Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/853BAF74A5E211F0B47237D9DAE4EC9C.roa
File: 853BAF74A5E211F0B47237D9DAE4EC9C.roa (raw, json)
Hash identifier: iqNT7YkPZuKJvvPCrooK4PR2p0x9LPqkj1k/OJ6r47w=
Subject key identifier: E0:FE:33:48:C4:DA:45:AA:0D:4A:95:97:C7:4B:B4:DF:18:9C:CE:8F
Certificate issuer: /CN=F36C58D6AF/serialNumber=48A2F2C4AA4AEA39BE46BFE5F99C92629BBED8FC
Certificate serial: 162A
Authority key identifier: 48:A2:F2:C4:AA:4A:EA:39:BE:46:BF:E5:F9:9C:92:62:9B:BE:D8:FC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/853BAF74A5E211F0B47237D9DAE4EC9C.roa
Signing time: Fri 10 Oct 2025 14:07:57 +0000
ROA not before: Fri 10 Oct 2025 14:07:52 +0000
ROA not after: Sun 10 Oct 2027 14:07:52 +0000
asID: 397630
IP address blocks: 102.129.160.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.crl
rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.mft
rsync://rpki.afrinic.net/repository/afrinic/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5674 (0x162a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36C58D6AF, serialNumber=48A2F2C4AA4AEA39BE46BFE5F99C92629BBED8FC
Validity
Not Before: Oct 10 14:07:52 2025 GMT
Not After : Oct 10 14:07:52 2027 GMT
Subject: CN=68e9133d-aca2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:ff:b7:12:9f:5a:1a:a5:3a:6a:ce:c1:59:45:
f1:90:be:ff:83:6e:6a:a9:e6:f6:c8:ce:87:50:6d:
58:cb:93:ea:da:57:36:1f:aa:3b:7d:dd:ce:3a:bd:
35:98:25:75:4d:d5:99:66:a9:70:c3:24:1b:02:c7:
26:cf:e3:7d:e9:bf:82:7c:8f:5b:13:18:91:0b:4a:
57:90:86:e9:2d:6a:b3:cf:41:d7:d3:a8:f0:24:2a:
56:1e:3a:cd:d7:58:95:a0:ff:08:26:dc:b1:44:98:
81:9c:19:d4:da:c7:ae:a5:27:87:22:92:d2:65:bb:
b8:b6:ac:49:bb:45:72:94:1b:cc:28:c8:42:20:bf:
aa:15:10:8a:60:24:83:f4:6e:0c:b3:e4:1b:9f:a8:
69:ea:e8:6e:78:63:fb:72:28:0e:0b:63:b2:43:b3:
16:ef:c8:c8:ae:97:35:00:62:51:8f:c2:89:78:1b:
c7:66:e9:d5:45:9c:97:cd:23:c1:dc:cc:bc:f8:c6:
fd:2e:aa:b0:6f:ed:00:e4:d3:00:ea:c2:23:c1:95:
fd:2b:8d:37:41:7f:6a:f6:a2:1f:2b:c6:e0:b7:92:
12:53:f8:c9:68:ef:3a:83:11:02:9b:7c:2d:4d:9f:
28:f9:60:7e:60:d1:3c:0e:7c:4c:01:11:e1:d3:07:
18:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:FE:33:48:C4:DA:45:AA:0D:4A:95:97:C7:4B:B4:DF:18:9C:CE:8F
X509v3 Authority Key Identifier:
keyid:48:A2:F2:C4:AA:4A:EA:39:BE:46:BF:E5:F9:9C:92:62:9B:BE:D8:FC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/853BAF74A5E211F0B47237D9DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.129.160.0/24
Signature Algorithm: sha256WithRSAEncryption
