Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36C3A58/1B78C60CA8BF11EEBB3CA855775412E6/2257925CAA6E11F0A6F76B90DAE4EC9C.roa
File: 2257925CAA6E11F0A6F76B90DAE4EC9C.roa (raw, json)
Hash identifier: oxEm9UctpCtTUrbHITbDcrkM+rBf2+aSQrb3SqlA3kA=
Subject key identifier: 5E:87:5E:53:68:50:D2:FD:86:B1:F0:BF:AE:61:79:1D:AA:DD:DF:10
Certificate issuer: /CN=F36C3A58AF/serialNumber=E15F50DDD28E02FD6E6966D5918D1B0BBF4684E8
Certificate serial: 02BF
Authority key identifier: E1:5F:50:DD:D2:8E:02:FD:6E:69:66:D5:91:8D:1B:0B:BF:46:84:E8
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/4V9Q3dKOAv1uaWbVkY0bC79GhOg.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36C3A58/1B78C60CA8BF11EEBB3CA855775412E6/2257925CAA6E11F0A6F76B90DAE4EC9C.roa
Signing time: Thu 16 Oct 2025 08:57:25 +0000
ROA not before: Thu 16 Oct 2025 08:57:15 +0000
ROA not after: Wed 16 Oct 2030 08:57:15 +0000
asID: 21003
IP address blocks: 102.220.142.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36C3A58/1B78C60CA8BF11EEBB3CA855775412E6/4V9Q3dKOAv1uaWbVkY0bC79GhOg.crl
rsync://rpki.afrinic.net/repository/member_repository/F36C3A58/1B78C60CA8BF11EEBB3CA855775412E6/4V9Q3dKOAv1uaWbVkY0bC79GhOg.mft
rsync://rpki.afrinic.net/repository/afrinic/4V9Q3dKOAv1uaWbVkY0bC79GhOg.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 22 Oct 2025 00:06:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 703 (0x2bf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36C3A58AF, serialNumber=E15F50DDD28E02FD6E6966D5918D1B0BBF4684E8
Validity
Not Before: Oct 16 08:57:15 2025 GMT
Not After : Oct 16 08:57:15 2030 GMT
Subject: CN=68f0b375-f68d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:0b:89:20:7f:01:11:09:f3:6e:ca:6d:24:83:
75:29:4b:82:27:02:a8:fa:30:ad:18:dd:40:90:7a:
0c:01:11:63:59:87:98:b5:60:38:16:a0:83:22:56:
f3:bf:26:19:e5:c9:35:e7:7b:92:39:67:e7:fe:95:
f1:70:fe:3d:17:23:9b:1a:1d:0c:c0:65:cd:e7:4c:
56:e7:6e:02:ee:db:02:10:c1:d9:5f:a8:5e:47:b5:
50:8c:68:82:dd:b4:a6:61:77:2f:1d:38:4e:a2:28:
06:cf:25:e2:a3:c4:3d:b7:fd:1b:53:a6:96:2f:06:
e3:cf:d9:8b:3c:6e:13:da:c2:f1:0d:b2:4a:bc:d4:
21:e1:e9:5d:84:72:d0:2b:85:a0:86:c7:fe:44:e9:
be:e9:a1:a4:8c:b9:ea:7f:4a:28:1a:2d:d6:59:36:
d3:66:13:67:41:66:10:81:0c:19:da:12:18:02:95:
f4:26:9c:1c:f8:86:70:19:36:bc:c3:d4:26:80:67:
94:16:42:7c:18:b7:b1:19:e5:9d:a0:1f:6f:27:ca:
40:24:24:49:be:75:24:78:9b:a5:2c:0c:1d:87:27:
c0:e7:65:5c:24:27:66:51:f5:b1:5b:b6:07:11:8a:
e5:27:0d:a6:05:54:5d:8c:b0:76:59:3f:a4:ac:ba:
14:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:87:5E:53:68:50:D2:FD:86:B1:F0:BF:AE:61:79:1D:AA:DD:DF:10
X509v3 Authority Key Identifier:
