Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/A0125E32774E11F0A0C6B67EDAE4EC9C.roa
File: A0125E32774E11F0A0C6B67EDAE4EC9C.roa (raw, json)
Hash identifier: EvuxZKFSVuDEXSiAZ1Az/aTs6fSPSNueXq+p+t0YiBs=
Subject key identifier: 5F:D5:9F:A6:10:A5:13:75:44:3D:32:81:D8:97:EC:36:D3:BC:3F:84
Certificate issuer: /CN=F36C58D6AF/serialNumber=48A2F2C4AA4AEA39BE46BFE5F99C92629BBED8FC
Certificate serial: 157F
Authority key identifier: 48:A2:F2:C4:AA:4A:EA:39:BE:46:BF:E5:F9:9C:92:62:9B:BE:D8:FC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/A0125E32774E11F0A0C6B67EDAE4EC9C.roa
Signing time: Tue 12 Aug 2025 07:33:23 +0000
ROA not before: Tue 12 Aug 2025 07:33:18 +0000
ROA not after: Thu 12 Aug 2027 07:33:18 +0000
asID: 32181
IP address blocks: 102.129.172.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.crl
rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.mft
rsync://rpki.afrinic.net/repository/afrinic/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 25 Aug 2025 00:06:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5503 (0x157f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36C58D6AF, serialNumber=48A2F2C4AA4AEA39BE46BFE5F99C92629BBED8FC
Validity
Not Before: Aug 12 07:33:18 2025 GMT
Not After : Aug 12 07:33:18 2027 GMT
Subject: CN=689aee43-c86d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:a1:7d:4f:1d:1c:59:67:20:1d:3c:de:99:07:
00:a7:60:7c:df:2e:bf:77:05:5e:60:df:98:ab:60:
ca:e0:a2:e7:53:ca:c1:cf:7a:95:c6:3c:35:dd:34:
70:87:0d:79:c4:20:67:da:f4:b4:66:d6:e6:9b:f6:
77:b9:af:40:eb:93:3e:39:59:25:a2:bf:21:8f:be:
0e:9a:48:68:dd:df:2c:ff:00:b5:9b:bb:3f:10:7e:
7c:33:7e:f7:d3:a5:94:a4:ab:4c:0a:37:1b:43:4d:
32:8a:4d:04:4e:0d:d6:8c:8e:83:ac:37:2c:98:16:
ce:bd:1b:93:39:6c:94:fa:a1:97:9e:0b:cb:c8:08:
76:ef:4e:26:4a:6e:fc:ed:eb:de:27:a6:c8:6e:d9:
a5:62:ce:ec:ff:fb:9c:5a:f7:25:e2:a7:3e:9b:a4:
c4:ed:66:79:7d:4a:97:c5:75:30:14:cd:8f:37:d1:
26:9e:62:c8:c9:08:34:d4:20:de:08:76:a7:2a:56:
b2:e2:bc:7d:11:96:47:7b:95:33:6d:4a:08:71:f2:
f8:c0:74:26:0d:e1:7e:54:f8:0b:de:3b:0a:61:86:
26:ab:1d:8c:d4:dd:48:ce:30:91:84:02:d0:10:8e:
be:0c:12:a4:a7:ae:14:6d:a5:57:e0:40:97:13:c2:
93:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:D5:9F:A6:10:A5:13:75:44:3D:32:81:D8:97:EC:36:D3:BC:3F:84
X509v3 Authority Key Identifier:
keyid:48:A2:F2:C4:AA:4A:EA:39:BE:46:BF:E5:F9:9C:92:62:9B:BE:D8:FC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/A0125E32774E11F0A0C6B67EDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.129.172.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:3b:86:14:52:46:fd:eb:96:a3:c3:56:61:9a:bd:f2:e2:68:
64:4f:e9:02:98:0a:39:0c:02:b5:69:98:09:48:36:fd:b4:e3:
d6:80:de:e9:17:59:65:a2:9b:7e:71:4a:02:98:06:ce:fc:19:
62:59:be:7b:85:0f:9d:62:24:c2:1d:88:ea:cc:2c:f8:ba:d7:
7e:8a:eb:af:95:81:62:91:49:05:a0:de:40:71:2a:4e:bf:d6:
6c:36:8c:89:86:30:b3:2b:1c:19:89:b8:75:be:ce:4f:3e:a9:
54:63:cc:12:40:b7:be:5b:1f:13:05:a1:a2:d4:c3:e3:4a:cf:
01:8a:7a:6c:42:96:fc:7b:2c:7f:fc:2e:a5:a0:e8:47:35:cb:
95:91:cc:50:d6:36:c6:e9:68:3b:b3:e0:6c:7f:b3:d0:72:01:
11:fc:93:2f:b5:c4:f4:a3:ea:a8:f8:b7:a0:69:52:f3:76:2d:
5c:89:4e:93:60:c6:16:b3:91:df:a5:9c:5b:50:34:6d:1a:2d:
f2:da:31:e0:ea:15:c7:53:05:ea:f9:0b:94:20:50:e4:48:9a:
83:25:08:e0:cd:be:17:e1:21:d9:32:cf:3d:1c:12:ba:be:43:
de:e8:64:f4:9c:13:8b:3b:08:14:9d:ac:61:be:ab:15:8f:8f:
03:59:ed:bd
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICFX8wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
QzU4RDZBRjExMC8GA1UEBRMoNDhBMkYyQzRBQTRBRUEzOUJFNDZCRkU1Rjk5Qzky
NjI5QkJFRDhGQzAeFw0yNTA4MTIwNzMzMThaFw0yNzA4MTIwNzMzMThaMBgxFjAU
BgNVBAMTDTY4OWFlZTQzLWM4NmQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC+oX1PHRxZZyAdPN6ZBwCnYHzfLr93BV5g35irYMrgoudTysHPepXGPDXd
NHCHDXnEIGfa9LRm1uab9ne5r0Drkz45WSWivyGPvg6aSGjd3yz/ALWbuz8Qfnwz
fvfTpZSkq0wKNxtDTTKKTQRODdaMjoOsNyyYFs69G5M5bJT6oZeeC8vICHbvTiZK
bvzt694npshu2aVizuz/+5xa9yXipz6bpMTtZnl9SpfFdTAUzY830SaeYsjJCDTU
IN4IdqcqVrLivH0Rlkd7lTNtSghx8vjAdCYN4X5U+AveOwphhiarHYzU3UjOMJGE
AtAQjr4MEqSnrhRtpVfgQJcTwpPxAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUX9Wf
phClE3VEPTKB2JfsNtO8P4QwHwYDVR0jBBgwFoAUSKLyxKpK6jm+Rr/l+ZySYpu+
2PwwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkM1OEQ2L0Q2OUE0REZFNzMxNjExRTk5MTMzMDM3Q0Y4QUVBMjI4L1NLTHl4
S3BLNmptLVJyX2wtWnlTWXB1LTJQdy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL1NLTHl4S3BLNmptLVJyX2wtWnlTWXB1LTJQdy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkM1OEQ2L0Q2OUE0REZFNzMxNjExRTk5MTMzMDM3Q0Y4
QUVBMjI4L0EwMTI1RTMyNzc0RTExRjBBMEM2QjY3RURBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABmgawwDQYJKoZIhvcNAQEL
BQADggEBAH07hhRSRv3rlqPDVmGavfLiaGRP6QKYCjkMArVpmAlINv2049aA3ukX
WWWim35xSgKYBs78GWJZvnuFD51iJMIdiOrMLPi6136K66+VgWKRSQWg3kBxKk6/
1mw2jImGMLMrHBmJuHW+zk8+qVRjzBJAt75bHxMFoaLUw+NKzwGKemxClvx7LH/8
LqWg6Ec1y5WRzFDWNsbpaDuz4Gx/s9ByARH8ky+1xPSj6qj4t6BpUvN2LVyJTpNg
xhazkd+lnFtQNG0aLfLaMeDqFcdTBer5C5QgUORImoMlCODNvhfhIdkyzz0cErq+
Q97oZPScE4s7CBSdrGG+qxWPjwNZ7b0=
-----END CERTIFICATE-----
Generated at Sat Aug 23 16:28:12 2025 by rpki-client