Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36111C6/86ADA898D22C11EE8972136A775412E6/698B22BAB0E011F098883C87DAE4EC9C.roa
File: 698B22BAB0E011F098883C87DAE4EC9C.roa (raw, json)
Hash identifier: 5UZtU7DBbaKMgey3XqLzKXM826/jRqDSRDPI7cDwmOY=
Subject key identifier: F3:BB:A1:F4:02:98:24:73:52:56:0D:A3:2B:ED:4D:E1:E3:0D:F6:B9
Certificate issuer: /CN=F36111C6AF/serialNumber=709008ADC717918FDFFCF16741FB5B130BA7C430
Certificate serial: 026F
Authority key identifier: 70:90:08:AD:C7:17:91:8F:DF:FC:F1:67:41:FB:5B:13:0B:A7:C4:30
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/cJAIrccXkY_f_PFnQftbEwunxDA.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36111C6/86ADA898D22C11EE8972136A775412E6/698B22BAB0E011F098883C87DAE4EC9C.roa
Signing time: Fri 24 Oct 2025 13:50:34 +0000
ROA not before: Fri 24 Oct 2025 13:50:26 +0000
ROA not after: Thu 31 Oct 2030 13:50:26 +0000
asID: 329392
IP address blocks: 102.210.0.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36111C6/86ADA898D22C11EE8972136A775412E6/cJAIrccXkY_f_PFnQftbEwunxDA.crl
rsync://rpki.afrinic.net/repository/member_repository/F36111C6/86ADA898D22C11EE8972136A775412E6/cJAIrccXkY_f_PFnQftbEwunxDA.mft
rsync://rpki.afrinic.net/repository/afrinic/cJAIrccXkY_f_PFnQftbEwunxDA.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Nov 2025 00:06:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 623 (0x26f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36111C6AF, serialNumber=709008ADC717918FDFFCF16741FB5B130BA7C430
Validity
Not Before: Oct 24 13:50:26 2025 GMT
Not After : Oct 31 13:50:26 2030 GMT
Subject: CN=68fb842a-d18f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:97:37:9f:28:ec:16:f2:25:1d:86:80:f9:40:
2b:51:2e:21:39:11:d3:cd:3d:2c:01:b1:1c:4b:98:
ad:6f:93:5c:57:b8:5c:59:b6:bb:9f:d0:16:f1:aa:
c5:30:3e:2b:b3:84:37:7c:2e:4d:c3:ae:15:1c:ad:
a6:cf:9d:a8:f3:31:94:98:0e:8b:04:86:3b:83:b9:
6b:d5:48:8b:da:f7:b3:6a:dc:25:63:ac:31:96:95:
95:79:5c:bd:b6:12:9e:ac:b1:bd:60:fd:ba:f2:aa:
8f:9e:6a:9a:a1:a2:6a:a6:8e:ea:b3:5c:5c:4d:0a:
ba:3f:26:91:5e:3d:a6:2a:32:47:0d:75:65:12:b2:
ed:3b:9b:8a:0e:31:d9:7f:05:89:bc:c7:a5:69:cf:
a4:a7:4a:61:27:ca:fc:73:bb:46:f2:84:ee:f2:6a:
b0:fe:3e:92:0e:90:85:b3:47:b1:1d:dd:c4:25:e2:
0d:b1:58:8c:81:09:57:dc:c8:5e:00:4c:36:78:74:
41:cf:13:37:db:76:09:5b:e3:13:8d:fd:18:52:66:
98:db:54:49:b3:19:f9:b6:ba:df:49:d5:3f:31:ea:
37:c7:b7:13:ee:79:0a:ea:fd:67:0e:3e:ff:56:1c:
50:49:1e:92:04:9e:60:0d:11:53:34:cf:b5:28:22:
f7:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:BB:A1:F4:02:98:24:73:52:56:0D:A3:2B:ED:4D:E1:E3:0D:F6:B9
X509v3 Authority Key Identifier:
keyid:70:90:08:AD:C7:17:91:8F:DF:FC:F1:67:41:FB:5B:13:0B:A7:C4:30
