Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36D76CC/9B9D51B47D1A11F0B83D97C5DAE4EC9C/CE11A3427D1B11F088F302CEDAE4EC9C.roa
File: CE11A3427D1B11F088F302CEDAE4EC9C.roa (raw, json)
Hash identifier: 55zfMjkH4eXmJBG2GElpYCwJFB3HBcKN4pz0TlsCQxw=
Subject key identifier: 3F:17:5E:8D:3D:7E:C3:61:4A:5B:91:B4:2D:76:39:01:22:3A:EF:4A
Certificate issuer: /CN=F36D76CCAF/serialNumber=54465E82196D62D7AC883FD6ED93E2A192A21A15
Certificate serial: 02
Authority key identifier: 54:46:5E:82:19:6D:62:D7:AC:88:3F:D6:ED:93:E2:A1:92:A2:1A:15
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/VEZeghltYtesiD_W7ZPioZKiGhU.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36D76CC/9B9D51B47D1A11F0B83D97C5DAE4EC9C/CE11A3427D1B11F088F302CEDAE4EC9C.roa
Signing time: Tue 19 Aug 2025 16:44:43 +0000
ROA not before: Tue 19 Aug 2025 16:44:38 +0000
ROA not after: Tue 21 Aug 2035 16:44:38 +0000
asID: 329451
IP address blocks: 102.208.180.0/22 maxlen: 32
2c0f:7a40::/32 maxlen: 128
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36D76CC/9B9D51B47D1A11F0B83D97C5DAE4EC9C/VEZeghltYtesiD_W7ZPioZKiGhU.crl
rsync://rpki.afrinic.net/repository/member_repository/F36D76CC/9B9D51B47D1A11F0B83D97C5DAE4EC9C/VEZeghltYtesiD_W7ZPioZKiGhU.mft
rsync://rpki.afrinic.net/repository/afrinic/VEZeghltYtesiD_W7ZPioZKiGhU.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 25 Aug 2025 00:06:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36D76CCAF, serialNumber=54465E82196D62D7AC883FD6ED93E2A192A21A15
Validity
Not Before: Aug 19 16:44:38 2025 GMT
Not After : Aug 21 16:44:38 2035 GMT
Subject: CN=68a4a9fb-2b64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:fb:ab:97:16:a2:6d:01:09:35:7a:79:e7:dd:
ad:6c:ed:be:c4:08:47:c1:83:66:5e:78:ac:95:b8:
fb:ec:ad:40:a6:e6:cd:4a:da:91:f8:0d:0e:2d:65:
1a:7f:81:97:bf:f8:47:dd:ec:cb:88:ab:34:3f:b0:
a0:69:96:1a:53:16:08:e9:17:7b:5a:1f:b3:ad:aa:
d8:81:1c:17:09:29:e3:b8:0f:a3:c7:5e:1f:22:dd:
8c:96:57:b7:b3:0b:6a:b6:e2:46:a4:be:21:a6:42:
ee:9c:bf:da:80:49:13:0d:5c:d7:64:34:b8:db:42:
13:88:fe:4a:8d:2a:ea:56:e2:f9:4b:58:0f:fb:f2:
c9:32:6d:a0:50:ad:bb:1b:41:34:4f:f5:e7:16:f7:
07:f2:f8:1d:e7:a2:fb:26:2f:86:a4:be:77:b0:24:
32:45:2b:c6:79:fa:e8:92:8a:78:9a:7b:b8:5f:e8:
2a:55:77:30:1c:0c:c6:a0:92:1c:56:f3:71:6b:08:
6e:5e:9b:92:36:bd:13:27:61:28:92:af:d5:a3:68:
f3:43:01:db:a1:c6:af:8a:32:b9:2f:d7:f7:d7:48:
af:16:d1:24:46:ce:d9:1e:1b:5d:b1:9a:40:5e:c5:
53:42:2e:98:95:81:52:b4:ab:9a:96:39:68:a9:cd:
90:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:17:5E:8D:3D:7E:C3:61:4A:5B:91:B4:2D:76:39:01:22:3A:EF:4A
X509v3 Authority Key Identifier:
keyid:54:46:5E:82:19:6D:62:D7:AC:88:3F:D6:ED:93:E2:A1:92:A2:1A:15
