Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36C3A58/1B78C60CA8BF11EEBB3CA855775412E6/963E345AAA6E11F092CBEA92DAE4EC9C.roa
File: 963E345AAA6E11F092CBEA92DAE4EC9C.roa (raw, json)
Hash identifier: pST0iqM1LIDeTWfpvZG5M6dsTHwi1B1szH8dsYd3DBU=
Subject key identifier: 22:02:5C:0A:45:FD:8A:99:4D:4F:62:6E:F9:C7:2F:4E:BA:B2:77:E4
Certificate issuer: /CN=F36C3A58AF/serialNumber=E15F50DDD28E02FD6E6966D5918D1B0BBF4684E8
Certificate serial: 02C2
Authority key identifier: E1:5F:50:DD:D2:8E:02:FD:6E:69:66:D5:91:8D:1B:0B:BF:46:84:E8
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/4V9Q3dKOAv1uaWbVkY0bC79GhOg.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36C3A58/1B78C60CA8BF11EEBB3CA855775412E6/963E345AAA6E11F092CBEA92DAE4EC9C.roa
Signing time: Thu 16 Oct 2025 09:00:40 +0000
ROA not before: Thu 16 Oct 2025 09:00:35 +0000
ROA not after: Wed 16 Oct 2030 09:00:35 +0000
asID: 327921
IP address blocks: 102.220.141.0/24 maxlen: 24
102.220.143.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36C3A58/1B78C60CA8BF11EEBB3CA855775412E6/4V9Q3dKOAv1uaWbVkY0bC79GhOg.crl
rsync://rpki.afrinic.net/repository/member_repository/F36C3A58/1B78C60CA8BF11EEBB3CA855775412E6/4V9Q3dKOAv1uaWbVkY0bC79GhOg.mft
rsync://rpki.afrinic.net/repository/afrinic/4V9Q3dKOAv1uaWbVkY0bC79GhOg.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 22 Oct 2025 00:06:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 706 (0x2c2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36C3A58AF, serialNumber=E15F50DDD28E02FD6E6966D5918D1B0BBF4684E8
Validity
Not Before: Oct 16 09:00:35 2025 GMT
Not After : Oct 16 09:00:35 2030 GMT
Subject: CN=68f0b437-8a6d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fb:98:ce:a7:75:a9:3c:f5:6d:e1:dc:ab:77:43:
f2:95:92:03:d1:e1:0c:77:5f:2d:a7:e1:37:b2:f9:
47:98:c5:f2:94:d3:9e:e9:ee:c2:72:8b:5a:8c:c8:
c5:b6:15:98:52:5f:8c:9f:91:c1:f2:81:c1:0e:d2:
54:f7:9c:52:00:23:32:cb:9a:a8:ff:76:62:46:f1:
0a:61:ea:53:e3:dc:6b:64:6d:b6:ca:90:e8:99:c7:
d0:d3:5e:66:9f:0d:dc:42:bb:84:03:67:cf:db:e7:
5b:25:b1:73:a5:60:c6:66:ec:72:25:c4:c5:de:c7:
03:21:79:82:95:63:6a:7e:19:ec:8f:26:61:24:0c:
da:0f:14:2d:a3:e3:e9:fc:71:ef:b5:b9:20:80:5e:
af:68:a4:8a:95:e9:29:a4:b7:aa:33:79:a6:60:48:
16:7e:67:5f:66:97:a9:1b:62:c6:de:2c:03:eb:10:
55:af:8b:67:8c:cd:5c:d6:09:4d:dd:d6:96:58:53:
82:6a:ac:07:f6:0e:97:78:f1:f2:8c:c6:0c:32:9b:
7d:99:d5:80:0f:51:47:9a:db:ae:70:2a:07:f4:9b:
23:7f:e1:e7:a5:d7:c9:e1:25:9b:9f:ee:c1:0e:78:
c2:ca:4f:db:9c:82:2b:f0:56:84:12:93:4f:8b:12:
f4:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:02:5C:0A:45:FD:8A:99:4D:4F:62:6E:F9:C7:2F:4E:BA:B2:77:E4
X509v3 Authority Key Identifier:
