Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3695083/0FA41C6E862211EF8FCBD758762E951A/38A77FC2AB6311F0B45696BFDAE4EC9C.roa
File: 38A77FC2AB6311F0B45696BFDAE4EC9C.roa (raw, json)
Hash identifier: LBPNAWAAVOPpk8TQQA7s5/xN6Mn1ttafqGNGLr5LoZY=
Subject key identifier: 3A:EE:7F:A3:3E:2F:5C:01:44:2E:E1:58:0F:B7:52:E7:7D:72:3B:93
Certificate issuer: /CN=F3695083AF/serialNumber=E5103ED119E6479BB036B7C3F48DCC9E62C17424
Certificate serial: 018F
Authority key identifier: E5:10:3E:D1:19:E6:47:9B:B0:36:B7:C3:F4:8D:CC:9E:62:C1:74:24
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/5RA-0RnmR5uwNrfD9I3MnmLBdCQ.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3695083/0FA41C6E862211EF8FCBD758762E951A/38A77FC2AB6311F0B45696BFDAE4EC9C.roa
Signing time: Fri 17 Oct 2025 14:11:49 +0000
ROA not before: Fri 17 Oct 2025 14:11:44 +0000
ROA not after: Sun 17 Oct 2027 14:11:44 +0000
asID: 329303
IP address blocks: 102.211.132.0/22 maxlen: 24
2c0f:1440::/32 maxlen: 64
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3695083/0FA41C6E862211EF8FCBD758762E951A/5RA-0RnmR5uwNrfD9I3MnmLBdCQ.crl
rsync://rpki.afrinic.net/repository/member_repository/F3695083/0FA41C6E862211EF8FCBD758762E951A/5RA-0RnmR5uwNrfD9I3MnmLBdCQ.mft
rsync://rpki.afrinic.net/repository/afrinic/5RA-0RnmR5uwNrfD9I3MnmLBdCQ.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 22 Oct 2025 00:06:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 399 (0x18f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3695083AF, serialNumber=E5103ED119E6479BB036B7C3F48DCC9E62C17424
Validity
Not Before: Oct 17 14:11:44 2025 GMT
Not After : Oct 17 14:11:44 2027 GMT
Subject: CN=68f24ea5-2398
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:08:b2:c4:09:44:5a:8b:95:51:4e:c3:9a:e2:
a7:32:93:6f:7e:64:6c:4d:d6:2f:0a:10:69:ce:ac:
fa:e9:23:bc:46:85:4d:1c:90:d6:cf:6e:f9:a0:44:
8c:3d:8a:0a:35:86:00:da:0f:68:0e:d4:a5:7c:8f:
ea:ea:6f:cb:6c:9a:09:a2:b1:9f:2b:f9:bf:2b:9d:
04:35:d7:ac:c3:e6:e9:db:01:db:7f:eb:49:e2:11:
3b:48:a3:67:23:40:89:1d:52:d3:24:6c:c1:2b:e5:
a9:b3:0f:b1:bb:26:a9:80:00:5e:9e:b6:20:12:ea:
eb:e1:17:6f:63:ee:49:ac:40:0b:b6:59:f0:91:f4:
13:09:5a:12:36:b1:7e:26:aa:54:5c:85:01:83:52:
63:2a:08:1e:fd:c2:e4:4d:aa:06:1c:ab:05:bd:41:
59:b7:ed:ca:b2:ce:63:42:9f:64:9c:d6:61:d1:3c:
04:10:49:a0:eb:4a:c9:44:e7:42:17:e9:56:40:0e:
63:ec:c3:e2:32:fe:bc:ec:db:dc:8a:20:94:56:e4:
eb:0b:98:e9:b9:a8:45:b5:08:c3:31:cb:40:70:f0:
05:ea:2f:5e:b6:98:2e:7f:90:f4:b9:4a:ea:d0:ed:
b0:de:18:ba:78:9f:96:07:53:cb:91:3e:75:9c:27:
50:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:EE:7F:A3:3E:2F:5C:01:44:2E:E1:58:0F:B7:52:E7:7D:72:3B:93
X509v3 Authority Key Identifier:
keyid:E5:10:3E:D1:19:E6:47:9B:B0:36:B7:C3:F4:8D:CC:9E:62:C1:74:24
