Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368312F/0BC79D2EB77611F0877ABAE9DAE4EC9C/5ADD0CAEB77711F0B31C3CF2DAE4EC9C.roa
File: 5ADD0CAEB77711F0B31C3CF2DAE4EC9C.roa (raw, json)
Hash identifier: XcjIzmFNzJT5kTJblhnVUYbZcRGqo4ZoGY70idy8eA8=
Subject key identifier: 3B:66:80:AA:7B:9D:4A:EB:66:F0:4A:E6:B2:53:35:C9:30:C2:77:0E
Certificate issuer: /CN=F368312FAF/serialNumber=3D0E036846AF6D54478C0C8187C8D72233AAC1CA
Certificate serial: 05
Authority key identifier: 3D:0E:03:68:46:AF:6D:54:47:8C:0C:81:87:C8:D7:22:33:AA:C1:CA
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/PQ4DaEavbVRHjAyBh8jXIjOqwco.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368312F/0BC79D2EB77611F0877ABAE9DAE4EC9C/5ADD0CAEB77711F0B31C3CF2DAE4EC9C.roa
Signing time: Sat 01 Nov 2025 23:06:10 +0000
ROA not before: Sun 02 Nov 2025 23:06:06 +0000
ROA not after: Sat 02 Nov 2030 23:06:06 +0000
asID: 329636
IP address blocks: 102.204.123.0/24 maxlen: 24
2c0f:3ac0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368312F/0BC79D2EB77611F0877ABAE9DAE4EC9C/PQ4DaEavbVRHjAyBh8jXIjOqwco.crl
rsync://rpki.afrinic.net/repository/member_repository/F368312F/0BC79D2EB77611F0877ABAE9DAE4EC9C/PQ4DaEavbVRHjAyBh8jXIjOqwco.mft
rsync://rpki.afrinic.net/repository/afrinic/PQ4DaEavbVRHjAyBh8jXIjOqwco.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Nov 2025 00:06:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5 (0x5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368312FAF, serialNumber=3D0E036846AF6D54478C0C8187C8D72233AAC1CA
Validity
Not Before: Nov 2 23:06:06 2025 GMT
Not After : Nov 2 23:06:06 2030 GMT
Subject: CN=69069262-dfc3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:ad:d2:c4:5c:59:92:e3:da:32:f7:b5:3e:76:
ed:a7:64:c8:e7:a9:d4:53:99:c6:e0:5d:9b:6d:b0:
8d:a6:4b:75:d9:49:01:76:fc:66:1d:3e:d3:28:8c:
81:2b:df:16:30:62:65:a3:54:8f:35:12:68:04:c4:
00:70:6f:8d:04:c7:48:04:a2:be:8d:71:2d:bb:b4:
d3:af:f3:71:c4:b9:39:ef:6b:7c:5c:24:d7:01:5f:
fa:11:da:61:c5:75:a5:26:06:4c:14:8d:d7:4c:9a:
a1:7a:18:08:ce:e3:f2:ea:32:90:a9:b2:c8:75:f4:
6d:e9:ee:a5:5c:b8:c9:1e:25:50:71:c7:8b:b9:23:
2a:7a:f0:ba:b5:9b:15:d4:f9:d5:1e:33:16:7b:a9:
11:52:20:c6:b2:f8:71:8a:eb:00:55:ea:9f:65:f9:
cd:4b:14:cf:02:28:58:ae:27:5e:09:c3:05:24:00:
66:1a:75:f5:d0:31:d3:62:95:54:c4:12:07:0f:ea:
a9:16:07:02:72:d4:d0:e6:46:f3:1c:e7:b0:3a:1e:
6a:84:aa:88:a4:98:be:aa:d7:90:d2:5f:27:77:41:
2e:ac:c3:1b:eb:74:b8:b6:fa:97:bd:b3:73:e4:4b:
ba:18:44:f7:9a:ad:46:81:3d:ad:28:1a:49:6a:da:
f4:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:66:80:AA:7B:9D:4A:EB:66:F0:4A:E6:B2:53:35:C9:30:C2:77:0E
X509v3 Authority Key Identifier:
keyid:3D:0E:03:68:46:AF:6D:54:47:8C:0C:81:87:C8:D7:22:33:AA:C1:CA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368312F/0BC79D2EB77611F0877ABAE9DAE4EC9C/PQ4DaEavbVRHjAyBh8jXIjOqwco.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/PQ4DaEavbVRHjAyBh8jXIjOqwco.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368312F/0BC79D2EB77611F0877ABAE9DAE4EC9C/5ADD0CAEB77711F0B31C3CF2DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.204.123.0/24
IPv6:
2c0f:3ac0::/32
Signature Algorithm: sha256WithRSAEncryption
b1:22:74:f7:18:e7:6b:d7:4c:dc:ea:e0:3c:fe:e3:fd:f3:02:
0c:66:ab:1a:12:10:d9:5c:f9:01:5b:1d:22:18:75:5b:f7:1f:
0a:f0:ff:56:4c:1a:81:b5:51:cd:74:9c:9b:d0:42:b4:15:5d:
12:0b:df:bd:5e:9c:d1:38:f9:22:af:16:21:68:ed:c1:fa:3d:
cf:94:18:d9:5f:c3:ff:10:88:48:02:f4:29:0d:da:38:3c:67:
0a:43:b2:b1:f3:a3:7d:91:e2:22:cc:e5:b2:29:60:d9:4a:5e:
86:89:5a:f5:c4:b7:68:29:39:44:0d:7a:a8:07:5e:fb:a5:29:
54:41:25:87:c5:67:51:0c:a7:e6:4e:58:b7:ca:36:78:3d:42:
61:99:e7:58:c6:f3:73:36:4f:54:3c:ad:f7:c9:20:60:ca:90:
77:17:d9:98:3e:54:c8:be:ad:ee:b3:05:51:89:05:e0:b7:e7:
4b:2c:81:7e:9a:ac:8a:46:fb:e3:0f:62:83:4a:0e:fd:a3:9c:
39:e2:60:82:0c:e7:d1:24:7e:76:67:c0:97:29:e9:7b:1b:b3:
9f:6d:d8:f5:1f:5f:65:3a:13:e4:4e:b7:a0:8c:a9:b4:fa:a1:
91:a7:33:8e:da:b0:02:39:df:dc:3f:6e:f9:83:64:ef:c7:02:
bc:40:2b:76
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgIBBTANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY4
MzEyRkFGMTEwLwYDVQQFEygzRDBFMDM2ODQ2QUY2RDU0NDc4QzBDODE4N0M4RDcy
MjMzQUFDMUNBMB4XDTI1MTEwMjIzMDYwNloXDTMwMTEwMjIzMDYwNlowGDEWMBQG
A1UEAxMNNjkwNjkyNjItZGZjMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOWt0sRcWZLj2jL3tT527adkyOep1FOZxuBdm22wjaZLddlJAXb8Zh0+0yiM
gSvfFjBiZaNUjzUSaATEAHBvjQTHSASivo1xLbu006/zccS5Oe9rfFwk1wFf+hHa
YcV1pSYGTBSN10yaoXoYCM7j8uoykKmyyHX0benupVy4yR4lUHHHi7kjKnrwurWb
FdT51R4zFnupEVIgxrL4cYrrAFXqn2X5zUsUzwIoWK4nXgnDBSQAZhp19dAx02KV
VMQSBw/qqRYHAnLU0OZG8xznsDoeaoSqiKSYvqrXkNJfJ3dBLqzDG+t0uLb6l72z
c+RLuhhE95qtRoE9rSgaSWra9JMCAwEAAaOCArQwggKwMB0GA1UdDgQWBBQ7ZoCq
e51K62bwSuayUzXJMMJ3DjAfBgNVHSMEGDAWgBQ9DgNoRq9tVEeMDIGHyNciM6rB
yjAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2ODMxMkYvMEJDNzlEMkVCNzc2MTFGMDg3N0FCQUU5REFFNEVDOUMvUFE0RGFF
YXZiVlJIakF5Qmg4alhJak9xd2NvLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvUFE0RGFFYXZiVlJIakF5Qmg4alhJak9xd2NvLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2ODMxMkYvMEJDNzlEMkVCNzc2MTFGMDg3N0FCQUU5REFF
NEVDOUMvNUFERDBDQUVCNzc3MTFGMEIzMUMzQ0YyREFFNEVDOUMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAGbMezANBAIAAjAHAwUALA86
wDANBgkqhkiG9w0BAQsFAAOCAQEAsSJ09xjna9dM3OrgPP7j/fMCDGarGhIQ2Vz5
AVsdIhh1W/cfCvD/VkwagbVRzXScm9BCtBVdEgvfvV6c0Tj5Iq8WIWjtwfo9z5QY
2V/D/xCISAL0KQ3aODxnCkOysfOjfZHiIszlsilg2Upehola9cS3aCk5RA16qAde
+6UpVEElh8VnUQyn5k5Yt8o2eD1CYZnnWMbzczZPVDyt98kgYMqQdxfZmD5UyL6t
7rMFUYkF4LfnSyyBfpqsikb74w9ig0oO/aOcOeJgggzn0SR+dmfAlynpexuzn23Y
9R9fZToT5E63oIyptPqhkaczjtqwAjnf3D9u+YNk78cCvEArdg==
-----END CERTIFICATE-----
Generated at Wed Nov 5 13:57:26 2025 by rpki-client