Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36312D2/FFA25144F0FD11EBA85B643ED8A014CE/76C70DC43B9511F0B3A3FDC7DAE4EC9C.roa
File: 76C70DC43B9511F0B3A3FDC7DAE4EC9C.roa (raw, json)
Hash identifier: 2RqGsOATA4GGZI26i6ZoRArJDh+WeGnm6XzuaOGnVv8=
Subject key identifier: B1:36:3F:CE:E9:40:16:F5:6A:B0:74:66:01:2A:D5:35:CD:54:49:07
Certificate issuer: /CN=F36312D2AF/serialNumber=31BA5ACE57BF1DAFBA88DDAEF42EC8F1515E13C2
Certificate serial: 05BC
Authority key identifier: 31:BA:5A:CE:57:BF:1D:AF:BA:88:DD:AE:F4:2E:C8:F1:51:5E:13:C2
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/Mbpazle_Ha-6iN2u9C7I8VFeE8I.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36312D2/FFA25144F0FD11EBA85B643ED8A014CE/76C70DC43B9511F0B3A3FDC7DAE4EC9C.roa
Signing time: Wed 28 May 2025 07:29:18 +0000
ROA not before: Wed 28 May 2025 07:29:13 +0000
ROA not after: Mon 31 Dec 2035 07:29:13 +0000
asID: 37236
IP address blocks: 2c0f:f010::/32 maxlen: 32
2c0f:f010::/32 maxlen: 64
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36312D2/FFA25144F0FD11EBA85B643ED8A014CE/Mbpazle_Ha-6iN2u9C7I8VFeE8I.crl
rsync://rpki.afrinic.net/repository/member_repository/F36312D2/FFA25144F0FD11EBA85B643ED8A014CE/Mbpazle_Ha-6iN2u9C7I8VFeE8I.mft
rsync://rpki.afrinic.net/repository/afrinic/Mbpazle_Ha-6iN2u9C7I8VFeE8I.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 08 Jun 2025 00:06:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1468 (0x5bc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36312D2AF, serialNumber=31BA5ACE57BF1DAFBA88DDAEF42EC8F1515E13C2
Validity
Not Before: May 28 07:29:13 2025 GMT
Not After : Dec 31 07:29:13 2035 GMT
Subject: CN=6836bb4e-13ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:ae:93:85:e1:77:16:31:ba:ad:f5:da:e9:6d:
81:87:b3:c0:e5:4b:88:ac:5b:3c:c2:38:eb:a5:9d:
9b:f6:3d:b0:eb:da:20:81:5f:4a:b2:b5:f5:ad:c9:
fc:d1:6a:b2:cc:50:73:3b:6d:21:05:5b:50:5f:99:
61:f5:2b:93:a7:1b:c5:68:10:a3:fb:28:53:43:9b:
a3:83:fe:07:e0:fc:eb:8a:0b:03:bb:1b:7a:80:8d:
bb:71:f4:88:ba:48:a8:8a:2d:79:a5:04:72:dc:6a:
94:e4:23:f2:74:d6:d4:9c:a1:65:5f:0b:91:93:23:
b5:85:67:23:98:67:4d:31:b3:e9:87:33:93:e9:8f:
fd:73:16:c9:ec:ce:77:c5:5a:1c:14:23:25:38:0e:
27:3b:14:e0:55:8e:34:b9:b3:e2:7c:5a:ab:cc:ae:
93:78:eb:09:36:ca:17:2c:fd:e9:2d:5b:de:85:73:
00:f5:ed:23:d4:43:fc:c7:46:63:3e:e1:ae:b6:f5:
e0:a6:52:7d:29:ae:0f:1b:a3:f9:ac:32:21:c7:40:
03:d2:09:c5:6f:ec:3d:0a:11:69:ff:4b:c7:33:e1:
8e:0a:cc:55:c6:d6:fb:71:5e:8b:32:b1:b0:11:b5:
66:2b:cd:32:ab:36:0a:21:2d:f8:ab:af:4f:c6:bd:
3f:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:36:3F:CE:E9:40:16:F5:6A:B0:74:66:01:2A:D5:35:CD:54:49:07
X509v3 Authority Key Identifier:
keyid:31:BA:5A:CE:57:BF:1D:AF:BA:88:DD:AE:F4:2E:C8:F1:51:5E:13:C2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36312D2/FFA25144F0FD11EBA85B643ED8A014CE/Mbpazle_Ha-6iN2u9C7I8VFeE8I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/Mbpazle_Ha-6iN2u9C7I8VFeE8I.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36312D2/FFA25144F0FD11EBA85B643ED8A014CE/76C70DC43B9511F0B3A3FDC7DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2c0f:f010::/32
Signature Algorithm: sha256WithRSAEncryption
6e:e5:47:90:6f:e5:7b:9a:a1:e3:f1:d7:11:a3:cd:39:19:8b:
6e:85:87:af:c7:8b:85:f1:3f:93:a7:57:39:e5:f7:0c:cf:57:
74:25:4b:c6:4d:80:13:e9:dd:29:68:f3:e4:5e:5c:76:b9:39:
ee:94:69:6b:d1:6c:27:33:40:65:99:a1:e1:cd:46:8c:02:82:
5d:f7:b0:4b:08:e3:79:90:7f:df:78:aa:43:26:29:72:9d:8b:
e3:61:c2:20:98:63:ff:5f:d6:bf:e4:74:a2:c3:74:89:61:c1:
85:d2:07:c2:86:54:9c:41:93:df:d4:d5:ec:97:71:6a:34:04:
9a:71:ed:60:dc:f5:83:57:c9:37:af:27:d2:67:fc:6a:85:66:
79:c9:e0:72:f0:1d:01:a2:91:93:93:e9:4a:39:fa:74:5b:b3:
dd:2e:7b:9b:8e:62:b1:7f:86:8d:42:38:ab:60:9c:34:f8:7a:
a3:b6:17:79:03:24:e4:2f:55:e8:e4:65:22:b4:5a:0f:dc:5f:
ff:c8:09:66:5b:0a:6c:55:48:3e:44:ec:de:2c:df:3f:30:7a:
89:5d:fc:99:0f:e8:05:41:d3:d6:31:d6:73:cc:ca:19:6f:15:
8e:4f:b0:88:4a:ed:eb:bb:01:a4:11:10:5b:84:8c:82:f0:98:
77:03:0c:d3
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICBbwwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
MzEyRDJBRjExMC8GA1UEBRMoMzFCQTVBQ0U1N0JGMURBRkJBODhEREFFRjQyRUM4
RjE1MTVFMTNDMjAeFw0yNTA1MjgwNzI5MTNaFw0zNTEyMzEwNzI5MTNaMBgxFjAU
BgNVBAMTDTY4MzZiYjRlLTEzZWQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCgrpOF4XcWMbqt9drpbYGHs8DlS4isWzzCOOulnZv2PbDr2iCBX0qytfWt
yfzRarLMUHM7bSEFW1BfmWH1K5OnG8VoEKP7KFNDm6OD/gfg/OuKCwO7G3qAjbtx
9Ii6SKiKLXmlBHLcapTkI/J01tScoWVfC5GTI7WFZyOYZ00xs+mHM5Ppj/1zFsns
znfFWhwUIyU4Dic7FOBVjjS5s+J8WqvMrpN46wk2yhcs/ektW96FcwD17SPUQ/zH
RmM+4a629eCmUn0prg8bo/msMiHHQAPSCcVv7D0KEWn/S8cz4Y4KzFXG1vtxXosy
sbARtWYrzTKrNgohLfirr0/GvT9bAgMBAAGjggKmMIICojAdBgNVHQ4EFgQUsTY/
zulAFvVqsHRmASrVNc1USQcwHwYDVR0jBBgwFoAUMbpazle/Ha+6iN2u9C7I8VFe
E8IwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjMxMkQyL0ZGQTI1MTQ0RjBGRDExRUJBODVCNjQzRUQ4QTAxNENFL01icGF6
bGVfSGEtNmlOMnU5QzdJOFZGZUU4SS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL01icGF6bGVfSGEtNmlOMnU5QzdJOFZGZUU4SS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjMxMkQyL0ZGQTI1MTQ0RjBGRDExRUJBODVCNjQzRUQ4
QTAxNENFLzc2QzcwREM0M0I5NTExRjBCM0EzRkRDN0RBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAsD/AQMA0GCSqGSIb3DQEB
CwUAA4IBAQBu5UeQb+V7mqHj8dcRo805GYtuhYevx4uF8T+Tp1c55fcMz1d0JUvG
TYAT6d0paPPkXlx2uTnulGlr0WwnM0BlmaHhzUaMAoJd97BLCON5kH/feKpDJily
nYvjYcIgmGP/X9a/5HSiw3SJYcGF0gfChlScQZPf1NXsl3FqNASace1g3PWDV8k3
ryfSZ/xqhWZ5yeBy8B0BopGTk+lKOfp0W7PdLnubjmKxf4aNQjirYJw0+Hqjthd5
AyTkL1Xo5GUitFoP3F//yAlmWwpsVUg+ROzeLN8/MHqJXfyZD+gFQdPWMdZzzMoZ
bxWOT7CISu3ruwGkERBbhIyC8Jh3AwzT
-----END CERTIFICATE-----
Generated at Fri Jun 6 19:36:26 2025 by rpki-client