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3695083/0FA41C6E862211EF8FCBD758762E951A/5RA-0RnmR5uwNrfD9I3MnmLBdCQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/5RA-0RnmR5uwNrfD9I3MnmLBdCQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3695083/0FA41C6E862211EF8FCBD758762E951A/38A77FC2AB6311F0B45696BFDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.211.132.0/22
IPv6:
2c0f:1440::/32
Signature Algorithm: sha256WithRSAEncryption
6f:e9:20:de:33:78:1f:1f:85:1e:ce:b1:08:ef:4e:dd:d8:39:
9a:a2:ae:7f:c1:f4:63:93:92:50:b5:c7:05:0b:62:20:31:5d:
36:4f:82:c7:bd:57:0c:2f:80:af:08:21:92:1d:4a:6a:01:e6:
9d:11:e8:6c:c3:82:66:ed:33:e4:0b:5f:27:dd:48:0f:13:2b:
98:48:53:aa:a2:b8:18:dc:24:7f:67:53:b1:c8:57:e5:7f:56:
e2:be:6b:55:f5:26:2d:86:6b:20:a1:0c:40:c6:8e:37:37:ae:
bf:e8:22:58:3d:05:86:ef:75:e0:f7:a0:4a:77:6f:a2:63:ad:
91:f8:cf:4f:79:7a:8d:c9:b2:31:eb:56:6f:39:94:84:4f:50:
43:e7:cd:fc:20:70:9a:96:76:ed:c0:be:4e:17:ae:f2:86:ab:
c7:ff:8d:03:ab:f3:c7:17:66:a3:0e:6f:01:38:95:cf:a7:86:
d9:3c:b4:1d:7e:03:4e:fa:7a:fc:04:03:d0:7c:fb:42:3b:f1:
91:aa:b6:46:6e:cb:ed:e6:d1:95:27:7b:f0:9b:e9:ae:79:96:
df:f7:25:d9:4a:bb:96:ee:d5:8a:24:48:0f:a2:31:ab:cc:96:
1d:27:b6:ab:39:5a:a7:95:f9:c7:af:28:8c:e4:e5:77:f7:8b:
c0:9b:60:fd
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgICAY8wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
OTUwODNBRjExMC8GA1UEBRMoRTUxMDNFRDExOUU2NDc5QkIwMzZCN0MzRjQ4REND
OUU2MkMxNzQyNDAeFw0yNTEwMTcxNDExNDRaFw0yNzEwMTcxNDExNDRaMBgxFjAU
BgNVBAMTDTY4ZjI0ZWE1LTIzOTgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDQCLLECURai5VRTsOa4qcyk29+ZGxN1i8KEGnOrPrpI7xGhU0ckNbPbvmg
RIw9igo1hgDaD2gO1KV8j+rqb8tsmgmisZ8r+b8rnQQ116zD5unbAdt/60niETtI
o2cjQIkdUtMkbMEr5amzD7G7JqmAAF6etiAS6uvhF29j7kmsQAu2WfCR9BMJWhI2
sX4mqlRchQGDUmMqCB79wuRNqgYcqwW9QVm37cqyzmNCn2Sc1mHRPAQQSaDrSslE
50IX6VZADmPsw+Iy/rzs29yKIJRW5OsLmOm5qEW1CMMxy0Bw8AXqL162mC5/kPS5
SurQ7bDeGLp4n5YHU8uRPnWcJ1CPAgMBAAGjggK0MIICsDAdBgNVHQ4EFgQUOu5/
oz4vXAFELuFYD7dS531yO5MwHwYDVR0jBBgwFoAU5RA+0RnmR5uwNrfD9I3MnmLB
dCQwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjk1MDgzLzBGQTQxQzZFODYyMjExRUY4RkNCRDc1ODc2MkU5NTFBLzVSQS0w
Um5tUjV1d05yZkQ5STNNbm1MQmRDUS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljLzVSQS0wUm5tUjV1d05yZkQ5STNNbm1MQmRDUS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjk1MDgzLzBGQTQxQzZFODYyMjExRUY4RkNCRDc1ODc2
MkU5NTFBLzM4QTc3RkMyQUI2MzExRjBCNDU2OTZCRkRBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBAJm04QwDQQCAAIwBwMFACwP
FEAwDQYJKoZIhvcNAQELBQADggEBAG/pIN4zeB8fhR7OsQjvTt3YOZqirn/B9GOT
klC1xwULYiAxXTZPgse9VwwvgK8IIZIdSmoB5p0R6GzDgmbtM+QLXyfdSA8TK5hI
U6qiuBjcJH9nU7HIV+V/VuK+a1X1Ji2GayChDEDGjjc3rr/oIlg9BYbvdeD3oEp3
b6JjrZH4z095eo3JsjHrVm85lIRPUEPnzfwgcJqWdu3Avk4XrvKGq8f/jQOr88cX
ZqMObwE4lc+nhtk8tB1+A076evwEA9B8+0I78ZGqtkZuy+3m0ZUne/Cb6a55lt/3
JdlKu5bu1YokSA+iMavMlh0ntqs5WqeV+cevKIzk5Xf3i8CbYP0=
-----END CERTIFICATE-----
Generated at Mon Oct 20 19:53:44 2025 by rpki-client