Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36C52E6/67B2BF4E81AF11F09A6355B1DAE4EC9C/1C69F6C081B811F095573EE9DAE4EC9C.roa
File: 1C69F6C081B811F095573EE9DAE4EC9C.roa (raw, json)
Hash identifier: KbI9ucB4f9JH39XALKEY3t2+qdSeCHt4BU89HAR/5iY=
Subject key identifier: 73:5D:EC:5F:91:40:AE:D6:8D:7F:0A:F0:CC:C5:6D:79:12:19:A6:0B
Certificate issuer: /CN=F36C52E6AF/serialNumber=C3AE503A29BED50C937C154A6189139DC4C61C83
Certificate serial: 03
Authority key identifier: C3:AE:50:3A:29:BE:D5:0C:93:7C:15:4A:61:89:13:9D:C4:C6:1C:83
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/w65QOim-1QyTfBVKYYkTncTGHIM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36C52E6/67B2BF4E81AF11F09A6355B1DAE4EC9C/1C69F6C081B811F095573EE9DAE4EC9C.roa
Signing time: Mon 25 Aug 2025 13:33:40 +0000
ROA not before: Mon 25 Aug 2025 13:33:32 +0000
ROA not after: Sat 25 Aug 2035 13:33:32 +0000
asID: 328016
IP address blocks: 102.218.64.0/22 maxlen: 24
2c0f:6280::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36C52E6/67B2BF4E81AF11F09A6355B1DAE4EC9C/w65QOim-1QyTfBVKYYkTncTGHIM.crl
rsync://rpki.afrinic.net/repository/member_repository/F36C52E6/67B2BF4E81AF11F09A6355B1DAE4EC9C/w65QOim-1QyTfBVKYYkTncTGHIM.mft
rsync://rpki.afrinic.net/repository/afrinic/w65QOim-1QyTfBVKYYkTncTGHIM.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 20 Sep 2025 00:06:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3 (0x3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36C52E6AF, serialNumber=C3AE503A29BED50C937C154A6189139DC4C61C83
Validity
Not Before: Aug 25 13:33:32 2025 GMT
Not After : Aug 25 13:33:32 2035 GMT
Subject: CN=68ac6634-d975
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:7c:79:13:82:30:9d:7e:75:5c:b9:be:5f:2a:
4b:69:f5:88:33:47:bd:f4:30:f9:89:2d:07:65:68:
77:94:5c:89:39:b0:dd:0b:64:7e:29:5b:65:4e:3e:
fe:8f:93:24:98:d5:3a:70:f2:b8:a9:4f:0c:4f:65:
0d:5b:65:ad:1f:69:5f:d2:e7:3d:d7:c3:08:e8:0f:
ba:71:84:be:9c:a1:3f:7b:ba:85:14:a3:38:39:53:
52:4b:bc:b8:29:dc:ec:6d:9d:4f:75:87:17:26:ce:
d4:ab:9b:cc:a9:16:65:43:ad:fe:a8:94:fa:1e:b1:
81:e5:da:c0:a0:54:9f:7e:f6:1a:6f:20:1b:b3:8e:
9b:aa:66:7e:03:41:1e:0c:b7:f8:7b:54:49:a5:3d:
1b:59:d5:49:86:de:83:00:27:dc:55:dc:ec:32:22:
d1:68:ad:d7:34:95:18:f1:25:13:dd:1a:66:02:90:
b2:15:fd:21:2b:ab:0c:81:c3:28:25:cb:a0:29:7d:
d1:2e:73:b9:6d:41:fd:cf:e2:39:e2:9d:2b:19:2b:
90:dd:b2:ac:8a:f3:0b:d1:90:62:49:40:59:34:1b:
e6:6e:9c:3c:b0:9d:9a:d4:e8:b4:1f:d0:40:16:e5:
c4:3e:3f:77:a8:60:b8:29:b4:7a:b7:a9:19:c2:db:
a6:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:5D:EC:5F:91:40:AE:D6:8D:7F:0A:F0:CC:C5:6D:79:12:19:A6:0B
X509v3 Authority Key Identifier:
keyid:C3:AE:50:3A:29:BE:D5:0C:93:7C:15:4A:61:89:13:9D:C4:C6:1C:83
