Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36FE07F/6E91BA54776E11F095F69DCDDAE4EC9C/9E3CAFAC776E11F0A592D2CDDAE4EC9C.roa
File: 9E3CAFAC776E11F0A592D2CDDAE4EC9C.roa (raw, json)
Hash identifier: Jc6KQs8Me0jhZ9OqwSsYuwFuhZ8DtWTSRWigp2Gfn4Q=
Subject key identifier: 78:77:44:DA:59:93:78:A1:87:19:CF:69:D4:C7:0A:1B:FD:85:6C:67
Certificate issuer: /CN=F36FE07FAF/serialNumber=C586F6E93733C4C535E8BD46AA32D04248079AFB
Certificate serial: 02
Authority key identifier: C5:86:F6:E9:37:33:C4:C5:35:E8:BD:46:AA:32:D0:42:48:07:9A:FB
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/xYb26TczxMU16L1GqjLQQkgHmvs.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36FE07F/6E91BA54776E11F095F69DCDDAE4EC9C/9E3CAFAC776E11F0A592D2CDDAE4EC9C.roa
Signing time: Tue 12 Aug 2025 11:22:24 +0000
ROA not before: Tue 12 Aug 2025 11:22:19 +0000
ROA not after: Tue 05 Jun 2035 11:22:19 +0000
asID: 36924
IP address blocks: 102.205.24.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36FE07F/6E91BA54776E11F095F69DCDDAE4EC9C/xYb26TczxMU16L1GqjLQQkgHmvs.crl
rsync://rpki.afrinic.net/repository/member_repository/F36FE07F/6E91BA54776E11F095F69DCDDAE4EC9C/xYb26TczxMU16L1GqjLQQkgHmvs.mft
rsync://rpki.afrinic.net/repository/afrinic/xYb26TczxMU16L1GqjLQQkgHmvs.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 25 Aug 2025 00:06:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36FE07FAF, serialNumber=C586F6E93733C4C535E8BD46AA32D04248079AFB
Validity
Not Before: Aug 12 11:22:19 2025 GMT
Not After : Jun 5 11:22:19 2035 GMT
Subject: CN=689b23f0-4938
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:9c:ce:8b:10:8f:f6:04:ea:5a:3b:0d:96:9e:
ff:c7:7d:08:db:d4:6f:fa:59:07:62:a2:96:58:4f:
05:0c:6c:5c:0c:d2:59:06:72:3e:77:be:1b:7d:de:
84:de:14:b4:7a:98:90:e9:4d:7c:d8:be:eb:71:1d:
27:f8:67:23:6c:8e:1e:54:e0:91:4e:e3:1b:50:a6:
df:f1:6c:ad:9d:a2:47:08:75:17:5a:e0:78:32:c4:
7a:d3:db:fd:7e:a2:ba:52:11:1a:a1:d4:3c:dc:27:
d4:82:3c:8b:1c:90:c0:f0:b9:1f:9b:1a:b7:59:11:
de:5a:46:08:27:01:76:37:cc:5a:fb:7b:e0:82:13:
b3:1a:58:d5:ca:81:a0:20:e5:59:34:c3:39:75:d5:
1f:df:5c:22:fe:66:8e:3d:85:12:c0:a0:a2:d6:49:
ca:b6:38:94:b9:fe:2a:ce:ad:53:69:6b:8e:f7:c6:
0e:05:03:78:e7:41:06:24:8d:30:d8:0c:91:a6:62:
b4:89:70:be:15:9e:18:76:31:5b:4c:a0:9f:9e:22:
54:55:8f:17:6f:1d:00:41:87:69:82:e7:2b:dc:80:
93:c8:36:7d:5b:59:83:eb:ef:8a:44:5c:e7:2a:23:
ee:d8:b5:3a:e9:f2:33:4b:03:10:53:d1:bc:37:f2:
71:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:77:44:DA:59:93:78:A1:87:19:CF:69:D4:C7:0A:1B:FD:85:6C:67
X509v3 Authority Key Identifier:
keyid:C5:86:F6:E9:37:33:C4:C5:35:E8:BD:46:AA:32:D0:42:48:07:9A:FB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36FE07F/6E91BA54776E11F095F69DCDDAE4EC9C/xYb26TczxMU16L1GqjLQQkgHmvs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/xYb26TczxMU16L1GqjLQQkgHmvs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36FE07F/6E91BA54776E11F095F69DCDDAE4EC9C/9E3CAFAC776E11F0A592D2CDDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.205.24.0/22
Signature Algorithm: sha256WithRSAEncryption
41:00:a0:d6:e3:23:f7:10:77:60:54:a4:2b:9c:c4:2d:88:40:
0a:b4:20:2e:63:97:80:0a:9f:53:c5:ca:bf:58:27:a4:b5:26:
11:ae:76:dc:a1:6a:86:9c:87:f4:50:8a:d0:a5:38:7a:af:8b:
48:80:6e:d9:a0:6f:d7:1e:34:95:ac:3d:44:86:78:eb:0d:23:
2c:6b:b0:68:2d:1a:21:61:31:54:d7:4b:39:51:52:ad:21:48:
64:cb:e6:8e:02:5a:df:5c:63:ab:b2:a9:cd:d4:b2:83:da:93:
55:55:3d:f6:c5:69:74:75:bc:c2:a7:a7:be:0b:c9:82:7a:3e:
3c:0e:3d:bf:e2:af:50:37:24:08:f7:33:46:8a:9a:d4:d2:d7:
a7:a9:da:13:ea:1c:26:7c:c4:31:d1:d2:3b:0b:78:2a:0e:e5:
84:04:a2:f5:d0:a3:ed:a5:d4:ea:28:50:a8:38:0f:13:39:fd:
39:a9:8e:ea:43:29:ad:95:e6:ba:09:34:01:39:5f:b5:df:69:
bc:72:82:86:04:ac:73:b9:6d:99:b9:c3:dc:a3:80:18:ff:8d:
b2:00:ac:d5:61:db:82:02:62:01:f5:85:ba:5d:03:18:17:39:
b1:97:93:de:e9:a9:d6:72:3e:75:09:90:be:38:2c:f2:a6:55:
7e:89:35:86
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZG
RTA3RkFGMTEwLwYDVQQFEyhDNTg2RjZFOTM3MzNDNEM1MzVFOEJENDZBQTMyRDA0
MjQ4MDc5QUZCMB4XDTI1MDgxMjExMjIxOVoXDTM1MDYwNTExMjIxOVowGDEWMBQG
A1UEAxMNNjg5YjIzZjAtNDkzODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANCczosQj/YE6lo7DZae/8d9CNvUb/pZB2KillhPBQxsXAzSWQZyPne+G33e
hN4UtHqYkOlNfNi+63EdJ/hnI2yOHlTgkU7jG1Cm3/FsrZ2iRwh1F1rgeDLEetPb
/X6iulIRGqHUPNwn1II8ixyQwPC5H5sat1kR3lpGCCcBdjfMWvt74IITsxpY1cqB
oCDlWTTDOXXVH99cIv5mjj2FEsCgotZJyrY4lLn+Ks6tU2lrjvfGDgUDeOdBBiSN
MNgMkaZitIlwvhWeGHYxW0ygn54iVFWPF28dAEGHaYLnK9yAk8g2fVtZg+vvikRc
5yoj7ti1OunyM0sDEFPRvDfycSMCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBR4d0Ta
WZN4oYcZz2nUxwob/YVsZzAfBgNVHSMEGDAWgBTFhvbpNzPExTXovUaqMtBCSAea
+zAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2RkUwN0YvNkU5MUJBNTQ3NzZFMTFGMDk1RjY5RENEREFFNEVDOUMveFliMjZU
Y3p4TVUxNkwxR3FqTFFRa2dIbXZzLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMveFliMjZUY3p4TVUxNkwxR3FqTFFRa2dIbXZzLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2RkUwN0YvNkU5MUJBNTQ3NzZFMTFGMDk1RjY5RENEREFF
NEVDOUMvOUUzQ0FGQUM3NzZFMTFGMEE1OTJEMkNEREFFNEVDOUMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAmbNGDANBgkqhkiG9w0BAQsF
AAOCAQEAQQCg1uMj9xB3YFSkK5zELYhACrQgLmOXgAqfU8XKv1gnpLUmEa523KFq
hpyH9FCK0KU4eq+LSIBu2aBv1x40law9RIZ46w0jLGuwaC0aIWExVNdLOVFSrSFI
ZMvmjgJa31xjq7KpzdSyg9qTVVU99sVpdHW8wqenvgvJgno+PA49v+KvUDckCPcz
Roqa1NLXp6naE+ocJnzEMdHSOwt4Kg7lhASi9dCj7aXU6ihQqDgPEzn9OamO6kMp
rZXmugk0ATlftd9pvHKChgSsc7ltmbnD3KOAGP+NsgCs1WHbggJiAfWFul0DGBc5
sZeT3ump1nI+dQmQvjgs8qZVfok1hg==
-----END CERTIFICATE-----
Generated at Sat Aug 23 13:37:24 2025 by rpki-client