Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36BC80A/472EF5B2E75C11EC9D7F90D8F1222468/5B20E2CAB5CF11F09368898BDAE4EC9C.roa
File: 5B20E2CAB5CF11F09368898BDAE4EC9C.roa (raw, json)
Hash identifier: 8lx8POTXnxQ/rETcudf+Tn5nhHis5M15ESoQBVa0Mz4=
Subject key identifier: 3F:9F:B7:10:22:C8:36:31:41:BC:36:A6:35:49:73:99:DF:91:34:A1
Certificate issuer: /CN=F36BC80AAF/serialNumber=8C8F8CE2AD55B9366BEC6EDF492CD9C1498E0664
Certificate serial: 054C
Authority key identifier: 8C:8F:8C:E2:AD:55:B9:36:6B:EC:6E:DF:49:2C:D9:C1:49:8E:06:64
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/jI-M4q1VuTZr7G7fSSzZwUmOBmQ.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36BC80A/472EF5B2E75C11EC9D7F90D8F1222468/5B20E2CAB5CF11F09368898BDAE4EC9C.roa
Signing time: Thu 30 Oct 2025 20:31:04 +0000
ROA not before: Thu 30 Oct 2025 20:31:00 +0000
ROA not after: Wed 31 Oct 2035 20:31:00 +0000
asID: 59895
IP address blocks: 102.223.186.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36BC80A/472EF5B2E75C11EC9D7F90D8F1222468/jI-M4q1VuTZr7G7fSSzZwUmOBmQ.crl
rsync://rpki.afrinic.net/repository/member_repository/F36BC80A/472EF5B2E75C11EC9D7F90D8F1222468/jI-M4q1VuTZr7G7fSSzZwUmOBmQ.mft
rsync://rpki.afrinic.net/repository/afrinic/jI-M4q1VuTZr7G7fSSzZwUmOBmQ.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 04 Nov 2025 00:06:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1356 (0x54c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36BC80AAF, serialNumber=8C8F8CE2AD55B9366BEC6EDF492CD9C1498E0664
Validity
Not Before: Oct 30 20:31:00 2025 GMT
Not After : Oct 31 20:31:00 2035 GMT
Subject: CN=6903cb08-df47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:15:a3:71:04:07:a0:f3:9c:5e:42:84:49:ed:
26:bd:b4:6d:db:f7:85:9a:16:85:18:f5:ef:ba:44:
05:80:b8:f4:b2:c5:71:6e:84:a5:76:47:d4:8d:0c:
ad:0a:f6:cb:cc:c7:77:a6:77:02:5e:cd:31:41:1d:
ff:c2:8a:4b:ce:97:86:a7:2a:63:58:d1:e0:c2:2b:
a6:4a:0c:e3:4b:5d:64:01:74:65:9b:87:66:8c:bf:
81:e6:b2:02:ab:cd:fe:e7:fe:de:3a:17:c0:8f:1b:
34:e3:79:2f:b4:8d:c9:4f:74:1f:92:52:71:dd:7a:
c2:0f:ba:0d:9b:ae:0f:cd:45:4c:0d:58:b9:45:ab:
a7:ca:a6:3a:e6:d9:d8:68:46:fb:00:6e:5d:cf:30:
0a:ca:4f:2c:02:f4:c9:88:e6:9f:55:72:ca:c7:7f:
c5:84:1a:53:aa:16:f1:80:b2:8a:c1:6d:5f:3a:0b:
c7:2b:89:85:83:a0:c8:e5:18:d0:10:94:9f:1c:b3:
1e:8a:6e:b6:f0:12:02:61:ef:77:fa:c4:ee:34:f6:
a6:52:1d:7e:95:53:ce:5d:41:0a:cb:c3:12:52:d0:
7b:d3:3b:99:3e:cc:47:75:c1:aa:82:3e:4c:5b:32:
14:35:91:30:07:68:1e:7d:ac:7b:bd:46:4c:ab:ce:
2d:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:9F:B7:10:22:C8:36:31:41:BC:36:A6:35:49:73:99:DF:91:34:A1
X509v3 Authority Key Identifier:
keyid:8C:8F:8C:E2:AD:55:B9:36:6B:EC:6E:DF:49:2C:D9:C1:49:8E:06:64
