Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3686B65/C5F0BEB29A8411EEA702E730D25BE465/1B6ECF12963411F094C170B5DAE4EC9C.roa
File: 1B6ECF12963411F094C170B5DAE4EC9C.roa (raw, json)
Hash identifier: fkvprPgx2NCjxUTzaYs2bjq8VWQ7gVUNH+w2V0QutVU=
Subject key identifier: BF:AA:02:BC:A7:5C:C6:09:E3:70:2A:81:6B:BF:78:83:DD:6E:9A:CE
Certificate issuer: /CN=F3686B65AF/serialNumber=B8AD9011EF3B28987B5CE230F1E275547330396A
Certificate serial: 02BE
Authority key identifier: B8:AD:90:11:EF:3B:28:98:7B:5C:E2:30:F1:E2:75:54:73:30:39:6A
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/uK2QEe87KJh7XOIw8eJ1VHMwOWo.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3686B65/C5F0BEB29A8411EEA702E730D25BE465/1B6ECF12963411F094C170B5DAE4EC9C.roa
Signing time: Sat 20 Sep 2025 15:11:39 +0000
ROA not before: Sat 20 Sep 2025 15:11:34 +0000
ROA not after: Fri 31 Dec 2049 15:11:34 +0000
asID: 329057
IP address blocks: 102.216.8.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3686B65/C5F0BEB29A8411EEA702E730D25BE465/uK2QEe87KJh7XOIw8eJ1VHMwOWo.crl
rsync://rpki.afrinic.net/repository/member_repository/F3686B65/C5F0BEB29A8411EEA702E730D25BE465/uK2QEe87KJh7XOIw8eJ1VHMwOWo.mft
rsync://rpki.afrinic.net/repository/afrinic/uK2QEe87KJh7XOIw8eJ1VHMwOWo.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 22 Oct 2025 00:06:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 702 (0x2be)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3686B65AF, serialNumber=B8AD9011EF3B28987B5CE230F1E275547330396A
Validity
Not Before: Sep 20 15:11:34 2025 GMT
Not After : Dec 31 15:11:34 2049 GMT
Subject: CN=68cec42b-91f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:57:7e:c3:99:c3:e2:bf:94:db:df:9c:49:36:
d2:74:3d:cd:50:fc:8c:b4:42:43:fe:5e:50:fd:c2:
7a:7c:55:39:2f:9f:15:92:98:2f:14:28:a1:34:0e:
c2:f0:03:b1:d4:e3:bb:a3:72:38:54:39:2f:4b:c0:
40:7d:6f:db:43:97:2f:e2:a5:a7:8b:b1:1a:28:ce:
7e:5c:82:42:5a:b7:a3:b0:35:27:0e:75:09:6f:e9:
ca:fc:e0:64:e5:03:88:fb:84:08:22:d5:29:41:be:
48:36:21:0a:0d:a5:36:2c:a3:6e:4f:32:08:e7:ad:
3b:6c:86:12:b7:3c:40:e5:a7:de:da:1f:94:55:9c:
a3:7a:2c:0a:53:fc:9b:e3:67:a2:b5:bb:4a:91:7e:
98:c5:60:5c:0f:35:1e:27:6d:30:33:c0:b3:e8:dd:
d2:fc:8d:31:40:2d:2b:c8:05:08:fb:35:69:3c:bb:
c3:3f:50:25:7f:5d:07:ec:ee:1d:fe:1b:5f:81:5a:
53:8e:d4:d7:ec:06:ee:d6:5a:61:a7:a6:7b:c1:e6:
79:72:48:b9:a4:38:67:c9:05:db:59:7e:0b:0d:70:
33:b0:f2:5d:0b:b2:bc:79:87:ef:da:e8:89:ed:3c:
62:58:2b:c0:94:52:68:52:27:c3:f7:a6:62:58:2e:
d7:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:AA:02:BC:A7:5C:C6:09:E3:70:2A:81:6B:BF:78:83:DD:6E:9A:CE
X509v3 Authority Key Identifier:
keyid:B8:AD:90:11:EF:3B:28:98:7B:5C:E2:30:F1:E2:75:54:73:30:39:6A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3686B65/C5F0BEB29A8411EEA702E730D25BE465/uK2QEe87KJh7XOIw8eJ1VHMwOWo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/uK2QEe87KJh7XOIw8eJ1VHMwOWo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3686B65/C5F0BEB29A8411EEA702E730D25BE465/1B6ECF12963411F094C170B5DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.216.8.0/23
Signature Algorithm: sha256WithRSAEncryption
5b:5c:58:33:e7:34:ff:61:90:5c:a2:14:2d:88:a4:3a:96:a9:
ff:3d:ba:b7:df:44:c6:65:1e:9e:c5:cf:55:48:3e:1e:35:54:
ee:8e:54:d3:2d:c8:9c:f6:e2:72:15:7e:a0:90:23:cc:0f:36:
58:eb:07:d7:64:4e:60:5b:94:5b:6b:65:95:e1:ff:53:96:1a:
f5:02:27:02:0f:ec:61:90:63:13:c0:7f:7b:14:ae:d4:cd:a4:
23:3e:14:33:94:5c:df:83:d0:92:a5:ef:d6:97:90:4c:1a:fc:
66:db:cb:4a:ec:e4:46:51:aa:17:cf:f8:b0:9a:89:4d:40:ea:
04:35:4e:92:59:29:34:06:8d:6f:60:0a:a3:45:8f:29:5b:91:
a2:7c:a9:b6:79:6e:e1:09:90:9e:d7:02:d6:19:c8:06:6c:6b:
ff:f7:6b:2f:a8:b6:93:62:2c:03:6e:b9:96:36:32:a1:e7:15:
71:3e:3c:f1:3f:33:9c:6a:09:ab:b9:2b:3c:41:f3:34:65:39:
92:e5:c4:c3:f9:67:04:39:b7:0b:93:3c:69:28:c8:6a:55:67:
e3:c2:eb:36:a4:e3:04:21:fc:b1:30:ef:f8:97:c3:94:74:d0:
42:cb:42:06:3b:08:80:42:cf:32:a2:19:e4:52:b2:c6:bf:90:
d6:43:07:dc
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICAr4wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODZCNjVBRjExMC8GA1UEBRMoQjhBRDkwMTFFRjNCMjg5ODdCNUNFMjMwRjFFMjc1
NTQ3MzMwMzk2QTAeFw0yNTA5MjAxNTExMzRaFw00OTEyMzExNTExMzRaMBgxFjAU
BgNVBAMTDTY4Y2VjNDJiLTkxZjUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDFV37DmcPiv5Tb35xJNtJ0Pc1Q/Iy0QkP+XlD9wnp8VTkvnxWSmC8UKKE0
DsLwA7HU47ujcjhUOS9LwEB9b9tDly/ipaeLsRoozn5cgkJat6OwNScOdQlv6cr8
4GTlA4j7hAgi1SlBvkg2IQoNpTYso25PMgjnrTtshhK3PEDlp97aH5RVnKN6LApT
/JvjZ6K1u0qRfpjFYFwPNR4nbTAzwLPo3dL8jTFALSvIBQj7NWk8u8M/UCV/XQfs
7h3+G1+BWlOO1NfsBu7WWmGnpnvB5nlySLmkOGfJBdtZfgsNcDOw8l0Lsrx5h+/a
6IntPGJYK8CUUmhSJ8P3pmJYLtcDAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUv6oC
vKdcxgnjcCqBa794g91ums4wHwYDVR0jBBgwFoAUuK2QEe87KJh7XOIw8eJ1VHMw
OWowDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjg2QjY1L0M1RjBCRUIyOUE4NDExRUVBNzAyRTczMEQyNUJFNDY1L3VLMlFF
ZTg3S0poN1hPSXc4ZUoxVkhNd09Xby5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL3VLMlFFZTg3S0poN1hPSXc4ZUoxVkhNd09Xby5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjg2QjY1L0M1RjBCRUIyOUE4NDExRUVBNzAyRTczMEQy
NUJFNDY1LzFCNkVDRjEyOTYzNDExRjA5NEMxNzBCNURBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAFm2AgwDQYJKoZIhvcNAQEL
BQADggEBAFtcWDPnNP9hkFyiFC2IpDqWqf89urffRMZlHp7Fz1VIPh41VO6OVNMt
yJz24nIVfqCQI8wPNljrB9dkTmBblFtrZZXh/1OWGvUCJwIP7GGQYxPAf3sUrtTN
pCM+FDOUXN+D0JKl79aXkEwa/Gbby0rs5EZRqhfP+LCaiU1A6gQ1TpJZKTQGjW9g
CqNFjylbkaJ8qbZ5buEJkJ7XAtYZyAZsa//3ay+otpNiLANuuZY2MqHnFXE+PPE/
M5xqCau5KzxB8zRlOZLlxMP5ZwQ5twuTPGkoyGpVZ+PC6zak4wQh/LEw7/iXw5R0
0ELLQgY7CIBCzzKiGeRSssa/kNZDB9w=
-----END CERTIFICATE-----
Generated at Mon Oct 20 09:09:22 2025 by rpki-client