Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3644FF0/745F62409B4511ED93C950AEF1222468/C70E15E690A611F0BA37EFC8DAE4EC9C.roa
File: C70E15E690A611F0BA37EFC8DAE4EC9C.roa (raw, json)
Hash identifier: afhLw0Uh3icsBTOuNawgGYosgUqCE0Qye6EXKXcIrws=
Subject key identifier: 35:59:FB:51:C7:AC:E8:84:33:A8:DE:54:C7:5A:14:7E:46:F3:29:DC
Certificate issuer: /CN=F3644FF0AF/serialNumber=E89EFE351E60252A26256D8DEE8F69E7724CAD5A
Certificate serial: 040A
Authority key identifier: E8:9E:FE:35:1E:60:25:2A:26:25:6D:8D:EE:8F:69:E7:72:4C:AD:5A
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/6J7-NR5gJSomJW2N7o9p53JMrVo.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3644FF0/745F62409B4511ED93C950AEF1222468/C70E15E690A611F0BA37EFC8DAE4EC9C.roa
Signing time: Sat 13 Sep 2025 13:37:23 +0000
ROA not before: Sat 13 Sep 2025 13:37:18 +0000
ROA not after: Mon 30 Mar 2026 13:37:18 +0000
asID: 329027
IP address blocks: 102.204.232.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3644FF0/745F62409B4511ED93C950AEF1222468/6J7-NR5gJSomJW2N7o9p53JMrVo.crl
rsync://rpki.afrinic.net/repository/member_repository/F3644FF0/745F62409B4511ED93C950AEF1222468/6J7-NR5gJSomJW2N7o9p53JMrVo.mft
rsync://rpki.afrinic.net/repository/afrinic/6J7-NR5gJSomJW2N7o9p53JMrVo.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 18 Sep 2025 03:13:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1034 (0x40a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3644FF0AF, serialNumber=E89EFE351E60252A26256D8DEE8F69E7724CAD5A
Validity
Not Before: Sep 13 13:37:18 2025 GMT
Not After : Mar 30 13:37:18 2026 GMT
Subject: CN=68c57393-2839
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:f9:1a:56:20:40:61:cd:50:ff:a9:c9:55:48:
14:4b:77:cd:13:1a:a2:2b:e7:81:7a:86:3f:54:78:
f2:57:14:07:48:9e:a0:72:98:c2:b5:66:56:f6:0b:
db:de:51:3c:05:49:9d:84:8c:4f:94:9b:cd:16:b3:
d2:e2:3e:09:ff:03:10:72:ff:d0:5a:f7:ff:54:37:
3c:58:3c:8e:df:cd:42:a9:ba:5c:95:0c:f7:67:af:
63:97:a3:0c:d7:53:21:9b:37:bc:d9:b2:9e:8a:11:
6b:7a:1b:4a:65:12:2c:02:a4:26:77:03:43:5c:47:
2a:2a:24:70:f4:13:a7:39:90:8a:59:3e:81:a1:fd:
09:20:cb:18:a9:7c:41:19:a4:98:2d:36:ce:a5:66:
99:49:43:5f:62:da:b7:ec:d8:55:a5:d8:21:97:bf:
3c:6a:e3:2a:65:2b:9f:08:d0:1f:e8:93:78:3a:8e:
b3:c8:34:1c:0c:8e:ef:2d:39:5c:c5:05:99:57:d1:
9b:4b:6b:50:8c:d8:b8:64:a2:76:16:05:c2:d7:29:
76:fd:29:06:24:0c:a3:36:21:e6:1f:06:96:b5:64:
45:29:10:c7:39:5c:eb:54:ad:ef:e5:95:a0:19:ee:
74:59:14:f3:6e:31:31:d0:16:b1:49:68:a7:e1:6a:
bd:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:59:FB:51:C7:AC:E8:84:33:A8:DE:54:C7:5A:14:7E:46:F3:29:DC
X509v3 Authority Key Identifier:
keyid:E8:9E:FE:35:1E:60:25:2A:26:25:6D:8D:EE:8F:69:E7:72:4C:AD:5A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3644FF0/745F62409B4511ED93C950AEF1222468/6J7-NR5gJSomJW2N7o9p53JMrVo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/6J7-NR5gJSomJW2N7o9p53JMrVo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3644FF0/745F62409B4511ED93C950AEF1222468/C70E15E690A611F0BA37EFC8DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.204.232.0/22
Signature Algorithm: sha256WithRSAEncryption
ac:15:60:d2:87:72:88:a3:e4:a6:f2:fe:f7:01:74:16:9c:d1:
a2:84:42:34:0b:57:ad:8f:cc:14:34:0b:35:0b:f7:d5:ad:dc:
a4:44:d6:e2:04:1c:2f:f6:3d:48:cd:7f:72:79:5a:f0:0c:fc:
40:dc:04:8f:a8:a6:18:2c:0f:9c:1d:ae:5e:86:f0:aa:a4:1e:
5a:ee:c5:0d:0e:63:a8:75:32:9f:d8:c9:d5:9a:9c:7e:46:90:
f1:11:32:db:ca:66:ca:cd:ba:43:66:8b:55:32:04:16:ff:f2:
b2:06:02:e2:96:d8:cc:ce:47:5c:5b:3f:79:15:47:d6:6f:67:
68:e2:a5:4e:9d:68:d4:0b:79:cb:80:8b:f7:d3:de:f1:f9:67:
3a:7d:98:35:10:d7:27:7a:15:e6:03:c0:b0:48:62:bd:47:eb:
34:4e:ee:cb:3f:3f:bb:f7:41:86:68:f1:04:a0:90:4e:20:51:
a4:6c:d1:00:56:7d:5f:03:5d:8d:c6:a8:91:a1:80:48:70:5c:
21:f1:73:e4:f0:6f:fc:33:0f:ad:0b:c2:18:f7:ef:0f:6c:92:
a0:86:de:93:dd:a3:82:02:9b:ad:ba:84:c6:35:d4:84:04:b0:
63:1f:e4:8f:f2:4b:ea:f5:b1:40:eb:99:b6:2a:1e:f1:39:9a:
cc:9a:b4:13
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICBAowDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
NDRGRjBBRjExMC8GA1UEBRMoRTg5RUZFMzUxRTYwMjUyQTI2MjU2RDhERUU4RjY5
RTc3MjRDQUQ1QTAeFw0yNTA5MTMxMzM3MThaFw0yNjAzMzAxMzM3MThaMBgxFjAU
BgNVBAMTDTY4YzU3MzkzLTI4MzkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC8+RpWIEBhzVD/qclVSBRLd80TGqIr54F6hj9UePJXFAdInqBymMK1Zlb2
C9veUTwFSZ2EjE+Um80Ws9LiPgn/AxBy/9Ba9/9UNzxYPI7fzUKpulyVDPdnr2OX
owzXUyGbN7zZsp6KEWt6G0plEiwCpCZ3A0NcRyoqJHD0E6c5kIpZPoGh/Qkgyxip
fEEZpJgtNs6lZplJQ19i2rfs2FWl2CGXvzxq4yplK58I0B/ok3g6jrPINBwMju8t
OVzFBZlX0ZtLa1CM2LhkonYWBcLXKXb9KQYkDKM2IeYfBpa1ZEUpEMc5XOtUre/l
laAZ7nRZFPNuMTHQFrFJaKfhar13AgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUNVn7
Uces6IQzqN5Ux1oUfkbzKdwwHwYDVR0jBBgwFoAU6J7+NR5gJSomJW2N7o9p53JM
rVowDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjQ0RkYwLzc0NUY2MjQwOUI0NTExRUQ5M0M5NTBBRUYxMjIyNDY4LzZKNy1O
UjVnSlNvbUpXMk43bzlwNTNKTXJWby5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljLzZKNy1OUjVnSlNvbUpXMk43bzlwNTNKTXJWby5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjQ0RkYwLzc0NUY2MjQwOUI0NTExRUQ5M0M5NTBBRUYx
MjIyNDY4L0M3MEUxNUU2OTBBNjExRjBCQTM3RUZDOERBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJmzOgwDQYJKoZIhvcNAQEL
BQADggEBAKwVYNKHcoij5Kby/vcBdBac0aKEQjQLV62PzBQ0CzUL99Wt3KRE1uIE
HC/2PUjNf3J5WvAM/EDcBI+ophgsD5wdrl6G8KqkHlruxQ0OY6h1Mp/YydWanH5G
kPERMtvKZsrNukNmi1UyBBb/8rIGAuKW2MzOR1xbP3kVR9ZvZ2jipU6daNQLecuA
i/fT3vH5Zzp9mDUQ1yd6FeYDwLBIYr1H6zRO7ss/P7v3QYZo8QSgkE4gUaRs0QBW
fV8DXY3GqJGhgEhwXCHxc+Twb/wzD60Lwhj37w9skqCG3pPdo4ICm626hMY11IQE
sGMf5I/yS+r1sUDrmbYqHvE5msyatBM=
-----END CERTIFICATE-----
Generated at Wed Sep 17 02:41:35 2025 by rpki-client