Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36FDDCF/ED44E9306A1B11EBBA744416F8AEA228/3ED2C7FA73DF11F08938C08EDAE4EC9C.roa
File: 3ED2C7FA73DF11F08938C08EDAE4EC9C.roa (raw, json)
Hash identifier: iyabqTBm+x48hvA2ztaOaTXns/fPRnTXSFF6KRFDSwY=
Subject key identifier: B5:8C:AD:20:AA:76:42:21:8A:D5:DF:E1:E4:90:93:02:6B:5A:30:A2
Certificate issuer: /CN=F36FDDCFAF/serialNumber=EB2FF6334345973A74B009002E369171D938F033
Certificate serial: 0697
Authority key identifier: EB:2F:F6:33:43:45:97:3A:74:B0:09:00:2E:36:91:71:D9:38:F0:33
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/6y_2M0NFlzp0sAkALjaRcdk48DM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36FDDCF/ED44E9306A1B11EBBA744416F8AEA228/3ED2C7FA73DF11F08938C08EDAE4EC9C.roa
Signing time: Thu 07 Aug 2025 22:38:32 +0000
ROA not before: Thu 07 Aug 2025 22:38:27 +0000
ROA not after: Sun 06 Aug 2028 22:38:27 +0000
asID: 328316
IP address blocks: 102.176.176.0/22 maxlen: 32
102.176.176.0/24 maxlen: 32
102.176.177.0/24 maxlen: 32
102.176.178.0/24 maxlen: 32
102.176.179.0/24 maxlen: 32
2c0f:eed0::/32 maxlen: 128
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36FDDCF/ED44E9306A1B11EBBA744416F8AEA228/6y_2M0NFlzp0sAkALjaRcdk48DM.crl
rsync://rpki.afrinic.net/repository/member_repository/F36FDDCF/ED44E9306A1B11EBBA744416F8AEA228/6y_2M0NFlzp0sAkALjaRcdk48DM.mft
rsync://rpki.afrinic.net/repository/afrinic/6y_2M0NFlzp0sAkALjaRcdk48DM.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 25 Aug 2025 00:06:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1687 (0x697)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36FDDCFAF, serialNumber=EB2FF6334345973A74B009002E369171D938F033
Validity
Not Before: Aug 7 22:38:27 2025 GMT
Not After : Aug 6 22:38:27 2028 GMT
Subject: CN=68952ae8-aaa4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:b9:e7:0e:9b:ee:8e:87:50:09:b5:45:ed:fc:
c8:59:60:ef:2d:0b:93:16:12:9c:ed:ca:ae:08:56:
a8:f9:80:c0:fe:16:57:3d:9d:11:e9:3b:b0:34:ec:
16:c4:6d:9e:77:94:5e:f1:58:63:ae:f2:b1:1b:19:
6c:f8:4e:bf:34:f8:da:bc:d1:31:32:42:6a:15:a1:
38:24:d7:5b:c1:88:a5:e9:6a:62:90:56:23:94:4d:
0d:5d:21:db:2a:bf:80:00:5e:20:33:c8:ad:b9:74:
22:94:d2:0c:b1:0b:39:b1:77:76:d9:10:5a:44:23:
b9:63:de:e0:c2:52:ad:ef:66:a9:c6:a8:d0:07:b0:
e1:cc:8a:6f:a1:5d:de:91:c4:93:2d:1a:ee:e4:6c:
a2:75:e3:fe:8e:16:a0:71:10:a7:41:64:80:39:41:
9f:8f:89:5f:04:fe:77:1d:83:54:da:ea:78:1a:a8:
52:d6:a9:d9:e5:da:a8:f9:06:8a:f7:10:7d:22:23:
9e:b0:52:8b:06:3e:d3:17:d6:60:6f:9f:6d:3e:7e:
e3:75:92:de:c2:8f:9d:15:2a:11:97:af:af:15:46:
82:aa:d8:97:d0:9d:74:36:e6:bc:af:f0:a3:4e:e9:
2e:5e:d2:aa:6e:ba:1b:0c:7b:de:44:4a:aa:5e:04:
0a:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:8C:AD:20:AA:76:42:21:8A:D5:DF:E1:E4:90:93:02:6B:5A:30:A2
X509v3 Authority Key Identifier:
keyid:EB:2F:F6:33:43:45:97:3A:74:B0:09:00:2E:36:91:71:D9:38:F0:33
