Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3647FF0/A28AC10A32A911EDA4E5C9DCF1222468/401D27E081C711F0830BC9C9DAE4EC9C.roa
File: 401D27E081C711F0830BC9C9DAE4EC9C.roa (raw, json)
Hash identifier: nJPUmahtOqiPFAxwPDfnodDi2p2b719GESj2IRhzuSA=
Subject key identifier: 78:88:1A:2A:FC:98:FC:CA:52:8F:62:CA:35:D2:9E:AC:DF:C4:DE:84
Certificate issuer: /CN=F3647FF0AF/serialNumber=9204412A1F12BCD5D2B3CE3991ACEF6976C8865E
Certificate serial: 0460
Authority key identifier: 92:04:41:2A:1F:12:BC:D5:D2:B3:CE:39:91:AC:EF:69:76:C8:86:5E
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/kgRBKh8SvNXSs845kazvaXbIhl4.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3647FF0/A28AC10A32A911EDA4E5C9DCF1222468/401D27E081C711F0830BC9C9DAE4EC9C.roa
Signing time: Mon 25 Aug 2025 15:22:03 +0000
ROA not before: Mon 25 Aug 2025 15:21:57 +0000
ROA not after: Mon 31 Dec 2035 15:21:57 +0000
asID: 37406
IP address blocks: 41.79.24.0/22 maxlen: 24
105.235.208.0/22 maxlen: 23
105.235.212.0/23 maxlen: 24
154.73.88.0/22 maxlen: 23
196.201.8.0/23 maxlen: 23
2c0f:f690::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3647FF0/A28AC10A32A911EDA4E5C9DCF1222468/kgRBKh8SvNXSs845kazvaXbIhl4.crl
rsync://rpki.afrinic.net/repository/member_repository/F3647FF0/A28AC10A32A911EDA4E5C9DCF1222468/kgRBKh8SvNXSs845kazvaXbIhl4.mft
rsync://rpki.afrinic.net/repository/afrinic/kgRBKh8SvNXSs845kazvaXbIhl4.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 20 Sep 2025 00:06:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1120 (0x460)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3647FF0AF, serialNumber=9204412A1F12BCD5D2B3CE3991ACEF6976C8865E
Validity
Not Before: Aug 25 15:21:57 2025 GMT
Not After : Dec 31 15:21:57 2035 GMT
Subject: CN=68ac7f9a-445b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:ad:92:21:c6:be:5f:ed:3f:c2:94:0f:4e:29:
68:dd:08:7e:f7:00:d8:20:80:03:57:70:e0:12:33:
53:4d:17:f4:50:ea:e1:75:cf:5b:00:d8:de:c2:60:
42:54:e6:e7:4c:f4:fc:22:a0:44:89:ad:a5:77:b3:
5f:fa:6d:0e:0c:14:b7:71:44:dc:93:85:7d:00:07:
f8:e1:0a:e0:6a:97:d8:06:28:bb:46:f8:fd:8e:f2:
a9:5f:fa:98:c0:0c:98:ea:59:55:95:59:53:7b:db:
28:3c:08:49:13:84:6d:44:59:5f:4a:02:8a:1a:01:
0f:82:a5:1e:13:bd:27:e4:55:c2:a2:7b:89:17:52:
ca:b6:08:cb:3f:27:3a:d0:f0:9d:88:52:88:35:7b:
d0:38:96:2b:78:88:96:ff:fb:22:cc:d5:1d:85:ee:
56:f1:f4:d8:1a:47:82:c0:f1:2e:f3:e2:23:14:ff:
6f:02:3a:eb:4f:7d:53:bb:5a:da:a8:b9:64:d2:58:
7e:23:94:29:87:4d:c0:f8:24:af:ec:bc:8b:3a:16:
bf:8d:bb:bb:f4:99:98:59:7b:a8:75:4c:c4:c2:9c:
bc:97:a6:68:b5:16:8a:e3:a0:a7:c0:ab:6a:18:c5:
11:e2:0d:b1:d6:fe:0a:5e:9f:d5:a0:19:d0:f5:60:
f8:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:88:1A:2A:FC:98:FC:CA:52:8F:62:CA:35:D2:9E:AC:DF:C4:DE:84
X509v3 Authority Key Identifier:
