Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36852F0/C35834EC825811F08AF34E8CDAE4EC9C/6D2177B4832511F0892AAFC7DAE4EC9C.roa
File: 6D2177B4832511F0892AAFC7DAE4EC9C.roa (raw, json)
Hash identifier: aHAZN2QhTCRQrqiHV0Jl7+gEXu4WrL625sFACBWD1qA=
Subject key identifier: 71:28:3C:21:E4:B2:04:EC:6A:43:13:86:89:26:DC:15:FB:72:77:F0
Certificate issuer: /CN=F36852F0AR/serialNumber=980341CA63283FDC642E783C45583EA46442331B
Certificate serial: 06
Authority key identifier: 98:03:41:CA:63:28:3F:DC:64:2E:78:3C:45:58:3E:A4:64:42:33:1B
Authority info access: rsync://rpki.afrinic.net/repository/arin/mANBymMoP9xkLng8RVg-pGRCMxs.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36852F0/C35834EC825811F08AF34E8CDAE4EC9C/6D2177B4832511F0892AAFC7DAE4EC9C.roa
Signing time: Wed 27 Aug 2025 09:08:42 +0000
ROA not before: Wed 27 Aug 2025 09:08:37 +0000
ROA not after: Sun 26 Aug 2035 09:08:37 +0000
asID: 31167
IP address blocks: 169.239.148.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36852F0/C35834EC825811F08AF34E8CDAE4EC9C/mANBymMoP9xkLng8RVg-pGRCMxs.crl
rsync://rpki.afrinic.net/repository/member_repository/F36852F0/C35834EC825811F08AF34E8CDAE4EC9C/mANBymMoP9xkLng8RVg-pGRCMxs.mft
rsync://rpki.afrinic.net/repository/arin/mANBymMoP9xkLng8RVg-pGRCMxs.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 15 Sep 2025 05:12:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6 (0x6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36852F0AR, serialNumber=980341CA63283FDC642E783C45583EA46442331B
Validity
Not Before: Aug 27 09:08:37 2025 GMT
Not After : Aug 26 09:08:37 2035 GMT
Subject: CN=68aecb1a-895c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:8e:4b:1d:65:28:0c:10:6e:e3:3a:db:57:48:
53:00:76:d8:2f:44:cf:84:cc:65:12:7d:30:d2:93:
fc:6f:aa:1f:96:94:0f:8a:eb:5a:1a:61:3d:2b:b1:
c7:37:29:b2:9d:5c:81:32:5d:a9:72:11:39:3e:c8:
80:ae:06:f5:89:3e:07:26:93:72:26:bc:84:d2:e0:
bf:10:19:75:e7:ec:71:4a:d2:cc:f5:8e:f8:23:fb:
78:84:98:1b:f4:3f:8f:42:12:24:c9:9d:ff:75:04:
31:e6:a5:dc:ab:b5:ed:73:74:3a:2f:29:97:25:f9:
ab:cb:38:c7:0e:6f:56:3d:da:91:de:6b:b9:dc:22:
bc:f7:8c:69:a3:1f:ff:68:2b:dd:e8:a7:c5:a7:95:
f7:53:52:3c:f7:c4:8d:1c:dc:3a:77:27:06:27:b4:
8a:ac:b6:22:03:6b:be:c8:6a:70:4b:73:3e:ed:72:
08:0b:7f:0c:5e:f9:50:8e:2b:75:75:d8:94:1a:a9:
58:49:80:d6:21:ce:ff:fb:59:4a:8d:7a:bc:31:a4:
70:6e:bf:70:10:da:54:2c:51:9b:f3:8c:ff:eb:65:
92:03:2e:cf:1e:98:24:89:0a:9a:58:6e:3a:42:d3:
37:05:bc:99:92:e0:7b:13:89:79:99:ce:e3:56:50:
75:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:28:3C:21:E4:B2:04:EC:6A:43:13:86:89:26:DC:15:FB:72:77:F0
X509v3 Authority Key Identifier:
keyid:98:03:41:CA:63:28:3F:DC:64:2E:78:3C:45:58:3E:A4:64:42:33:1B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36852F0/C35834EC825811F08AF34E8CDAE4EC9C/mANBymMoP9xkLng8RVg-pGRCMxs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/mANBymMoP9xkLng8RVg-pGRCMxs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36852F0/C35834EC825811F08AF34E8CDAE4EC9C/6D2177B4832511F0892AAFC7DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
