Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3676134/3362C1AA567E11F0B014F9DEDAE4EC9C/0CCEA6DC5E9211F08D7B5BC0DAE4EC9C.roa
File: 0CCEA6DC5E9211F08D7B5BC0DAE4EC9C.roa (raw, json)
Hash identifier: mAyYLRcyIUE3TElt1ycaBN45k+kC6zc7xFNJFD0mN6o=
Subject key identifier: 99:09:55:0A:79:05:3F:B3:0E:99:FE:A6:76:8B:26:99:59:84:A2:17
Certificate issuer: /CN=F3676134AF/serialNumber=74B03B8FD8F53BEF4887B78698F9ECAB1B1F69B0
Certificate serial: 11
Authority key identifier: 74:B0:3B:8F:D8:F5:3B:EF:48:87:B7:86:98:F9:EC:AB:1B:1F:69:B0
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/dLA7j9j1O-9Ih7eGmPnsqxsfabA.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3676134/3362C1AA567E11F0B014F9DEDAE4EC9C/0CCEA6DC5E9211F08D7B5BC0DAE4EC9C.roa
Signing time: Fri 11 Jul 2025 20:03:02 +0000
ROA not before: Fri 11 Jul 2025 20:02:57 +0000
ROA not after: Wed 01 Jul 2026 20:02:57 +0000
asID: 213481
IP address blocks: 2c0f:fc78::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3676134/3362C1AA567E11F0B014F9DEDAE4EC9C/dLA7j9j1O-9Ih7eGmPnsqxsfabA.crl
rsync://rpki.afrinic.net/repository/member_repository/F3676134/3362C1AA567E11F0B014F9DEDAE4EC9C/dLA7j9j1O-9Ih7eGmPnsqxsfabA.mft
rsync://rpki.afrinic.net/repository/afrinic/dLA7j9j1O-9Ih7eGmPnsqxsfabA.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 24 Jul 2025 05:28:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17 (0x11)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3676134AF, serialNumber=74B03B8FD8F53BEF4887B78698F9ECAB1B1F69B0
Validity
Not Before: Jul 11 20:02:57 2025 GMT
Not After : Jul 1 20:02:57 2026 GMT
Subject: CN=68716df6-e82d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:6a:57:b5:e3:c9:0f:98:ed:3f:ad:fc:3c:66:
6f:02:13:1d:c8:34:05:8f:5d:b6:18:29:8a:8a:bb:
00:88:6e:c4:d5:cc:0a:75:c9:3e:b8:37:24:a4:72:
23:11:b9:ac:63:8f:34:0f:11:37:f8:a1:6d:36:ec:
5c:aa:f5:fd:1d:68:8d:15:88:77:de:33:cf:6c:2f:
a1:7f:16:a5:4f:3a:ed:b8:a3:b1:5b:d2:a2:62:ea:
9b:fd:c0:a2:e9:d1:19:37:24:cf:42:3d:1b:b3:fb:
7f:a6:08:9f:14:27:2c:3f:f3:77:7c:72:75:97:38:
78:9d:ea:18:2a:65:d8:57:75:da:5a:17:f6:28:40:
6e:32:cb:79:41:cf:1f:77:f0:26:21:fb:62:4a:95:
16:d2:c5:9a:d0:4c:a9:bc:20:24:9f:0c:71:dd:60:
e9:e5:a1:1c:c4:eb:ae:3a:80:c8:fe:ff:21:a3:45:
43:5d:71:80:5a:9e:ca:07:68:e6:35:ea:45:7e:24:
a8:f8:fe:13:30:4e:01:4b:f5:36:23:e5:56:f1:99:
7e:c7:b2:7d:a8:20:70:e3:fc:65:19:f0:46:d4:b0:
eb:73:52:88:71:0a:a1:9a:40:91:c7:3a:27:b7:a2:
6a:09:19:b8:0d:50:4f:d9:07:ed:3f:35:b9:80:5c:
c0:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:09:55:0A:79:05:3F:B3:0E:99:FE:A6:76:8B:26:99:59:84:A2:17
X509v3 Authority Key Identifier:
keyid:74:B0:3B:8F:D8:F5:3B:EF:48:87:B7:86:98:F9:EC:AB:1B:1F:69:B0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3676134/3362C1AA567E11F0B014F9DEDAE4EC9C/dLA7j9j1O-9Ih7eGmPnsqxsfabA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/dLA7j9j1O-9Ih7eGmPnsqxsfabA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3676134/3362C1AA567E11F0B014F9DEDAE4EC9C/0CCEA6DC5E9211F08D7B5BC0DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2c0f:fc78::/32
Signature Algorithm: sha256WithRSAEncryption
0d:86:b2:ee:3c:fb:75:6d:29:0a:35:0b:33:b5:2d:29:fe:86:
e5:1d:8d:1e:1d:86:fb:53:35:c0:7d:b1:18:68:3b:d0:9b:33:
6b:59:29:d6:45:36:d9:70:b7:cc:58:14:41:56:8f:aa:a8:4f:
47:7d:de:81:62:00:e0:85:6d:79:e4:eb:8f:51:42:3e:c2:d6:
1e:05:9e:1b:16:be:5a:e2:01:7b:e6:9b:a8:45:ab:e3:ec:c1:
bb:fc:2b:f9:d7:98:18:54:9b:3f:36:88:9e:2f:81:7d:c4:c0:
83:8d:01:68:42:ab:8c:eb:24:fd:3d:fd:66:fc:1e:33:f5:81:
ca:41:e7:dc:63:0f:ff:24:18:6e:4d:6b:a1:a2:bc:6c:4a:f4:
24:39:da:b2:48:e1:e1:f6:12:31:af:08:62:58:b9:5b:79:40:
3d:3b:78:ef:c8:20:bb:6e:e1:a3:1f:e5:59:08:1b:af:51:b3:
a5:7d:62:b1:c5:d7:ad:81:a1:cc:14:d8:f4:e3:6e:7d:28:9d:
b5:db:78:2b:a5:ed:7a:3e:17:34:2d:7b:1c:d1:ec:53:91:41:
9c:c6:83:f9:24:52:cc:ce:9c:ce:f6:73:05:75:6c:94:e2:f2:
b9:73:c4:35:33:19:39:96:ac:90:4f:c8:4d:ac:0f:15:d6:11:
96:3d:b3:1f
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgIBETANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY3
NjEzNEFGMTEwLwYDVQQFEyg3NEIwM0I4RkQ4RjUzQkVGNDg4N0I3ODY5OEY5RUNB
QjFCMUY2OUIwMB4XDTI1MDcxMTIwMDI1N1oXDTI2MDcwMTIwMDI1N1owGDEWMBQG
A1UEAxMNNjg3MTZkZjYtZTgyZDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKpqV7XjyQ+Y7T+t/DxmbwITHcg0BY9dthgpioq7AIhuxNXMCnXJPrg3JKRy
IxG5rGOPNA8RN/ihbTbsXKr1/R1ojRWId94zz2wvoX8WpU867bijsVvSomLqm/3A
ounRGTckz0I9G7P7f6YInxQnLD/zd3xydZc4eJ3qGCpl2Fd12loX9ihAbjLLeUHP
H3fwJiH7YkqVFtLFmtBMqbwgJJ8Mcd1g6eWhHMTrrjqAyP7/IaNFQ11xgFqeygdo
5jXqRX4kqPj+EzBOAUv1NiPlVvGZfseyfaggcOP8ZRnwRtSw63NSiHEKoZpAkcc6
J7eiagkZuA1QT9kH7T81uYBcwOsCAwEAAaOCAqYwggKiMB0GA1UdDgQWBBSZCVUK
eQU/sw6Z/qZ2iyaZWYSiFzAfBgNVHSMEGDAWgBR0sDuP2PU770iHt4aY+eyrGx9p
sDAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NzYxMzQvMzM2MkMxQUE1NjdFMTFGMEIwMTRGOURFREFFNEVDOUMvZExBN2o5
ajFPLTlJaDdlR21QbnNxeHNmYWJBLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvZExBN2o5ajFPLTlJaDdlR21QbnNxeHNmYWJBLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2NzYxMzQvMzM2MkMxQUE1NjdFMTFGMEIwMTRGOURFREFF
NEVDOUMvMENDRUE2REM1RTkyMTFGMDhEN0I1QkMwREFFNEVDOUMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACwP/HgwDQYJKoZIhvcNAQEL
BQADggEBAA2Gsu48+3VtKQo1CzO1LSn+huUdjR4dhvtTNcB9sRhoO9CbM2tZKdZF
Ntlwt8xYFEFWj6qoT0d93oFiAOCFbXnk649RQj7C1h4FnhsWvlriAXvmm6hFq+Ps
wbv8K/nXmBhUmz82iJ4vgX3EwIONAWhCq4zrJP09/Wb8HjP1gcpB59xjD/8kGG5N
a6GivGxK9CQ52rJI4eH2EjGvCGJYuVt5QD07eO/IILtu4aMf5VkIG69Rs6V9YrHF
162BocwU2PTjbn0onbXbeCul7Xo+FzQtexzR7FORQZzGg/kkUszOnM72cwV1bJTi
8rlzxDUzGTmWrJBPyE2sDxXWEZY9sx8=
-----END CERTIFICATE-----
Generated at Tue Jul 22 11:49:04 2025 by rpki-client