Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3645501/9CDFC738915111EAA5A73044F8AEA228/C69507C6303111F08DE721DEDAE4EC9C.roa
File: C69507C6303111F08DE721DEDAE4EC9C.roa (raw, json)
Hash identifier: n1LnT/xuX8ossK6e1Qu5ErVwbY8lo9OUKGVmWsM35RE=
Subject key identifier: C8:23:87:DD:22:9A:A9:65:BB:A9:42:DF:16:94:B7:80:58:8C:ED:75
Certificate issuer: /CN=F3645501AF/serialNumber=0BBA40F550DE49EEC572917124EE008A24C44D0F
Certificate serial: 0763
Authority key identifier: 0B:BA:40:F5:50:DE:49:EE:C5:72:91:71:24:EE:00:8A:24:C4:4D:0F
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/C7pA9VDeSe7FcpFxJO4AiiTETQ8.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3645501/9CDFC738915111EAA5A73044F8AEA228/C69507C6303111F08DE721DEDAE4EC9C.roa
Signing time: Tue 13 May 2025 19:37:59 +0000
ROA not before: Tue 13 May 2025 19:37:55 +0000
ROA not after: Fri 31 May 2030 19:37:55 +0000
asID: 327705
IP address blocks: 196.220.128.0/19 maxlen: 19
2001:43f8:9f0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3645501/9CDFC738915111EAA5A73044F8AEA228/C7pA9VDeSe7FcpFxJO4AiiTETQ8.crl
rsync://rpki.afrinic.net/repository/member_repository/F3645501/9CDFC738915111EAA5A73044F8AEA228/C7pA9VDeSe7FcpFxJO4AiiTETQ8.mft
rsync://rpki.afrinic.net/repository/afrinic/C7pA9VDeSe7FcpFxJO4AiiTETQ8.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 09 Jun 2025 01:56:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1891 (0x763)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3645501AF, serialNumber=0BBA40F550DE49EEC572917124EE008A24C44D0F
Validity
Not Before: May 13 19:37:55 2025 GMT
Not After : May 31 19:37:55 2030 GMT
Subject: CN=68239f97-904f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:ae:13:05:17:c0:93:a0:ea:f0:c2:cc:1b:6b:
d8:d8:f3:d9:3f:d0:af:f6:6b:2f:c6:1b:79:d2:b3:
04:a4:c9:e1:5d:3f:58:be:8a:7b:e6:48:f0:14:5f:
c3:fb:d9:82:81:73:e1:45:b2:63:5c:da:54:98:a7:
25:36:7c:95:ff:96:50:92:18:92:36:cc:ee:eb:75:
7a:11:c3:12:e7:84:d4:c4:06:54:d8:19:d4:d5:22:
7b:a5:15:c0:95:8f:4b:65:da:c5:99:f8:30:de:1f:
ba:45:38:b6:ca:d2:5e:e4:87:cf:36:90:78:4f:93:
de:51:5f:2a:dc:0d:f8:9b:b1:57:15:2d:fe:b1:3c:
c8:41:93:3d:18:29:1b:d4:1c:35:83:6e:f3:b5:98:
30:2a:87:41:c8:d4:c7:94:93:14:60:0f:8e:77:a0:
e5:9e:54:a6:5b:4d:68:7e:c9:75:e7:41:4a:14:b1:
18:66:1f:1f:d2:0c:f6:ba:bc:7e:52:e9:79:3d:dc:
79:32:95:c5:e5:fb:6c:44:cb:b8:2a:5a:bd:6c:b8:
1b:71:75:4c:ae:a2:55:55:88:09:7b:68:93:95:c6:
22:0f:11:1e:8e:e1:f4:34:e8:11:2f:d0:12:d7:f0:
6c:22:8e:d9:e3:dd:d5:f6:2a:f6:17:8d:9c:1c:08:
8a:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:23:87:DD:22:9A:A9:65:BB:A9:42:DF:16:94:B7:80:58:8C:ED:75
X509v3 Authority Key Identifier:
