Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36E570F/A29FCCC0AF2B11EF88A7C19A762E951A/D16A41CE88C511F086A2BCF5DAE4EC9C.roa
File: D16A41CE88C511F086A2BCF5DAE4EC9C.roa (raw, json)
Hash identifier: a8QVbrKvvTO/Q97fzpxbHDQmxv5gtnE38HWzaRG6Zgs=
Subject key identifier: B0:B8:16:D2:79:50:A7:BC:6C:15:8E:F0:7E:A7:D8:36:A2:F3:4E:BE
Certificate issuer: /CN=F36E570FAF/serialNumber=4F2E5D06850FA94B9222CF7FFE76F8B2F3012125
Certificate serial: 0127
Authority key identifier: 4F:2E:5D:06:85:0F:A9:4B:92:22:CF:7F:FE:76:F8:B2:F3:01:21:25
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/Ty5dBoUPqUuSIs9__nb4svMBISU.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36E570F/A29FCCC0AF2B11EF88A7C19A762E951A/D16A41CE88C511F086A2BCF5DAE4EC9C.roa
Signing time: Wed 03 Sep 2025 12:59:26 +0000
ROA not before: Wed 03 Sep 2025 12:59:21 +0000
ROA not after: Thu 03 Sep 2026 12:59:21 +0000
asID: 5511
IP address blocks: 102.212.58.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36E570F/A29FCCC0AF2B11EF88A7C19A762E951A/Ty5dBoUPqUuSIs9__nb4svMBISU.crl
rsync://rpki.afrinic.net/repository/member_repository/F36E570F/A29FCCC0AF2B11EF88A7C19A762E951A/Ty5dBoUPqUuSIs9__nb4svMBISU.mft
rsync://rpki.afrinic.net/repository/afrinic/Ty5dBoUPqUuSIs9__nb4svMBISU.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 09 Sep 2025 00:06:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 295 (0x127)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36E570FAF, serialNumber=4F2E5D06850FA94B9222CF7FFE76F8B2F3012125
Validity
Not Before: Sep 3 12:59:21 2025 GMT
Not After : Sep 3 12:59:21 2026 GMT
Subject: CN=68b83bad-7e84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:77:33:6f:6a:db:03:17:94:88:e8:e2:f2:9f:
15:d8:e6:2d:c9:5f:d0:40:b9:59:3c:e8:06:d2:11:
60:03:bd:15:26:f0:ce:1b:9b:32:19:a3:fb:4b:77:
c1:aa:42:52:82:6d:a5:6b:f5:06:8b:14:0a:6c:33:
c9:65:0e:3a:91:c8:9b:c1:c6:54:c5:f1:5a:38:65:
dd:f5:cc:51:58:21:c0:30:a9:4d:96:5f:81:73:34:
4c:23:e2:8c:48:33:0f:db:05:3d:a7:c8:4f:b8:bd:
b7:8f:56:3a:69:3f:f9:64:a9:21:0f:bd:28:43:e5:
30:8b:d9:94:e5:13:3e:ab:29:f9:65:e1:32:4c:60:
8f:f4:a2:d5:f0:1b:51:16:01:fc:90:af:ec:a8:60:
8a:40:a2:05:95:48:0a:86:8b:7c:63:05:60:eb:f5:
d2:ee:60:b0:05:9c:68:5b:ca:6c:2c:b2:03:52:00:
5f:c3:8d:29:57:1c:4a:cb:04:9f:16:f7:cc:bb:ee:
52:a2:d8:4c:d3:83:1e:f2:10:eb:57:a6:79:01:f3:
df:87:43:a8:41:4f:0c:e4:53:e1:b5:22:b9:dc:40:
43:ef:41:4f:83:fa:a6:82:e7:c2:58:75:5b:f6:24:
21:c6:36:8d:c7:bb:07:13:84:4f:1b:75:d2:97:7c:
42:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:B8:16:D2:79:50:A7:BC:6C:15:8E:F0:7E:A7:D8:36:A2:F3:4E:BE
X509v3 Authority Key Identifier:
keyid:4F:2E:5D:06:85:0F:A9:4B:92:22:CF:7F:FE:76:F8:B2:F3:01:21:25