keyid:E1:5F:50:DD:D2:8E:02:FD:6E:69:66:D5:91:8D:1B:0B:BF:46:84:E8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36C3A58/1B78C60CA8BF11EEBB3CA855775412E6/4V9Q3dKOAv1uaWbVkY0bC79GhOg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/4V9Q3dKOAv1uaWbVkY0bC79GhOg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36C3A58/1B78C60CA8BF11EEBB3CA855775412E6/2257925CAA6E11F0A6F76B90DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.220.142.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:f8:fd:26:12:80:6d:07:7d:2f:b2:9b:fc:14:03:f3:d8:dd:
4c:98:d2:bd:f4:e4:80:a1:2b:aa:42:ff:7c:45:65:46:82:59:
19:96:21:8d:61:e5:1e:68:5d:86:67:5e:f6:0d:4b:8d:71:13:
3a:01:dc:f8:9b:90:76:b2:9e:5d:23:5e:22:2b:19:a0:f7:b3:
53:9d:aa:0e:1d:55:ca:80:8f:f1:f9:06:5e:08:2a:f7:d3:b4:
ca:83:6d:49:cf:a6:48:05:e3:98:23:47:e2:b3:e6:eb:5e:56:
9d:3c:25:1f:bd:5c:4d:ac:14:ae:e9:b0:5d:e5:09:ad:10:f4:
40:34:1f:90:20:7b:db:78:0f:00:d1:2b:bd:88:e8:24:44:6a:
f6:cc:9a:ce:ac:f7:83:9e:93:56:89:be:45:e3:71:ff:63:18:
c0:a9:53:1f:37:10:e7:25:b7:59:89:20:81:43:40:df:d9:8b:
ca:90:87:64:9c:2b:08:ba:a4:e2:d9:5e:e5:e8:b2:85:31:21:
24:b8:70:f9:27:64:95:b4:6b:ef:99:4a:c5:d3:91:ee:7c:2f:
56:35:7b:d2:ee:1a:56:11:ce:b8:b9:e9:e6:1d:7d:48:36:28:
1a:29:85:f4:11:83:82:21:47:ea:4c:e6:af:41:fb:48:8f:c4:
c0:fa:8f:84
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICAr8wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
QzNBNThBRjExMC8GA1UEBRMoRTE1RjUwREREMjhFMDJGRDZFNjk2NkQ1OTE4RDFC
MEJCRjQ2ODRFODAeFw0yNTEwMTYwODU3MTVaFw0zMDEwMTYwODU3MTVaMBgxFjAU
BgNVBAMTDTY4ZjBiMzc1LWY2OGQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDSC4kgfwERCfNuym0kg3UpS4InAqj6MK0Y3UCQegwBEWNZh5i1YDgWoIMi
VvO/JhnlyTXne5I5Z+f+lfFw/j0XI5saHQzAZc3nTFbnbgLu2wIQwdlfqF5HtVCM
aILdtKZhdy8dOE6iKAbPJeKjxD23/RtTppYvBuPP2Ys8bhPawvENskq81CHh6V2E
ctArhaCGx/5E6b7poaSMuep/SigaLdZZNtNmE2dBZhCBDBnaEhgClfQmnBz4hnAZ
NrzD1CaAZ5QWQnwYt7EZ5Z2gH28nykAkJEm+dSR4m6UsDB2HJ8DnZVwkJ2ZR9bFb
tgcRiuUnDaYFVF2MsHZZP6SsuhQvAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUXode
U2hQ0v2GsfC/rmF5Hard3xAwHwYDVR0jBBgwFoAU4V9Q3dKOAv1uaWbVkY0bC79G
hOgwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkMzQTU4LzFCNzhDNjBDQThCRjExRUVCQjNDQTg1NTc3NTQxMkU2LzRWOVEz
ZEtPQXYxdWFXYlZrWTBiQzc5R2hPZy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljLzRWOVEzZEtPQXYxdWFXYlZrWTBiQzc5R2hPZy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkMzQTU4LzFCNzhDNjBDQThCRjExRUVCQjNDQTg1NTc3
NTQxMkU2LzIyNTc5MjVDQUE2RTExRjBBNkY3NkI5MERBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABm3I4wDQYJKoZIhvcNAQEL
BQADggEBAB74/SYSgG0HfS+ym/wUA/PY3UyY0r305IChK6pC/3xFZUaCWRmWIY1h
5R5oXYZnXvYNS41xEzoB3PibkHaynl0jXiIrGaD3s1Odqg4dVcqAj/H5Bl4IKvfT
tMqDbUnPpkgF45gjR+Kz5uteVp08JR+9XE2sFK7psF3lCa0Q9EA0H5Age9t4DwDR
K72I6CREavbMms6s94Oek1aJvkXjcf9jGMCpUx83EOclt1mJIIFDQN/Zi8qQh2Sc
Kwi6pOLZXuXosoUxISS4cPknZJW0a++ZSsXTke58L1Y1e9LuGlYRzri56eYdfUg2
KBophfQRg4IhR+pM5q9B+0iPxMD6j4Q=
-----END CERTIFICATE-----
Generated at Mon Oct 20 15:28:14 2025 by rpki-client