Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/C09ED938833211F09C5CB89EDAE4EC9C.roa
File: C09ED938833211F09C5CB89EDAE4EC9C.roa (raw, json)
Hash identifier: MlCPXVsSG9HXuzBshtA3ilD7zG43YKfvgJWkLk3l0+0=
Subject key identifier: CA:EE:2D:71:3F:B7:12:D5:EB:B2:5F:E1:41:48:AE:0D:67:27:24:C9
Certificate issuer: /CN=F36C58D6AF/serialNumber=48A2F2C4AA4AEA39BE46BFE5F99C92629BBED8FC
Certificate serial: 159E
Authority key identifier: 48:A2:F2:C4:AA:4A:EA:39:BE:46:BF:E5:F9:9C:92:62:9B:BE:D8:FC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/C09ED938833211F09C5CB89EDAE4EC9C.roa
Signing time: Wed 27 Aug 2025 10:44:06 +0000
ROA not before: Wed 27 Aug 2025 10:44:01 +0000
ROA not after: Fri 27 Aug 2027 10:44:01 +0000
asID: 212238
IP address blocks: 102.129.161.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.crl
rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.mft
rsync://rpki.afrinic.net/repository/afrinic/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 07 Sep 2025 00:07:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5534 (0x159e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36C58D6AF, serialNumber=48A2F2C4AA4AEA39BE46BFE5F99C92629BBED8FC
Validity
Not Before: Aug 27 10:44:01 2025 GMT
Not After : Aug 27 10:44:01 2027 GMT
Subject: CN=68aee175-2ce9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:20:48:3b:98:9b:2e:d7:36:d1:de:d5:ae:c6:
50:11:a2:e0:d3:3c:06:2d:b5:4e:bc:0a:d3:76:f7:
b8:3a:61:92:fc:2c:85:c9:54:f9:59:c8:a9:2d:f3:
ec:59:43:b7:ae:e6:00:8e:91:f9:cf:54:f0:c9:3d:
8d:fe:a1:d3:d0:cb:de:33:f2:63:0a:64:89:41:2f:
99:3e:b9:22:33:e7:75:73:e9:de:b8:d8:e3:06:cf:
8b:9d:d3:cc:43:bb:d7:cd:a0:59:21:25:52:9e:25:
65:c0:55:e8:8f:28:d2:eb:f1:91:b3:85:66:88:d4:
67:51:44:9b:26:e6:06:73:56:6d:5c:df:47:a3:df:
0f:a8:95:b7:be:14:bb:89:ad:9d:4e:41:b7:ac:59:
96:66:2d:fb:6a:e2:28:b9:6a:dd:c6:10:8b:71:80:
d7:c4:84:c0:b2:1e:27:7f:39:37:43:fc:02:0f:a5:
1b:fb:51:7b:59:9b:60:a9:66:02:dc:d7:03:b3:32:
c1:97:02:76:26:97:0d:d6:ab:53:a2:3c:e6:93:be:
c6:86:4e:a0:60:ef:f3:34:34:73:9d:36:49:3b:51:
a2:52:5b:fc:5d:4a:3b:4d:11:75:b6:13:6d:0b:53:
34:04:30:14:f1:5c:51:8c:c7:ee:0e:83:f8:41:1e:
a3:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:EE:2D:71:3F:B7:12:D5:EB:B2:5F:E1:41:48:AE:0D:67:27:24:C9
X509v3 Authority Key Identifier:
keyid:48:A2:F2:C4:AA:4A:EA:39:BE:46:BF:E5:F9:9C:92:62:9B:BE:D8:FC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/C09ED938833211F09C5CB89EDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.129.161.0/24