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36E570F/A29FCCC0AF2B11EF88A7C19A762E951A/Ty5dBoUPqUuSIs9__nb4svMBISU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/Ty5dBoUPqUuSIs9__nb4svMBISU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36E570F/A29FCCC0AF2B11EF88A7C19A762E951A/D16A41CE88C511F086A2BCF5DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.212.58.0/24
Signature Algorithm: sha256WithRSAEncryption
d6:5f:46:70:c9:89:90:dc:b2:9d:c1:8b:e4:22:15:e8:2e:74:
e2:51:3c:6d:00:b8:0e:49:fd:fc:d6:fd:36:4e:c7:6b:fa:b2:
a5:d5:b1:4a:d5:7d:18:79:42:18:cb:61:10:78:f7:d9:98:5c:
c2:39:c5:3c:16:f6:97:fc:c6:73:58:59:a6:0b:24:e9:4d:c7:
53:a4:75:e1:ae:ec:91:1a:24:74:10:0f:89:fc:07:f0:57:26:
79:0d:9d:51:c1:d1:66:db:76:79:d0:30:86:8f:80:cd:38:1d:
11:b1:db:05:1c:cd:f1:3a:03:24:a4:5c:00:11:b2:f9:9e:df:
d8:56:60:ad:20:0c:59:13:b4:56:a1:e0:8e:08:a5:68:43:06:
d5:25:4d:f0:45:fd:d2:79:7c:67:09:19:53:7c:d1:89:82:79:
e4:cf:62:fb:8e:15:2e:20:e0:ab:af:be:8a:9e:75:bd:8c:6d:
53:87:94:ac:ac:e6:76:19:96:84:f3:1d:3f:c7:7d:42:25:e1:
17:0f:2d:08:b5:58:fc:0a:72:21:25:a6:59:48:86:aa:c0:a9:
6c:86:a8:64:d0:71:42:46:96:ce:95:f9:47:ef:5a:b1:1a:08:
13:2c:92:d0:4b:8f:6e:90:be:f9:4b:7c:7c:1b:d5:bc:55:e5:
f7:54:fe:f0
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICAScwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
RTU3MEZBRjExMC8GA1UEBRMoNEYyRTVEMDY4NTBGQTk0QjkyMjJDRjdGRkU3NkY4
QjJGMzAxMjEyNTAeFw0yNTA5MDMxMjU5MjFaFw0yNjA5MDMxMjU5MjFaMBgxFjAU
BgNVBAMTDTY4YjgzYmFkLTdlODQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC0dzNvatsDF5SI6OLynxXY5i3JX9BAuVk86AbSEWADvRUm8M4bmzIZo/tL
d8GqQlKCbaVr9QaLFApsM8llDjqRyJvBxlTF8Vo4Zd31zFFYIcAwqU2WX4FzNEwj
4oxIMw/bBT2nyE+4vbePVjppP/lkqSEPvShD5TCL2ZTlEz6rKfll4TJMYI/0otXw
G1EWAfyQr+yoYIpAogWVSAqGi3xjBWDr9dLuYLAFnGhbymwssgNSAF/DjSlXHErL
BJ8W98y77lKi2EzTgx7yEOtXpnkB89+HQ6hBTwzkU+G1IrncQEPvQU+D+qaC58JY
dVv2JCHGNo3HuwcThE8bddKXfEIvAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUsLgW
0nlQp7xsFY7wfqfYNqLzTr4wHwYDVR0jBBgwFoAUTy5dBoUPqUuSIs9//nb4svMB
ISUwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkU1NzBGL0EyOUZDQ0MwQUYyQjExRUY4OEE3QzE5QTc2MkU5NTFBL1R5NWRC
b1VQcVV1U0lzOV9fbmI0c3ZNQklTVS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL1R5NWRCb1VQcVV1U0lzOV9fbmI0c3ZNQklTVS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkU1NzBGL0EyOUZDQ0MwQUYyQjExRUY4OEE3QzE5QTc2
MkU5NTFBL0QxNkE0MUNFODhDNTExRjA4NkEyQkNGNURBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABm1DowDQYJKoZIhvcNAQEL
BQADggEBANZfRnDJiZDcsp3Bi+QiFegudOJRPG0AuA5J/fzW/TZOx2v6sqXVsUrV
fRh5QhjLYRB499mYXMI5xTwW9pf8xnNYWaYLJOlNx1OkdeGu7JEaJHQQD4n8B/BX
JnkNnVHB0WbbdnnQMIaPgM04HRGx2wUczfE6AySkXAARsvme39hWYK0gDFkTtFah
4I4IpWhDBtUlTfBF/dJ5fGcJGVN80YmCeeTPYvuOFS4g4Kuvvoqedb2MbVOHlKys
5nYZloTzHT/HfUIl4RcPLQi1WPwKciElpllIhqrAqWyGqGTQcUJGls6V+UfvWrEa
CBMsktBLj26QvvlLfHwb1bxV5fdU/vA=
-----END CERTIFICATE-----
Generated at Sun Sep 7 06:31:22 2025 by rpki-client