Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36F731F/A187DF92379711EEA4C498314AD9E6FC/2470589872E311F0B4EE5DABDAE4EC9C.roa
File: 2470589872E311F0B4EE5DABDAE4EC9C.roa (raw, json)
Hash identifier: WDF/PbAAV4TFNjA9XU2xgOeBCnlYy/RDmqiM+sgfu1o=
Subject key identifier: 59:93:45:38:3A:98:64:EA:B8:12:E3:B1:6C:4C:8E:0A:33:3D:42:6F
Certificate issuer: /CN=F36F731FAF/serialNumber=F5C0B63BAA5E7AF7A4386B637FD1206A3682D0C3
Certificate serial: 0317
Authority key identifier: F5:C0:B6:3B:AA:5E:7A:F7:A4:38:6B:63:7F:D1:20:6A:36:82:D0:C3
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/9cC2O6peevekOGtjf9EgajaC0MM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36F731F/A187DF92379711EEA4C498314AD9E6FC/2470589872E311F0B4EE5DABDAE4EC9C.roa
Signing time: Wed 06 Aug 2025 16:33:55 +0000
ROA not before: Wed 06 Aug 2025 16:33:50 +0000
ROA not after: Tue 06 Aug 2030 16:33:50 +0000
asID: 29571
IP address blocks: 102.207.12.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36F731F/A187DF92379711EEA4C498314AD9E6FC/9cC2O6peevekOGtjf9EgajaC0MM.crl
rsync://rpki.afrinic.net/repository/member_repository/F36F731F/A187DF92379711EEA4C498314AD9E6FC/9cC2O6peevekOGtjf9EgajaC0MM.mft
rsync://rpki.afrinic.net/repository/afrinic/9cC2O6peevekOGtjf9EgajaC0MM.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 25 Aug 2025 00:06:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 791 (0x317)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36F731FAF, serialNumber=F5C0B63BAA5E7AF7A4386B637FD1206A3682D0C3
Validity
Not Before: Aug 6 16:33:50 2025 GMT
Not After : Aug 6 16:33:50 2030 GMT
Subject: CN=689383f3-4021
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:b8:44:f2:25:80:a7:2d:d9:d2:03:16:d1:b1:
53:a8:63:f8:09:02:77:13:3e:dd:c6:ae:20:19:3b:
04:5d:32:80:7f:fa:f3:76:b2:fb:54:e5:90:3a:8f:
36:ae:56:43:50:b7:a9:e2:46:04:0d:5e:68:56:87:
54:ad:41:a0:28:8e:19:a4:51:a8:64:1e:2d:c4:e9:
75:06:b3:62:28:ce:25:bb:97:e2:87:89:e1:0b:0b:
a5:28:ce:c7:af:9e:74:96:7c:39:a7:8d:4f:5a:7e:
19:ff:6d:49:1e:23:b3:6b:45:dc:17:25:fa:f3:2c:
e9:b8:1f:62:6b:99:26:28:d8:97:11:ef:b0:d9:e9:
98:01:f7:86:8a:7e:42:af:36:03:e5:4d:5d:5a:15:
b2:f7:f4:4a:4b:8e:a6:0d:a0:b2:3b:5e:18:56:97:
c0:56:27:7a:26:64:28:a0:94:b8:ff:ee:b0:80:ac:
ca:f4:3d:1a:c3:d3:88:31:49:ce:b7:7e:ca:6a:be:
1f:07:cf:60:8f:a3:af:33:53:4f:ba:74:81:bb:cd:
22:5f:26:c3:71:7a:65:bb:d0:fb:21:a8:11:fa:a5:
9a:01:5a:0d:0a:47:ba:f8:9d:5c:ed:6a:00:c0:5c:
a6:f2:8d:df:4a:cb:a5:91:49:23:12:db:35:6e:9b:
18:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:93:45:38:3A:98:64:EA:B8:12:E3:B1:6C:4C:8E:0A:33:3D:42:6F
X509v3 Authority Key Identifier:
keyid:F5:C0:B6:3B:AA:5E:7A:F7:A4:38:6B:63:7F:D1:20:6A:36:82:D0:C3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36F731F/A187DF92379711EEA4C498314AD9E6FC/9cC2O6peevekOGtjf9EgajaC0MM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/9cC2O6peevekOGtjf9EgajaC0MM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36F731F/A187DF92379711EEA4C498314AD9E6FC/2470589872E311F0B4EE5DABDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.207.12.0/22
Signature Algorithm: sha256WithRSAEncryption
3d:01:e1:d2:47:34:3f:c6:2e:e6:bc:36:bd:d5:0f:7a:29:a3:
5d:6c:7b:5b:27:9d:46:34:10:29:37:b9:14:90:0a:c1:7e:ed:
ed:0a:26:1b:87:68:a8:45:ab:ec:d7:c6:0b:bf:07:3d:23:cb:
12:89:6c:bb:68:12:b8:2c:26:39:dd:8d:00:56:08:4c:b6:46:
f5:10:0a:7e:6a:c6:5e:59:5e:77:dc:93:f2:72:97:b4:84:e4:
6c:7d:96:e5:11:5c:ac:60:00:ee:ae:4d:81:d4:b4:5e:53:15:
ad:d7:b1:97:40:fe:f3:26:9d:d5:9f:56:62:d8:ab:17:0b:c5:
39:24:ed:a1:93:85:15:6c:f5:8e:60:61:61:c0:64:e3:fb:c2:
7e:b4:33:89:40:78:77:28:32:64:88:2c:ee:da:8f:26:a6:01:
0e:91:d5:de:8e:cc:1b:20:a7:f9:14:4d:70:bf:85:04:7c:3b:
21:42:e0:da:ee:87:d3:dc:0d:f9:c5:d5:8f:b0:ec:04:e4:f4:
57:b0:cf:79:cd:fb:5d:7d:97:46:89:61:dd:76:cc:c8:6d:8a:
db:d4:1d:56:94:d6:76:d5:da:1a:c8:70:90:2b:19:bc:df:51:
1a:40:9f:db:ed:9d:81:1d:d9:eb:20:9c:23:9f:ad:8b:e4:93:
f0:a7:d6:3d
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICAxcwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
RjczMUZBRjExMC8GA1UEBRMoRjVDMEI2M0JBQTVFN0FGN0E0Mzg2QjYzN0ZEMTIw
NkEzNjgyRDBDMzAeFw0yNTA4MDYxNjMzNTBaFw0zMDA4MDYxNjMzNTBaMBgxFjAU
BgNVBAMTDTY4OTM4M2YzLTQwMjEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDduETyJYCnLdnSAxbRsVOoY/gJAncTPt3GriAZOwRdMoB/+vN2svtU5ZA6
jzauVkNQt6niRgQNXmhWh1StQaAojhmkUahkHi3E6XUGs2IoziW7l+KHieELC6Uo
zsevnnSWfDmnjU9afhn/bUkeI7NrRdwXJfrzLOm4H2JrmSYo2JcR77DZ6ZgB94aK
fkKvNgPlTV1aFbL39EpLjqYNoLI7XhhWl8BWJ3omZCiglLj/7rCArMr0PRrD04gx
Sc63fspqvh8Hz2CPo68zU0+6dIG7zSJfJsNxemW70PshqBH6pZoBWg0KR7r4nVzt
agDAXKbyjd9Ky6WRSSMS2zVumxhvAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUWZNF
ODqYZOq4EuOxbEyOCjM9Qm8wHwYDVR0jBBgwFoAU9cC2O6peevekOGtjf9EgajaC
0MMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkY3MzFGL0ExODdERjkyMzc5NzExRUVBNEM0OTgzMTRBRDlFNkZDLzljQzJP
NnBlZXZla09HdGpmOUVnYWphQzBNTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljLzljQzJPNnBlZXZla09HdGpmOUVnYWphQzBNTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkY3MzFGL0ExODdERjkyMzc5NzExRUVBNEM0OTgzMTRB
RDlFNkZDLzI0NzA1ODk4NzJFMzExRjBCNEVFNURBQkRBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJmzwwwDQYJKoZIhvcNAQEL
BQADggEBAD0B4dJHND/GLua8Nr3VD3opo11se1snnUY0ECk3uRSQCsF+7e0KJhuH
aKhFq+zXxgu/Bz0jyxKJbLtoErgsJjndjQBWCEy2RvUQCn5qxl5ZXnfck/Jyl7SE
5Gx9luURXKxgAO6uTYHUtF5TFa3XsZdA/vMmndWfVmLYqxcLxTkk7aGThRVs9Y5g
YWHAZOP7wn60M4lAeHcoMmSILO7ajyamAQ6R1d6OzBsgp/kUTXC/hQR8OyFC4Nru
h9PcDfnF1Y+w7ATk9Fewz3nN+119l0aJYd12zMhtitvUHVaU1nbV2hrIcJArGbzf
URpAn9vtnYEd2esgnCOfrYvkk/Cn1j0=
-----END CERTIFICATE-----
Generated at Sat Aug 23 16:27:32 2025 by rpki-client