keyid:E1:5F:50:DD:D2:8E:02:FD:6E:69:66:D5:91:8D:1B:0B:BF:46:84:E8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36C3A58/1B78C60CA8BF11EEBB3CA855775412E6/4V9Q3dKOAv1uaWbVkY0bC79GhOg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/4V9Q3dKOAv1uaWbVkY0bC79GhOg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36C3A58/1B78C60CA8BF11EEBB3CA855775412E6/963E345AAA6E11F092CBEA92DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.220.141.0/24
102.220.143.0/24
Signature Algorithm: sha256WithRSAEncryption
96:95:a2:4c:be:73:af:35:b1:8c:ca:c4:1a:cf:d5:5f:fc:e4:
7d:a0:38:34:02:0a:98:aa:0c:f0:51:9a:aa:59:ea:a8:53:b9:
6c:6e:62:52:05:d8:dc:57:64:90:52:11:47:d7:0b:b9:8e:ac:
49:a6:5a:99:a8:f2:41:8b:5e:1b:cb:a4:92:c1:41:71:6e:4a:
26:af:b3:e4:06:6a:c6:0c:bd:75:d9:b8:f0:03:41:37:15:2b:
cc:14:af:df:4c:e0:7f:4e:2a:b3:20:8c:29:a6:2a:e3:c9:b8:
d1:34:30:d2:83:69:7e:06:2b:51:f5:e9:e0:da:b0:4d:ef:70:
2e:8e:e3:f4:92:64:e6:46:93:87:53:be:c7:6f:d3:d1:f8:4b:
8b:a7:e1:c8:5b:93:a3:8c:50:64:b7:5d:fb:42:34:23:d4:ca:
66:51:62:00:88:82:77:46:09:a0:f8:8f:48:2d:94:b3:f2:4f:
32:6a:b8:81:c4:df:85:85:63:01:85:0a:ff:31:64:57:70:04:
11:0c:96:29:0f:17:4e:99:c4:52:d6:a6:13:8a:1e:4a:9e:58:
8a:7a:17:28:d1:56:ec:23:d2:ff:58:1f:8a:dd:b8:ba:5f:a7:
2e:32:40:eb:58:54:05:16:7f:8b:1f:be:3c:6a:96:ea:80:2e:
c0:28:73:5c
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgICAsIwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
QzNBNThBRjExMC8GA1UEBRMoRTE1RjUwREREMjhFMDJGRDZFNjk2NkQ1OTE4RDFC
MEJCRjQ2ODRFODAeFw0yNTEwMTYwOTAwMzVaFw0zMDEwMTYwOTAwMzVaMBgxFjAU
BgNVBAMTDTY4ZjBiNDM3LThhNmQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQD7mM6ndak89W3h3Kt3Q/KVkgPR4Qx3Xy2n4Tey+UeYxfKU057p7sJyi1qM
yMW2FZhSX4yfkcHygcEO0lT3nFIAIzLLmqj/dmJG8Qph6lPj3GtkbbbKkOiZx9DT
XmafDdxCu4QDZ8/b51slsXOlYMZm7HIlxMXexwMheYKVY2p+GeyPJmEkDNoPFC2j
4+n8ce+1uSCAXq9opIqV6Smkt6ozeaZgSBZ+Z19ml6kbYsbeLAPrEFWvi2eMzVzW
CU3d1pZYU4JqrAf2Dpd48fKMxgwym32Z1YAPUUea265wKgf0myN/4eel18nhJZuf
7sEOeMLKT9ucgivwVoQSk0+LEvTFAgMBAAGjggKrMIICpzAdBgNVHQ4EFgQUIgJc
CkX9iplNT2Ju+ccvTrqyd+QwHwYDVR0jBBgwFoAU4V9Q3dKOAv1uaWbVkY0bC79G
hOgwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkMzQTU4LzFCNzhDNjBDQThCRjExRUVCQjNDQTg1NTc3NTQxMkU2LzRWOVEz
ZEtPQXYxdWFXYlZrWTBiQzc5R2hPZy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljLzRWOVEzZEtPQXYxdWFXYlZrWTBiQzc5R2hPZy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkMzQTU4LzFCNzhDNjBDQThCRjExRUVCQjNDQTg1NTc3
NTQxMkU2Lzk2M0UzNDVBQUE2RTExRjA5MkNCRUE5MkRBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBABm3I0DBABm3I8wDQYJKoZI
hvcNAQELBQADggEBAJaVoky+c681sYzKxBrP1V/85H2gODQCCpiqDPBRmqpZ6qhT
uWxuYlIF2NxXZJBSEUfXC7mOrEmmWpmo8kGLXhvLpJLBQXFuSiavs+QGasYMvXXZ
uPADQTcVK8wUr99M4H9OKrMgjCmmKuPJuNE0MNKDaX4GK1H16eDasE3vcC6O4/SS
ZOZGk4dTvsdv09H4S4un4chbk6OMUGS3XftCNCPUymZRYgCIgndGCaD4j0gtlLPy
TzJquIHE34WFYwGFCv8xZFdwBBEMlikPF06ZxFLWphOKHkqeWIp6FyjRVuwj0v9Y
H4rduLpfpy4yQOtYVAUWf4sfvjxqluqALsAoc1w=
-----END CERTIFICATE-----
Generated at Mon Oct 20 19:21:18 2025 by rpki-client