Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3639B8C/81FF998E8EF311F0B1EF4DCEDAE4EC9C/224E010A8EF911F08110F6F0DAE4EC9C.roa
File: 224E010A8EF911F08110F6F0DAE4EC9C.roa (raw, json)
Hash identifier: q4S/Fbxq3yG0xFEOwYvKuxGf0Ynd7Ff6WDMdEih5OjM=
Subject key identifier: BE:8F:F7:83:C1:35:F3:39:F7:AA:C3:D1:A4:3E:75:41:33:EA:A7:8D
Certificate issuer: /CN=F3639B8CAF/serialNumber=2AB0F2FA0C96A37B3C6453944597DF3DF0C5D1B7
Certificate serial: 02
Authority key identifier: 2A:B0:F2:FA:0C:96:A3:7B:3C:64:53:94:45:97:DF:3D:F0:C5:D1:B7
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/KrDy-gyWo3s8ZFOURZffPfDF0bc.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3639B8C/81FF998E8EF311F0B1EF4DCEDAE4EC9C/224E010A8EF911F08110F6F0DAE4EC9C.roa
Signing time: Thu 11 Sep 2025 10:21:52 +0000
ROA not before: Thu 11 Sep 2025 10:21:48 +0000
ROA not after: Thu 31 Dec 2026 10:21:48 +0000
asID: 329443
IP address blocks: 102.208.212.0/22 maxlen: 24
2c0f:3940::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3639B8C/81FF998E8EF311F0B1EF4DCEDAE4EC9C/KrDy-gyWo3s8ZFOURZffPfDF0bc.crl
rsync://rpki.afrinic.net/repository/member_repository/F3639B8C/81FF998E8EF311F0B1EF4DCEDAE4EC9C/KrDy-gyWo3s8ZFOURZffPfDF0bc.mft
rsync://rpki.afrinic.net/repository/afrinic/KrDy-gyWo3s8ZFOURZffPfDF0bc.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 20 Sep 2025 00:06:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3639B8CAF, serialNumber=2AB0F2FA0C96A37B3C6453944597DF3DF0C5D1B7
Validity
Not Before: Sep 11 10:21:48 2025 GMT
Not After : Dec 31 10:21:48 2026 GMT
Subject: CN=68c2a2c0-6a5b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:54:d4:92:e9:ed:94:c2:1c:39:93:2c:02:81:
f9:b8:af:f6:db:b1:ea:ce:ae:78:67:36:bf:2d:7a:
24:de:18:a5:90:04:95:5f:4b:54:6d:e9:a6:00:47:
16:31:50:bb:7d:25:3f:d8:fa:a0:e5:2f:80:af:83:
d6:ad:17:81:c2:24:49:5b:8d:67:38:7d:20:f8:e7:
ff:b1:89:58:34:d5:14:2d:bb:b5:72:e4:cc:34:93:
df:82:b7:5f:65:f0:2d:ae:f4:2a:f5:b1:ba:ad:4b:
a7:8c:7f:40:35:1b:b4:9b:89:ba:a3:ad:03:d6:c5:
07:7e:0a:e9:74:63:c8:6c:05:32:d1:c8:a8:dc:91:
3f:e0:8a:6a:06:ed:1d:d8:f0:a4:14:79:e4:85:7a:
fe:eb:94:0d:2b:97:3f:c7:b3:0c:eb:54:59:a7:43:
a4:0c:8d:9b:8b:93:4b:2b:73:c8:72:14:95:c6:28:
e5:24:a6:b8:96:8b:fc:e0:19:23:e5:8a:fe:59:68:
e3:b2:86:12:84:1c:24:be:b7:a2:b6:6c:c2:b8:de:
5b:d1:e5:c4:41:ed:3e:a9:99:9e:0a:67:99:2b:8c:
71:63:25:4c:41:49:a7:8f:ac:37:1c:af:48:c4:38:
94:06:70:f1:1f:23:9e:00:b5:54:c4:33:0e:73:81:
6a:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:8F:F7:83:C1:35:F3:39:F7:AA:C3:D1:A4:3E:75:41:33:EA:A7:8D
X509v3 Authority Key Identifier:
