Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36479AF/5CFEC160C4C811E9B4DD3D1AF8AEA228/3E66DB8057F111F0936B18D1DAE4EC9C.roa
File: 3E66DB8057F111F0936B18D1DAE4EC9C.roa (raw, json)
Hash identifier: gjxAsFe0dP/8o6tsCVoZzAfjfuitbx06pVPgL/V3EJI=
Subject key identifier: EB:37:1F:A1:8A:37:ED:35:4C:2C:2F:81:D5:D2:FC:2C:B7:F3:FF:70
Certificate issuer: /CN=F36479AFAF/serialNumber=07BAD6177458B648409D07F59A9910A5D3403D0C
Certificate serial: 08A2
Authority key identifier: 07:BA:D6:17:74:58:B6:48:40:9D:07:F5:9A:99:10:A5:D3:40:3D:0C
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/B7rWF3RYtkhAnQf1mpkQpdNAPQw.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36479AF/5CFEC160C4C811E9B4DD3D1AF8AEA228/3E66DB8057F111F0936B18D1DAE4EC9C.roa
Signing time: Thu 03 Jul 2025 09:36:50 +0000
ROA not before: Thu 03 Jul 2025 09:36:45 +0000
ROA not after: Mon 03 Jul 2028 09:36:45 +0000
asID: 29286
IP address blocks: 197.234.40.0/24 maxlen: 24
197.234.41.0/24 maxlen: 24
197.234.42.0/24 maxlen: 24
197.234.43.0/24 maxlen: 24
197.234.47.0/24 maxlen: 24
197.234.54.0/24 maxlen: 24
197.234.55.0/24 maxlen: 24
197.234.56.0/24 maxlen: 24
197.234.59.0/24 maxlen: 24
197.234.61.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36479AF/5CFEC160C4C811E9B4DD3D1AF8AEA228/B7rWF3RYtkhAnQf1mpkQpdNAPQw.crl
rsync://rpki.afrinic.net/repository/member_repository/F36479AF/5CFEC160C4C811E9B4DD3D1AF8AEA228/B7rWF3RYtkhAnQf1mpkQpdNAPQw.mft
rsync://rpki.afrinic.net/repository/afrinic/B7rWF3RYtkhAnQf1mpkQpdNAPQw.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 27 Jul 2025 00:06:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2210 (0x8a2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36479AFAF, serialNumber=07BAD6177458B648409D07F59A9910A5D3403D0C
Validity
Not Before: Jul 3 09:36:45 2025 GMT
Not After : Jul 3 09:36:45 2028 GMT
Subject: CN=68664f32-8523
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:b9:86:1d:21:71:02:89:41:d5:96:02:fe:31:
a6:05:f8:dc:36:49:87:b1:69:a7:75:f3:22:84:44:
4b:37:5e:96:b7:70:6b:9b:e4:76:6e:09:61:54:88:
b3:b7:8a:d7:31:25:31:57:84:c6:79:0d:5d:42:23:
44:5c:85:46:2c:3b:6a:24:45:d1:7f:0a:f1:72:a3:
d9:b3:53:8e:e8:fb:b4:6b:ad:44:25:3b:54:e3:09:
0c:ff:fa:44:6f:17:2e:c5:ed:74:83:13:83:1c:73:
19:1c:5d:88:a9:fd:7b:14:e4:41:04:58:7e:c2:5e:
ce:cf:d3:5b:67:e0:76:29:43:17:19:4c:ba:c1:ea:
ee:b6:21:8c:fb:2a:7a:70:ca:8f:5b:d0:92:2d:f7:
87:2e:40:de:46:a4:dc:3a:9f:9a:77:bb:14:8f:3d:
c9:0a:3a:dd:fb:e3:97:5f:ee:4b:19:cf:6a:a7:a7:
b5:cb:cf:dd:ee:e0:d4:d9:1d:bc:35:41:64:f2:06:
94:80:fb:2e:65:46:e0:3b:75:6e:12:ff:5b:bd:f7:
78:1c:b3:ec:cf:a5:a0:b2:5c:eb:51:36:3f:af:09:
98:ca:56:88:8b:dc:12:5e:2a:c3:cf:97:d0:b6:d9:
e4:9c:02:e2:58:5a:7b:5a:bb:40:88:96:78:29:eb:
35:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:37:1F:A1:8A:37:ED:35:4C:2C:2F:81:D5:D2:FC:2C:B7:F3:FF:70
X509v3 Authority Key Identifier:
keyid:07:BA:D6:17:74:58:B6:48:40:9D:07:F5:9A:99:10:A5:D3:40:3D:0C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36479AF/5CFEC160C4C811E9B4DD3D1AF8AEA228/B7rWF3RYtkhAnQf1mpkQpdNAPQw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/B7rWF3RYtkhAnQf1mpkQpdNAPQw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36479AF/5CFEC160C4C811E9B4DD3D1AF8AEA228/3E66DB8057F111F0936B18D1DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
197.234.40.0/22
197.234.47.0/24
197.234.54.0-197.234.56.255
197.234.59.0/24
197.234.61.0/24
Signature Algorithm: sha256WithRSAEncryption
44:2c:48:e4:0b:95:a0:d1:90:c0:d6:52:6a:e4:19:73:b5:c6:
eb:28:af:8b:15:42:39:99:94:82:51:b9:31:b8:69:7f:c9:8e:
f7:83:b6:4f:81:03:7f:f8:b8:a9:a0:45:dc:2a:bd:e6:b7:1f:
d1:bb:bd:43:79:3e:fe:c6:19:51:8e:0c:3b:f1:bd:cd:ec:32:
01:d9:ff:42:36:9c:9e:7e:6c:6c:94:f7:2c:55:d3:de:6d:99:
70:57:8e:bf:30:f6:df:05:4b:2d:0d:8a:6d:28:3c:c3:d9:c7:
2a:11:9a:4f:d7:7d:26:82:97:43:82:8f:a5:88:6d:4f:50:77:
fe:b2:a0:86:d9:58:11:9f:fd:1b:1d:ad:b9:de:b5:08:2e:99:
6a:33:9e:82:70:9d:44:27:fd:7e:17:56:b9:d0:cf:64:12:3d:
52:d8:42:26:d2:47:ec:a9:28:d7:e0:fe:3f:e0:d6:fd:46:80:
75:26:a1:3a:ad:09:50:18:d8:02:09:70:87:dc:02:21:0b:30:
96:2b:12:34:5c:6a:cc:58:fc:5c:ee:a7:83:45:da:6f:5d:fa:
a8:ff:db:75:9c:07:71:c9:55:b3:8d:74:bd:3b:ee:71:3b:06:
7c:63:14:fd:fa:74:97:fd:0a:20:13:14:93:86:e6:ee:d7:27:
28:36:db:c5
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgICCKIwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
NDc5QUZBRjExMC8GA1UEBRMoMDdCQUQ2MTc3NDU4QjY0ODQwOUQwN0Y1OUE5OTEw
QTVEMzQwM0QwQzAeFw0yNTA3MDMwOTM2NDVaFw0yODA3MDMwOTM2NDVaMBgxFjAU
BgNVBAMTDTY4NjY0ZjMyLTg1MjMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC/uYYdIXECiUHVlgL+MaYF+Nw2SYexaad18yKEREs3Xpa3cGub5HZuCWFU
iLO3itcxJTFXhMZ5DV1CI0RchUYsO2okRdF/CvFyo9mzU47o+7RrrUQlO1TjCQz/
+kRvFy7F7XSDE4MccxkcXYip/XsU5EEEWH7CXs7P01tn4HYpQxcZTLrB6u62IYz7
Knpwyo9b0JIt94cuQN5GpNw6n5p3uxSPPckKOt3745df7ksZz2qnp7XLz93u4NTZ
Hbw1QWTyBpSA+y5lRuA7dW4S/1u993gcs+zPpaCyXOtRNj+vCZjKVoiL3BJeKsPP
l9C22eScAuJYWntau0CIlngp6zUVAgMBAAGjggLFMIICwTAdBgNVHQ4EFgQU6zcf
oYo37TVMLC+B1dL8LLfz/3AwHwYDVR0jBBgwFoAUB7rWF3RYtkhAnQf1mpkQpdNA
PQwwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjQ3OUFGLzVDRkVDMTYwQzRDODExRTlCNEREM0QxQUY4QUVBMjI4L0I3cldG
M1JZdGtoQW5RZjFtcGtRcGROQVBRdy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0I3cldGM1JZdGtoQW5RZjFtcGtRcGROQVBRdy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjQ3OUFGLzVDRkVDMTYwQzRDODExRTlCNEREM0QxQUY4
QUVBMjI4LzNFNjZEQjgwNTdGMTExRjA5MzZCMThEMURBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwPwYIKwYBBQUHAQcBAf8EMDAuMCwEAgABMCYDBALF6igDBADF6i8wDAMEAcXq
NgMEAMXqOAMEAMXqOwMEAMXqPTANBgkqhkiG9w0BAQsFAAOCAQEARCxI5AuVoNGQ
wNZSauQZc7XG6yivixVCOZmUglG5Mbhpf8mO94O2T4EDf/i4qaBF3Cq95rcf0bu9
Q3k+/sYZUY4MO/G9zewyAdn/Qjacnn5sbJT3LFXT3m2ZcFeOvzD23wVLLQ2KbSg8
w9nHKhGaT9d9JoKXQ4KPpYhtT1B3/rKghtlYEZ/9Gx2tud61CC6ZajOegnCdRCf9
fhdWudDPZBI9UthCJtJH7Kko1+D+P+DW/UaAdSahOq0JUBjYAglwh9wCIQswlisS
NFxqzFj8XO6ng0Xab136qP/bdZwHcclVs410vTvucTsGfGMU/fp0l/0KIBMUk4bm
7tcnKDbbxQ==
-----END CERTIFICATE-----
Generated at Fri Jul 25 23:59:56 2025 by rpki-client