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36C52E6/67B2BF4E81AF11F09A6355B1DAE4EC9C/w65QOim-1QyTfBVKYYkTncTGHIM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/w65QOim-1QyTfBVKYYkTncTGHIM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36C52E6/67B2BF4E81AF11F09A6355B1DAE4EC9C/1C69F6C081B811F095573EE9DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.218.64.0/22
IPv6:
2c0f:6280::/32
Signature Algorithm: sha256WithRSAEncryption
2f:8b:07:33:b2:d4:f4:93:01:e6:5c:ec:83:e1:c7:c5:35:ed:
e5:11:9b:50:8c:65:19:8b:a3:8d:da:08:a9:37:14:87:a2:7d:
d3:45:55:52:2c:8b:1b:7d:0e:2c:e7:72:50:73:5e:43:0b:99:
12:ad:3c:7f:26:98:f3:b1:ed:fe:12:5d:97:83:11:d5:05:eb:
9e:40:31:34:e2:71:02:e0:7d:7b:0b:07:00:f5:38:aa:b4:a4:
02:64:f7:aa:14:20:05:b9:13:36:58:41:1f:a4:9c:df:f0:46:
d8:57:cc:de:02:9f:11:a8:fd:23:eb:19:11:0a:89:cc:c8:6c:
73:2d:4e:c0:ba:0c:8f:1a:25:5b:38:9a:72:a7:88:80:c8:74:
e8:23:7f:9e:29:c7:eb:5a:eb:c7:f3:fd:fc:74:79:7b:37:e3:
7c:80:b7:ef:51:1b:3a:8f:48:7b:1f:75:70:30:98:11:7f:9a:
de:88:c3:d0:78:fe:2d:55:35:00:c3:45:4d:84:fe:9e:f9:58:
3d:a2:86:bc:f4:1f:8b:95:5b:42:27:b1:94:23:45:5d:64:b6:
ea:df:12:8d:10:4b:81:16:61:23:f5:0c:85:e8:57:f1:cd:1f:
0b:62:0a:7d:f3:94:01:c4:f7:b6:03:7f:c0:c8:6f:ad:8a:8c:
0f:0f:48:e2
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgIBAzANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZD
NTJFNkFGMTEwLwYDVQQFEyhDM0FFNTAzQTI5QkVENTBDOTM3QzE1NEE2MTg5MTM5
REM0QzYxQzgzMB4XDTI1MDgyNTEzMzMzMloXDTM1MDgyNTEzMzMzMlowGDEWMBQG
A1UEAxMNNjhhYzY2MzQtZDk3NTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKd8eROCMJ1+dVy5vl8qS2n1iDNHvfQw+YktB2Vod5RciTmw3QtkfilbZU4+
/o+TJJjVOnDyuKlPDE9lDVtlrR9pX9LnPdfDCOgPunGEvpyhP3u6hRSjODlTUku8
uCnc7G2dT3WHFybO1KubzKkWZUOt/qiU+h6xgeXawKBUn372Gm8gG7OOm6pmfgNB
Hgy3+HtUSaU9G1nVSYbegwAn3FXc7DIi0Wit1zSVGPElE90aZgKQshX9ISurDIHD
KCXLoCl90S5zuW1B/c/iOeKdKxkrkN2yrIrzC9GQYklAWTQb5m6cPLCdmtTotB/Q
QBblxD4/d6hguCm0erepGcLbpn8CAwEAAaOCArQwggKwMB0GA1UdDgQWBBRzXexf
kUCu1o1/CvDMxW15EhmmCzAfBgNVHSMEGDAWgBTDrlA6Kb7VDJN8FUphiROdxMYc
gzAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2QzUyRTYvNjdCMkJGNEU4MUFGMTFGMDlBNjM1NUIxREFFNEVDOUMvdzY1UU9p
bS0xUXlUZkJWS1lZa1RuY1RHSElNLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvdzY1UU9pbS0xUXlUZkJWS1lZa1RuY1RHSElNLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2QzUyRTYvNjdCMkJGNEU4MUFGMTFGMDlBNjM1NUIxREFF
NEVDOUMvMUM2OUY2QzA4MUI4MTFGMDk1NTczRUU5REFFNEVDOUMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAmbaQDANBAIAAjAHAwUALA9i
gDANBgkqhkiG9w0BAQsFAAOCAQEAL4sHM7LU9JMB5lzsg+HHxTXt5RGbUIxlGYuj
jdoIqTcUh6J900VVUiyLG30OLOdyUHNeQwuZEq08fyaY87Ht/hJdl4MR1QXrnkAx
NOJxAuB9ewsHAPU4qrSkAmT3qhQgBbkTNlhBH6Sc3/BG2FfM3gKfEaj9I+sZEQqJ
zMhscy1OwLoMjxolWziacqeIgMh06CN/ninH61rrx/P9/HR5ezfjfIC371EbOo9I
ex91cDCYEX+a3ojD0Hj+LVU1AMNFTYT+nvlYPaKGvPQfi5VbQiexlCNFXWS26t8S
jRBLgRZhI/UMhehX8c0fC2IKffOUAcT3tgN/wMhvrYqMDw9I4g==
-----END CERTIFICATE-----
Generated at Thu Sep 18 09:01:34 2025 by rpki-client