Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36A6D8B/FF55D76EB3DC11F0AD0F1FDCDAE4EC9C/8C1F1778B3DD11F09D265DE0DAE4EC9C.roa
File: 8C1F1778B3DD11F09D265DE0DAE4EC9C.roa (raw, json)
Hash identifier: 9l4gOdaUTRgTIxGdwK0ssiM8SEjGAK0dXHKQeYT9ki8=
Subject key identifier: 1E:C2:5F:6C:81:59:A9:E0:97:D7:AA:A3:67:EE:19:B4:B0:70:C5:6C
Certificate issuer: /CN=F36A6D8BAF/serialNumber=45F2E2FDF3113EFC6335757CAF8F5B5EC4ACCDB3
Certificate serial: 02
Authority key identifier: 45:F2:E2:FD:F3:11:3E:FC:63:35:75:7C:AF:8F:5B:5E:C4:AC:CD:B3
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/RfLi_fMRPvxjNXV8r49bXsSszbM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36A6D8B/FF55D76EB3DC11F0AD0F1FDCDAE4EC9C/8C1F1778B3DD11F09D265DE0DAE4EC9C.roa
Signing time: Tue 28 Oct 2025 09:07:37 +0000
ROA not before: Tue 28 Oct 2025 09:07:32 +0000
ROA not after: Mon 28 Oct 2030 09:07:32 +0000
asID: 329643
IP address blocks: 102.204.60.0/22 maxlen: 22
2c0f:3cc0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36A6D8B/FF55D76EB3DC11F0AD0F1FDCDAE4EC9C/RfLi_fMRPvxjNXV8r49bXsSszbM.crl
rsync://rpki.afrinic.net/repository/member_repository/F36A6D8B/FF55D76EB3DC11F0AD0F1FDCDAE4EC9C/RfLi_fMRPvxjNXV8r49bXsSszbM.mft
rsync://rpki.afrinic.net/repository/afrinic/RfLi_fMRPvxjNXV8r49bXsSszbM.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Nov 2025 00:06:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36A6D8BAF, serialNumber=45F2E2FDF3113EFC6335757CAF8F5B5EC4ACCDB3
Validity
Not Before: Oct 28 09:07:32 2025 GMT
Not After : Oct 28 09:07:32 2030 GMT
Subject: CN=690087d9-654b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:cb:a4:21:34:a6:21:06:c2:88:c0:98:fb:7b:
0d:8a:f1:43:1f:9a:e8:65:12:41:73:89:48:c3:c1:
62:db:57:fe:ad:4a:df:69:81:4a:9d:b8:b6:2b:98:
12:ca:39:8d:9c:b0:3b:c0:03:cc:16:77:d8:3f:cd:
70:18:59:69:f6:0a:04:20:ea:f5:c7:de:c6:80:45:
21:31:0f:c6:da:ec:0c:df:2f:79:2f:48:08:79:57:
15:53:f7:b8:51:d6:da:77:f8:2b:22:6b:ff:0a:8b:
16:0a:90:94:8b:22:2f:c4:5b:3f:5b:78:9e:49:f5:
87:6d:23:37:60:39:d6:ad:b7:c8:c0:98:71:05:4a:
6a:ac:63:ff:94:9d:ed:b0:4f:0a:3e:b8:56:6b:fe:
a6:82:e5:e3:fa:a4:43:34:8e:45:a4:71:42:a4:5d:
9d:af:eb:e2:ac:87:9a:5c:73:8e:7c:4a:24:f2:f5:
be:5b:80:83:f4:91:8e:f7:b7:07:1a:74:8a:3b:2c:
b5:46:ca:a8:e9:36:e7:d9:bc:94:a9:60:f2:96:91:
e5:db:65:60:05:ed:b8:6d:8e:ea:ff:11:01:f5:46:
c2:a9:07:d5:18:0f:66:ad:f2:01:11:d8:0c:fa:65:
8f:1d:cf:d5:94:44:7f:de:d1:cc:d8:bd:51:36:74:
83:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:C2:5F:6C:81:59:A9:E0:97:D7:AA:A3:67:EE:19:B4:B0:70:C5:6C
X509v3 Authority Key Identifier:
keyid:45:F2:E2:FD:F3:11:3E:FC:63:35:75:7C:AF:8F:5B:5E:C4:AC:CD:B3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36A6D8B/FF55D76EB3DC11F0AD0F1FDCDAE4EC9C/RfLi_fMRPvxjNXV8r49bXsSszbM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/RfLi_fMRPvxjNXV8r49bXsSszbM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36A6D8B/FF55D76EB3DC11F0AD0F1FDCDAE4EC9C/8C1F1778B3DD11F09D265DE0DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.204.60.0/22
IPv6:
2c0f:3cc0::/32
Signature Algorithm: sha256WithRSAEncryption
8f:9b:69:e6:e8:e6:68:69:b3:0d:30:de:bb:08:d6:a3:c5:7d:
7c:11:d0:b7:c1:a0:cd:28:d2:4c:d2:5c:a4:6f:54:c2:3c:64:
82:1d:03:4f:47:75:2a:2e:7a:d5:1a:bb:3e:11:e3:e2:92:45:
60:ad:e5:48:6c:22:f3:df:41:31:f8:03:fb:d1:d7:93:8b:c9:
9e:4f:5f:3f:48:7d:cb:2f:44:72:cb:43:a0:5c:6a:a0:b3:50:
1b:6b:77:25:9f:d1:55:a0:5e:27:53:78:76:e2:60:e2:7c:42:
2c:e7:a5:43:91:33:7c:0c:67:4f:6b:fd:fe:2d:1d:c4:98:58:
85:e8:65:4f:91:f9:63:12:fb:6a:52:2a:9e:61:df:6b:e3:fb:
d1:7b:0e:ed:8f:3a:7a:19:00:23:08:97:7f:ae:25:ed:6c:99:
38:b0:8b:b8:80:dd:05:22:2b:4e:c0:2a:27:b7:bf:98:53:0b:
29:7b:a1:5e:fd:7e:a4:dd:77:ed:87:f0:e9:8d:a8:95:ef:de:
ce:63:e4:54:45:74:18:e7:f3:59:eb:bb:48:ca:a5:f8:20:7f:
a7:1a:0f:ed:ce:8d:a7:a5:6b:ba:2a:cf:76:04:ec:a1:ea:8a:
9b:d0:b8:21:f6:e7:d2:eb:6b:31:14:cc:e2:fa:fd:dc:97:0e:
87:ce:83:88
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZB
NkQ4QkFGMTEwLwYDVQQFEyg0NUYyRTJGREYzMTEzRUZDNjMzNTc1N0NBRjhGNUI1
RUM0QUNDREIzMB4XDTI1MTAyODA5MDczMloXDTMwMTAyODA5MDczMlowGDEWMBQG
A1UEAxMNNjkwMDg3ZDktNjU0YjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL7LpCE0piEGwojAmPt7DYrxQx+a6GUSQXOJSMPBYttX/q1K32mBSp24tiuY
Eso5jZywO8ADzBZ32D/NcBhZafYKBCDq9cfexoBFITEPxtrsDN8veS9ICHlXFVP3
uFHW2nf4KyJr/wqLFgqQlIsiL8RbP1t4nkn1h20jN2A51q23yMCYcQVKaqxj/5Sd
7bBPCj64Vmv+poLl4/qkQzSORaRxQqRdna/r4qyHmlxzjnxKJPL1vluAg/SRjve3
Bxp0ijsstUbKqOk259m8lKlg8paR5dtlYAXtuG2O6v8RAfVGwqkH1RgPZq3yARHY
DPpljx3P1ZREf97RzNi9UTZ0g20CAwEAAaOCArQwggKwMB0GA1UdDgQWBBQewl9s
gVmp4JfXqqNn7hm0sHDFbDAfBgNVHSMEGDAWgBRF8uL98xE+/GM1dXyvj1texKzN
szAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2QTZEOEIvRkY1NUQ3NkVCM0RDMTFGMEFEMEYxRkRDREFFNEVDOUMvUmZMaV9m
TVJQdnhqTlhWOHI0OWJYc1NzemJNLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvUmZMaV9mTVJQdnhqTlhWOHI0OWJYc1NzemJNLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2QTZEOEIvRkY1NUQ3NkVCM0RDMTFGMEFEMEYxRkRDREFF
NEVDOUMvOEMxRjE3NzhCM0REMTFGMDlEMjY1REUwREFFNEVDOUMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAmbMPDANBAIAAjAHAwUALA88
wDANBgkqhkiG9w0BAQsFAAOCAQEAj5tp5ujmaGmzDTDeuwjWo8V9fBHQt8GgzSjS
TNJcpG9Uwjxkgh0DT0d1Ki561Rq7PhHj4pJFYK3lSGwi899BMfgD+9HXk4vJnk9f
P0h9yy9EcstDoFxqoLNQG2t3JZ/RVaBeJ1N4duJg4nxCLOelQ5EzfAxnT2v9/i0d
xJhYhehlT5H5YxL7alIqnmHfa+P70XsO7Y86ehkAIwiXf64l7WyZOLCLuIDdBSIr
TsAqJ7e/mFMLKXuhXv1+pN137Yfw6Y2ole/ezmPkVEV0GOfzWeu7SMql+CB/pxoP
7c6Np6VruirPdgTsoeqKm9C4Ifbn0utrMRTM4vr93JcOh86DiA==
-----END CERTIFICATE-----
Generated at Wed Nov 5 21:05:10 2025 by rpki-client