169.239.148.0/22
Signature Algorithm: sha256WithRSAEncryption
b9:08:c5:45:50:64:96:a5:4e:32:43:c5:5b:c9:0b:07:91:f2:
9e:1d:6f:c1:62:3e:6f:1d:21:e8:fc:93:31:36:2d:64:3c:f2:
e5:08:ed:18:04:18:49:ad:7c:eb:39:a4:76:94:ff:0a:2c:b5:
35:18:95:ca:a3:a7:b5:63:9d:7d:d3:11:4f:69:0c:5d:d4:c8:
55:f6:96:cd:91:1b:b2:fa:22:39:8b:04:7b:9b:77:63:5c:1c:
90:4a:3d:ee:f0:ec:c5:4d:2b:07:f9:6b:f1:25:a9:a5:e9:50:
3b:7c:a1:db:38:14:db:78:f1:f1:1a:6b:e9:13:33:94:14:74:
fb:c5:0e:d3:0a:dc:41:c3:5a:07:85:b9:0b:d3:35:80:d9:3e:
8b:bc:a8:36:b7:a3:e4:13:c9:b3:de:50:49:28:b6:f8:df:dc:
fc:16:63:cf:9d:28:8e:cc:dd:dd:82:6b:22:05:2e:a3:54:fd:
48:65:2b:3a:fa:65:9d:10:ce:5a:5d:d9:ac:f4:77:6d:8b:65:
e8:09:54:2b:7a:d6:bc:05:f8:dc:16:c8:f6:15:9c:64:fc:8f:
ea:44:7b:b8:03:5e:b7:9e:37:b4:ac:bf:7d:f0:a4:2d:e3:73:
80:ad:6d:26:8f:3a:56:13:1b:ef:03:a5:52:de:a3:f3:cc:d0:
1e:72:4f:37
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgIBBjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY4
NTJGMEFSMTEwLwYDVQQFEyg5ODAzNDFDQTYzMjgzRkRDNjQyRTc4M0M0NTU4M0VB
NDY0NDIzMzFCMB4XDTI1MDgyNzA5MDgzN1oXDTM1MDgyNjA5MDgzN1owGDEWMBQG
A1UEAxMNNjhhZWNiMWEtODk1YzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMqOSx1lKAwQbuM621dIUwB22C9Ez4TMZRJ9MNKT/G+qH5aUD4rrWhphPSux
xzcpsp1cgTJdqXIROT7IgK4G9Yk+ByaTcia8hNLgvxAZdefscUrSzPWO+CP7eISY
G/Q/j0ISJMmd/3UEMeal3Ku17XN0Oi8plyX5q8s4xw5vVj3akd5rudwivPeMaaMf
/2gr3einxaeV91NSPPfEjRzcOncnBie0iqy2IgNrvshqcEtzPu1yCAt/DF75UI4r
dXXYlBqpWEmA1iHO//tZSo16vDGkcG6/cBDaVCxRm/OM/+tlkgMuzx6YJIkKmlhu
OkLTNwW8mZLgexOJeZnO41ZQdXMCAwEAAaOCAqIwggKeMB0GA1UdDgQWBBRxKDwh
5LIE7GpDE4aJJtwV+3J38DAfBgNVHSMEGDAWgBSYA0HKYyg/3GQueDxFWD6kZEIz
GzAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2ODUyRjAvQzM1ODM0RUM4MjU4MTFGMDhBRjM0RThDREFFNEVDOUMvbUFOQnlt
TW9QOXhrTG5nOFJWZy1wR1JDTXhzLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2FyaW4v
bUFOQnltTW9QOXhrTG5nOFJWZy1wR1JDTXhzLmNlcjBPBgNVHSABAf8ERTBDMEEG
CCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmljLm5l
dC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUFBzAL
hoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3Jl
cG9zaXRvcnkvRjM2ODUyRjAvQzM1ODM0RUM4MjU4MTFGMDhBRjM0RThDREFFNEVD
OUMvNkQyMTc3QjQ4MzI1MTFGMDg5MkFBRkM3REFFNEVDOUMucm9hMDUGCCsGAQUF
BzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAqnvlDANBgkqhkiG9w0BAQsFAAOC
AQEAuQjFRVBklqVOMkPFW8kLB5Hynh1vwWI+bx0h6PyTMTYtZDzy5QjtGAQYSa18
6zmkdpT/Ciy1NRiVyqOntWOdfdMRT2kMXdTIVfaWzZEbsvoiOYsEe5t3Y1wckEo9
7vDsxU0rB/lr8SWppelQO3yh2zgU23jx8Rpr6RMzlBR0+8UO0wrcQcNaB4W5C9M1
gNk+i7yoNrej5BPJs95QSSi2+N/c/BZjz50ojszd3YJrIgUuo1T9SGUrOvplnRDO
Wl3ZrPR3bYtl6AlUK3rWvAX43BbI9hWcZPyP6kR7uANet543tKy/ffCkLeNzgK1t
Jo86VhMb7wOlUt6j88zQHnJPNw==
-----END CERTIFICATE-----
Generated at Sun Sep 14 02:37:36 2025 by rpki-client