Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/FB650A38A9CA11F093A8E195DAE4EC9C.roa
File: FB650A38A9CA11F093A8E195DAE4EC9C.roa (raw, json)
Hash identifier: 9XzP2GJstO8IM5EfaOPCOOBy+9KhpMBYNn2gDo8ijfo=
Subject key identifier: A3:C9:C1:B5:53:85:A7:43:E1:D8:27:4B:3F:AE:66:EA:F4:43:92:8A
Certificate issuer: /CN=F36C58D6AF/serialNumber=48A2F2C4AA4AEA39BE46BFE5F99C92629BBED8FC
Certificate serial: 163B
Authority key identifier: 48:A2:F2:C4:AA:4A:EA:39:BE:46:BF:E5:F9:9C:92:62:9B:BE:D8:FC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/FB650A38A9CA11F093A8E195DAE4EC9C.roa
Signing time: Wed 15 Oct 2025 13:29:32 +0000
ROA not before: Wed 15 Oct 2025 13:29:27 +0000
ROA not after: Thu 15 Oct 2026 13:29:27 +0000
asID: 14618
IP address blocks: 102.165.9.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.crl
rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.mft
rsync://rpki.afrinic.net/repository/afrinic/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 22 Oct 2025 00:06:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5691 (0x163b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36C58D6AF, serialNumber=48A2F2C4AA4AEA39BE46BFE5F99C92629BBED8FC
Validity
Not Before: Oct 15 13:29:27 2025 GMT
Not After : Oct 15 13:29:27 2026 GMT
Subject: CN=68efa1bc-4ebb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:e4:c0:2e:95:ab:47:88:48:03:95:21:70:28:
21:85:33:d1:be:68:06:aa:57:44:06:17:21:9b:fa:
bf:a4:47:6a:a8:22:9d:e9:b0:5c:85:72:00:37:5f:
03:cf:59:a7:f6:6b:de:54:be:b7:91:60:07:8b:43:
79:c4:21:16:95:61:3a:97:59:87:81:e4:d2:c1:80:
18:f4:27:a3:fa:fa:f7:35:65:92:2e:b0:ea:61:4b:
23:06:76:14:57:c0:b6:40:fa:42:52:4f:3c:60:6e:
02:cb:05:19:fc:d4:1b:5b:c7:db:b7:2a:8c:61:a5:
24:1a:45:b1:c1:19:4c:8e:7f:1f:9e:8b:cc:17:74:
29:ca:46:ae:2e:f6:4a:92:03:1b:23:28:79:62:60:
e1:f2:f2:51:1f:50:0c:f4:9d:ba:b6:f6:a9:83:7f:
90:fd:2d:31:6f:36:be:bd:82:4b:54:44:3d:21:0a:
df:41:86:a0:14:65:29:e8:b3:08:18:ab:58:bd:6e:
b7:be:01:6f:1f:c4:68:cf:12:3f:d1:e5:b9:e3:45:
3f:f6:b2:3d:4b:48:f1:04:9a:1f:b5:d2:91:30:38:
e6:c9:d1:33:dc:43:8c:94:95:ed:b5:14:4e:e5:93:
9e:ad:bd:4d:bc:c0:a8:2e:70:3d:63:70:7c:fb:d4:
51:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:C9:C1:B5:53:85:A7:43:E1:D8:27:4B:3F:AE:66:EA:F4:43:92:8A
X509v3 Authority Key Identifier:
keyid:48:A2:F2:C4:AA:4A:EA:39:BE:46:BF:E5:F9:9C:92:62:9B:BE:D8:FC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/FB650A38A9CA11F093A8E195DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.165.9.0/24