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36BC80A/472EF5B2E75C11EC9D7F90D8F1222468/jI-M4q1VuTZr7G7fSSzZwUmOBmQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/jI-M4q1VuTZr7G7fSSzZwUmOBmQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36BC80A/472EF5B2E75C11EC9D7F90D8F1222468/5B20E2CAB5CF11F09368898BDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.223.186.0/24
Signature Algorithm: sha256WithRSAEncryption
87:45:82:a2:d8:b4:41:97:c7:30:fa:5e:ca:79:5d:f9:14:ff:
72:5d:0e:ec:ff:74:28:f8:ee:df:33:59:fd:c2:fd:3a:1a:e5:
06:b6:f4:96:43:85:4c:28:e9:fe:58:9e:93:45:c3:59:4e:59:
2f:9c:21:42:f0:08:80:80:46:29:0e:b6:34:1d:a6:04:99:bc:
85:70:37:f7:19:f8:f4:26:0c:96:41:55:e9:d6:a2:a5:50:91:
f7:1d:3f:67:ac:19:13:c3:69:74:33:6b:ee:4f:9d:c7:1b:5a:
fc:39:60:c2:2b:08:91:09:82:67:8f:3e:f4:64:f1:81:55:dd:
a5:0d:be:03:60:40:8f:58:1d:fd:bf:9a:e2:d9:86:24:24:58:
3c:1b:8f:bf:88:3e:24:9b:b6:c6:6a:05:01:76:f3:e0:76:7b:
13:b9:f3:72:ae:bf:87:c2:15:b2:57:36:fc:2e:79:30:f6:a8:
82:8e:85:d7:17:36:21:40:fc:6f:d1:63:c5:35:4e:c5:bb:65:
97:92:3d:8a:cc:3e:e2:a3:b1:e7:c8:c8:31:c8:1a:c4:0d:14:
9a:65:26:ab:bf:dd:20:d4:57:c3:a6:3d:d1:29:73:b1:c7:01:
2b:cf:dd:1f:ec:06:46:d3:0e:21:07:44:97:b3:8a:5c:69:6d:
f6:65:c9:ea
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICBUwwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
QkM4MEFBRjExMC8GA1UEBRMoOEM4RjhDRTJBRDU1QjkzNjZCRUM2RURGNDkyQ0Q5
QzE0OThFMDY2NDAeFw0yNTEwMzAyMDMxMDBaFw0zNTEwMzEyMDMxMDBaMBgxFjAU
BgNVBAMTDTY5MDNjYjA4LWRmNDcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCpFaNxBAeg85xeQoRJ7Sa9tG3b94WaFoUY9e+6RAWAuPSyxXFuhKV2R9SN
DK0K9svMx3emdwJezTFBHf/CikvOl4anKmNY0eDCK6ZKDONLXWQBdGWbh2aMv4Hm
sgKrzf7n/t46F8CPGzTjeS+0jclPdB+SUnHdesIPug2brg/NRUwNWLlFq6fKpjrm
2dhoRvsAbl3PMArKTywC9MmI5p9VcsrHf8WEGlOqFvGAsorBbV86C8criYWDoMjl
GNAQlJ8csx6KbrbwEgJh73f6xO409qZSHX6VU85dQQrLwxJS0HvTO5k+zEd1waqC
PkxbMhQ1kTAHaB59rHu9Rkyrzi3tAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUP5+3
ECLINjFBvDamNUlzmd+RNKEwHwYDVR0jBBgwFoAUjI+M4q1VuTZr7G7fSSzZwUmO
BmQwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkJDODBBLzQ3MkVGNUIyRTc1QzExRUM5RDdGOTBEOEYxMjIyNDY4L2pJLU00
cTFWdVRacjdHN2ZTU3pad1VtT0JtUS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL2pJLU00cTFWdVRacjdHN2ZTU3pad1VtT0JtUS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkJDODBBLzQ3MkVGNUIyRTc1QzExRUM5RDdGOTBEOEYx
MjIyNDY4LzVCMjBFMkNBQjVDRjExRjA5MzY4ODk4QkRBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABm37owDQYJKoZIhvcNAQEL
BQADggEBAIdFgqLYtEGXxzD6Xsp5XfkU/3JdDuz/dCj47t8zWf3C/Toa5Qa29JZD
hUwo6f5YnpNFw1lOWS+cIULwCICARikOtjQdpgSZvIVwN/cZ+PQmDJZBVenWoqVQ
kfcdP2esGRPDaXQza+5PnccbWvw5YMIrCJEJgmePPvRk8YFV3aUNvgNgQI9YHf2/
muLZhiQkWDwbj7+IPiSbtsZqBQF28+B2exO583Kuv4fCFbJXNvwueTD2qIKOhdcX
NiFA/G/RY8U1TsW7ZZeSPYrMPuKjsefIyDHIGsQNFJplJqu/3SDUV8OmPdEpc7HH
ASvP3R/sBkbTDiEHRJezilxpbfZlyeo=
-----END CERTIFICATE-----
Generated at Sun Nov 2 09:04:16 2025 by rpki-client