Signature Algorithm: sha256WithRSAEncryption
21:eb:5a:85:32:7a:64:ee:38:ad:68:3e:75:8b:a5:4e:6b:15:
cd:ae:23:00:cc:4a:aa:17:a0:dc:b4:4c:bc:54:7b:0c:50:6c:
6d:73:82:0a:69:1d:8e:30:1f:d9:da:36:2c:08:02:dc:03:a8:
2f:6e:fb:bc:90:d4:1e:f3:9b:b5:75:cf:92:b4:c7:b7:2e:ca:
f8:09:be:e2:5c:16:7b:8c:d0:1f:66:26:cd:01:38:4a:45:8b:
8d:72:57:1a:e3:6b:1f:b4:ca:55:6f:3a:bf:4b:78:94:c7:b3:
0c:2e:11:a0:1b:45:d0:74:d0:88:38:96:c4:91:59:87:d1:e4:
77:da:a5:4f:06:5a:16:69:e9:63:71:60:ec:37:4f:73:8f:fa:
83:d9:38:0d:86:c3:73:6c:b8:8c:0c:f7:34:a4:16:b3:dc:54:
3f:24:4b:23:1a:e7:f8:03:d4:83:3f:75:40:6d:f9:cb:9f:95:
5e:69:a9:03:24:9e:bb:f7:d8:42:b8:67:e9:25:b4:24:67:95:
88:34:f6:93:c7:45:6b:b4:45:d7:69:64:4d:a4:35:3f:1a:49:
07:79:13:ee:05:49:39:9f:3d:2a:97:3a:6f:2d:12:03:bd:09:
bf:c2:41:7b:f3:f1:3c:9f:b2:b2:01:69:0e:21:16:c5:f4:4a:
cb:a7:2c:cc
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICFZ4wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
QzU4RDZBRjExMC8GA1UEBRMoNDhBMkYyQzRBQTRBRUEzOUJFNDZCRkU1Rjk5Qzky
NjI5QkJFRDhGQzAeFw0yNTA4MjcxMDQ0MDFaFw0yNzA4MjcxMDQ0MDFaMBgxFjAU
BgNVBAMTDTY4YWVlMTc1LTJjZTkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDAIEg7mJsu1zbR3tWuxlARouDTPAYttU68CtN297g6YZL8LIXJVPlZyKkt
8+xZQ7eu5gCOkfnPVPDJPY3+odPQy94z8mMKZIlBL5k+uSIz53Vz6d642OMGz4ud
08xDu9fNoFkhJVKeJWXAVeiPKNLr8ZGzhWaI1GdRRJsm5gZzVm1c30ej3w+olbe+
FLuJrZ1OQbesWZZmLftq4ii5at3GEItxgNfEhMCyHid/OTdD/AIPpRv7UXtZm2Cp
ZgLc1wOzMsGXAnYmlw3Wq1OiPOaTvsaGTqBg7/M0NHOdNkk7UaJSW/xdSjtNEXW2
E20LUzQEMBTxXFGMx+4Og/hBHqPhAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUyu4t
cT+3EtXrsl/hQUiuDWcnJMkwHwYDVR0jBBgwFoAUSKLyxKpK6jm+Rr/l+ZySYpu+
2PwwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkM1OEQ2L0Q2OUE0REZFNzMxNjExRTk5MTMzMDM3Q0Y4QUVBMjI4L1NLTHl4
S3BLNmptLVJyX2wtWnlTWXB1LTJQdy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL1NLTHl4S3BLNmptLVJyX2wtWnlTWXB1LTJQdy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkM1OEQ2L0Q2OUE0REZFNzMxNjExRTk5MTMzMDM3Q0Y4
QUVBMjI4L0MwOUVEOTM4ODMzMjExRjA5QzVDQjg5RURBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABmgaEwDQYJKoZIhvcNAQEL
BQADggEBACHrWoUyemTuOK1oPnWLpU5rFc2uIwDMSqoXoNy0TLxUewxQbG1zggpp
HY4wH9naNiwIAtwDqC9u+7yQ1B7zm7V1z5K0x7cuyvgJvuJcFnuM0B9mJs0BOEpF
i41yVxrjax+0ylVvOr9LeJTHswwuEaAbRdB00Ig4lsSRWYfR5HfapU8GWhZp6WNx
YOw3T3OP+oPZOA2Gw3NsuIwM9zSkFrPcVD8kSyMa5/gD1IM/dUBt+cuflV5pqQMk
nrv32EK4Z+kltCRnlYg09pPHRWu0RddpZE2kNT8aSQd5E+4FSTmfPSqXOm8tEgO9
Cb/CQXvz8TyfsrIBaQ4hFsX0SsunLMw=
-----END CERTIFICATE-----
Generated at Fri Sep 5 07:52:56 2025 by rpki-client