Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36596DE/965DA4FAB33A11F097B64ACDDAE4EC9C/6FAF0A32B3C711F0B62E26D6DAE4EC9C.roa
File: 6FAF0A32B3C711F0B62E26D6DAE4EC9C.roa (raw, json)
Hash identifier: WZmCRWW8TtxV2D+03+Gg2hGc4lK2ghh6H+qHzsYjVjY=
Subject key identifier: 6E:9B:93:88:93:D3:F0:6B:52:C6:5E:94:DA:CA:1E:93:B6:50:E5:F5
Certificate issuer: /CN=F36596DEAF/serialNumber=529BA74BCDF26869DF048F49CDA655DE59D981E1
Certificate serial: 03
Authority key identifier: 52:9B:A7:4B:CD:F2:68:69:DF:04:8F:49:CD:A6:55:DE:59:D9:81:E1
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/UpunS83yaGnfBI9JzaZV3lnZgeE.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36596DE/965DA4FAB33A11F097B64ACDDAE4EC9C/6FAF0A32B3C711F0B62E26D6DAE4EC9C.roa
Signing time: Tue 28 Oct 2025 06:29:21 +0000
ROA not before: Tue 28 Oct 2025 06:29:09 +0000
ROA not after: Wed 28 Oct 2026 06:29:09 +0000
asID: 329621
IP address blocks: 102.204.152.0/22 maxlen: 24
2c0f:35c0::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36596DE/965DA4FAB33A11F097B64ACDDAE4EC9C/UpunS83yaGnfBI9JzaZV3lnZgeE.crl
rsync://rpki.afrinic.net/repository/member_repository/F36596DE/965DA4FAB33A11F097B64ACDDAE4EC9C/UpunS83yaGnfBI9JzaZV3lnZgeE.mft
rsync://rpki.afrinic.net/repository/afrinic/UpunS83yaGnfBI9JzaZV3lnZgeE.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Nov 2025 00:06:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3 (0x3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36596DEAF, serialNumber=529BA74BCDF26869DF048F49CDA655DE59D981E1
Validity
Not Before: Oct 28 06:29:09 2025 GMT
Not After : Oct 28 06:29:09 2026 GMT
Subject: CN=690062c0-1035
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:93:db:f3:23:67:62:f3:97:04:c5:fe:81:12:
41:50:66:fd:0a:ba:7c:ca:79:b1:42:8e:de:db:7e:
bb:dc:01:17:c2:2c:f6:77:8c:d1:a4:d0:34:2d:2a:
36:53:08:96:d2:8a:fb:41:fc:e4:81:84:b3:eb:40:
10:db:7e:aa:e6:b1:2a:50:57:28:eb:a2:84:39:8a:
c0:39:9a:69:19:21:3a:56:f5:56:42:70:85:72:5a:
09:f0:7c:9a:d7:9a:46:5a:6b:82:66:98:25:09:df:
20:f9:fe:51:5c:dc:6f:b9:59:87:9e:34:01:49:dc:
92:85:12:d3:02:1a:29:8f:22:bc:5c:d5:b7:83:41:
4a:a9:33:49:40:48:21:2e:13:de:eb:66:7c:51:4f:
e6:14:d8:28:fd:23:20:e8:f5:1c:92:4b:31:64:f2:
b7:3b:d6:3a:fe:2f:f5:89:7b:98:ee:5c:07:24:e9:
9f:73:84:95:f1:1a:81:cc:f9:dc:cf:c3:46:8b:4d:
44:89:4c:f6:22:05:4d:ce:e6:2d:59:2d:9c:1a:41:
b8:09:54:c2:b3:0f:14:a4:eb:82:ae:32:d7:76:d7:
e4:b4:85:72:a1:57:bd:34:cc:ff:24:48:ec:0b:54:
84:30:84:4a:79:a4:52:c3:4b:b0:0c:86:72:60:72:
06:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:9B:93:88:93:D3:F0:6B:52:C6:5E:94:DA:CA:1E:93:B6:50:E5:F5
X509v3 Authority Key Identifier:
keyid:52:9B:A7:4B:CD:F2:68:69:DF:04:8F:49:CD:A6:55:DE:59:D9:81:E1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36596DE/965DA4FAB33A11F097B64ACDDAE4EC9C/UpunS83yaGnfBI9JzaZV3lnZgeE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/UpunS83yaGnfBI9JzaZV3lnZgeE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36596DE/965DA4FAB33A11F097B64ACDDAE4EC9C/6FAF0A32B3C711F0B62E26D6DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.204.152.0/22
IPv6:
2c0f:35c0::/32
Signature Algorithm: sha256WithRSAEncryption
89:3e:ec:2d:c0:aa:bc:bd:fa:88:81:41:9f:23:06:20:0a:d7:
53:c9:c7:b3:a3:ab:45:f6:92:9c:68:b0:d4:0b:7c:7f:aa:b8:
b4:51:38:c4:af:ee:9d:b1:89:a0:f9:fa:c1:e0:cd:47:64:e0:
74:a6:f1:b6:b2:6e:d2:c6:a7:80:5b:1c:23:5c:90:e4:bd:de:
12:32:3c:ed:9e:b5:72:fb:4b:d5:bd:e0:b3:6d:45:17:35:5d:
b6:50:84:f7:30:d6:09:68:ed:84:8f:81:7e:fc:a9:76:f3:50:
f4:75:25:cf:af:ef:82:25:4a:07:3b:b3:4b:a9:00:c2:4c:1a:
c1:8d:15:b8:42:4f:3a:c7:dc:a8:4b:d5:47:95:1d:45:69:80:
a9:7f:70:f0:56:80:40:de:ac:f9:1f:6b:2f:c6:9b:7c:bf:62:
93:bc:a3:37:57:62:4a:cc:a8:ab:6b:49:ae:23:a5:b8:22:f3:
f7:5d:f8:66:ee:02:24:c8:ab:83:4a:98:6f:b7:b0:29:c3:8a:
5b:19:86:79:cf:86:4c:08:43:f1:75:4a:ba:0f:b3:e6:05:a7:
24:08:44:19:94:fd:00:81:6a:17:fb:4a:51:7e:0b:2d:15:9e:
ee:f3:ca:3b:31:24:7a:b1:2c:51:f9:e4:9f:d7:cb:91:7e:77:
28:50:1c:fe
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgIBAzANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY1
OTZERUFGMTEwLwYDVQQFEyg1MjlCQTc0QkNERjI2ODY5REYwNDhGNDlDREE2NTVE
RTU5RDk4MUUxMB4XDTI1MTAyODA2MjkwOVoXDTI2MTAyODA2MjkwOVowGDEWMBQG
A1UEAxMNNjkwMDYyYzAtMTAzNTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALaT2/MjZ2LzlwTF/oESQVBm/Qq6fMp5sUKO3tt+u9wBF8Is9neM0aTQNC0q
NlMIltKK+0H85IGEs+tAENt+quaxKlBXKOuihDmKwDmaaRkhOlb1VkJwhXJaCfB8
mteaRlprgmaYJQnfIPn+UVzcb7lZh540AUnckoUS0wIaKY8ivFzVt4NBSqkzSUBI
IS4T3utmfFFP5hTYKP0jIOj1HJJLMWTytzvWOv4v9Yl7mO5cByTpn3OElfEagcz5
3M/DRotNRIlM9iIFTc7mLVktnBpBuAlUwrMPFKTrgq4y13bX5LSFcqFXvTTM/yRI
7AtUhDCESnmkUsNLsAyGcmByBikCAwEAAaOCArQwggKwMB0GA1UdDgQWBBRum5OI
k9Pwa1LGXpTayh6TtlDl9TAfBgNVHSMEGDAWgBRSm6dLzfJoad8Ej0nNplXeWdmB
4TAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NTk2REUvOTY1REE0RkFCMzNBMTFGMDk3QjY0QUNEREFFNEVDOUMvVXB1blM4
M3lhR25mQkk5SnphWlYzbG5aZ2VFLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvVXB1blM4M3lhR25mQkk5SnphWlYzbG5aZ2VFLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2NTk2REUvOTY1REE0RkFCMzNBMTFGMDk3QjY0QUNEREFF
NEVDOUMvNkZBRjBBMzJCM0M3MTFGMEI2MkUyNkQ2REFFNEVDOUMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAmbMmDANBAIAAjAHAwUALA81
wDANBgkqhkiG9w0BAQsFAAOCAQEAiT7sLcCqvL36iIFBnyMGIArXU8nHs6OrRfaS
nGiw1At8f6q4tFE4xK/unbGJoPn6weDNR2TgdKbxtrJu0sangFscI1yQ5L3eEjI8
7Z61cvtL1b3gs21FFzVdtlCE9zDWCWjthI+BfvypdvNQ9HUlz6/vgiVKBzuzS6kA
wkwawY0VuEJPOsfcqEvVR5UdRWmAqX9w8FaAQN6s+R9rL8abfL9ik7yjN1diSsyo
q2tJriOluCLz9134Zu4CJMirg0qYb7ewKcOKWxmGec+GTAhD8XVKug+z5gWnJAhE
GZT9AIFqF/tKUX4LLRWe7vPKOzEkerEsUfnkn9fLkX53KFAc/g==
-----END CERTIFICATE-----
Generated at Wed Nov 5 10:33:02 2025 by rpki-client