Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F367DFA4/08B8D82093AC11EBB1D2A832F8AEA228/E20D69CEB1DE11F083295FAFDAE4EC9C.roa
File: E20D69CEB1DE11F083295FAFDAE4EC9C.roa (raw, json)
Hash identifier: D+zht3Z3LNaU3r+Q89Mqd+rAC5qhjcvnknFhh+9L55U=
Subject key identifier: 98:58:23:98:7D:7A:1A:EA:DB:95:6C:DC:C2:6E:C6:07:C7:3B:DF:C4
Certificate issuer: /CN=F367DFA4AF/serialNumber=97C90E25212D887CF9E1DE6FDDF551BA812FA139
Certificate serial: 07F7
Authority key identifier: 97:C9:0E:25:21:2D:88:7C:F9:E1:DE:6F:DD:F5:51:BA:81:2F:A1:39
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/l8kOJSEtiHz54d5v3fVRuoEvoTk.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F367DFA4/08B8D82093AC11EBB1D2A832F8AEA228/E20D69CEB1DE11F083295FAFDAE4EC9C.roa
Signing time: Sat 25 Oct 2025 20:12:08 +0000
ROA not before: Sat 25 Oct 2025 20:12:03 +0000
ROA not after: Sun 30 Nov 2025 20:12:03 +0000
asID: 23470
IP address blocks: 102.177.181.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F367DFA4/08B8D82093AC11EBB1D2A832F8AEA228/l8kOJSEtiHz54d5v3fVRuoEvoTk.crl
rsync://rpki.afrinic.net/repository/member_repository/F367DFA4/08B8D82093AC11EBB1D2A832F8AEA228/l8kOJSEtiHz54d5v3fVRuoEvoTk.mft
rsync://rpki.afrinic.net/repository/afrinic/l8kOJSEtiHz54d5v3fVRuoEvoTk.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 06 Nov 2025 00:06:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2039 (0x7f7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F367DFA4AF, serialNumber=97C90E25212D887CF9E1DE6FDDF551BA812FA139
Validity
Not Before: Oct 25 20:12:03 2025 GMT
Not After : Nov 30 20:12:03 2025 GMT
Subject: CN=68fd2f18-fd26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:0b:cb:2e:b7:1c:b5:49:9c:e9:c5:03:95:80:
00:ff:58:eb:05:bc:c5:e7:7e:72:00:73:3b:9c:ee:
06:bd:ae:2a:e9:3e:85:b0:79:59:8c:53:65:e9:27:
05:96:53:f3:6e:ff:e3:6e:40:78:5d:a5:69:c5:bf:
07:19:fe:20:4e:f7:f2:81:91:fe:b9:e6:d9:b5:13:
93:0b:24:07:26:c1:62:7c:e5:62:ab:57:8a:15:50:
06:bd:cd:e4:4e:57:b2:bb:d8:a6:66:05:6b:a1:bc:
aa:28:63:31:d2:b8:10:47:95:84:37:5a:80:86:97:
90:f6:4f:19:d7:94:8c:a7:c6:d6:63:c6:9b:ca:bf:
8d:3a:a1:15:e7:cd:0f:2f:77:1f:67:5a:da:4d:52:
e5:9c:d9:11:07:d1:2a:e2:cb:6d:59:69:1d:88:9e:
2c:a5:17:58:c0:9c:86:a3:c3:0b:50:aa:02:42:fe:
de:45:ce:f0:0f:71:7d:cb:65:e6:39:f9:20:08:5a:
02:65:f8:84:88:9e:0c:2d:95:69:52:09:7c:e5:e8:
34:74:ff:e6:f8:66:27:00:2d:02:5f:5f:7c:aa:33:
17:e2:60:97:c2:09:d3:c6:24:6c:bb:af:83:90:7a:
c7:d1:11:91:5f:44:2d:65:71:12:4d:e5:b0:88:33:
ee:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:58:23:98:7D:7A:1A:EA:DB:95:6C:DC:C2:6E:C6:07:C7:3B:DF:C4
X509v3 Authority Key Identifier:
keyid:97:C9:0E:25:21:2D:88:7C:F9:E1:DE:6F:DD:F5:51:BA:81:2F:A1:39
