Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36BC80A/472EF5B2E75C11EC9D7F90D8F1222468/D6A36628B5D111F099116B98DAE4EC9C.roa
File: D6A36628B5D111F099116B98DAE4EC9C.roa (raw, json)
Hash identifier: Qb7brFTW1SmyM6hCIpLR/WnpCM+Gnw0eopnrES6lJs4=
Subject key identifier: D3:9B:56:33:31:43:16:1A:A6:D4:51:83:B1:86:2F:DB:D7:5A:12:70
Certificate issuer: /CN=F36BC80AAF/serialNumber=8C8F8CE2AD55B9366BEC6EDF492CD9C1498E0664
Certificate serial: 0559
Authority key identifier: 8C:8F:8C:E2:AD:55:B9:36:6B:EC:6E:DF:49:2C:D9:C1:49:8E:06:64
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/jI-M4q1VuTZr7G7fSSzZwUmOBmQ.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36BC80A/472EF5B2E75C11EC9D7F90D8F1222468/D6A36628B5D111F099116B98DAE4EC9C.roa
Signing time: Thu 30 Oct 2025 20:48:50 +0000
ROA not before: Thu 30 Oct 2025 20:48:46 +0000
ROA not after: Wed 31 Oct 2035 20:48:46 +0000
asID: 59895
IP address blocks: 41.77.143.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36BC80A/472EF5B2E75C11EC9D7F90D8F1222468/jI-M4q1VuTZr7G7fSSzZwUmOBmQ.crl
rsync://rpki.afrinic.net/repository/member_repository/F36BC80A/472EF5B2E75C11EC9D7F90D8F1222468/jI-M4q1VuTZr7G7fSSzZwUmOBmQ.mft
rsync://rpki.afrinic.net/repository/afrinic/jI-M4q1VuTZr7G7fSSzZwUmOBmQ.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 04 Nov 2025 00:06:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1369 (0x559)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36BC80AAF, serialNumber=8C8F8CE2AD55B9366BEC6EDF492CD9C1498E0664
Validity
Not Before: Oct 30 20:48:46 2025 GMT
Not After : Oct 31 20:48:46 2035 GMT
Subject: CN=6903cf32-5d70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:d1:fc:90:6b:39:92:0e:14:dd:45:78:2d:75:
b7:1c:3f:2f:4e:0c:6a:99:b6:91:88:0b:54:99:e0:
32:18:ee:ca:ab:02:82:ca:2e:17:0e:3e:10:79:0a:
d4:52:f2:37:a3:4a:9e:d1:f2:90:ed:25:b8:a0:bc:
02:49:e5:c5:f7:25:c1:b6:d6:41:0c:df:13:5c:b0:
58:1e:c3:97:12:02:e3:2c:ee:39:4d:2c:54:af:99:
55:84:c6:76:63:3b:a7:15:45:1f:2d:d7:81:26:cc:
10:fe:43:2e:14:df:9a:9e:b1:60:8a:f1:ff:9b:ab:
40:7a:c6:3b:82:0b:bb:d2:4c:82:1a:92:05:f1:5f:
4b:bd:af:79:cd:60:2b:81:70:32:0b:2b:c1:13:78:
fb:3e:f5:f8:47:c4:d3:3d:b7:84:80:9d:33:b1:5c:
6b:87:44:35:69:24:f4:8a:ec:47:a2:2e:35:89:44:
b4:d1:13:cb:88:fa:5b:99:06:bf:31:2a:3c:3f:62:
be:bc:ee:c8:72:88:a8:80:1a:86:db:c0:79:fa:95:
c3:2b:c9:bf:34:54:e3:b0:00:66:94:8e:bd:ce:e7:
57:a1:60:0b:2e:77:be:91:23:26:06:2e:59:6f:a7:
d3:4c:d1:d6:f8:31:af:cf:ec:69:d8:81:42:16:ad:
30:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:9B:56:33:31:43:16:1A:A6:D4:51:83:B1:86:2F:DB:D7:5A:12:70
X509v3 Authority Key Identifier:
keyid:8C:8F:8C:E2:AD:55:B9:36:6B:EC:6E:DF:49:2C:D9:C1:49:8E:06:64