keyid:92:04:41:2A:1F:12:BC:D5:D2:B3:CE:39:91:AC:EF:69:76:C8:86:5E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3647FF0/A28AC10A32A911EDA4E5C9DCF1222468/kgRBKh8SvNXSs845kazvaXbIhl4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/kgRBKh8SvNXSs845kazvaXbIhl4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3647FF0/A28AC10A32A911EDA4E5C9DCF1222468/401D27E081C711F0830BC9C9DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
41.79.24.0/22
105.235.208.0-105.235.213.255
154.73.88.0/22
196.201.8.0/23
IPv6:
2c0f:f690::/32
Signature Algorithm: sha256WithRSAEncryption
3c:7c:1f:e4:a0:c2:be:c2:4e:5e:be:ac:34:0b:83:db:8c:ae:
3c:c7:e0:83:ef:8c:fc:d2:00:ed:dd:15:52:b3:b4:20:0a:df:
c0:7b:20:2d:ee:31:38:5f:f6:cb:a2:e5:c3:56:c7:20:bd:b9:
49:68:f4:9a:f1:63:2d:e5:4e:71:f8:ab:8a:b5:a5:e8:56:fc:
b0:8d:0d:b8:c3:02:de:79:d7:ab:97:57:ad:fc:af:aa:55:9f:
49:b6:52:36:e8:17:fe:0a:46:41:2a:52:62:4c:9b:53:4f:79:
3c:da:d9:70:37:89:21:3b:5d:87:4e:af:41:80:9b:00:8f:db:
9e:98:f6:38:fc:b8:ee:4a:ee:d5:8d:30:58:ae:0d:d6:6d:3b:
d8:90:83:8d:90:f6:3d:a8:27:4d:b7:11:38:c9:a5:ea:bf:5a:
ce:a6:73:b5:97:81:57:b0:e4:b9:e7:73:4c:0d:d1:aa:e8:84:
14:8c:8b:30:30:9e:94:c9:e8:34:3e:35:e7:17:01:07:73:a7:
e8:d6:e2:85:56:74:c2:ee:b5:c1:01:b0:72:98:17:f4:cc:69:
53:4f:b5:7d:a2:db:1d:f2:71:75:7a:fc:91:f2:01:2c:f5:12:
30:9a:e1:61:c1:c5:46:03:27:14:24:e2:0d:55:87:6d:aa:44:
e7:4d:69:54
-----BEGIN CERTIFICATE-----
MIIFrDCCBJSgAwIBAgICBGAwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
NDdGRjBBRjExMC8GA1UEBRMoOTIwNDQxMkExRjEyQkNENUQyQjNDRTM5OTFBQ0VG
Njk3NkM4ODY1RTAeFw0yNTA4MjUxNTIxNTdaFw0zNTEyMzExNTIxNTdaMBgxFjAU
BgNVBAMTDTY4YWM3ZjlhLTQ0NWIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCSrZIhxr5f7T/ClA9OKWjdCH73ANgggANXcOASM1NNF/RQ6uF1z1sA2N7C
YEJU5udM9PwioESJraV3s1/6bQ4MFLdxRNyThX0AB/jhCuBql9gGKLtG+P2O8qlf
+pjADJjqWVWVWVN72yg8CEkThG1EWV9KAooaAQ+CpR4TvSfkVcKie4kXUsq2CMs/
JzrQ8J2IUog1e9A4lit4iJb/+yLM1R2F7lbx9NgaR4LA8S7z4iMU/28COutPfVO7
WtqouWTSWH4jlCmHTcD4JK/svIs6Fr+Nu7v0mZhZe6h1TMTCnLyXpmi1ForjoKfA
q2oYxRHiDbHW/gpen9WgGdD1YPgzAgMBAAGjggLOMIICyjAdBgNVHQ4EFgQUeIga
KvyY/MpSj2LKNdKerN/E3oQwHwYDVR0jBBgwFoAUkgRBKh8SvNXSs845kazvaXbI
hl4wDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjQ3RkYwL0EyOEFDMTBBMzJBOTExRURBNEU1QzlEQ0YxMjIyNDY4L2tnUkJL
aDhTdk5YU3M4NDVrYXp2YVhiSWhsNC5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL2tnUkJLaDhTdk5YU3M4NDVrYXp2YVhiSWhsNC5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjQ3RkYwL0EyOEFDMTBBMzJBOTExRURBNEU1QzlEQ0Yx
MjIyNDY4LzQwMUQyN0UwODFDNzExRjA4MzBCQzlDOURBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwSAYIKwYBBQUHAQcBAf8EOTA3MCYEAgABMCADBAIpTxgwDAMEBGnr0AMEAWnr
1AMEAppJWAMEAcTJCDANBAIAAjAHAwUALA/2kDANBgkqhkiG9w0BAQsFAAOCAQEA
PHwf5KDCvsJOXr6sNAuD24yuPMfgg++M/NIA7d0VUrO0IArfwHsgLe4xOF/2y6Ll
w1bHIL25SWj0mvFjLeVOcfirirWl6Fb8sI0NuMMC3nnXq5dXrfyvqlWfSbZSNugX
/gpGQSpSYkybU095PNrZcDeJITtdh06vQYCbAI/bnpj2OPy47kru1Y0wWK4N1m07
2JCDjZD2PagnTbcROMml6r9azqZztZeBV7DkuedzTA3RquiEFIyLMDCelMnoND41
5xcBB3On6NbihVZ0wu61wQGwcpgX9MxpU0+1faLbHfJxdXr8kfIBLPUSMJrhYcHF
RgMnFCTiDVWHbapE501pVA==
-----END CERTIFICATE-----
Generated at Thu Sep 18 08:19:33 2025 by rpki-client