Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36E570F/A29FCCC0AF2B11EF88A7C19A762E951A/F3CF06AA88C511F0BA0C4C79DAE4EC9C.roa
File: F3CF06AA88C511F0BA0C4C79DAE4EC9C.roa (raw, json)
Hash identifier: tLcgq7UlYvCdI0OG3kTqxCyanGyUZtNMbZDaib8Eie4=
Subject key identifier: F4:D2:16:EA:5A:F9:88:84:8D:EE:B4:5E:74:65:3B:0D:B0:A8:B7:EC
Certificate issuer: /CN=F36E570FAF/serialNumber=4F2E5D06850FA94B9222CF7FFE76F8B2F3012125
Certificate serial: 0129
Authority key identifier: 4F:2E:5D:06:85:0F:A9:4B:92:22:CF:7F:FE:76:F8:B2:F3:01:21:25
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/Ty5dBoUPqUuSIs9__nb4svMBISU.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36E570F/A29FCCC0AF2B11EF88A7C19A762E951A/F3CF06AA88C511F0BA0C4C79DAE4EC9C.roa
Signing time: Wed 03 Sep 2025 13:00:23 +0000
ROA not before: Wed 03 Sep 2025 13:00:18 +0000
ROA not after: Thu 03 Sep 2026 13:00:18 +0000
asID: 5511
IP address blocks: 102.212.59.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36E570F/A29FCCC0AF2B11EF88A7C19A762E951A/Ty5dBoUPqUuSIs9__nb4svMBISU.crl
rsync://rpki.afrinic.net/repository/member_repository/F36E570F/A29FCCC0AF2B11EF88A7C19A762E951A/Ty5dBoUPqUuSIs9__nb4svMBISU.mft
rsync://rpki.afrinic.net/repository/afrinic/Ty5dBoUPqUuSIs9__nb4svMBISU.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 09 Sep 2025 00:06:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 297 (0x129)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36E570FAF, serialNumber=4F2E5D06850FA94B9222CF7FFE76F8B2F3012125
Validity
Not Before: Sep 3 13:00:18 2025 GMT
Not After : Sep 3 13:00:18 2026 GMT
Subject: CN=68b83be7-e7c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:82:2c:b0:5e:45:10:c2:ee:b7:68:8c:e9:2e:
a6:76:19:dc:51:6b:7e:02:c4:ff:6c:a9:b3:9f:60:
cf:9d:d5:57:b2:18:0d:b6:ff:81:c8:5c:0c:74:ea:
f0:f6:64:02:04:18:9f:80:53:93:50:4c:ee:42:33:
7a:52:2c:00:0a:be:a7:31:75:5a:61:57:e7:1c:dd:
c6:4f:ba:84:da:1e:14:4e:93:51:46:c2:44:a4:dd:
70:9f:3a:f8:0d:5d:d4:39:6f:a6:ff:bb:1e:e4:0b:
ef:8f:fe:05:80:aa:93:ff:b6:55:6c:36:24:c6:f6:
6f:35:83:0e:4d:b9:c3:83:74:db:97:f8:93:a5:97:
bb:8f:0e:73:5b:ca:0a:e4:ee:2c:fd:82:ce:34:f9:
71:1f:94:a5:5c:49:ed:97:2e:c3:a1:73:af:1e:43:
44:1b:37:12:a5:70:33:77:54:7e:0c:20:df:81:8d:
23:c2:9f:48:4b:e2:78:1a:93:9c:07:4b:b9:3b:20:
17:86:a3:1e:24:c8:9b:98:9a:11:87:53:d2:0e:07:
dc:36:02:86:ab:37:a5:42:3f:83:7b:ff:2c:83:ea:
56:34:f3:f4:a7:29:00:8a:aa:5d:d1:c9:03:7d:c0:
22:c2:32:1f:91:8a:d8:2c:3c:58:91:c4:16:bc:26:
e2:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:D2:16:EA:5A:F9:88:84:8D:EE:B4:5E:74:65:3B:0D:B0:A8:B7:EC
X509v3 Authority Key Identifier:
keyid:4F:2E:5D:06:85:0F:A9:4B:92:22:CF:7F:FE:76:F8:B2:F3:01:21:25
