Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3680C14/64AB2F2A5AE011E69FCD5032F8AEA228/5060B532B11911F0A511DFDFDAE4EC9C.roa
File: 5060B532B11911F0A511DFDFDAE4EC9C.roa (raw, json)
Hash identifier: m3tnQD+y8g5zm7h352wdDcvQa81e4C1vZsXhyLSMYMk=
Subject key identifier: 27:4C:A1:06:F4:E7:A1:48:F0:E3:4B:21:52:76:9E:1C:94:47:17:1D
Certificate issuer: /CN=F3680C14AF/serialNumber=BCDFF0C9D28F1AB45062F493BB3566CAC142646D
Certificate serial: 0D74
Authority key identifier: BC:DF:F0:C9:D2:8F:1A:B4:50:62:F4:93:BB:35:66:CA:C1:42:64:6D
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/vN_wydKPGrRQYvSTuzVmysFCZG0.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3680C14/64AB2F2A5AE011E69FCD5032F8AEA228/5060B532B11911F0A511DFDFDAE4EC9C.roa
Signing time: Fri 24 Oct 2025 20:37:53 +0000
ROA not before: Fri 24 Oct 2025 20:37:36 +0000
ROA not after: Mon 31 Dec 2035 20:37:36 +0000
asID: 327966
IP address blocks: 102.204.56.0/22 maxlen: 24
102.207.184.0/22 maxlen: 24
102.217.160.0/22 maxlen: 24
197.159.88.0/21 maxlen: 24
2c0f:f588::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3680C14/64AB2F2A5AE011E69FCD5032F8AEA228/vN_wydKPGrRQYvSTuzVmysFCZG0.crl
rsync://rpki.afrinic.net/repository/member_repository/F3680C14/64AB2F2A5AE011E69FCD5032F8AEA228/vN_wydKPGrRQYvSTuzVmysFCZG0.mft
rsync://rpki.afrinic.net/repository/afrinic/vN_wydKPGrRQYvSTuzVmysFCZG0.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Nov 2025 00:06:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3444 (0xd74)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3680C14AF, serialNumber=BCDFF0C9D28F1AB45062F493BB3566CAC142646D
Validity
Not Before: Oct 24 20:37:36 2025 GMT
Not After : Dec 31 20:37:36 2035 GMT
Subject: CN=68fbe3a1-8558
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:44:9e:c8:d5:e7:7b:b0:27:42:98:c0:1b:62:
03:af:b7:62:f8:ea:aa:be:d2:5c:13:26:43:23:49:
18:73:a8:22:cf:d5:6c:e4:a2:40:dc:87:4e:b3:a2:
c0:75:d4:18:bf:25:2f:13:a6:c6:7f:72:39:74:ac:
7c:f0:f6:09:20:e1:4f:26:f2:21:94:b0:b6:9c:f3:
87:c5:0a:dd:0e:78:48:9a:d7:60:a4:1c:0d:86:e7:
46:43:78:34:e7:4b:5c:8b:87:0c:52:3a:cc:c3:7c:
7d:64:71:ff:19:5b:b6:14:98:86:5a:d8:40:47:a7:
3e:e3:d7:62:bd:a7:bc:63:90:38:da:28:60:16:3a:
c8:c3:47:5e:bd:23:f8:0e:f1:fc:20:6c:32:6d:86:
26:51:0e:81:51:29:51:eb:af:fe:66:a4:bc:50:c1:
40:0a:6b:c9:1c:99:5a:c9:6d:13:5a:b2:b3:1b:31:
db:36:80:24:19:c3:0c:de:60:d5:e6:cb:6d:4f:00:
50:39:da:e7:11:b1:f9:f1:f3:28:81:fe:40:81:8f:
0e:6f:3b:c4:5e:47:40:8d:d5:5e:b7:31:9f:f9:29:
71:d1:8f:05:00:49:0c:3b:37:54:48:c7:93:db:4f:
aa:57:d4:e0:f8:93:13:79:36:88:ca:f7:dc:e1:93:
2e:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:4C:A1:06:F4:E7:A1:48:F0:E3:4B:21:52:76:9E:1C:94:47:17:1D
X509v3 Authority Key Identifier:
keyid:BC:DF:F0:C9:D2:8F:1A:B4:50:62:F4:93:BB:35:66:CA:C1:42:64:6D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3680C14/64AB2F2A5AE011E69FCD5032F8AEA228/vN_wydKPGrRQYvSTuzVmysFCZG0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/vN_wydKPGrRQYvSTuzVmysFCZG0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3680C14/64AB2F2A5AE011E69FCD5032F8AEA228/5060B532B11911F0A511DFDFDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.204.56.0/22
102.207.184.0/22
102.217.160.0/22
197.159.88.0/21
IPv6:
2c0f:f588::/32
Signature Algorithm: sha256WithRSAEncryption
7e:4d:1b:06:5f:9f:26:59:fe:db:3b:9c:35:09:59:48:bd:c6:
04:c9:2a:c0:ce:10:a7:57:ff:b3:b7:6e:8a:24:a1:61:6e:f7:
db:34:0f:84:01:2e:d3:eb:49:8c:b4:98:81:0f:9c:8d:d2:ee:
a6:ec:3f:34:ef:74:85:fd:0a:c2:74:70:36:af:e0:a0:d2:6e:
ba:5b:7d:ad:a1:ec:3f:fd:34:f6:14:4c:fb:a8:3b:a3:ef:6c:
5d:60:93:0c:36:d5:ad:8c:aa:d2:2c:90:18:cb:24:67:e2:bd:
77:79:60:64:55:df:68:42:dd:72:0a:a6:ae:5f:ee:82:f1:d1:
19:00:5a:c8:73:63:da:75:bd:a6:1a:75:95:8c:67:57:38:5c:
fd:b1:65:99:7b:53:3e:00:6a:e2:3a:ac:04:e6:16:8a:25:14:
82:ab:b1:83:c8:17:a1:f0:53:bd:ae:df:c9:fe:f5:c6:44:2f:
77:7b:2f:03:f1:67:7a:af:43:c4:8a:b7:a4:6d:f4:34:95:2b:
bf:c2:57:72:12:58:c5:2f:93:41:5d:3e:16:d7:17:e7:b5:1f:
36:6e:30:54:d5:10:61:57:c9:c2:5a:b1:3e:99:c0:8e:a5:c5:
cc:ce:59:cd:24:fc:82:a8:7e:bc:4c:b1:e4:40:08:ab:17:5c:
50:1f:f5:7e
-----BEGIN CERTIFICATE-----
MIIFpDCCBIygAwIBAgICDXQwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODBDMTRBRjExMC8GA1UEBRMoQkNERkYwQzlEMjhGMUFCNDUwNjJGNDkzQkIzNTY2
Q0FDMTQyNjQ2RDAeFw0yNTEwMjQyMDM3MzZaFw0zNTEyMzEyMDM3MzZaMBgxFjAU
BgNVBAMTDTY4ZmJlM2ExLTg1NTgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDsRJ7I1ed7sCdCmMAbYgOvt2L46qq+0lwTJkMjSRhzqCLP1WzkokDch06z
osB11Bi/JS8TpsZ/cjl0rHzw9gkg4U8m8iGUsLac84fFCt0OeEia12CkHA2G50ZD
eDTnS1yLhwxSOszDfH1kcf8ZW7YUmIZa2EBHpz7j12K9p7xjkDjaKGAWOsjDR169
I/gO8fwgbDJthiZRDoFRKVHrr/5mpLxQwUAKa8kcmVrJbRNasrMbMds2gCQZwwze
YNXmy21PAFA52ucRsfnx8yiB/kCBjw5vO8ReR0CN1V63MZ/5KXHRjwUASQw7N1RI
x5PbT6pX1OD4kxN5NojK99zhky6TAgMBAAGjggLGMIICwjAdBgNVHQ4EFgQUJ0yh
BvTnoUjw40shUnaeHJRHFx0wHwYDVR0jBBgwFoAUvN/wydKPGrRQYvSTuzVmysFC
ZG0wDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgwQzE0LzY0QUIyRjJBNUFFMDExRTY5RkNENTAzMkY4QUVBMjI4L3ZOX3d5
ZEtQR3JSUVl2U1R1elZteXNGQ1pHMC5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL3ZOX3d5ZEtQR3JSUVl2U1R1elZteXNGQ1pHMC5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgwQzE0LzY0QUIyRjJBNUFFMDExRTY5RkNENTAzMkY4
QUVBMjI4LzUwNjBCNTMyQjExOTExRjBBNTExREZERkRBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwQAYIKwYBBQUHAQcBAf8EMTAvMB4EAgABMBgDBAJmzDgDBAJmz7gDBAJm2aAD
BAPFn1gwDQQCAAIwBwMFACwP9YgwDQYJKoZIhvcNAQELBQADggEBAH5NGwZfnyZZ
/ts7nDUJWUi9xgTJKsDOEKdX/7O3bookoWFu99s0D4QBLtPrSYy0mIEPnI3S7qbs
PzTvdIX9CsJ0cDav4KDSbrpbfa2h7D/9NPYUTPuoO6PvbF1gkww21a2MqtIskBjL
JGfivXd5YGRV32hC3XIKpq5f7oLx0RkAWshzY9p1vaYadZWMZ1c4XP2xZZl7Uz4A
auI6rATmFoolFIKrsYPIF6HwU72u38n+9cZEL3d7LwPxZ3qvQ8SKt6Rt9DSVK7/C
V3ISWMUvk0FdPhbXF+e1HzZuMFTVEGFXycJasT6ZwI6lxczOWc0k/IKofrxMseRA
CKsXXFAf9X4=
-----END CERTIFICATE-----
Generated at Wed Nov 5 14:47:52 2025 by rpki-client