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36D76CC/9B9D51B47D1A11F0B83D97C5DAE4EC9C/VEZeghltYtesiD_W7ZPioZKiGhU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/VEZeghltYtesiD_W7ZPioZKiGhU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36D76CC/9B9D51B47D1A11F0B83D97C5DAE4EC9C/CE11A3427D1B11F088F302CEDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.208.180.0/22
IPv6:
2c0f:7a40::/32
Signature Algorithm: sha256WithRSAEncryption
5e:d5:49:89:a1:76:ef:17:2e:a5:16:3b:0d:f6:6d:53:06:0e:
16:df:2b:5a:b6:23:8e:62:b1:8a:f2:8d:6e:1c:05:3c:7c:a3:
cb:5b:df:2b:db:e0:e1:17:d4:5d:3a:2a:80:d2:67:29:38:ab:
23:7d:db:dc:c1:bd:58:f5:9c:d1:80:fc:49:bc:dc:f5:9f:31:
95:c2:b1:3e:3f:19:e6:8c:cd:c4:25:99:84:11:52:c8:76:02:
fd:8e:44:3b:82:2d:77:05:71:ae:96:63:eb:e9:6f:03:b6:c9:
47:a2:32:0b:ee:f0:c1:ef:80:01:d0:b2:88:ee:39:f5:2a:47:
fc:99:ec:fd:5b:22:cd:4c:a3:ae:19:8d:1f:e3:3f:b7:4e:63:
49:b5:04:4a:04:c3:c5:c0:d0:6d:2e:2a:61:50:22:87:f8:1f:
3f:d8:0b:ae:b8:da:f5:6f:1b:a8:2b:c8:bc:13:17:49:f9:b9:
5a:46:1c:61:de:f2:19:eb:10:7d:9a:4f:16:f9:74:86:fa:e1:
52:7c:88:c7:5b:50:c2:79:5f:2d:91:0f:ba:7b:24:a1:96:25:
19:34:7c:6d:6e:eb:fb:a0:0a:9d:fa:b3:c8:4d:ac:01:13:81:
57:13:ce:47:35:cd:b2:1e:c5:ad:b3:1d:ee:6e:3f:6d:b9:41:
d5:a9:bc:00
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZE
NzZDQ0FGMTEwLwYDVQQFEyg1NDQ2NUU4MjE5NkQ2MkQ3QUM4ODNGRDZFRDkzRTJB
MTkyQTIxQTE1MB4XDTI1MDgxOTE2NDQzOFoXDTM1MDgyMTE2NDQzOFowGDEWMBQG
A1UEAxMNNjhhNGE5ZmItMmI2NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMj7q5cWom0BCTV6eefdrWztvsQIR8GDZl54rJW4++ytQKbmzUrakfgNDi1l
Gn+Bl7/4R93sy4irND+woGmWGlMWCOkXe1ofs62q2IEcFwkp47gPo8deHyLdjJZX
t7MLarbiRqS+IaZC7py/2oBJEw1c12Q0uNtCE4j+So0q6lbi+UtYD/vyyTJtoFCt
uxtBNE/15xb3B/L4Heei+yYvhqS+d7AkMkUrxnn66JKKeJp7uF/oKlV3MBwMxqCS
HFbzcWsIbl6bkja9EydhKJKv1aNo80MB26HGr4oyuS/X99dIrxbRJEbO2R4bXbGa
QF7FU0IumJWBUrSrmpY5aKnNkLcCAwEAAaOCArQwggKwMB0GA1UdDgQWBBQ/F16N
PX7DYUpbkbQtdjkBIjrvSjAfBgNVHSMEGDAWgBRURl6CGW1i16yIP9btk+KhkqIa
FTAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2RDc2Q0MvOUI5RDUxQjQ3RDFBMTFGMEI4M0Q5N0M1REFFNEVDOUMvVkVaZWdo
bHRZdGVzaURfVzdaUGlvWktpR2hVLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvVkVaZWdobHRZdGVzaURfVzdaUGlvWktpR2hVLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2RDc2Q0MvOUI5RDUxQjQ3RDFBMTFGMEI4M0Q5N0M1REFF
NEVDOUMvQ0UxMUEzNDI3RDFCMTFGMDg4RjMwMkNFREFFNEVDOUMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAmbQtDANBAIAAjAHAwUALA96
QDANBgkqhkiG9w0BAQsFAAOCAQEAXtVJiaF27xcupRY7DfZtUwYOFt8rWrYjjmKx
ivKNbhwFPHyjy1vfK9vg4RfUXToqgNJnKTirI33b3MG9WPWc0YD8Sbzc9Z8xlcKx
Pj8Z5ozNxCWZhBFSyHYC/Y5EO4ItdwVxrpZj6+lvA7bJR6IyC+7wwe+AAdCyiO45
9SpH/Jns/VsizUyjrhmNH+M/t05jSbUESgTDxcDQbS4qYVAih/gfP9gLrrja9W8b
qCvIvBMXSfm5WkYcYd7yGesQfZpPFvl0hvrhUnyIx1tQwnlfLZEPunskoZYlGTR8
bW7r+6AKnfqzyE2sAROBVxPORzXNsh7FrbMd7m4/bblB1am8AA==
-----END CERTIFICATE-----
Generated at Sat Aug 23 18:00:13 2025 by rpki-client