Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3647FF0/A28AC10A32A911EDA4E5C9DCF1222468/C1B630EE8D6B11F08834F6ACDAE4EC9C.roa
File: C1B630EE8D6B11F08834F6ACDAE4EC9C.roa (raw, json)
Hash identifier: dgSYZC5D+KjnOh21ksdGPfjeg//i1eX1fXXuJxMe2OM=
Subject key identifier: D6:2B:2D:73:A7:C1:B2:F9:B1:D7:91:0C:67:BF:BE:B3:84:0C:E2:8C
Certificate issuer: /CN=F3647FF0AF/serialNumber=9204412A1F12BCD5D2B3CE3991ACEF6976C8865E
Certificate serial: 0471
Authority key identifier: 92:04:41:2A:1F:12:BC:D5:D2:B3:CE:39:91:AC:EF:69:76:C8:86:5E
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/kgRBKh8SvNXSs845kazvaXbIhl4.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3647FF0/A28AC10A32A911EDA4E5C9DCF1222468/C1B630EE8D6B11F08834F6ACDAE4EC9C.roa
Signing time: Tue 09 Sep 2025 10:57:20 +0000
ROA not before: Tue 09 Sep 2025 10:57:15 +0000
ROA not after: Sun 09 Sep 2035 10:57:15 +0000
asID: 37406
IP address blocks: 41.79.24.0/22 maxlen: 24
105.235.208.0/22 maxlen: 24
105.235.212.0/23 maxlen: 24
154.73.88.0/22 maxlen: 24
196.201.8.0/23 maxlen: 24
2c0f:f690::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3647FF0/A28AC10A32A911EDA4E5C9DCF1222468/kgRBKh8SvNXSs845kazvaXbIhl4.crl
rsync://rpki.afrinic.net/repository/member_repository/F3647FF0/A28AC10A32A911EDA4E5C9DCF1222468/kgRBKh8SvNXSs845kazvaXbIhl4.mft
rsync://rpki.afrinic.net/repository/afrinic/kgRBKh8SvNXSs845kazvaXbIhl4.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 20 Sep 2025 00:06:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1137 (0x471)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3647FF0AF, serialNumber=9204412A1F12BCD5D2B3CE3991ACEF6976C8865E
Validity
Not Before: Sep 9 10:57:15 2025 GMT
Not After : Sep 9 10:57:15 2035 GMT
Subject: CN=68c00810-5e56
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:fe:5b:9b:c9:7c:1f:fc:a3:64:9e:b6:33:e0:
93:b8:02:92:ef:87:91:eb:ba:33:54:c0:81:c1:40:
69:e3:15:55:98:a5:45:87:7f:e7:6f:87:b8:cd:7e:
66:45:01:19:7b:cb:cf:dd:15:b5:e4:6c:15:ce:76:
67:58:60:3c:74:7f:02:80:c3:97:89:44:69:ee:9d:
3e:0e:7e:8a:2e:9e:bd:b6:42:96:6e:31:24:85:c0:
f6:40:0c:b1:c1:25:2d:6c:82:e7:ac:3b:8c:a4:7d:
c8:d5:71:7a:d2:37:7c:b3:4c:d7:db:4a:b6:1d:85:
d2:74:84:88:22:ff:3d:3b:7c:ab:8c:e1:51:37:6d:
32:96:bd:c5:26:c3:9c:b2:a7:e4:75:e8:4c:7a:c6:
14:ff:01:1f:1f:52:25:13:78:78:0c:c3:fe:8d:bb:
3f:bd:68:80:09:b0:fa:a3:21:dc:9e:46:15:91:2c:
3d:f9:8a:f0:96:d0:f7:d3:96:2a:8d:d4:e2:c2:bb:
84:d6:60:8e:bb:39:40:9c:66:08:a3:09:e3:45:82:
a2:b4:f3:af:fe:1c:02:27:02:ac:3b:8d:e3:a1:35:
49:e6:b7:e1:ac:cc:cb:d1:c3:37:d5:11:6c:33:35:
15:d6:29:58:92:4a:43:f1:51:cf:a4:c7:5b:0b:db:
1b:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:2B:2D:73:A7:C1:B2:F9:B1:D7:91:0C:67:BF:BE:B3:84:0C:E2:8C
X509v3 Authority Key Identifier:
keyid:92:04:41:2A:1F:12:BC:D5:D2:B3:CE:39:91:AC:EF:69:76:C8:86:5E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3647FF0/A28AC10A32A911EDA4E5C9DCF1222468/kgRBKh8SvNXSs845kazvaXbIhl4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/kgRBKh8SvNXSs845kazvaXbIhl4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3647FF0/A28AC10A32A911EDA4E5C9DCF1222468/C1B630EE8D6B11F08834F6ACDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
41.79.24.0/22
105.235.208.0-105.235.213.255
154.73.88.0/22
196.201.8.0/23
IPv6:
2c0f:f690::/32
Signature Algorithm: sha256WithRSAEncryption
77:48:27:40:2c:31:21:3f:60:9c:67:39:6a:ae:4a:23:5d:9c:
ec:bb:6f:00:fb:3f:7f:88:a2:f2:33:bb:aa:2a:85:de:f5:c0:
3d:b9:14:89:58:96:fb:1c:a3:e4:53:f9:05:7b:c3:e5:2b:9b:
87:26:4d:7a:92:6d:a2:72:de:00:c7:3d:05:db:49:7a:cc:bf:
7c:9c:e7:74:60:cd:f8:48:8e:1d:79:89:28:32:39:13:ff:68:
0d:4f:5a:37:32:34:b6:bc:18:d4:24:05:38:a2:39:87:61:c9:
2e:c3:85:61:7f:15:c6:c1:d5:17:e6:b9:08:72:d7:85:9d:5a:
76:d7:54:d6:88:71:95:f2:33:5f:06:96:46:8d:9e:32:1c:d0:
98:52:b3:d3:66:af:95:a4:09:b6:3a:da:17:68:70:97:4d:d1:
c7:7c:e7:ad:c0:da:c6:07:ac:53:f6:d8:e9:30:15:08:fe:d3:
27:73:e9:6e:56:8a:d2:a6:dd:47:f2:8b:60:c8:19:39:92:8e:
15:fe:90:46:72:33:a2:c6:98:ba:2c:94:67:2e:3d:33:9b:88:
49:15:95:84:ef:48:0a:aa:69:6b:4b:29:08:07:72:37:4a:2d:
36:f0:89:78:90:e4:13:89:ed:d8:da:b2:69:69:0d:d8:a9:38:
02:75:a5:b4
-----BEGIN CERTIFICATE-----
MIIFrDCCBJSgAwIBAgICBHEwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
NDdGRjBBRjExMC8GA1UEBRMoOTIwNDQxMkExRjEyQkNENUQyQjNDRTM5OTFBQ0VG
Njk3NkM4ODY1RTAeFw0yNTA5MDkxMDU3MTVaFw0zNTA5MDkxMDU3MTVaMBgxFjAU
BgNVBAMTDTY4YzAwODEwLTVlNTYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDs/lubyXwf/KNknrYz4JO4ApLvh5HrujNUwIHBQGnjFVWYpUWHf+dvh7jN
fmZFARl7y8/dFbXkbBXOdmdYYDx0fwKAw5eJRGnunT4Ofoounr22QpZuMSSFwPZA
DLHBJS1sguesO4ykfcjVcXrSN3yzTNfbSrYdhdJ0hIgi/z07fKuM4VE3bTKWvcUm
w5yyp+R16Ex6xhT/AR8fUiUTeHgMw/6Nuz+9aIAJsPqjIdyeRhWRLD35ivCW0PfT
liqN1OLCu4TWYI67OUCcZgijCeNFgqK086/+HAInAqw7jeOhNUnmt+GszMvRwzfV
EWwzNRXWKViSSkPxUc+kx1sL2xsrAgMBAAGjggLOMIICyjAdBgNVHQ4EFgQU1ist
c6fBsvmx15EMZ7++s4QM4owwHwYDVR0jBBgwFoAUkgRBKh8SvNXSs845kazvaXbI
hl4wDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjQ3RkYwL0EyOEFDMTBBMzJBOTExRURBNEU1QzlEQ0YxMjIyNDY4L2tnUkJL
aDhTdk5YU3M4NDVrYXp2YVhiSWhsNC5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL2tnUkJLaDhTdk5YU3M4NDVrYXp2YVhiSWhsNC5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjQ3RkYwL0EyOEFDMTBBMzJBOTExRURBNEU1QzlEQ0Yx
MjIyNDY4L0MxQjYzMEVFOEQ2QjExRjA4ODM0RjZBQ0RBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwSAYIKwYBBQUHAQcBAf8EOTA3MCYEAgABMCADBAIpTxgwDAMEBGnr0AMEAWnr
1AMEAppJWAMEAcTJCDANBAIAAjAHAwUALA/2kDANBgkqhkiG9w0BAQsFAAOCAQEA
d0gnQCwxIT9gnGc5aq5KI12c7LtvAPs/f4ii8jO7qiqF3vXAPbkUiViW+xyj5FP5
BXvD5SubhyZNepJtonLeAMc9BdtJesy/fJzndGDN+EiOHXmJKDI5E/9oDU9aNzI0
trwY1CQFOKI5h2HJLsOFYX8VxsHVF+a5CHLXhZ1adtdU1ohxlfIzXwaWRo2eMhzQ
mFKz02avlaQJtjraF2hwl03Rx3znrcDaxgesU/bY6TAVCP7TJ3PpblaK0qbdR/KL
YMgZOZKOFf6QRnIzosaYuiyUZy49M5uISRWVhO9ICqppa0spCAdyN0otNvCJeJDk
E4nt2NqyaWkN2Kk4AnWltA==
-----END CERTIFICATE-----
Generated at Thu Sep 18 05:02:52 2025 by rpki-client