Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36A45F8/95187B187C1E11F0AB87CEE0DAE4EC9C/C8DBFA287C1F11F0A46A9BE9DAE4EC9C.roa
File: C8DBFA287C1F11F0A46A9BE9DAE4EC9C.roa (raw, json)
Hash identifier: MEidKfzt+zEnon2K4l4j1oz0vKLVkgQvpvIBenvS0UU=
Subject key identifier: 5B:00:2B:3C:69:58:55:93:F7:47:DB:36:E9:64:0F:9A:C6:3D:0E:3A
Certificate issuer: /CN=F36A45F8AF/serialNumber=285AF4D0D35A01F4E8662D7061749313081B056F
Certificate serial: 02
Authority key identifier: 28:5A:F4:D0:D3:5A:01:F4:E8:66:2D:70:61:74:93:13:08:1B:05:6F
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/KFr00NNaAfToZi1wYXSTEwgbBW8.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36A45F8/95187B187C1E11F0AB87CEE0DAE4EC9C/C8DBFA287C1F11F0A46A9BE9DAE4EC9C.roa
Signing time: Mon 18 Aug 2025 10:40:41 +0000
ROA not before: Mon 18 Aug 2025 10:40:36 +0000
ROA not after: Mon 31 Dec 2035 10:40:36 +0000
asID: 328272
IP address blocks: 102.208.146.0/23 maxlen: 24
196.11.103.0/24 maxlen: 24
2001:43f8:10c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36A45F8/95187B187C1E11F0AB87CEE0DAE4EC9C/KFr00NNaAfToZi1wYXSTEwgbBW8.crl
rsync://rpki.afrinic.net/repository/member_repository/F36A45F8/95187B187C1E11F0AB87CEE0DAE4EC9C/KFr00NNaAfToZi1wYXSTEwgbBW8.mft
rsync://rpki.afrinic.net/repository/afrinic/KFr00NNaAfToZi1wYXSTEwgbBW8.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 25 Aug 2025 05:29:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36A45F8AF, serialNumber=285AF4D0D35A01F4E8662D7061749313081B056F
Validity
Not Before: Aug 18 10:40:36 2025 GMT
Not After : Dec 31 10:40:36 2035 GMT
Subject: CN=68a30329-fc11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:14:f4:c6:6b:2f:b5:26:ba:e9:c6:fd:8f:fe:
1e:c3:57:f3:4d:63:e1:da:00:bb:38:cc:da:f7:18:
3d:64:a4:bc:21:9a:bf:76:a9:b4:19:28:72:06:65:
fd:90:97:e0:1f:34:61:fa:ba:9a:b6:13:fd:c2:ea:
00:73:e0:64:1b:22:ba:3b:8c:df:4e:88:a8:73:cf:
3b:b2:63:41:a0:78:f0:e3:5a:03:15:a4:0a:47:37:
68:93:b8:f6:e7:cc:98:80:12:ee:b8:31:08:d5:ba:
48:02:a8:f3:a5:66:f5:08:53:ad:ac:9d:01:e7:23:
70:01:8d:3e:37:36:14:16:01:39:81:37:46:ad:81:
9d:9d:13:0e:3e:a1:e9:27:47:90:3e:c2:21:6a:51:
cb:7c:c0:52:ea:01:16:a4:b5:f2:f1:5c:d8:ad:80:
5f:f3:f5:22:0c:1c:26:d0:5a:5c:1b:3a:e6:ec:79:
03:98:19:4c:c1:fe:a9:6e:47:e2:7c:64:95:22:9b:
03:3c:07:57:70:74:3e:43:7c:c8:53:4f:05:43:85:
ba:8b:6a:be:3d:13:af:72:a5:81:8b:f6:e4:38:5c:
2d:38:d9:af:b0:6a:de:c2:4c:0b:6b:f6:7b:46:9b:
aa:48:d5:a6:97:27:c7:4c:7d:2e:98:70:3b:67:24:
c3:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:00:2B:3C:69:58:55:93:F7:47:DB:36:E9:64:0F:9A:C6:3D:0E:3A
X509v3 Authority Key Identifier:
keyid:28:5A:F4:D0:D3:5A:01:F4:E8:66:2D:70:61:74:93:13:08:1B:05:6F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36A45F8/95187B187C1E11F0AB87CEE0DAE4EC9C/KFr00NNaAfToZi1wYXSTEwgbBW8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/KFr00NNaAfToZi1wYXSTEwgbBW8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36A45F8/95187B187C1E11F0AB87CEE0DAE4EC9C/C8DBFA287C1F11F0A46A9BE9DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.208.146.0/23