keyid:0B:BA:40:F5:50:DE:49:EE:C5:72:91:71:24:EE:00:8A:24:C4:4D:0F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3645501/9CDFC738915111EAA5A73044F8AEA228/C7pA9VDeSe7FcpFxJO4AiiTETQ8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/C7pA9VDeSe7FcpFxJO4AiiTETQ8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3645501/9CDFC738915111EAA5A73044F8AEA228/C69507C6303111F08DE721DEDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
196.220.128.0/19
IPv6:
2001:43f8:9f0::/48
Signature Algorithm: sha256WithRSAEncryption
59:10:99:7a:ea:d4:16:3c:e9:96:e6:d4:30:ca:c5:64:76:0a:
3d:8f:60:5b:18:4e:1c:e0:53:81:8b:86:7d:d0:22:d6:5a:bb:
65:32:fb:7f:97:1e:22:99:21:c6:48:7c:23:24:f9:91:86:e3:
49:9d:01:41:c0:73:e2:e2:e1:b6:5f:d6:a2:36:2d:75:1f:3e:
d6:07:13:a4:13:43:8e:d4:10:9a:f6:1c:7a:cd:99:8d:63:69:
cb:af:31:c2:ec:e7:4d:49:86:24:60:89:ad:e4:df:d1:cb:9d:
60:8f:cb:bb:b7:79:06:e5:f1:77:e2:10:32:b5:ad:18:16:2c:
33:90:8d:ea:35:91:63:cf:17:a2:46:3b:6c:43:dd:35:a5:10:
bb:a5:9c:e6:e7:07:b1:a9:1e:c6:0f:1a:3d:73:3e:ad:5f:df:
65:65:8f:bd:64:ea:93:fe:df:10:9d:77:67:41:19:9d:0e:6b:
ea:8a:26:55:f1:b1:96:30:26:d7:17:79:8d:b6:62:6e:10:92:
d8:3e:91:a9:5e:fe:a9:36:69:a7:90:66:b2:04:f3:dc:f5:3f:
ec:2e:0d:7c:9b:35:f9:0e:29:56:2b:e9:d1:e1:b6:b7:01:72:
bf:da:49:ae:ff:86:94:42:a3:67:60:5b:47:0d:b8:44:e2:c7:
f6:38:44:5c
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgICB2MwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
NDU1MDFBRjExMC8GA1UEBRMoMEJCQTQwRjU1MERFNDlFRUM1NzI5MTcxMjRFRTAw
OEEyNEM0NEQwRjAeFw0yNTA1MTMxOTM3NTVaFw0zMDA1MzExOTM3NTVaMBgxFjAU
BgNVBAMTDTY4MjM5Zjk3LTkwNGYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCvrhMFF8CToOrwwswba9jY89k/0K/2ay/GG3nSswSkyeFdP1i+invmSPAU
X8P72YKBc+FFsmNc2lSYpyU2fJX/llCSGJI2zO7rdXoRwxLnhNTEBlTYGdTVInul
FcCVj0tl2sWZ+DDeH7pFOLbK0l7kh882kHhPk95RXyrcDfibsVcVLf6xPMhBkz0Y
KRvUHDWDbvO1mDAqh0HI1MeUkxRgD453oOWeVKZbTWh+yXXnQUoUsRhmHx/SDPa6
vH5S6Xk93HkylcXl+2xEy7gqWr1suBtxdUyuolVViAl7aJOVxiIPER6O4fQ06BEv
0BLX8Gwijtnj3dX2KvYXjZwcCIrRAgMBAAGjggK2MIICsjAdBgNVHQ4EFgQUyCOH
3SKaqWW7qULfFpS3gFiM7XUwHwYDVR0jBBgwFoAUC7pA9VDeSe7FcpFxJO4AiiTE
TQ8wDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjQ1NTAxLzlDREZDNzM4OTE1MTExRUFBNUE3MzA0NEY4QUVBMjI4L0M3cEE5
VkRlU2U3RmNwRnhKTzRBaWlURVRROC5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0M3cEE5VkRlU2U3RmNwRnhKTzRBaWlURVRROC5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjQ1NTAxLzlDREZDNzM4OTE1MTExRUFBNUE3MzA0NEY4
QUVBMjI4L0M2OTUwN0M2MzAzMTExRjA4REU3MjFERURBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwMAYIKwYBBQUHAQcBAf8EITAfMAwEAgABMAYDBAXE3IAwDwQCAAIwCQMHACAB
Q/gJ8DANBgkqhkiG9w0BAQsFAAOCAQEAWRCZeurUFjzplubUMMrFZHYKPY9gWxhO
HOBTgYuGfdAi1lq7ZTL7f5ceIpkhxkh8IyT5kYbjSZ0BQcBz4uLhtl/WojYtdR8+
1gcTpBNDjtQQmvYces2ZjWNpy68xwuznTUmGJGCJreTf0cudYI/Lu7d5BuXxd+IQ
MrWtGBYsM5CN6jWRY88XokY7bEPdNaUQu6Wc5ucHsakexg8aPXM+rV/fZWWPvWTq
k/7fEJ13Z0EZnQ5r6oomVfGxljAm1xd5jbZibhCS2D6RqV7+qTZpp5BmsgTz3PU/
7C4NfJs1+Q4pVivp0eG2twFyv9pJrv+GlEKjZ2BbRw24ROLH9jhEXA==
-----END CERTIFICATE-----
Generated at Sat Jun 7 20:01:35 2025 by rpki-client