Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F366A2B2/D3F441AE66E411F0A0DA6692DAE4EC9C/F8600BDE84B911F085AD04A3DAE4EC9C.roa
File: F8600BDE84B911F085AD04A3DAE4EC9C.roa (raw, json)
Hash identifier: DP8mnGerifLfSRadwXVvA2WZ6PCmE2usVrRlV28umhs=
Subject key identifier: 43:E8:D7:BF:98:8C:8D:54:E2:D2:45:E0:52:73:F2:8A:B2:F3:84:F5
Certificate issuer: /CN=F366A2B2AF/serialNumber=3AE7646CE6AD569F7616E6A6F6FD3B1986BED419
Certificate serial: 2E
Authority key identifier: 3A:E7:64:6C:E6:AD:56:9F:76:16:E6:A6:F6:FD:3B:19:86:BE:D4:19
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/OudkbOatVp92Fuam9v07GYa-1Bk.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F366A2B2/D3F441AE66E411F0A0DA6692DAE4EC9C/F8600BDE84B911F085AD04A3DAE4EC9C.roa
Signing time: Fri 29 Aug 2025 09:24:32 +0000
ROA not before: Fri 29 Aug 2025 09:24:27 +0000
ROA not after: Mon 31 Dec 2035 09:24:27 +0000
asID: 328534
IP address blocks: 102.36.164.0/24 maxlen: 24
102.36.165.0/24 maxlen: 24
102.36.166.0/24 maxlen: 24
102.36.167.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F366A2B2/D3F441AE66E411F0A0DA6692DAE4EC9C/OudkbOatVp92Fuam9v07GYa-1Bk.crl
rsync://rpki.afrinic.net/repository/member_repository/F366A2B2/D3F441AE66E411F0A0DA6692DAE4EC9C/OudkbOatVp92Fuam9v07GYa-1Bk.mft
rsync://rpki.afrinic.net/repository/afrinic/OudkbOatVp92Fuam9v07GYa-1Bk.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 19 Sep 2025 05:07:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 46 (0x2e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F366A2B2AF, serialNumber=3AE7646CE6AD569F7616E6A6F6FD3B1986BED419
Validity
Not Before: Aug 29 09:24:27 2025 GMT
Not After : Dec 31 09:24:27 2035 GMT
Subject: CN=68b171d0-3e07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:20:85:b8:18:80:7a:ba:2d:ae:52:86:c3:7c:
a1:a1:a3:cc:a9:50:8d:f4:4b:7f:2a:17:a5:e2:66:
fd:05:21:aa:2b:42:a7:d2:c9:1f:92:f6:ba:86:e8:
9d:be:88:7b:88:b3:6c:b2:83:47:61:4d:cf:2a:08:
5f:6e:e8:a0:5c:5d:5b:45:8a:01:c9:3a:86:88:e6:
07:b7:f3:fd:33:6a:54:40:5c:df:4b:9e:fe:14:ac:
de:f8:be:62:52:6d:f5:ca:28:cd:4c:8e:15:c9:ba:
51:43:3e:f0:34:ed:19:fb:45:d2:56:d4:8b:f1:8e:
23:a0:d2:4b:2c:61:b5:2d:95:23:2a:29:1c:44:a4:
68:e7:6e:23:bf:76:52:e2:51:c6:6b:19:8f:84:af:
64:6b:71:4e:c7:42:ca:66:03:36:ce:cb:22:86:5f:
c7:59:fd:a9:68:a0:f8:85:1f:2d:e1:1d:fd:a0:95:
47:10:78:00:6c:6a:7f:9f:b2:ec:83:6e:f7:1e:72:
ca:7e:1d:0a:1e:4a:11:ac:09:0f:a7:de:92:cc:26:
98:13:85:70:ad:bd:ad:a0:18:74:4d:80:c1:20:81:
fa:49:a5:b4:20:d9:c5:f0:e7:b4:bc:29:49:0f:43:
0a:11:03:e5:c7:67:ad:ab:54:fc:ec:7a:ed:d6:f4:
94:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:E8:D7:BF:98:8C:8D:54:E2:D2:45:E0:52:73:F2:8A:B2:F3:84:F5
X509v3 Authority Key Identifier:
keyid:3A:E7:64:6C:E6:AD:56:9F:76:16:E6:A6:F6:FD:3B:19:86:BE:D4:19
