Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F366C124/21E2D0D4CAF011E98C204478F8AEA228/F2B47ECE67CF11F0A078F98BDAE4EC9C.roa
File: F2B47ECE67CF11F0A078F98BDAE4EC9C.roa (raw, json)
Hash identifier: P3LDJsnxMQwbvrXOtqRElx5hirBS3sM/lIPVBob33/w=
Subject key identifier: 55:E0:57:94:FE:5E:C4:2E:EE:98:9F:CA:27:1E:F3:66:42:E4:CA:3E
Certificate issuer: /CN=F366C124AF/serialNumber=7540D052D1291113560BA82D232042B99AA8A64A
Certificate serial: 08A6
Authority key identifier: 75:40:D0:52:D1:29:11:13:56:0B:A8:2D:23:20:42:B9:9A:A8:A6:4A
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/dUDQUtEpERNWC6gtIyBCuZqopko.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F366C124/21E2D0D4CAF011E98C204478F8AEA228/F2B47ECE67CF11F0A078F98BDAE4EC9C.roa
Signing time: Wed 23 Jul 2025 14:18:48 +0000
ROA not before: Wed 23 Jul 2025 14:18:43 +0000
ROA not after: Tue 24 Jul 2035 14:18:43 +0000
asID: 328512
IP address blocks: 102.64.16.0/20 maxlen: 24
102.205.116.0/22 maxlen: 24
2c0f:edf8::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F366C124/21E2D0D4CAF011E98C204478F8AEA228/dUDQUtEpERNWC6gtIyBCuZqopko.crl
rsync://rpki.afrinic.net/repository/member_repository/F366C124/21E2D0D4CAF011E98C204478F8AEA228/dUDQUtEpERNWC6gtIyBCuZqopko.mft
rsync://rpki.afrinic.net/repository/afrinic/dUDQUtEpERNWC6gtIyBCuZqopko.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 03 Aug 2025 00:07:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2214 (0x8a6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F366C124AF, serialNumber=7540D052D1291113560BA82D232042B99AA8A64A
Validity
Not Before: Jul 23 14:18:43 2025 GMT
Not After : Jul 24 14:18:43 2035 GMT
Subject: CN=6880ef48-eec1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:a2:b4:54:62:99:db:2a:eb:48:62:4c:6b:0c:
72:57:6e:f9:99:aa:f4:00:e7:bf:fb:8c:2b:46:19:
e8:88:5e:b0:0f:a3:4f:26:de:26:2a:c1:c6:26:5f:
e5:c2:43:40:c9:6a:a0:1c:10:d8:e1:3b:e6:19:c8:
00:45:bc:18:02:f5:2c:40:28:35:e9:de:48:ae:e2:
33:3a:83:1e:12:8e:68:76:22:f7:5c:ac:5e:33:c5:
00:b6:13:fb:55:6e:d6:47:e6:a8:07:b5:db:9c:43:
ae:a7:6f:62:aa:af:f6:14:16:57:0b:10:90:df:d2:
e3:a4:cf:48:8f:63:3f:0a:5e:b6:45:75:8e:d5:d0:
cf:de:50:d6:d3:a2:a3:c3:f7:d0:a8:aa:5e:08:00:
52:72:c0:ae:ae:70:79:c6:4a:f3:5b:25:1f:c8:5b:
bf:e9:82:2d:11:92:a1:43:7a:86:4a:7d:bc:84:e6:
ad:f1:19:50:4a:9a:11:c2:02:6d:8f:56:47:45:63:
76:6c:67:9c:71:d9:d0:81:79:f0:09:d7:39:e0:35:
d8:88:cd:e5:10:61:23:d7:5d:66:07:6c:6e:9a:18:
d2:85:08:15:4f:79:ef:9f:4f:b7:c6:74:92:f8:3c:
8d:a2:5a:cb:e9:4b:47:ff:0c:41:89:29:e3:aa:87:
c1:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:E0:57:94:FE:5E:C4:2E:EE:98:9F:CA:27:1E:F3:66:42:E4:CA:3E
X509v3 Authority Key Identifier:
keyid:75:40:D0:52:D1:29:11:13:56:0B:A8:2D:23:20:42:B9:9A:A8:A6:4A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F366C124/21E2D0D4CAF011E98C204478F8AEA228/dUDQUtEpERNWC6gtIyBCuZqopko.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/dUDQUtEpERNWC6gtIyBCuZqopko.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F366C124/21E2D0D4CAF011E98C204478F8AEA228/F2B47ECE67CF11F0A078F98BDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.64.16.0/20
102.205.116.0/22
IPv6:
2c0f:edf8::/32
Signature Algorithm: sha256WithRSAEncryption
92:d4:f0:5f:60:5c:a8:fb:c9:cb:6c:34:8e:5d:95:0a:e8:21:
34:ac:18:82:f4:19:b6:b3:5f:4e:6e:4c:27:36:f1:2e:49:a7:
46:5e:b4:62:53:07:28:ed:71:72:29:b3:64:d1:fc:c7:35:bb:
95:8c:19:0e:43:22:0f:a0:5d:4f:9a:89:4e:b1:e6:89:c8:69:
40:56:1c:2c:04:b5:16:69:a8:78:9a:d5:24:48:45:df:57:e9:
b6:8d:5a:dd:9c:4f:55:f5:19:8d:8b:15:34:33:9e:2d:8c:94:
31:4c:80:65:86:dc:9d:38:db:f6:10:0f:cb:a2:db:7d:2a:9f:
1a:0a:85:65:1e:45:1d:cc:c5:29:e4:23:c8:b1:74:57:e9:16:
13:88:ec:a8:4b:b4:6b:d5:91:86:92:e1:2c:12:a3:aa:eb:67:
71:e2:5e:46:d9:19:1f:bf:cb:d4:c4:57:1a:a0:40:6c:c6:e8:
e7:e4:3e:39:4c:1a:df:4e:2c:1d:9e:97:e9:33:ba:a8:77:b4:
da:eb:35:c9:ba:36:25:bb:6e:ca:e6:c1:f8:c5:dc:36:ea:4e:
fd:df:37:42:6a:34:c7:22:f0:d7:a1:1e:4a:86:9d:8c:fa:6e:
29:a9:1c:02:58:85:0e:3c:f9:b8:f1:a4:69:7c:d9:bb:3c:61:
8a:39:90:a5
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgICCKYwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
NkMxMjRBRjExMC8GA1UEBRMoNzU0MEQwNTJEMTI5MTExMzU2MEJBODJEMjMyMDQy
Qjk5QUE4QTY0QTAeFw0yNTA3MjMxNDE4NDNaFw0zNTA3MjQxNDE4NDNaMBgxFjAU
BgNVBAMTDTY4ODBlZjQ4LWVlYzEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCdorRUYpnbKutIYkxrDHJXbvmZqvQA57/7jCtGGeiIXrAPo08m3iYqwcYm
X+XCQ0DJaqAcENjhO+YZyABFvBgC9SxAKDXp3kiu4jM6gx4Sjmh2IvdcrF4zxQC2
E/tVbtZH5qgHtducQ66nb2Kqr/YUFlcLEJDf0uOkz0iPYz8KXrZFdY7V0M/eUNbT
oqPD99Coql4IAFJywK6ucHnGSvNbJR/IW7/pgi0RkqFDeoZKfbyE5q3xGVBKmhHC
Am2PVkdFY3ZsZ5xx2dCBefAJ1zngNdiIzeUQYSPXXWYHbG6aGNKFCBVPee+fT7fG
dJL4PI2iWsvpS0f/DEGJKeOqh8EtAgMBAAGjggK6MIICtjAdBgNVHQ4EFgQUVeBX
lP5exC7umJ/KJx7zZkLkyj4wHwYDVR0jBBgwFoAUdUDQUtEpERNWC6gtIyBCuZqo
pkowDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjZDMTI0LzIxRTJEMEQ0Q0FGMDExRTk4QzIwNDQ3OEY4QUVBMjI4L2RVRFFV
dEVwRVJOV0M2Z3RJeUJDdVpxb3Brby5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL2RVRFFVdEVwRVJOV0M2Z3RJeUJDdVpxb3Brby5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjZDMTI0LzIxRTJEMEQ0Q0FGMDExRTk4QzIwNDQ3OEY4
QUVBMjI4L0YyQjQ3RUNFNjdDRjExRjBBMDc4Rjk4QkRBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwNAYIKwYBBQUHAQcBAf8EJTAjMBIEAgABMAwDBARmQBADBAJmzXQwDQQCAAIw
BwMFACwP7fgwDQYJKoZIhvcNAQELBQADggEBAJLU8F9gXKj7yctsNI5dlQroITSs
GIL0GbazX05uTCc28S5Jp0ZetGJTByjtcXIps2TR/Mc1u5WMGQ5DIg+gXU+aiU6x
5onIaUBWHCwEtRZpqHia1SRIRd9X6baNWt2cT1X1GY2LFTQzni2MlDFMgGWG3J04
2/YQD8ui230qnxoKhWUeRR3MxSnkI8ixdFfpFhOI7KhLtGvVkYaS4SwSo6rrZ3Hi
XkbZGR+/y9TEVxqgQGzG6OfkPjlMGt9OLB2el+kzuqh3tNrrNcm6NiW7bsrmwfjF
3DbqTv3fN0JqNMci8NehHkqGnYz6bimpHAJYhQ48+bjxpGl82bs8YYo5kKU=
-----END CERTIFICATE-----
Generated at Fri Aug 1 18:09:38 2025 by rpki-client