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36BC80A/472EF5B2E75C11EC9D7F90D8F1222468/jI-M4q1VuTZr7G7fSSzZwUmOBmQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/jI-M4q1VuTZr7G7fSSzZwUmOBmQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36BC80A/472EF5B2E75C11EC9D7F90D8F1222468/D6A36628B5D111F099116B98DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
41.77.143.0/24
Signature Algorithm: sha256WithRSAEncryption
c4:cc:2c:01:d5:38:18:18:3b:99:1e:5f:07:61:9a:37:f7:7f:
32:8a:42:a7:15:0c:80:18:b5:83:b3:30:78:9c:e5:d0:35:28:
d9:a1:31:83:94:43:dc:15:47:60:6b:2a:af:32:bb:5f:3a:45:
36:b9:3b:71:db:6b:39:8b:1d:c9:16:8d:98:c9:e2:36:73:cc:
3f:88:20:32:28:45:ab:bc:31:f1:d0:70:c5:66:33:21:9d:b0:
8d:56:01:25:68:13:92:2a:7b:ff:b8:54:3f:65:c2:01:07:48:
65:4c:41:53:67:3b:75:4f:43:bb:34:2f:4c:fa:ce:ee:7d:12:
eb:32:6a:13:19:32:ab:c8:af:91:8f:ea:61:b9:ba:b4:07:21:
83:9f:6e:2e:c9:b5:23:4a:22:c0:32:3e:6c:a2:1c:f9:16:62:
95:4e:b6:ea:a0:c6:4a:ac:0e:86:9f:e4:af:3e:b3:f7:17:4c:
e6:54:2a:51:b9:9e:36:c1:ad:32:a7:0d:b8:84:8e:ca:f0:68:
18:36:33:db:d2:47:3e:19:60:e9:77:df:39:bf:5f:1a:3d:8e:
d0:18:ab:57:03:2e:19:a6:37:97:21:97:36:fd:be:3b:f7:80:
18:d3:17:17:41:de:e3:86:6f:6a:56:5b:3f:94:0b:8e:46:21:
50:c6:5f:65
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICBVkwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
QkM4MEFBRjExMC8GA1UEBRMoOEM4RjhDRTJBRDU1QjkzNjZCRUM2RURGNDkyQ0Q5
QzE0OThFMDY2NDAeFw0yNTEwMzAyMDQ4NDZaFw0zNTEwMzEyMDQ4NDZaMBgxFjAU
BgNVBAMTDTY5MDNjZjMyLTVkNzAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDd0fyQazmSDhTdRXgtdbccPy9ODGqZtpGIC1SZ4DIY7sqrAoLKLhcOPhB5
CtRS8jejSp7R8pDtJbigvAJJ5cX3JcG21kEM3xNcsFgew5cSAuMs7jlNLFSvmVWE
xnZjO6cVRR8t14EmzBD+Qy4U35qesWCK8f+bq0B6xjuCC7vSTIIakgXxX0u9r3nN
YCuBcDILK8ETePs+9fhHxNM9t4SAnTOxXGuHRDVpJPSK7EeiLjWJRLTRE8uI+luZ
Br8xKjw/Yr687shyiKiAGobbwHn6lcMryb80VOOwAGaUjr3O51ehYAsud76RIyYG
Lllvp9NM0db4Ma/P7GnYgUIWrTCxAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQU05tW
MzFDFhqm1FGDsYYv29daEnAwHwYDVR0jBBgwFoAUjI+M4q1VuTZr7G7fSSzZwUmO
BmQwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkJDODBBLzQ3MkVGNUIyRTc1QzExRUM5RDdGOTBEOEYxMjIyNDY4L2pJLU00
cTFWdVRacjdHN2ZTU3pad1VtT0JtUS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL2pJLU00cTFWdVRacjdHN2ZTU3pad1VtT0JtUS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkJDODBBLzQ3MkVGNUIyRTc1QzExRUM5RDdGOTBEOEYx
MjIyNDY4L0Q2QTM2NjI4QjVEMTExRjA5OTExNkI5OERBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAApTY8wDQYJKoZIhvcNAQEL
BQADggEBAMTMLAHVOBgYO5keXwdhmjf3fzKKQqcVDIAYtYOzMHic5dA1KNmhMYOU
Q9wVR2BrKq8yu186RTa5O3HbazmLHckWjZjJ4jZzzD+IIDIoRau8MfHQcMVmMyGd
sI1WASVoE5Iqe/+4VD9lwgEHSGVMQVNnO3VPQ7s0L0z6zu59EusyahMZMqvIr5GP
6mG5urQHIYOfbi7JtSNKIsAyPmyiHPkWYpVOtuqgxkqsDoaf5K8+s/cXTOZUKlG5
njbBrTKnDbiEjsrwaBg2M9vSRz4ZYOl33zm/Xxo9jtAYq1cDLhmmN5chlzb9vjv3
gBjTFxdB3uOGb2pWWz+UC45GIVDGX2U=
-----END CERTIFICATE-----
Generated at Sun Nov 2 09:04:19 2025 by rpki-client