2:36:30:9c:3d:79:9f:48:ff:22:
8b:f8:61:03:bb:d3:ef:85:cc:99:8c:97:ad:14:60:b4:5b:42:
43:51:df:ec:d4:6a:08:eb:78:7a:db:a6:59:da:e6:ba:81:5f:
09:7e:a9:8a:ef:2b:34:5b:b1:19:86:a2:76:b6:82:37:8a:7d:
b7:a1:7c:b4:b3:9c:fd:65:65:dc:29:ec:57:ad:28:f7:25:b7:
f1:18:1d:9e:35:41:bc:ac:c7:4c:e9:37:c6:13:74:3e:3b:c1:
c9:fe:8c:c8:a6:d4:09:82:fc:f6:a1:f9:61:f4:94:17:f0:2f:
5d:23:3d:db:36:8d:72:5f:38:7a:63:0e:3f:28:34:6d:54:37:
e3:c9:64:c6:23:5b:dd:cb:13:7a:12:36:1a:68:b9:df:e5:4e:
19:1f:61:41:da:fe:5e:8d:84:7f:a0:3e:ff:c6:1a:a7:49:60:
2e:76:33:e9:58:b9:00:e4:46:00:6f:d3:29:c3:1b:25:bc:4b:
85:04:7b:28:b0:d4:c2:ee:40:ae:27:a9:7d:1d:ea:55:60:9d:
4e:f6:6d:e0:f9:37:b4:b7:91:28:ba:ac:cf:11:66:6f:f6:74:
18:4c:f1:32
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgICBWswDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
Nzk3QzdBRjExMC8GA1UEBRMoRjQxNzFENEVBMjQ5Q0ExNDdBQjhERUMyMDVEQ0I1
MUY0OTk4OEI1MDAeFw0yNTEwMDMxMzI4NTNaFw00OTEyMzExMzI4NTNaMBgxFjAU
BgNVBAMTDTY4ZGZjZjlhLWQ1NzgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC+FGQIdI5gt6M/hZHxTKjUnU+0z5kGXqHDjbJja8BWZYI6q3CgmAOsTC7s
yS+FlfCYCLIQo1xkBCW7gSsvXBG8/s8iEa/ClOJy+Xh06BRM4dMVKNFvl5V2hUit
jU55RYX7zs/+rQS5jeWXaFmhd8DuXbyy5//evWGLJUWs3RutJJvpmbLqiJ+k3Zvd
hyRX65iGKvdKA576DZpAnYODdJa8nu7BL3WAC/3cis4LKKnQ3K16ZAj5/rhSYRDv
XeJgUexZKlEm9uFamvfqKE7mB3uoUIPgR9k0v7fn7eS5G7JRwc74xkVpaaB+7S3F
Yisy8o+wNC0gcKSvZVflt9WckhAXAgMBAAGjggK6MIICtjAdBgNVHQ4EFgQULU9D
QO/ybmSDLjft3u5my5CmX0QwHwYDVR0jBBgwFoAU9BcdTqJJyhR6uN7CBdy1H0mY
i1AwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjc5N0M3L0RFQUNCQTJFOTRFMDExRUNCRkJDNEU5NTVBNDBENTc3LzlCY2RU
cUpKeWhSNnVON0NCZHkxSDBtWWkxQS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljLzlCY2RUcUpKeWhSNnVON0NCZHkxSDBtWWkxQS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjc5N0M3L0RFQUNCQTJFOTRFMDExRUNCRkJDNEU5NTVB
NDBENTc3L0VBN0M4QjAwQTA1QzExRjA5REJBRjE4NkRBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwNAYIKwYBBQUHAQcBAf8EJTAjMBIEAgABMAwDBAFm0MwDBABm2f0wDQQCAAIw
BwMFACwPSIAwDQYJKoZIhvcNAQELBQADggEBADQWKu5VRNMlGWUwL77FgEwULBjq
3dOYHPuWojYwnD15n0j/Iov4YQO70++FzJmMl60UYLRbQkNR3+zUagjreHrbplna
5rqBXwl+qYrvKzRbsRmGona2gjeKfbehfLSznP1lZdwp7FetKPclt/EYHZ41Qbys
x0zpN8YTdD47wcn+jMim1AmC/Pah+WH0lBfwL10jPds2jXJfOHpjDj8oNG1UN+PJ
ZMYjW93LE3oSNhpoud/lThkfYUHa/l6NhH+gPv/GGqdJYC52M+lYuQDkRgBv0ynD
GyW8S4UEeyiw1MLuQK4nqX0d6lVgnU72beD5N7S3kSi6rM8RZm/2dBhM8TI=
-----END CERTIFICATE-----
Generated at Mon Oct 20 20:39:43 2025 by rpki-client