c5:51:39:e0:f7:8d:bf:35:72:1b:60:9e:62:d7:24:75:e1:a7:
a7:76:d9:96:5a:8b:02:ff:ce:45:e8:95:6d:22:e4:48:1e:e7:
2a:11:9f:19:39:2e:9d:d1:7f:ae:2d:e2:e2:2f:cc:16:fa:c6:
35:90:c2:dc:fa:66:1e:3e:4b:13:79:09:fb:31:24:9a:0f:1e:
5d:32:b7:33:18:57:b6:41:b5:1f:3c:df:ee:1b:73:60:1c:93:
2b:38:30:8f:3d:de:73:8d:ea:87:e2:7b:e3:14:92:e2:b8:38:
95:a8:71:b6:49:77:c7:ef:8b:5c:2c:a7:05:cd:75:8a:90:99:
42:c6:4d:a9:12:4f:37:56:3e:28:1b:d9:e2:2f:64:00:74:7b:
00:55:33:0f:46:fb:a9:e4:95:2f:56:33:e9:67:c0:4a:64:25:
0e:78:19:f9:1f:0a:eb:18:b2:63:78:16:a1:91:6e:fa:49:1a:
f4:6c:3a:73:17:eb:bc:d8:e9:ff:4f:02:67:14:95:38:ae:1c:
ba:e0:cb:5d:bb:20:d1:aa:82:f5:64:d1:f1:24:17:98:7d:c7:
99:11:cc:c4:de:66:d9:6b:9c:77:a9:b1:bb:ac:87:a7:e7:ed:
fb:09:af:d9:31:6a:63:ea:2d:38:d6:04:ea:be:31:c5:2f:f0:
18:62:0a:c3
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICFiowDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
QzU4RDZBRjExMC8GA1UEBRMoNDhBMkYyQzRBQTRBRUEzOUJFNDZCRkU1Rjk5Qzky
NjI5QkJFRDhGQzAeFw0yNTEwMTAxNDA3NTJaFw0yNzEwMTAxNDA3NTJaMBgxFjAU
BgNVBAMTDTY4ZTkxMzNkLWFjYTIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDX/7cSn1oapTpqzsFZRfGQvv+Dbmqp5vbIzodQbVjLk+raVzYfqjt93c46
vTWYJXVN1ZlmqXDDJBsCxybP433pv4J8j1sTGJELSleQhuktarPPQdfTqPAkKlYe
Os3XWJWg/wgm3LFEmIGcGdTax66lJ4ciktJlu7i2rEm7RXKUG8woyEIgv6oVEIpg
JIP0bgyz5BufqGnq6G54Y/tyKA4LY7JDsxbvyMiulzUAYlGPwol4G8dm6dVFnJfN
I8HczLz4xv0uqrBv7QDk0wDqwiPBlf0rjTdBf2r2oh8rxuC3khJT+Mlo7zqDEQKb
fC1Nnyj5YH5g0TwOfEwBEeHTBxiXAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQU4P4z
SMTaRaoNSpWXx0u03xiczo8wHwYDVR0jBBgwFoAUSKLyxKpK6jm+Rr/l+ZySYpu+
2PwwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkM1OEQ2L0Q2OUE0REZFNzMxNjExRTk5MTMzMDM3Q0Y4QUVBMjI4L1NLTHl4
S3BLNmptLVJyX2wtWnlTWXB1LTJQdy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL1NLTHl4S3BLNmptLVJyX2wtWnlTWXB1LTJQdy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkM1OEQ2L0Q2OUE0REZFNzMxNjExRTk5MTMzMDM3Q0Y4
QUVBMjI4Lzg1M0JBRjc0QTVFMjExRjBCNDcyMzdEOURBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABmgaAwDQYJKoZIhvcNAQEL
BQADggEBAMVROeD3jb81chtgnmLXJHXhp6d22ZZaiwL/zkXolW0i5Ege5yoRnxk5
Lp3Rf64t4uIvzBb6xjWQwtz6Zh4+SxN5CfsxJJoPHl0ytzMYV7ZBtR883+4bc2Ac
kys4MI893nON6ofie+MUkuK4OJWocbZJd8fvi1wspwXNdYqQmULGTakSTzdWPigb
2eIvZAB0ewBVMw9G+6nklS9WM+lnwEpkJQ54GfkfCusYsmN4FqGRbvpJGvRsOnMX
67zY6f9PAmcUlTiuHLrgy127INGqgvVk0fEkF5h9x5kRzMTeZtlrnHepsbush6fn
7fsJr9kxamPqLTjWBOq+McUv8BhiCsM=
-----END CERTIFICATE-----
Generated at Sun Oct 19 22:22:28 2025 by rpki-client