Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36CC2A9/5CD08C0284D711F090616CDDDAE4EC9C/CF7A3D1084D811F0991D61E9DAE4EC9C.roa
File: CF7A3D1084D811F0991D61E9DAE4EC9C.roa (raw, json)
Hash identifier: CLx4M5rD3GsDVl3HuiPKVBhnWanTS93U+Boym11lIdI=
Subject key identifier: B1:AB:C5:C6:31:EB:21:AC:15:C9:CD:09:75:02:AF:8F:82:88:6E:E8
Certificate issuer: /CN=F36CC2A9AF/serialNumber=D5118B6E7CF81CF88602FF1131DFC244981BCBCB
Certificate serial: 02
Authority key identifier: D5:11:8B:6E:7C:F8:1C:F8:86:02:FF:11:31:DF:C2:44:98:1B:CB:CB
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/1RGLbnz4HPiGAv8RMd_CRJgby8s.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36CC2A9/5CD08C0284D711F090616CDDDAE4EC9C/CF7A3D1084D811F0991D61E9DAE4EC9C.roa
Signing time: Fri 29 Aug 2025 13:05:18 +0000
ROA not before: Fri 29 Aug 2025 13:05:13 +0000
ROA not after: Fri 31 Aug 2035 13:05:13 +0000
asID: 329562
IP address blocks: 102.205.148.0/22 maxlen: 22
102.205.148.0/23 maxlen: 23
102.205.148.0/24 maxlen: 24
102.205.149.0/24 maxlen: 24
102.205.150.0/23 maxlen: 23
102.205.150.0/24 maxlen: 24
102.205.151.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36CC2A9/5CD08C0284D711F090616CDDDAE4EC9C/1RGLbnz4HPiGAv8RMd_CRJgby8s.crl
rsync://rpki.afrinic.net/repository/member_repository/F36CC2A9/5CD08C0284D711F090616CDDDAE4EC9C/1RGLbnz4HPiGAv8RMd_CRJgby8s.mft
rsync://rpki.afrinic.net/repository/afrinic/1RGLbnz4HPiGAv8RMd_CRJgby8s.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 19 Sep 2025 05:14:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36CC2A9AF, serialNumber=D5118B6E7CF81CF88602FF1131DFC244981BCBCB
Validity
Not Before: Aug 29 13:05:13 2025 GMT
Not After : Aug 31 13:05:13 2035 GMT
Subject: CN=68b1a58e-f9b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:34:f5:0d:0a:9e:97:f1:f0:1d:0e:80:6f:1f:
38:d0:4d:18:a8:2a:2c:54:75:36:6a:a9:e3:ea:3b:
ce:3e:9a:26:21:e9:7d:9c:89:a5:a7:32:aa:8c:38:
c1:3c:19:cf:f5:c6:d5:e5:0f:81:a2:31:81:38:3b:
35:d2:4c:5f:34:61:86:d6:54:92:81:76:e9:ea:3c:
d3:52:2c:c5:93:7e:93:46:dd:bb:f3:88:74:98:92:
82:8c:c3:b4:20:33:c2:aa:ad:d4:03:d6:33:b5:47:
d3:fa:14:91:55:40:0e:e1:80:c5:1f:4c:87:2b:9b:
f7:9a:1f:a0:f3:b7:8f:f7:93:cf:36:5e:2f:ae:56:
81:90:f7:f1:cc:bf:21:32:91:61:a2:18:4c:25:ec:
3f:55:6d:71:14:71:61:0c:99:00:39:86:ee:05:ea:
0b:3f:06:1c:18:f5:b5:6b:d7:0d:df:10:80:fd:41:
62:2b:72:a0:45:40:ad:62:b6:40:92:b4:d5:e0:8d:
39:53:85:8a:bc:97:7f:99:b5:cd:23:40:db:af:f4:
9e:73:73:18:97:bc:31:f3:d3:99:7e:e3:b0:b0:96:
95:11:37:fc:05:6c:73:03:0e:c1:db:9e:e6:94:be:
45:80:07:f7:66:3e:41:94:86:e4:90:9a:c6:24:a0:
28:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:AB:C5:C6:31:EB:21:AC:15:C9:CD:09:75:02:AF:8F:82:88:6E:E8
X509v3 Authority Key Identifier:
keyid:D5:11:8B:6E:7C:F8:1C:F8:86:02:FF:11:31:DF:C2:44:98:1B:CB:CB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36CC2A9/5CD08C0284D711F090616CDDDAE4EC9C/1RGLbnz4HPiGAv8RMd_CRJgby8s.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/1RGLbnz4HPiGAv8RMd_CRJgby8s.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36CC2A9/5CD08C0284D711F090616CDDDAE4EC9C/CF7A3D1084D811F0991D61E9DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.205.148.0/22
Signature Algorithm: sha256WithRSAEncryption
99:21:2d:cb:7f:cd:c8:46:35:51:a6:48:f6:12:95:28:c9:3d:
8d:38:d2:80:41:34:73:1e:f5:d5:7f:d8:02:18:ba:c5:46:b4:
09:97:7d:0f:3b:64:f4:c8:d2:92:0b:60:a1:16:bf:dc:79:a3:
88:c6:23:47:88:78:f2:1b:4e:aa:91:0a:ce:51:2d:94:28:65:
aa:66:c1:d5:f7:47:dd:76:d8:60:04:cd:bb:f9:ed:84:42:13:
66:fe:44:ec:9c:88:a2:9e:b2:93:18:a2:cc:aa:b3:15:41:72:
28:00:8d:f7:3f:67:24:3c:0d:1a:a9:35:df:7e:e3:41:b4:24:
a6:c2:13:98:fa:83:ce:7a:29:f2:e7:96:c6:16:b2:0f:99:bf:
3e:91:8c:9c:f3:a8:47:f9:a4:58:3f:72:03:3f:cd:46:d1:ad:
f9:ba:aa:c9:24:ba:5d:c3:5a:74:af:1c:60:0d:d8:bb:46:5f:
2c:74:44:ae:32:0c:76:35:d1:04:0b:28:e5:15:a1:bc:b9:c1:
8f:5d:51:9f:89:03:87:5e:fc:16:5a:85:69:53:34:4c:42:c7:
0a:79:b5:b4:72:ec:20:ca:d6:1b:69:fb:5d:93:1f:0b:8d:fc:
ec:a8:bd:d4:98:e4:af:d4:c1:1e:69:a9:61:94:df:51:a8:18:
35:b0:7a:8b
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZD
QzJBOUFGMTEwLwYDVQQFEyhENTExOEI2RTdDRjgxQ0Y4ODYwMkZGMTEzMURGQzI0
NDk4MUJDQkNCMB4XDTI1MDgyOTEzMDUxM1oXDTM1MDgzMTEzMDUxM1owGDEWMBQG
A1UEAxMNNjhiMWE1OGUtZjliMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANA09Q0Knpfx8B0OgG8fONBNGKgqLFR1Nmqp4+o7zj6aJiHpfZyJpacyqow4
wTwZz/XG1eUPgaIxgTg7NdJMXzRhhtZUkoF26eo801IsxZN+k0bdu/OIdJiSgozD
tCAzwqqt1APWM7VH0/oUkVVADuGAxR9Mhyub95ofoPO3j/eTzzZeL65WgZD38cy/
ITKRYaIYTCXsP1VtcRRxYQyZADmG7gXqCz8GHBj1tWvXDd8QgP1BYityoEVArWK2
QJK01eCNOVOFiryXf5m1zSNA26/0nnNzGJe8MfPTmX7jsLCWlRE3/AVscwMOwdue
5pS+RYAH92Y+QZSG5JCaxiSgKG8CAwEAAaOCAqUwggKhMB0GA1UdDgQWBBSxq8XG
MeshrBXJzQl1Aq+Pgohu6DAfBgNVHSMEGDAWgBTVEYtufPgc+IYC/xEx38JEmBvL
yzAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2Q0MyQTkvNUNEMDhDMDI4NEQ3MTFGMDkwNjE2Q0REREFFNEVDOUMvMVJHTGJu
ejRIUGlHQXY4Uk1kX0NSSmdieThzLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvMVJHTGJuejRIUGlHQXY4Uk1kX0NSSmdieThzLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2Q0MyQTkvNUNEMDhDMDI4NEQ3MTFGMDkwNjE2Q0REREFF
NEVDOUMvQ0Y3QTNEMTA4NEQ4MTFGMDk5MUQ2MUU5REFFNEVDOUMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAmbNlDANBgkqhkiG9w0BAQsF
AAOCAQEAmSEty3/NyEY1UaZI9hKVKMk9jTjSgEE0cx711X/YAhi6xUa0CZd9Dztk
9MjSkgtgoRa/3HmjiMYjR4h48htOqpEKzlEtlChlqmbB1fdH3XbYYATNu/nthEIT
Zv5E7JyIop6ykxiizKqzFUFyKACN9z9nJDwNGqk1337jQbQkpsITmPqDznop8ueW
xhayD5m/PpGMnPOoR/mkWD9yAz/NRtGt+bqqySS6XcNadK8cYA3Yu0ZfLHRErjIM
djXRBAso5RWhvLnBj11Rn4kDh178FlqFaVM0TELHCnm1tHLsIMrWG2n7XZMfC438
7Ki91Jjkr9TBHmmpYZTfUagYNbB6iw==
-----END CERTIFICATE-----
Generated at Thu Sep 18 03:49:19 2025 by rpki-client