Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36DB560/8DC5FACE6EFF11F0B3F601D1DAE4EC9C/36A34100A71911F0A69F4CB4DAE4EC9C.roa
File: 36A34100A71911F0A69F4CB4DAE4EC9C.roa (raw, json)
Hash identifier: QKfK7l11b05pQefRS0a/vN3KNRRCGjDcx7/+8e1H4sA=
Subject key identifier: 3D:D6:99:08:E5:DC:58:4E:B8:24:74:38:79:42:19:4E:41:7C:9A:6D
Certificate issuer: /CN=F36DB560AF/serialNumber=F3FD08864FE415436C1EA108ED5ACFE90D4BB0DC
Certificate serial: 4C
Authority key identifier: F3:FD:08:86:4F:E4:15:43:6C:1E:A1:08:ED:5A:CF:E9:0D:4B:B0:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/8_0Ihk_kFUNsHqEI7VrP6Q1LsNw.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36DB560/8DC5FACE6EFF11F0B3F601D1DAE4EC9C/36A34100A71911F0A69F4CB4DAE4EC9C.roa
Signing time: Sun 12 Oct 2025 03:11:58 +0000
ROA not before: Sun 12 Oct 2025 03:11:54 +0000
ROA not after: Tue 31 Dec 2030 03:11:54 +0000
asID: 329528
IP address blocks: 102.206.10.0/24 maxlen: 24
102.206.11.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36DB560/8DC5FACE6EFF11F0B3F601D1DAE4EC9C/8_0Ihk_kFUNsHqEI7VrP6Q1LsNw.crl
rsync://rpki.afrinic.net/repository/member_repository/F36DB560/8DC5FACE6EFF11F0B3F601D1DAE4EC9C/8_0Ihk_kFUNsHqEI7VrP6Q1LsNw.mft
rsync://rpki.afrinic.net/repository/afrinic/8_0Ihk_kFUNsHqEI7VrP6Q1LsNw.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 22 Oct 2025 00:06:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 76 (0x4c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36DB560AF, serialNumber=F3FD08864FE415436C1EA108ED5ACFE90D4BB0DC
Validity
Not Before: Oct 12 03:11:54 2025 GMT
Not After : Dec 31 03:11:54 2030 GMT
Subject: CN=68eb1c7e-aefb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:99:73:5f:50:51:1e:56:0b:ae:d2:70:df:ae:
c1:e0:eb:0c:44:5a:e4:1c:7d:c5:6a:88:a2:3a:a2:
b7:9e:a4:26:79:75:68:3b:43:7b:28:e7:96:90:61:
c0:df:32:69:79:30:a8:74:e0:62:50:71:3e:e5:37:
fb:4d:63:fa:82:4b:f8:11:b2:e2:6f:fb:12:c3:49:
0c:c8:33:51:54:c4:ed:02:f0:da:e4:67:7e:b1:48:
19:b2:db:08:4b:15:34:25:c7:4e:75:4e:0e:b7:ea:
ab:87:38:8e:1f:22:bc:79:2c:96:54:dd:79:03:81:
a2:5e:0f:71:7a:37:cf:30:79:94:c3:dd:9a:76:8f:
9e:bf:00:80:a7:17:1f:18:e8:12:33:70:1c:41:b5:
4e:38:4c:d0:b4:f0:d7:79:0d:87:61:47:23:a2:d5:
d0:df:9f:c4:4e:a9:47:50:c8:56:cb:7d:4e:61:d9:
6b:aa:92:d2:12:4a:cd:f2:be:95:19:5b:9d:8c:05:
db:a1:14:18:34:09:2d:ce:fb:7a:91:6b:f9:d2:ff:
b4:ad:ca:e9:e7:18:7d:e8:7d:b0:b2:e2:bc:96:42:
dd:ae:01:1c:59:f2:28:ec:a2:9c:35:fa:5f:eb:b0:
24:2c:c6:4b:05:9e:b3:41:55:95:f9:ca:b5:bf:ad:
37:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:D6:99:08:E5:DC:58:4E:B8:24:74:38:79:42:19:4E:41:7C:9A:6D
X509v3 Authority Key Identifier:
keyid:F3:FD:08:86:4F:E4:15:43:6C:1E:A1:08:ED:5A:CF:E9:0D:4B:B0:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36DB560/8DC5FACE6EFF11F0B3F601D1DAE4EC9C/8_0Ihk_kFUNsHqEI7VrP6Q1LsNw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/8_0Ihk_kFUNsHqEI7VrP6Q1LsNw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36DB560/8DC5FACE6EFF11F0B3F601D1DAE4EC9C/36A34100A71911F0A69F4CB4DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.206.10.0/23
Signature Algorithm: sha256WithRSAEncryption
1f:55:76:28:69:28:eb:12:0d:45:4d:c2:ce:73:e1:c8:eb:7d:
0f:81:70:28:b1:dc:7e:8f:ff:0f:db:1e:93:bb:21:24:d5:fd:
76:65:04:75:8e:95:3b:03:e3:e8:b6:82:af:32:23:1e:0f:cd:
50:44:82:20:0f:ac:ae:b5:47:21:81:03:64:c4:0b:82:03:17:
58:67:95:64:77:bd:73:c2:b5:42:b5:8d:fe:b7:13:f2:fe:0c:
4f:09:1a:1f:93:5a:fa:0f:03:9d:54:9d:d6:59:8e:0c:7f:a7:
57:26:a1:78:3f:08:ba:81:a5:55:84:7f:e3:cc:b4:d1:bd:27:
d5:15:b0:46:11:78:d5:9d:51:e0:54:e4:32:08:db:d1:b1:80:
3d:3b:9a:fb:91:98:47:f4:98:e4:29:17:a6:94:28:f5:61:4c:
6a:f0:7c:50:38:11:36:ca:97:a9:10:6e:ec:f8:cf:fe:ed:18:
70:e8:76:1c:af:f0:7d:21:de:67:08:24:77:8c:69:c6:4e:df:
db:43:ee:d4:22:a9:1d:5a:74:cd:69:ba:03:34:81:e0:23:ed:
eb:a0:72:64:cf:33:a0:fe:59:1f:ef:ac:30:5a:54:3c:6f:34:
2c:45:68:b8:cf:ad:c2:66:ac:50:69:79:77:5b:33:76:8f:78:
6a:a9:4a:ab
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBTDANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZE
QjU2MEFGMTEwLwYDVQQFEyhGM0ZEMDg4NjRGRTQxNTQzNkMxRUExMDhFRDVBQ0ZF
OTBENEJCMERDMB4XDTI1MTAxMjAzMTE1NFoXDTMwMTIzMTAzMTE1NFowGDEWMBQG
A1UEAxMNNjhlYjFjN2UtYWVmYjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN2Zc19QUR5WC67ScN+uweDrDERa5Bx9xWqIojqit56kJnl1aDtDeyjnlpBh
wN8yaXkwqHTgYlBxPuU3+01j+oJL+BGy4m/7EsNJDMgzUVTE7QLw2uRnfrFIGbLb
CEsVNCXHTnVODrfqq4c4jh8ivHksllTdeQOBol4PcXo3zzB5lMPdmnaPnr8AgKcX
HxjoEjNwHEG1TjhM0LTw13kNh2FHI6LV0N+fxE6pR1DIVst9TmHZa6qS0hJKzfK+
lRlbnYwF26EUGDQJLc77epFr+dL/tK3K6ecYfeh9sLLivJZC3a4BHFnyKOyinDX6
X+uwJCzGSwWes0FVlfnKtb+tN9sCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBQ91pkI
5dxYTrgkdDh5QhlOQXyabTAfBgNVHSMEGDAWgBTz/QiGT+QVQ2weoQjtWs/pDUuw
3DAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2REI1NjAvOERDNUZBQ0U2RUZGMTFGMEIzRjYwMUQxREFFNEVDOUMvOF8wSWhr
X2tGVU5zSHFFSTdWclA2UTFMc053LmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvOF8wSWhrX2tGVU5zSHFFSTdWclA2UTFMc053LmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2REI1NjAvOERDNUZBQ0U2RUZGMTFGMEIzRjYwMUQxREFF
NEVDOUMvMzZBMzQxMDBBNzE5MTFGMEE2OUY0Q0I0REFFNEVDOUMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAWbOCjANBgkqhkiG9w0BAQsF
AAOCAQEAH1V2KGko6xINRU3CznPhyOt9D4FwKLHcfo//D9sek7shJNX9dmUEdY6V
OwPj6LaCrzIjHg/NUESCIA+srrVHIYEDZMQLggMXWGeVZHe9c8K1QrWN/rcT8v4M
TwkaH5Na+g8DnVSd1lmODH+nVyaheD8IuoGlVYR/48y00b0n1RWwRhF41Z1R4FTk
Mgjb0bGAPTua+5GYR/SY5CkXppQo9WFMavB8UDgRNsqXqRBu7PjP/u0YcOh2HK/w
fSHeZwgkd4xpxk7f20Pu1CKpHVp0zWm6AzSB4CPt66ByZM8zoP5ZH++sMFpUPG80
LEVouM+twmasUGl5d1szdo94aqlKqw==
-----END CERTIFICATE-----
Generated at Mon Oct 20 19:21:19 2025 by rpki-client