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F367DFA4/08B8D82093AC11EBB1D2A832F8AEA228/l8kOJSEtiHz54d5v3fVRuoEvoTk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/l8kOJSEtiHz54d5v3fVRuoEvoTk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F367DFA4/08B8D82093AC11EBB1D2A832F8AEA228/E20D69CEB1DE11F083295FAFDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.177.181.0/24
Signature Algorithm: sha256WithRSAEncryption
98:b7:42:74:bb:94:8e:e5:92:03:ae:70:d1:a5:d8:04:c1:a9:
68:f4:c8:a1:80:ee:95:6e:9e:8c:bb:68:a6:3a:d5:cb:65:47:
c9:b1:0b:38:51:71:8a:2b:09:f3:ad:08:19:95:0a:95:ba:dd:
ee:c4:4b:e8:cd:fb:b7:b1:fb:e7:24:c5:6f:eb:15:02:f7:3c:
d1:1f:46:24:76:25:54:b4:07:47:f9:41:9a:5b:55:be:c1:25:
20:4d:23:28:67:7e:62:49:34:b2:6e:36:bb:ae:1b:c5:28:9f:
ff:f4:32:7a:c5:7a:43:3f:f1:e7:9c:09:0c:71:7f:e5:98:71:
59:75:97:75:76:fa:d5:40:79:93:b1:47:d7:0d:50:d4:d6:db:
9a:88:be:1f:8e:81:fd:86:98:83:84:7c:14:8e:48:c7:4d:05:
d7:24:35:6f:0e:0f:a4:fe:d5:e6:55:62:96:9d:ac:36:b9:1f:
c1:f9:f3:4b:cd:5e:5f:53:d3:6b:3d:95:57:1f:b3:eb:19:2c:
62:40:a1:e0:31:9e:97:1c:bf:81:82:3d:a5:42:f5:11:f1:29:
86:fa:1c:bf:e2:c7:3d:59:af:5b:7f:95:24:3d:95:ce:e1:78:
2a:95:da:bb:c0:b0:c9:57:86:1e:da:f6:8a:1a:ea:4e:64:f7:
e6:b1:9f:c3
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICB/cwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
N0RGQTRBRjExMC8GA1UEBRMoOTdDOTBFMjUyMTJEODg3Q0Y5RTFERTZGRERGNTUx
QkE4MTJGQTEzOTAeFw0yNTEwMjUyMDEyMDNaFw0yNTExMzAyMDEyMDNaMBgxFjAU
BgNVBAMTDTY4ZmQyZjE4LWZkMjYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCjC8sutxy1SZzpxQOVgAD/WOsFvMXnfnIAczuc7ga9rirpPoWweVmMU2Xp
JwWWU/Nu/+NuQHhdpWnFvwcZ/iBO9/KBkf655tm1E5MLJAcmwWJ85WKrV4oVUAa9
zeROV7K72KZmBWuhvKooYzHSuBBHlYQ3WoCGl5D2TxnXlIynxtZjxpvKv406oRXn
zQ8vdx9nWtpNUuWc2REH0Sriy21ZaR2IniylF1jAnIajwwtQqgJC/t5FzvAPcX3L
ZeY5+SAIWgJl+ISIngwtlWlSCXzl6DR0/+b4ZicALQJfX3yqMxfiYJfCCdPGJGy7
r4OQesfREZFfRC1lcRJN5bCIM+6FAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUmFgj
mH16GurblWzcwm7GB8c738QwHwYDVR0jBBgwFoAUl8kOJSEtiHz54d5v3fVRuoEv
oTkwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjdERkE0LzA4QjhEODIwOTNBQzExRUJCMUQyQTgzMkY4QUVBMjI4L2w4a09K
U0V0aUh6NTRkNXYzZlZSdW9Fdm9Uay5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL2w4a09KU0V0aUh6NTRkNXYzZlZSdW9Fdm9Uay5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjdERkE0LzA4QjhEODIwOTNBQzExRUJCMUQyQTgzMkY4
QUVBMjI4L0UyMEQ2OUNFQjFERTExRjA4MzI5NUZBRkRBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABmsbUwDQYJKoZIhvcNAQEL
BQADggEBAJi3QnS7lI7lkgOucNGl2ATBqWj0yKGA7pVunoy7aKY61ctlR8mxCzhR
cYorCfOtCBmVCpW63e7ES+jN+7ex++ckxW/rFQL3PNEfRiR2JVS0B0f5QZpbVb7B
JSBNIyhnfmJJNLJuNruuG8Uon//0MnrFekM/8eecCQxxf+WYcVl1l3V2+tVAeZOx
R9cNUNTW25qIvh+Ogf2GmIOEfBSOSMdNBdckNW8OD6T+1eZVYpadrDa5H8H580vN
Xl9T02s9lVcfs+sZLGJAoeAxnpccv4GCPaVC9RHxKYb6HL/ixz1Zr1t/lSQ9lc7h
eCqV2rvAsMlXhh7a9ooa6k5k9+axn8M=
-----END CERTIFICATE-----
Generated at Tue Nov 4 18:04:29 2025 by rpki-client