keyid:2A:B0:F2:FA:0C:96:A3:7B:3C:64:53:94:45:97:DF:3D:F0:C5:D1:B7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3639B8C/81FF998E8EF311F0B1EF4DCEDAE4EC9C/KrDy-gyWo3s8ZFOURZffPfDF0bc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/KrDy-gyWo3s8ZFOURZffPfDF0bc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3639B8C/81FF998E8EF311F0B1EF4DCEDAE4EC9C/224E010A8EF911F08110F6F0DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.208.212.0/22
IPv6:
2c0f:3940::/32
Signature Algorithm: sha256WithRSAEncryption
40:f2:86:2f:6c:2b:31:52:4b:94:62:76:2a:34:c3:f0:85:2a:
fa:4c:6c:19:e4:67:97:0c:ee:4e:ac:49:f6:81:ff:55:8a:97:
01:9e:60:97:13:74:88:e1:f4:5c:da:ab:d0:c0:56:54:ba:02:
9c:26:b5:d4:e7:df:42:46:07:63:d2:3b:e2:5a:2f:f2:e3:78:
55:5b:0e:21:8e:4e:6f:37:43:3b:03:4d:eb:57:cd:3b:10:06:
9a:f0:5d:48:03:c3:fa:87:88:a2:3e:8a:2b:aa:5e:70:fa:b4:
c2:1f:0c:d6:fa:a3:4c:d6:2f:17:7f:74:8b:e3:46:c9:04:91:
ce:6b:18:5c:59:14:03:9a:d2:5e:1a:a2:b3:52:88:03:3c:d6:
47:95:f3:bd:bc:ca:30:80:b8:fe:43:72:53:0e:80:41:13:b2:
fb:ec:03:c9:9f:09:a4:68:09:50:41:5f:44:c2:07:16:b3:b6:
18:09:ad:b9:d4:0c:1f:17:fb:06:a3:a5:a8:35:e2:ad:1c:ab:
1d:ab:47:5b:64:25:2f:6f:0d:d7:59:74:1c:18:3a:7d:4a:9a:
6e:d8:43:9a:a6:f0:a7:6a:94:8b:8d:05:c4:94:d0:39:fa:53:
84:9a:29:3e:bc:ec:d0:8f:0b:c8:0f:02:83:9a:cb:8b:fe:60:
e2:f1:15:55
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzYz
OUI4Q0FGMTEwLwYDVQQFEygyQUIwRjJGQTBDOTZBMzdCM0M2NDUzOTQ0NTk3REYz
REYwQzVEMUI3MB4XDTI1MDkxMTEwMjE0OFoXDTI2MTIzMTEwMjE0OFowGDEWMBQG
A1UEAxMNNjhjMmEyYzAtNmE1YjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMVU1JLp7ZTCHDmTLAKB+biv9tux6s6ueGc2vy16JN4YpZAElV9LVG3ppgBH
FjFQu30lP9j6oOUvgK+D1q0XgcIkSVuNZzh9IPjn/7GJWDTVFC27tXLkzDST34K3
X2XwLa70KvWxuq1Lp4x/QDUbtJuJuqOtA9bFB34K6XRjyGwFMtHIqNyRP+CKagbt
HdjwpBR55IV6/uuUDSuXP8ezDOtUWadDpAyNm4uTSytzyHIUlcYo5SSmuJaL/OAZ
I+WK/llo47KGEoQcJL63orZswrjeW9HlxEHtPqmZngpnmSuMcWMlTEFJp4+sNxyv
SMQ4lAZw8R8jngC1VMQzDnOBaqcCAwEAAaOCArQwggKwMB0GA1UdDgQWBBS+j/eD
wTXzOfeqw9GkPnVBM+qnjTAfBgNVHSMEGDAWgBQqsPL6DJajezxkU5RFl9898MXR
tzAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2MzlCOEMvODFGRjk5OEU4RUYzMTFGMEIxRUY0RENFREFFNEVDOUMvS3JEeS1n
eVdvM3M4WkZPVVJaZmZQZkRGMGJjLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvS3JEeS1neVdvM3M4WkZPVVJaZmZQZkRGMGJjLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2MzlCOEMvODFGRjk5OEU4RUYzMTFGMEIxRUY0RENFREFF
NEVDOUMvMjI0RTAxMEE4RUY5MTFGMDgxMTBGNkYwREFFNEVDOUMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAmbQ1DANBAIAAjAHAwUALA85
QDANBgkqhkiG9w0BAQsFAAOCAQEAQPKGL2wrMVJLlGJ2KjTD8IUq+kxsGeRnlwzu
TqxJ9oH/VYqXAZ5glxN0iOH0XNqr0MBWVLoCnCa11OffQkYHY9I74lov8uN4VVsO
IY5ObzdDOwNN61fNOxAGmvBdSAPD+oeIoj6KK6pecPq0wh8M1vqjTNYvF390i+NG
yQSRzmsYXFkUA5rSXhqis1KIAzzWR5XzvbzKMIC4/kNyUw6AQROy++wDyZ8JpGgJ
UEFfRMIHFrO2GAmtudQMHxf7BqOlqDXirRyrHatHW2QlL28N11l0HBg6fUqabthD
mqbwp2qUi40FxJTQOfpThJopPrzs0I8LyA8Cg5rLi/5g4vEVVQ==
-----END CERTIFICATE-----
Generated at Thu Sep 18 10:39:33 2025 by rpki-client