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36111C6/86ADA898D22C11EE8972136A775412E6/cJAIrccXkY_f_PFnQftbEwunxDA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/cJAIrccXkY_f_PFnQftbEwunxDA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36111C6/86ADA898D22C11EE8972136A775412E6/698B22BAB0E011F098883C87DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.210.0.0/22
Signature Algorithm: sha256WithRSAEncryption
16:c8:1f:89:68:53:f2:d2:75:14:00:42:da:82:8f:8c:f3:8f:
c2:db:82:fe:ba:72:06:74:ed:26:79:d4:e3:06:20:85:56:56:
f4:cb:d1:3a:29:df:96:e4:91:7a:ed:3b:c3:7f:bd:65:95:f3:
d4:e8:13:34:3c:59:32:d4:fc:ef:7c:df:00:ad:c1:b9:da:2b:
58:43:09:4c:02:ab:b3:bc:2e:26:e2:bb:12:31:49:21:76:6c:
c5:d6:ac:73:62:3b:78:da:d9:4d:32:aa:db:e0:c8:f5:52:7b:
41:f8:18:03:7c:75:fd:19:89:fd:cc:e3:29:e0:d2:79:cd:a9:
78:ee:93:f2:4f:b1:0a:84:d5:25:53:14:ea:fa:90:6e:fb:ea:
25:f4:bf:52:e9:fa:ea:ef:66:b8:3b:63:b5:3a:d9:ee:ab:ed:
7b:c6:56:34:2d:b7:0d:73:c3:59:5b:6b:1e:ab:b2:ba:df:91:
7c:69:71:ac:ad:af:e2:bc:85:a1:cd:5a:cd:e1:01:89:48:c2:
59:3a:ee:c3:53:b7:b5:7b:45:94:6a:68:97:32:4e:14:49:ff:
3b:65:fa:46:d2:79:d0:30:3e:75:74:8e:2a:3d:e9:69:e3:67:
d9:d1:7b:7c:7d:4e:61:fd:b2:15:04:b0:93:27:c9:cf:20:68:
e5:24:b7:49
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICAm8wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
MTExQzZBRjExMC8GA1UEBRMoNzA5MDA4QURDNzE3OTE4RkRGRkNGMTY3NDFGQjVC
MTMwQkE3QzQzMDAeFw0yNTEwMjQxMzUwMjZaFw0zMDEwMzExMzUwMjZaMBgxFjAU
BgNVBAMTDTY4ZmI4NDJhLWQxOGYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDPlzefKOwW8iUdhoD5QCtRLiE5EdPNPSwBsRxLmK1vk1xXuFxZtruf0Bbx
qsUwPiuzhDd8Lk3DrhUcrabPnajzMZSYDosEhjuDuWvVSIva97Nq3CVjrDGWlZV5
XL22Ep6ssb1g/bryqo+eapqhomqmjuqzXFxNCro/JpFePaYqMkcNdWUSsu07m4oO
Mdl/BYm8x6Vpz6SnSmEnyvxzu0byhO7yarD+PpIOkIWzR7Ed3cQl4g2xWIyBCVfc
yF4ATDZ4dEHPEzfbdglb4xON/RhSZpjbVEmzGfm2ut9J1T8x6jfHtxPueQrq/WcO
Pv9WHFBJHpIEnmANEVM0z7UoIvdtAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQU87uh
9AKYJHNSVg2jK+1N4eMN9rkwHwYDVR0jBBgwFoAUcJAIrccXkY/f/PFnQftbEwun
xDAwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjExMUM2Lzg2QURBODk4RDIyQzExRUU4OTcyMTM2QTc3NTQxMkU2L2NKQUly
Y2NYa1lfZl9QRm5RZnRiRXd1bnhEQS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL2NKQUlyY2NYa1lfZl9QRm5RZnRiRXd1bnhEQS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjExMUM2Lzg2QURBODk4RDIyQzExRUU4OTcyMTM2QTc3
NTQxMkU2LzY5OEIyMkJBQjBFMDExRjA5ODg4M0M4N0RBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJm0gAwDQYJKoZIhvcNAQEL
BQADggEBABbIH4loU/LSdRQAQtqCj4zzj8Lbgv66cgZ07SZ51OMGIIVWVvTL0Top
35bkkXrtO8N/vWWV89ToEzQ8WTLU/O983wCtwbnaK1hDCUwCq7O8LibiuxIxSSF2
bMXWrHNiO3ja2U0yqtvgyPVSe0H4GAN8df0Zif3M4yng0nnNqXjuk/JPsQqE1SVT
FOr6kG776iX0v1Lp+urvZrg7Y7U62e6r7XvGVjQttw1zw1lbax6rsrrfkXxpcayt
r+K8haHNWs3hAYlIwlk67sNTt7V7RZRqaJcyThRJ/ztl+kbSedAwPnV0jio96Wnj
Z9nRe3x9TmH9shUEsJMnyc8gaOUkt0k=
-----END CERTIFICATE-----
Generated at Wed Nov 5 17:26:01 2025 by rpki-client