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36FDDCF/ED44E9306A1B11EBBA744416F8AEA228/6y_2M0NFlzp0sAkALjaRcdk48DM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/6y_2M0NFlzp0sAkALjaRcdk48DM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36FDDCF/ED44E9306A1B11EBBA744416F8AEA228/3ED2C7FA73DF11F08938C08EDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.176.176.0/22
IPv6:
2c0f:eed0::/32
Signature Algorithm: sha256WithRSAEncryption
bc:72:08:c0:88:5b:60:88:8f:c2:df:71:2b:18:d0:bf:cf:0a:
54:61:8f:21:92:52:13:1a:09:5d:bd:12:e9:83:5f:ca:f9:78:
87:09:ec:f5:5d:94:0c:bd:07:09:ee:91:b4:40:3d:ea:5c:05:
75:49:92:3b:4d:cf:81:6d:d0:a7:f2:dd:a2:f2:b6:62:7b:62:
55:13:e5:a9:9d:b6:2c:fa:c4:19:b9:1a:17:39:67:e1:1b:50:
f4:b2:87:72:3e:2f:e3:1a:d3:84:59:8a:83:b1:a1:a5:96:05:
b4:8d:f1:2e:29:4b:39:24:78:c4:71:74:65:2e:9d:73:66:27:
47:5f:62:e4:f2:c9:40:a7:3b:23:bf:19:22:83:35:e7:39:f2:
ab:14:39:14:31:50:b5:29:a6:d5:df:d3:15:f9:e5:72:7b:17:
6c:c4:af:54:ce:0d:fe:d2:ff:51:6e:95:9a:90:35:20:5f:d1:
a9:c6:f9:2f:23:0c:49:42:39:d2:75:80:f9:91:23:d7:e0:e7:
9a:a4:41:a0:58:ef:6f:c4:cb:9b:72:f2:4d:f1:58:61:13:2e:
b3:c7:18:63:1e:5a:4c:72:b2:50:21:fa:16:09:e9:75:19:6e:
7c:9c:99:8d:3b:36:93:9d:8c:0e:d7:a0:8e:c7:d4:48:ee:bf:
01:bc:9f:fb
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgICBpcwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
RkREQ0ZBRjExMC8GA1UEBRMoRUIyRkY2MzM0MzQ1OTczQTc0QjAwOTAwMkUzNjkx
NzFEOTM4RjAzMzAeFw0yNTA4MDcyMjM4MjdaFw0yODA4MDYyMjM4MjdaMBgxFjAU
BgNVBAMTDTY4OTUyYWU4LWFhYTQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDcuecOm+6Oh1AJtUXt/MhZYO8tC5MWEpztyq4IVqj5gMD+Flc9nRHpO7A0
7BbEbZ53lF7xWGOu8rEbGWz4Tr80+Nq80TEyQmoVoTgk11vBiKXpamKQViOUTQ1d
Idsqv4AAXiAzyK25dCKU0gyxCzmxd3bZEFpEI7lj3uDCUq3vZqnGqNAHsOHMim+h
Xd6RxJMtGu7kbKJ14/6OFqBxEKdBZIA5QZ+PiV8E/ncdg1Ta6ngaqFLWqdnl2qj5
Bor3EH0iI56wUosGPtMX1mBvn20+fuN1kt7Cj50VKhGXr68VRoKq2JfQnXQ25ryv
8KNO6S5e0qpuuhsMe95ESqpeBAq1AgMBAAGjggK0MIICsDAdBgNVHQ4EFgQUtYyt
IKp2QiGK1d/h5JCTAmtaMKIwHwYDVR0jBBgwFoAU6y/2M0NFlzp0sAkALjaRcdk4
8DMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkZERENGL0VENDRFOTMwNkExQjExRUJCQTc0NDQxNkY4QUVBMjI4LzZ5XzJN
ME5GbHpwMHNBa0FMamFSY2RrNDhETS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljLzZ5XzJNME5GbHpwMHNBa0FMamFSY2RrNDhETS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkZERENGL0VENDRFOTMwNkExQjExRUJCQTc0NDQxNkY4
QUVBMjI4LzNFRDJDN0ZBNzNERjExRjA4OTM4QzA4RURBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBAJmsLAwDQQCAAIwBwMFACwP
7tAwDQYJKoZIhvcNAQELBQADggEBALxyCMCIW2CIj8LfcSsY0L/PClRhjyGSUhMa
CV29EumDX8r5eIcJ7PVdlAy9BwnukbRAPepcBXVJkjtNz4Ft0Kfy3aLytmJ7YlUT
5amdtiz6xBm5Ghc5Z+EbUPSyh3I+L+Ma04RZioOxoaWWBbSN8S4pSzkkeMRxdGUu
nXNmJ0dfYuTyyUCnOyO/GSKDNec58qsUORQxULUpptXf0xX55XJ7F2zEr1TODf7S
/1FulZqQNSBf0anG+S8jDElCOdJ1gPmRI9fg55qkQaBY72/Ey5ty8k3xWGETLrPH
GGMeWkxyslAh+hYJ6XUZbnycmY07NpOdjA7XoI7H1EjuvwG8n/s=
-----END CERTIFICATE-----
Generated at Sat Aug 23 17:32:16 2025 by rpki-client