Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3644EA8/C396ACEE60A811F0B48991E5DAE4EC9C/696CD0C060B411F0907E96B2DAE4EC9C.roa
File: 696CD0C060B411F0907E96B2DAE4EC9C.roa (raw, json)
Hash identifier: 5bAy/PZpHx90ghvP8O3g7YznUOeX+iyLW+PI1ddCQfo=
Subject key identifier: 3B:90:BB:A1:EE:D6:76:A0:DB:C3:A1:1B:21:9F:30:1A:4E:67:BF:56
Certificate issuer: /CN=F3644EA8AF/serialNumber=D9C0E5C2497AC88BFFFBCED9F55D60A22898927F
Certificate serial: 02
Authority key identifier: D9:C0:E5:C2:49:7A:C8:8B:FF:FB:CE:D9:F5:5D:60:A2:28:98:92:7F
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/2cDlwkl6yIv_-87Z9V1goiiYkn8.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3644EA8/C396ACEE60A811F0B48991E5DAE4EC9C/696CD0C060B411F0907E96B2DAE4EC9C.roa
Signing time: Mon 14 Jul 2025 13:14:03 +0000
ROA not before: Mon 14 Jul 2025 13:13:58 +0000
ROA not after: Tue 14 Jul 2026 13:13:58 +0000
asID: 329419
IP address blocks: 102.209.237.0/24 maxlen: 24
2c0f:3340::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3644EA8/C396ACEE60A811F0B48991E5DAE4EC9C/2cDlwkl6yIv_-87Z9V1goiiYkn8.crl
rsync://rpki.afrinic.net/repository/member_repository/F3644EA8/C396ACEE60A811F0B48991E5DAE4EC9C/2cDlwkl6yIv_-87Z9V1goiiYkn8.mft
rsync://rpki.afrinic.net/repository/afrinic/2cDlwkl6yIv_-87Z9V1goiiYkn8.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 15 Aug 2025 05:28:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3644EA8AF, serialNumber=D9C0E5C2497AC88BFFFBCED9F55D60A22898927F
Validity
Not Before: Jul 14 13:13:58 2025 GMT
Not After : Jul 14 13:13:58 2026 GMT
Subject: CN=6875029b-9e98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:b2:3e:ab:3d:e6:17:74:05:3a:e2:2b:54:da:
da:3e:38:c0:af:51:d6:f9:36:95:42:92:0a:ab:9c:
cf:bc:04:53:fa:c8:79:e7:2c:9a:3a:ec:78:74:c2:
2a:b2:cb:42:10:06:4b:d9:9c:4a:7b:ee:c1:29:60:
11:1d:11:a9:a7:4c:a3:f2:27:b3:ee:1e:ac:d8:53:
53:9c:71:53:67:1a:d4:72:af:93:98:66:9b:d1:f0:
c4:c6:0f:0e:c1:3a:6f:b5:4f:2b:72:d9:a2:b1:8c:
6b:5e:ff:e8:7f:04:25:b4:22:d6:1b:a0:90:a8:3b:
8c:22:c3:7e:95:f2:97:df:66:8e:fd:b2:ca:67:c0:
07:b2:96:7f:73:00:b2:8a:cf:04:0f:0d:3d:f4:90:
39:f3:e6:01:71:ef:be:be:3d:c0:80:3b:54:05:fc:
f7:52:ee:fc:e7:d1:33:8f:57:57:57:39:e9:29:fb:
c0:c6:de:01:6c:aa:ec:90:dd:6a:99:2e:30:3f:94:
6c:ee:4f:ea:85:7f:d3:b2:da:62:cc:fa:15:15:a5:
40:9e:2c:77:6c:3c:70:19:d6:9e:59:d6:30:9b:d1:
6f:2a:d1:c4:e0:c0:2f:0f:20:63:d3:45:04:33:70:
65:9f:b8:ce:ab:a2:b8:6f:33:35:d8:1e:05:a3:a1:
67:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:90:BB:A1:EE:D6:76:A0:DB:C3:A1:1B:21:9F:30:1A:4E:67:BF:56
X509v3 Authority Key Identifier:
keyid:D9:C0:E5:C2:49:7A:C8:8B:FF:FB:CE:D9:F5:5D:60:A2:28:98:92:7F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3644EA8/C396ACEE60A811F0B48991E5DAE4EC9C/2cDlwkl6yIv_-87Z9V1goiiYkn8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/2cDlwkl6yIv_-87Z9V1goiiYkn8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3644EA8/C396ACEE60A811F0B48991E5DAE4EC9C/696CD0C060B411F0907E96B2DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.209.237.0/24
IPv6:
2c0f:3340::/32
Signature Algorithm: sha256WithRSAEncryption
a5:6c:1a:d1:b9:d7:73:23:be:e3:a0:ad:77:c9:56:cc:c5:a5:
4e:44:c5:8f:54:b4:ff:e6:75:ae:5f:a4:18:e0:e4:bb:3b:e3:
c9:c1:29:d9:8a:a0:0a:a8:a5:ae:64:90:2c:97:b3:63:39:12:
76:72:d2:ea:52:74:67:01:50:be:a0:56:49:35:45:f9:ec:9f:
ac:65:a8:48:90:5e:84:fe:dc:c2:b1:0e:db:4c:ef:59:10:53:
f6:34:8e:02:ea:c0:ac:45:98:7d:d9:e7:fe:30:f4:ad:0f:77:
46:1c:30:93:60:29:9d:2a:47:7d:ef:f6:a0:85:9d:2f:7b:58:
a6:44:ec:94:d8:d9:c6:f6:00:47:db:ef:02:b0:e2:54:07:ae:
0a:5f:b7:5d:2f:72:79:28:0a:19:52:6a:46:43:69:f2:6e:dc:
94:63:e0:55:28:4d:50:ad:fa:26:9f:26:01:91:6c:6d:57:2b:
ae:08:51:4a:aa:e3:f6:e6:db:b1:26:f0:8e:ab:44:65:86:84:
c5:d9:a6:f8:58:c3:7e:28:bd:a6:47:20:f2:64:47:b3:35:db:
6b:6b:14:d8:9c:4c:38:d2:5b:d9:09:f7:ca:5d:32:cd:15:87:
2a:ba:f3:bb:45:c5:49:bb:49:40:42:f2:b9:c9:98:dd:9f:eb:
2e:44:8f:e5
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY0
NEVBOEFGMTEwLwYDVQQFEyhEOUMwRTVDMjQ5N0FDODhCRkZGQkNFRDlGNTVENjBB
MjI4OTg5MjdGMB4XDTI1MDcxNDEzMTM1OFoXDTI2MDcxNDEzMTM1OFowGDEWMBQG
A1UEAxMNNjg3NTAyOWItOWU5ODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANqyPqs95hd0BTriK1Ta2j44wK9R1vk2lUKSCqucz7wEU/rIeecsmjrseHTC
KrLLQhAGS9mcSnvuwSlgER0RqadMo/Ins+4erNhTU5xxU2ca1HKvk5hmm9HwxMYP
DsE6b7VPK3LZorGMa17/6H8EJbQi1hugkKg7jCLDfpXyl99mjv2yymfAB7KWf3MA
sorPBA8NPfSQOfPmAXHvvr49wIA7VAX891Lu/OfRM49XV1c56Sn7wMbeAWyq7JDd
apkuMD+UbO5P6oV/07LaYsz6FRWlQJ4sd2w8cBnWnlnWMJvRbyrRxODALw8gY9NF
BDNwZZ+4zquiuG8zNdgeBaOhZ2ECAwEAAaOCArQwggKwMB0GA1UdDgQWBBQ7kLuh
7tZ2oNvDoRshnzAaTme/VjAfBgNVHSMEGDAWgBTZwOXCSXrIi//7ztn1XWCiKJiS
fzAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NDRFQTgvQzM5NkFDRUU2MEE4MTFGMEI0ODk5MUU1REFFNEVDOUMvMmNEbHdr
bDZ5SXZfLTg3WjlWMWdvaWlZa244LmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvMmNEbHdrbDZ5SXZfLTg3WjlWMWdvaWlZa244LmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2NDRFQTgvQzM5NkFDRUU2MEE4MTFGMEI0ODk5MUU1REFF
NEVDOUMvNjk2Q0QwQzA2MEI0MTFGMDkwN0U5NkIyREFFNEVDOUMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAGbR7TANBAIAAjAHAwUALA8z
QDANBgkqhkiG9w0BAQsFAAOCAQEApWwa0bnXcyO+46Ctd8lWzMWlTkTFj1S0/+Z1
rl+kGODkuzvjycEp2YqgCqilrmSQLJezYzkSdnLS6lJ0ZwFQvqBWSTVF+eyfrGWo
SJBehP7cwrEO20zvWRBT9jSOAurArEWYfdnn/jD0rQ93Rhwwk2ApnSpHfe/2oIWd
L3tYpkTslNjZxvYAR9vvArDiVAeuCl+3XS9yeSgKGVJqRkNp8m7clGPgVShNUK36
Jp8mAZFsbVcrrghRSqrj9ubbsSbwjqtEZYaExdmm+FjDfii9pkcg8mRHszXba2sU
2JxMONJb2Qn3yl0yzRWHKrrzu0XFSbtJQELyucmY3Z/rLkSP5Q==
-----END CERTIFICATE-----
Generated at Wed Aug 13 19:39:47 2025 by rpki-client