196.11.103.0/24
IPv6:
2001:43f8:10c0::/48
Signature Algorithm: sha256WithRSAEncryption
3b:c9:3f:23:e3:ac:7f:a4:4a:2a:d1:55:fa:82:c0:23:77:09:
51:14:33:3a:d3:48:0e:f2:57:16:35:88:53:98:29:7a:df:29:
f1:d6:2d:38:60:fe:e6:ab:49:07:9b:4e:b0:9a:38:5a:18:e7:
54:e7:1f:ac:e6:fb:95:24:de:a0:a2:ef:98:22:0a:15:ce:f9:
75:84:b6:fe:19:b5:d4:df:93:60:20:48:18:9c:ee:88:22:35:
8e:b9:3c:0f:83:2a:c2:7e:cb:76:de:5a:ac:f3:73:65:59:22:
4e:55:1e:3e:d1:32:63:99:06:14:65:5b:f1:88:9b:2d:aa:75:
f2:55:c5:ef:46:36:cc:32:73:c2:b1:aa:c1:1b:ff:a6:c2:5e:
40:47:ba:24:8b:80:05:cb:fb:44:5f:67:ad:3e:d0:1b:04:e1:
46:82:d7:fb:47:a8:dd:a8:a3:6e:21:64:c6:50:51:93:ba:87:
68:c6:bf:09:14:24:ff:ba:fb:45:98:e2:ed:58:64:3b:4e:ff:
96:49:ed:1e:92:76:6d:ca:c9:c1:f0:81:93:b2:41:e6:dd:ff:
43:c1:12:9f:d0:d8:76:ee:c4:a4:df:ee:65:82:59:51:09:43:
9b:21:db:5d:b7:13:45:8a:b1:2a:00:52:27:cc:a7:fc:45:19:
5e:9b:d6:7f
-----BEGIN CERTIFICATE-----
MIIFmTCCBIGgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZB
NDVGOEFGMTEwLwYDVQQFEygyODVBRjREMEQzNUEwMUY0RTg2NjJENzA2MTc0OTMx
MzA4MUIwNTZGMB4XDTI1MDgxODEwNDAzNloXDTM1MTIzMTEwNDAzNlowGDEWMBQG
A1UEAxMNNjhhMzAzMjktZmMxMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANcU9MZrL7UmuunG/Y/+HsNX801j4doAuzjM2vcYPWSkvCGav3aptBkocgZl
/ZCX4B80Yfq6mrYT/cLqAHPgZBsiujuM306IqHPPO7JjQaB48ONaAxWkCkc3aJO4
9ufMmIAS7rgxCNW6SAKo86Vm9QhTraydAecjcAGNPjc2FBYBOYE3Rq2BnZ0TDj6h
6SdHkD7CIWpRy3zAUuoBFqS18vFc2K2AX/P1IgwcJtBaXBs65ux5A5gZTMH+qW5H
4nxklSKbAzwHV3B0PkN8yFNPBUOFuotqvj0Tr3KlgYv25DhcLTjZr7Bq3sJMC2v2
e0abqkjVppcnx0x9LphwO2ckw1sCAwEAAaOCArwwggK4MB0GA1UdDgQWBBRbACs8
aVhVk/dH2zbpZA+axj0OOjAfBgNVHSMEGDAWgBQoWvTQ01oB9OhmLXBhdJMTCBsF
bzAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2QTQ1RjgvOTUxODdCMTg3QzFFMTFGMEFCODdDRUUwREFFNEVDOUMvS0ZyMDBO
TmFBZlRvWmkxd1lYU1RFd2diQlc4LmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvS0ZyMDBOTmFBZlRvWmkxd1lYU1RFd2diQlc4LmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2QTQ1RjgvOTUxODdCMTg3QzFFMTFGMEFCODdDRUUwREFF
NEVDOUMvQzhEQkZBMjg3QzFGMTFGMEE0NkE5QkU5REFFNEVDOUMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDA2BggrBgEFBQcBBwEB/wQnMCUwEgQCAAEwDAMEAWbQkgMEAMQLZzAPBAIAAjAJ
AwcAIAFD+BDAMA0GCSqGSIb3DQEBCwUAA4IBAQA7yT8j46x/pEoq0VX6gsAjdwlR
FDM600gO8lcWNYhTmCl63ynx1i04YP7mq0kHm06wmjhaGOdU5x+s5vuVJN6gou+Y
IgoVzvl1hLb+GbXU35NgIEgYnO6IIjWOuTwPgyrCfst23lqs83NlWSJOVR4+0TJj
mQYUZVvxiJstqnXyVcXvRjbMMnPCsarBG/+mwl5AR7oki4AFy/tEX2etPtAbBOFG
gtf7R6jdqKNuIWTGUFGTuodoxr8JFCT/uvtFmOLtWGQ7Tv+WSe0eknZtysnB8IGT
skHm3f9DwRKf0Nh27sSk3+5lgllRCUObIdtdtxNFirEqAFInzKf8RRlem9Z/
-----END CERTIFICATE-----
Generated at Sun Aug 24 04:56:58 2025 by rpki-client