Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36FA15D/98166C5E623711EB931CB859F8AEA228/C8AA756AA22711F0A37752A6DAE4EC9C.roa
File: C8AA756AA22711F0A37752A6DAE4EC9C.roa (raw, json)
Hash identifier: ygGr4z0a6LQ8DZjwCbyZzsay6Jdj8g4ik7qSJi8pun0=
Subject key identifier: F8:8D:A8:9E:69:1F:0C:7C:10:56:99:2A:FF:E8:E5:D9:7C:17:39:95
Certificate issuer: /CN=F36FA15DAR/serialNumber=44A9F69F4141DA76B7353EB0D581523AFE2B81E1
Certificate serial: 0FDF
Authority key identifier: 44:A9:F6:9F:41:41:DA:76:B7:35:3E:B0:D5:81:52:3A:FE:2B:81:E1
Authority info access: rsync://rpki.afrinic.net/repository/arin/RKn2n0FB2na3NT6w1YFSOv4rgeE.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36FA15D/98166C5E623711EB931CB859F8AEA228/C8AA756AA22711F0A37752A6DAE4EC9C.roa
Signing time: Sun 05 Oct 2025 20:13:40 +0000
ROA not before: Sun 05 Oct 2025 20:13:35 +0000
ROA not after: Thu 05 Oct 2034 20:13:35 +0000
asID: 61290
IP address blocks: 161.123.102.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36FA15D/98166C5E623711EB931CB859F8AEA228/RKn2n0FB2na3NT6w1YFSOv4rgeE.crl
rsync://rpki.afrinic.net/repository/member_repository/F36FA15D/98166C5E623711EB931CB859F8AEA228/RKn2n0FB2na3NT6w1YFSOv4rgeE.mft
rsync://rpki.afrinic.net/repository/arin/RKn2n0FB2na3NT6w1YFSOv4rgeE.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 22 Oct 2025 00:26:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4063 (0xfdf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36FA15DAR, serialNumber=44A9F69F4141DA76B7353EB0D581523AFE2B81E1
Validity
Not Before: Oct 5 20:13:35 2025 GMT
Not After : Oct 5 20:13:35 2034 GMT
Subject: CN=68e2d174-555a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:db:69:d6:7a:05:eb:db:15:ee:ef:a2:f8:2f:
f7:7d:c2:c3:5d:95:73:b1:13:b9:28:38:f1:7e:8d:
5c:b8:d5:f4:ca:d7:0a:60:3f:52:c1:22:86:1d:7f:
f5:42:fc:4d:dc:4d:e2:c9:89:a6:14:58:e9:fd:97:
fb:57:d0:df:c3:16:0e:35:ac:a1:6c:a7:5a:38:4b:
b1:bd:d6:40:b9:0c:94:0c:42:4e:4c:1a:7a:86:1d:
6e:95:ba:c4:2b:63:c0:47:d4:e9:4a:2f:7b:e0:4a:
61:db:3b:c7:06:d4:6a:54:c6:04:68:17:e8:11:b3:
51:3b:f0:d4:54:68:56:34:b8:88:b7:eb:af:b1:85:
79:8f:8b:3e:e4:d4:03:61:a6:29:f4:70:51:20:2f:
6f:a5:39:d9:5c:7f:c1:35:33:4d:2d:16:a6:e1:e0:
3e:d1:57:54:b6:4f:d9:e4:e0:a7:16:d3:41:bf:64:
23:ad:31:9d:61:be:d1:d4:c4:48:87:9f:d3:4b:d3:
a8:26:e6:7d:d5:8b:a5:14:46:5a:24:d0:16:bd:56:
f6:e4:e1:38:fe:b8:41:29:4f:77:e2:9a:c6:b8:dd:
18:a7:f0:f1:74:f0:fe:b0:ca:96:c9:e8:09:f8:a0:
24:9f:cb:78:ce:49:1d:4a:2a:48:0b:42:70:b5:f8:
49:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:8D:A8:9E:69:1F:0C:7C:10:56:99:2A:FF:E8:E5:D9:7C:17:39:95
X509v3 Authority Key Identifier:
keyid:44:A9:F6:9F:41:41:DA:76:B7:35:3E:B0:D5:81:52:3A:FE:2B:81:E1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36FA15D/98166C5E623711EB931CB859F8AEA228/RKn2n0FB2na3NT6w1YFSOv4rgeE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/RKn2n0FB2na3NT6w1YFSOv4rgeE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36FA15D/98166C5E623711EB931CB859F8AEA228/C8AA756AA22711F0A37752A6DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
161.123.102.0/23
Signature Algorithm: sha256WithRSAEncryption
bf:54:3a:48:d6:7d:a4:bb:fe:a8:b9:ee:07:55:db:ed:17:df:
93:9b:4a:52:54:f0:23:14:bb:17:9a:0c:0c:ea:61:41:f9:fe:
3a:1b:4f:de:8b:04:77:62:cc:be:b4:ff:53:e6:d8:af:69:06:
d8:d1:e4:b7:69:f9:02:37:3e:92:75:b4:1f:77:1a:6a:8c:1b:
e6:97:27:46:9c:e2:ba:2c:dd:3e:b9:a4:63:86:86:41:1c:2b:
be:0c:cd:69:8f:76:02:a1:fe:2f:ea:ab:ff:b9:67:c3:dc:96:
49:0a:03:42:ef:e4:6a:8b:4b:1c:0d:b7:1e:e4:ca:5d:ac:79:
09:a6:61:60:8e:b3:af:38:6b:b9:3b:34:37:29:34:a4:22:1b:
f2:8b:11:82:ca:a1:6e:0f:f4:de:32:df:16:4c:ff:e9:db:f1:
1d:5d:62:78:90:db:f9:92:2b:20:1a:62:df:0d:85:17:af:c3:
69:8f:3c:0e:36:17:fb:67:e0:3f:ea:60:07:9f:fc:a1:ec:32:
fd:51:76:2f:fd:fe:0c:32:a2:df:cf:4f:df:9e:d8:db:47:5a:
b7:b1:57:53:4f:be:96:65:71:de:ce:46:9e:ff:f2:38:29:76:
3f:15:79:86:09:7a:20:b0:11:f6:3a:0e:0c:65:18:6d:db:f4:
c4:36:f0:ea
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICD98wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
RkExNURBUjExMC8GA1UEBRMoNDRBOUY2OUY0MTQxREE3NkI3MzUzRUIwRDU4MTUy
M0FGRTJCODFFMTAeFw0yNTEwMDUyMDEzMzVaFw0zNDEwMDUyMDEzMzVaMBgxFjAU
BgNVBAMTDTY4ZTJkMTc0LTU1NWEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDr22nWegXr2xXu76L4L/d9wsNdlXOxE7koOPF+jVy41fTK1wpgP1LBIoYd
f/VC/E3cTeLJiaYUWOn9l/tX0N/DFg41rKFsp1o4S7G91kC5DJQMQk5MGnqGHW6V
usQrY8BH1OlKL3vgSmHbO8cG1GpUxgRoF+gRs1E78NRUaFY0uIi366+xhXmPiz7k
1ANhpin0cFEgL2+lOdlcf8E1M00tFqbh4D7RV1S2T9nk4KcW00G/ZCOtMZ1hvtHU
xEiHn9NL06gm5n3Vi6UURlok0Ba9Vvbk4Tj+uEEpT3fimsa43Rin8PF08P6wypbJ
6An4oCSfy3jOSR1KKkgLQnC1+Em1AgMBAAGjggKiMIICnjAdBgNVHQ4EFgQU+I2o
nmkfDHwQVpkq/+jl2XwXOZUwHwYDVR0jBBgwFoAURKn2n0FB2na3NT6w1YFSOv4r
geEwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkZBMTVELzk4MTY2QzVFNjIzNzExRUI5MzFDQjg1OUY4QUVBMjI4L1JLbjJu
MEZCMm5hM05UNncxWUZTT3Y0cmdlRS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L1JLbjJuMEZCMm5hM05UNncxWUZTT3Y0cmdlRS5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNkZBMTVELzk4MTY2QzVFNjIzNzExRUI5MzFDQjg1OUY4QUVB
MjI4L0M4QUE3NTZBQTIyNzExRjBBMzc3NTJBNkRBRTRFQzlDLnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAGhe2YwDQYJKoZIhvcNAQELBQAD
ggEBAL9UOkjWfaS7/qi57gdV2+0X35ObSlJU8CMUuxeaDAzqYUH5/jobT96LBHdi
zL60/1Pm2K9pBtjR5Ldp+QI3PpJ1tB93GmqMG+aXJ0ac4ros3T65pGOGhkEcK74M
zWmPdgKh/i/qq/+5Z8PclkkKA0Lv5GqLSxwNtx7kyl2seQmmYWCOs684a7k7NDcp
NKQiG/KLEYLKoW4P9N4y3xZM/+nb8R1dYniQ2/mSKyAaYt8NhRevw2mPPA42F/tn
4D/qYAef/KHsMv1Rdi/9/gwyot/PT9+e2NtHWrexV1NPvpZlcd7ORp7/8jgpdj8V
eYYJeiCwEfY6DgxlGG3b9MQ28Oo=
-----END CERTIFICATE-----
Generated at Mon Oct 20 11:14:19 2025 by rpki-client