Signature Algorithm: sha256WithRSAEncryption
d3:1d:9a:f2:ea:ce:ad:c9:fa:13:00:11:29:60:17:14:75:78:
92:a2:fa:3a:da:95:59:9f:e5:92:28:1d:38:34:6d:3c:85:8e:
e9:41:6d:b9:66:c0:5e:fe:db:02:2c:9d:54:16:07:88:e6:89:
47:eb:d4:66:3a:de:78:ae:b1:f1:f0:72:65:89:91:bf:c4:a3:
c5:e1:5b:57:e5:c6:b5:6c:3a:fb:14:fb:dd:e9:1c:b3:14:80:
7f:84:f0:4d:e7:f4:4e:ff:9f:11:f7:01:a9:a4:7f:a1:da:73:
f0:a1:28:46:59:c2:6c:00:75:3a:94:de:6b:db:82:d1:67:94:
cc:cd:63:f9:b9:b6:93:cd:c0:cb:f7:19:9f:2a:64:ee:66:84:
0c:db:15:b6:54:a0:31:d7:2e:42:6a:d4:af:fb:e9:33:67:90:
a9:bd:c8:4f:89:9b:fd:3f:6c:03:9d:1b:18:a3:e9:f6:84:ec:
f9:ef:44:ff:cc:43:5b:b4:b7:9e:cc:34:09:65:06:54:02:cc:
40:2c:01:c9:bc:7b:93:1d:b9:c4:1c:e7:98:18:96:57:af:2a:
3d:29:b2:29:ab:0d:72:96:b7:11:b6:3d:d5:39:3d:36:5e:cf:
92:49:c7:d9:83:b0:39:5c:07:7c:f9:bc:2a:50:34:5b:d1:7a:
51:f2:97:65
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICFjswDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
QzU4RDZBRjExMC8GA1UEBRMoNDhBMkYyQzRBQTRBRUEzOUJFNDZCRkU1Rjk5Qzky
NjI5QkJFRDhGQzAeFw0yNTEwMTUxMzI5MjdaFw0yNjEwMTUxMzI5MjdaMBgxFjAU
BgNVBAMTDTY4ZWZhMWJjLTRlYmIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDK5MAulatHiEgDlSFwKCGFM9G+aAaqV0QGFyGb+r+kR2qoIp3psFyFcgA3
XwPPWaf2a95UvreRYAeLQ3nEIRaVYTqXWYeB5NLBgBj0J6P6+vc1ZZIusOphSyMG
dhRXwLZA+kJSTzxgbgLLBRn81Btbx9u3KoxhpSQaRbHBGUyOfx+ei8wXdCnKRq4u
9kqSAxsjKHliYOHy8lEfUAz0nbq29qmDf5D9LTFvNr69gktURD0hCt9BhqAUZSno
swgYq1i9bre+AW8fxGjPEj/R5bnjRT/2sj1LSPEEmh+10pEwOObJ0TPcQ4yUle21
FE7lk56tvU28wKgucD1jcHz71FFxAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUo8nB
tVOFp0Ph2CdLP65m6vRDkoowHwYDVR0jBBgwFoAUSKLyxKpK6jm+Rr/l+ZySYpu+
2PwwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkM1OEQ2L0Q2OUE0REZFNzMxNjExRTk5MTMzMDM3Q0Y4QUVBMjI4L1NLTHl4
S3BLNmptLVJyX2wtWnlTWXB1LTJQdy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL1NLTHl4S3BLNmptLVJyX2wtWnlTWXB1LTJQdy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkM1OEQ2L0Q2OUE0REZFNzMxNjExRTk5MTMzMDM3Q0Y4
QUVBMjI4L0ZCNjUwQTM4QTlDQTExRjA5M0E4RTE5NURBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABmpQkwDQYJKoZIhvcNAQEL
BQADggEBANMdmvLqzq3J+hMAESlgFxR1eJKi+jralVmf5ZIoHTg0bTyFjulBbblm
wF7+2wIsnVQWB4jmiUfr1GY63niusfHwcmWJkb/Eo8XhW1flxrVsOvsU+93pHLMU
gH+E8E3n9E7/nxH3Aamkf6Hac/ChKEZZwmwAdTqU3mvbgtFnlMzNY/m5tpPNwMv3
GZ8qZO5mhAzbFbZUoDHXLkJq1K/76TNnkKm9yE+Jm/0/bAOdGxij6faE7PnvRP/M
Q1u0t57MNAllBlQCzEAsAcm8e5MducQc55gYllevKj0psimrDXKWtxG2PdU5PTZe
z5JJx9mDsDlcB3z5vCpQNFvRelHyl2U=
-----END CERTIFICATE-----
Generated at Mon Oct 20 03:15:12 2025 by rpki-client