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36E570F/A29FCCC0AF2B11EF88A7C19A762E951A/Ty5dBoUPqUuSIs9__nb4svMBISU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/Ty5dBoUPqUuSIs9__nb4svMBISU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36E570F/A29FCCC0AF2B11EF88A7C19A762E951A/F3CF06AA88C511F0BA0C4C79DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.212.59.0/24
Signature Algorithm: sha256WithRSAEncryption
c7:dc:a9:ab:a5:23:0e:75:08:88:4e:b2:9e:e8:a9:a1:8d:2b:
62:8e:09:b8:ec:09:91:8e:c4:dc:e1:b3:f0:1b:42:a2:3d:4c:
8e:fd:d7:06:26:e6:4d:9a:73:e8:8f:a7:a7:07:9c:48:1c:4d:
3e:53:a4:08:33:96:d7:18:bd:85:2b:c8:d5:44:89:cd:6b:0b:
e0:50:70:27:58:0e:11:9b:08:96:49:27:80:df:df:a0:83:9b:
5d:a3:8b:6b:be:aa:dc:32:7c:5c:2f:86:f8:2c:d3:af:75:f4:
ec:e6:b6:a8:c9:0b:0e:16:ee:a5:57:23:a7:40:c4:2a:dd:df:
67:c9:64:84:74:b7:50:a8:9d:dc:09:97:9f:e4:e3:36:71:0a:
85:52:82:fa:66:27:83:6e:2e:9f:91:bc:79:ee:ab:04:59:07:
ad:84:38:fa:94:87:32:58:1d:7b:b6:45:b9:42:ea:b3:9a:82:
5b:c4:78:0c:c2:53:62:31:f5:9b:49:be:15:95:fe:91:02:bc:
5f:b8:ea:81:a8:7c:91:78:65:a0:7c:1d:71:5e:16:de:19:03:
a1:8d:d8:74:06:7e:be:db:bf:5f:b5:58:15:4e:12:15:f1:93:
a2:6c:80:75:d5:7f:cc:a1:78:45:e4:be:eb:ce:66:7e:f9:3a:
fe:c4:fc:fa
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICASkwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
RTU3MEZBRjExMC8GA1UEBRMoNEYyRTVEMDY4NTBGQTk0QjkyMjJDRjdGRkU3NkY4
QjJGMzAxMjEyNTAeFw0yNTA5MDMxMzAwMThaFw0yNjA5MDMxMzAwMThaMBgxFjAU
BgNVBAMTDTY4YjgzYmU3LWU3YzgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC4giywXkUQwu63aIzpLqZ2GdxRa34CxP9sqbOfYM+d1VeyGA22/4HIXAx0
6vD2ZAIEGJ+AU5NQTO5CM3pSLAAKvqcxdVphV+cc3cZPuoTaHhROk1FGwkSk3XCf
OvgNXdQ5b6b/ux7kC++P/gWAqpP/tlVsNiTG9m81gw5NucODdNuX+JOll7uPDnNb
ygrk7iz9gs40+XEflKVcSe2XLsOhc68eQ0QbNxKlcDN3VH4MIN+BjSPCn0hL4nga
k5wHS7k7IBeGox4kyJuYmhGHU9IOB9w2AoarN6VCP4N7/yyD6lY08/SnKQCKql3R
yQN9wCLCMh+RitgsPFiRxBa8JuKVAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQU9NIW
6lr5iISN7rRedGU7DbCot+wwHwYDVR0jBBgwFoAUTy5dBoUPqUuSIs9//nb4svMB
ISUwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkU1NzBGL0EyOUZDQ0MwQUYyQjExRUY4OEE3QzE5QTc2MkU5NTFBL1R5NWRC
b1VQcVV1U0lzOV9fbmI0c3ZNQklTVS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL1R5NWRCb1VQcVV1U0lzOV9fbmI0c3ZNQklTVS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkU1NzBGL0EyOUZDQ0MwQUYyQjExRUY4OEE3QzE5QTc2
MkU5NTFBL0YzQ0YwNkFBODhDNTExRjBCQTBDNEM3OURBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABm1DswDQYJKoZIhvcNAQEL
BQADggEBAMfcqaulIw51CIhOsp7oqaGNK2KOCbjsCZGOxNzhs/AbQqI9TI791wYm
5k2ac+iPp6cHnEgcTT5TpAgzltcYvYUryNVEic1rC+BQcCdYDhGbCJZJJ4Df36CD
m12ji2u+qtwyfFwvhvgs06919OzmtqjJCw4W7qVXI6dAxCrd32fJZIR0t1CondwJ
l5/k4zZxCoVSgvpmJ4NuLp+RvHnuqwRZB62EOPqUhzJYHXu2RblC6rOaglvEeAzC
U2Ix9ZtJvhWV/pECvF+46oGofJF4ZaB8HXFeFt4ZA6GN2HQGfr7bv1+1WBVOEhXx
k6JsgHXVf8yheEXkvuvOZn75Ov7E/Po=
-----END CERTIFICATE-----
Generated at Sun Sep 7 06:24:52 2025 by rpki-client