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F366A2B2/D3F441AE66E411F0A0DA6692DAE4EC9C/OudkbOatVp92Fuam9v07GYa-1Bk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/OudkbOatVp92Fuam9v07GYa-1Bk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F366A2B2/D3F441AE66E411F0A0DA6692DAE4EC9C/F8600BDE84B911F085AD04A3DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.36.164.0/22
Signature Algorithm: sha256WithRSAEncryption
bf:e0:fc:48:83:c7:d0:aa:0c:8d:72:f3:91:41:7a:16:55:7f:
03:9c:fd:d6:7d:f8:40:f6:a7:c1:dc:b0:39:e8:ff:a8:06:43:
3d:7f:b9:03:dd:2c:f3:91:0f:65:a1:d0:89:25:1d:b6:f7:6a:
e3:c4:54:e8:e5:3d:57:ce:f3:3d:58:df:6b:4f:41:16:15:29:
d7:77:10:9d:44:1f:7a:be:6b:45:6a:bc:c5:90:41:5a:7b:95:
c7:d3:29:7b:10:00:4e:a0:0e:63:18:f4:c4:b9:94:41:aa:02:
d1:89:4d:0b:4d:67:01:7d:63:31:37:8e:10:45:be:b7:24:8c:
a4:c9:13:22:5b:39:78:fe:57:aa:4f:e6:72:b4:c5:e7:a2:55:
88:45:e9:aa:b5:c7:ea:49:8c:65:7d:42:fb:8f:ce:e0:34:80:
42:d8:5c:dc:e2:2b:18:15:61:9c:8a:0a:8b:30:de:1b:26:a2:
61:0e:5d:9f:19:a5:f0:b5:1c:b0:ad:bb:f2:13:60:dc:35:d3:
cd:ec:a6:e4:9f:ee:a0:8e:27:51:18:3d:0d:ea:2e:77:24:9f:
40:1c:d3:91:0f:e9:f3:18:15:a6:03:1f:9f:da:93:70:c5:c9:
44:06:36:fa:a7:52:c6:80:e9:df:a6:c5:ab:d2:f0:fd:c7:b9:
fa:7e:d7:33
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBLjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY2
QTJCMkFGMTEwLwYDVQQFEygzQUU3NjQ2Q0U2QUQ1NjlGNzYxNkU2QTZGNkZEM0Ix
OTg2QkVENDE5MB4XDTI1MDgyOTA5MjQyN1oXDTM1MTIzMTA5MjQyN1owGDEWMBQG
A1UEAxMNNjhiMTcxZDAtM2UwNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN8ghbgYgHq6La5ShsN8oaGjzKlQjfRLfyoXpeJm/QUhqitCp9LJH5L2uobo
nb6Ie4izbLKDR2FNzyoIX27ooFxdW0WKAck6hojmB7fz/TNqVEBc30ue/hSs3vi+
YlJt9coozUyOFcm6UUM+8DTtGftF0lbUi/GOI6DSSyxhtS2VIyopHESkaOduI792
UuJRxmsZj4SvZGtxTsdCymYDNs7LIoZfx1n9qWig+IUfLeEd/aCVRxB4AGxqf5+y
7INu9x5yyn4dCh5KEawJD6fekswmmBOFcK29raAYdE2AwSCB+kmltCDZxfDntLwp
SQ9DChED5cdnratU/Ox67db0lE8CAwEAAaOCAqUwggKhMB0GA1UdDgQWBBRD6Ne/
mIyNVOLSReBSc/KKsvOE9TAfBgNVHSMEGDAWgBQ652Rs5q1Wn3YW5qb2/TsZhr7U
GTAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NkEyQjIvRDNGNDQxQUU2NkU0MTFGMEEwREE2NjkyREFFNEVDOUMvT3Vka2JP
YXRWcDkyRnVhbTl2MDdHWWEtMUJrLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvT3Vka2JPYXRWcDkyRnVhbTl2MDdHWWEtMUJrLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2NkEyQjIvRDNGNDQxQUU2NkU0MTFGMEEwREE2NjkyREFF
NEVDOUMvRjg2MDBCREU4NEI5MTFGMDg1QUQwNEEzREFFNEVDOUMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAmYkpDANBgkqhkiG9w0BAQsF
AAOCAQEAv+D8SIPH0KoMjXLzkUF6FlV/A5z91n34QPanwdywOej/qAZDPX+5A90s
85EPZaHQiSUdtvdq48RU6OU9V87zPVjfa09BFhUp13cQnUQfer5rRWq8xZBBWnuV
x9MpexAATqAOYxj0xLmUQaoC0YlNC01nAX1jMTeOEEW+tySMpMkTIls5eP5Xqk/m
crTF56JViEXpqrXH6kmMZX1C+4/O4DSAQthc3OIrGBVhnIoKizDeGyaiYQ5dnxml
8LUcsK278hNg3DXTzeym5J/uoI4nURg9DeoudySfQBzTkQ/p8xgVpgMfn9qTcMXJ
RAY2+qdSxoDp36bFq9Lw/ce5+n7XMw==
-----END CERTIFICATE-----
Generated at Thu Sep 18 03:18:31 2025 by rpki-client