Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36C11E4/13DDD38883AD11EEA0A81B324AD9E6FC/DB8FF5EC8FCB11F0AB6B7CC3DAE4EC9C.roa
File: DB8FF5EC8FCB11F0AB6B7CC3DAE4EC9C.roa (raw, json)
Hash identifier: MWBh8j3tbpFo+evponTu0mS8C9DNHC3IYuWTwyyHOBg=
Subject key identifier: 09:A9:58:29:8C:CF:3A:9E:16:41:69:F2:09:C9:6C:73:57:9B:24:1D
Certificate issuer: /CN=F36C11E4AF/serialNumber=F023B97708196FF9F20BC9287D56C42CAAE5140F
Certificate serial: 02B3
Authority key identifier: F0:23:B9:77:08:19:6F:F9:F2:0B:C9:28:7D:56:C4:2C:AA:E5:14:0F
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/8CO5dwgZb_nyC8kofVbELKrlFA8.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36C11E4/13DDD38883AD11EEA0A81B324AD9E6FC/DB8FF5EC8FCB11F0AB6B7CC3DAE4EC9C.roa
Signing time: Fri 12 Sep 2025 11:30:18 +0000
ROA not before: Fri 12 Sep 2025 11:30:13 +0000
ROA not after: Wed 12 Sep 2035 11:30:13 +0000
asID: 328169
IP address blocks: 102.214.163.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36C11E4/13DDD38883AD11EEA0A81B324AD9E6FC/8CO5dwgZb_nyC8kofVbELKrlFA8.crl
rsync://rpki.afrinic.net/repository/member_repository/F36C11E4/13DDD38883AD11EEA0A81B324AD9E6FC/8CO5dwgZb_nyC8kofVbELKrlFA8.mft
rsync://rpki.afrinic.net/repository/afrinic/8CO5dwgZb_nyC8kofVbELKrlFA8.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 18 Sep 2025 00:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 691 (0x2b3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36C11E4AF, serialNumber=F023B97708196FF9F20BC9287D56C42CAAE5140F
Validity
Not Before: Sep 12 11:30:13 2025 GMT
Not After : Sep 12 11:30:13 2035 GMT
Subject: CN=68c4044a-f5e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:3b:86:ee:37:48:74:6d:c1:f5:63:22:b1:85:
ad:15:6d:3a:1c:33:32:6e:2d:c2:08:5b:6b:97:0f:
86:ba:91:ac:dd:3d:93:84:87:3f:ff:62:0a:c3:81:
95:1a:55:64:e5:60:72:b9:d6:a9:32:3c:ce:3a:d7:
91:07:c2:0a:0a:cc:f3:2d:a8:e6:eb:cc:f7:82:1f:
1f:01:b8:28:e3:5b:66:33:6f:28:17:59:ae:f2:13:
16:aa:ed:ba:d1:3a:33:3f:8b:ec:59:51:c1:af:c0:
c7:db:39:b4:b5:7e:4c:e6:fc:b6:bc:fa:05:f4:29:
20:9b:2e:a7:ec:8c:d9:fb:95:8f:57:4a:27:4f:65:
08:53:2d:c8:e0:20:3f:9a:e2:07:14:9a:b6:e3:02:
1d:0a:ba:2e:a1:e2:29:1f:1e:e9:91:08:5b:72:e4:
00:fe:d2:49:8f:cf:5a:57:c3:e0:e0:94:ab:e9:93:
ee:30:5e:00:7c:af:9b:fd:ab:a2:85:13:d4:8c:08:
c5:69:1c:29:f9:bd:ce:ec:f6:6f:45:0a:95:f8:00:
c7:5e:1e:ee:e6:58:fd:c4:fc:e9:00:2e:a3:de:35:
fb:e4:7e:79:cb:d9:53:d8:f9:20:bd:21:b5:f4:14:
9c:54:d5:32:2f:d6:94:65:3b:67:9b:8b:5b:4d:45:
82:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:A9:58:29:8C:CF:3A:9E:16:41:69:F2:09:C9:6C:73:57:9B:24:1D
X509v3 Authority Key Identifier:
keyid:F0:23:B9:77:08:19:6F:F9:F2:0B:C9:28:7D:56:C4:2C:AA:E5:14:0F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36C11E4/13DDD38883AD11EEA0A81B324AD9E6FC/8CO5dwgZb_nyC8kofVbELKrlFA8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/8CO5dwgZb_nyC8kofVbELKrlFA8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36C11E4/13DDD38883AD11EEA0A81B324AD9E6FC/DB8FF5EC8FCB11F0AB6B7CC3DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.214.163.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:28:d1:47:d2:b8:20:cf:f6:21:73:44:81:38:96:75:65:ea:
c6:e3:54:a0:9d:66:01:76:4f:06:f9:37:7d:27:80:89:9f:07:
19:cc:d0:7a:d9:d5:c3:aa:ce:fd:c2:06:4d:c4:70:7d:ad:57:
4a:95:d3:b5:b5:4b:5f:f6:a2:6b:c4:c5:38:93:88:7b:85:d8:
8b:28:8e:ae:7a:c9:12:e9:be:08:a4:a0:dc:38:2f:83:17:c7:
46:63:3c:92:4b:6c:17:31:6c:56:f8:56:35:db:05:a0:1a:4b:
56:8d:8f:ff:15:99:d2:4b:54:96:c2:f6:dd:82:63:d5:b9:74:
40:37:a8:a4:17:b2:76:32:bc:82:9d:86:8f:ce:1b:ea:fe:70:
b6:4d:d7:95:9e:d6:31:3c:00:7f:86:37:69:70:03:c1:66:4f:
40:10:39:3a:db:50:1d:38:ac:ee:b7:50:24:f9:a6:43:40:95:
9d:5c:5c:32:f8:86:e6:9b:4f:db:22:4e:ef:49:fc:93:56:c8:
44:6a:d9:d6:69:9e:a7:3c:fb:39:15:da:46:17:ca:a1:f1:d1:
b2:dd:a8:45:23:70:7c:15:d0:8d:04:7a:bd:e4:03:21:08:c3:
ed:0a:88:ca:3b:61:aa:09:fa:3c:2f:cd:0b:e7:d1:70:c1:ba:
37:84:66:f4
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICArMwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
QzExRTRBRjExMC8GA1UEBRMoRjAyM0I5NzcwODE5NkZGOUYyMEJDOTI4N0Q1NkM0
MkNBQUU1MTQwRjAeFw0yNTA5MTIxMTMwMTNaFw0zNTA5MTIxMTMwMTNaMBgxFjAU
BgNVBAMTDTY4YzQwNDRhLWY1ZTUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDfO4buN0h0bcH1YyKxha0VbTocMzJuLcIIW2uXD4a6kazdPZOEhz//YgrD
gZUaVWTlYHK51qkyPM4615EHwgoKzPMtqObrzPeCHx8BuCjjW2YzbygXWa7yExaq
7brROjM/i+xZUcGvwMfbObS1fkzm/La8+gX0KSCbLqfsjNn7lY9XSidPZQhTLcjg
ID+a4gcUmrbjAh0Kui6h4ikfHumRCFty5AD+0kmPz1pXw+DglKvpk+4wXgB8r5v9
q6KFE9SMCMVpHCn5vc7s9m9FCpX4AMdeHu7mWP3E/OkALqPeNfvkfnnL2VPY+SC9
IbX0FJxU1TIv1pRlO2ebi1tNRYILAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUCalY
KYzPOp4WQWnyCclsc1ebJB0wHwYDVR0jBBgwFoAU8CO5dwgZb/nyC8kofVbELKrl
FA8wDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkMxMUU0LzEzREREMzg4ODNBRDExRUVBMEE4MUIzMjRBRDlFNkZDLzhDTzVk
d2daYl9ueUM4a29mVmJFTEtybEZBOC5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljLzhDTzVkd2daYl9ueUM4a29mVmJFTEtybEZBOC5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkMxMUU0LzEzREREMzg4ODNBRDExRUVBMEE4MUIzMjRB
RDlFNkZDL0RCOEZGNUVDOEZDQjExRjBBQjZCN0NDM0RBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABm1qMwDQYJKoZIhvcNAQEL
BQADggEBAD0o0UfSuCDP9iFzRIE4lnVl6sbjVKCdZgF2Twb5N30ngImfBxnM0HrZ
1cOqzv3CBk3EcH2tV0qV07W1S1/2omvExTiTiHuF2Isojq56yRLpvgikoNw4L4MX
x0ZjPJJLbBcxbFb4VjXbBaAaS1aNj/8VmdJLVJbC9t2CY9W5dEA3qKQXsnYyvIKd
ho/OG+r+cLZN15We1jE8AH+GN2lwA8FmT0AQOTrbUB04rO63UCT5pkNAlZ1cXDL4
huabT9siTu9J/JNWyERq2dZpnqc8+zkV2kYXyqHx0bLdqEUjcHwV0I0Eer3kAyEI
w+0KiMo7YaoJ+jwvzQvn0XDBujeEZvQ=
-----END CERTIFICATE-----
Generated at Tue Sep 16 23:05:25 2025 by rpki-client