Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3651B12/040F5AC25BF011F0ABEB4ED6DAE4EC9C/42A35D1A5BF511F08A463C7ADAE4EC9C.roa
File: 42A35D1A5BF511F08A463C7ADAE4EC9C.roa (raw, json)
Hash identifier: tx4RpNrC7QhaEUNYOvaHF/SYtjp2ExmIeTQL9z6DA0o=
Subject key identifier: 3C:A1:BE:AB:B0:C2:84:EF:9B:4E:C2:4F:8D:73:3E:EE:2B:B2:A1:82
Certificate issuer: /CN=F3651B12AF/serialNumber=797B59395874D2EE6EC8CBFD076B2ABC613D89B4
Certificate serial: 02
Authority key identifier: 79:7B:59:39:58:74:D2:EE:6E:C8:CB:FD:07:6B:2A:BC:61:3D:89:B4
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/eXtZOVh00u5uyMv9B2sqvGE9ibQ.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3651B12/040F5AC25BF011F0ABEB4ED6DAE4EC9C/42A35D1A5BF511F08A463C7ADAE4EC9C.roa
Signing time: Tue 08 Jul 2025 12:15:40 +0000
ROA not before: Tue 08 Jul 2025 12:15:34 +0000
ROA not after: Thu 08 Jul 2027 12:15:34 +0000
asID: 33779
IP address blocks: 41.200.64.0/18 maxlen: 18
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3651B12/040F5AC25BF011F0ABEB4ED6DAE4EC9C/eXtZOVh00u5uyMv9B2sqvGE9ibQ.crl
rsync://rpki.afrinic.net/repository/member_repository/F3651B12/040F5AC25BF011F0ABEB4ED6DAE4EC9C/eXtZOVh00u5uyMv9B2sqvGE9ibQ.mft
rsync://rpki.afrinic.net/repository/afrinic/eXtZOVh00u5uyMv9B2sqvGE9ibQ.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 04 Aug 2025 00:06:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3651B12AF, serialNumber=797B59395874D2EE6EC8CBFD076B2ABC613D89B4
Validity
Not Before: Jul 8 12:15:34 2025 GMT
Not After : Jul 8 12:15:34 2027 GMT
Subject: CN=686d0bec-e3e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:8b:97:90:39:42:3c:7f:5b:86:25:8f:6e:7b:
dd:3e:c1:10:72:58:f0:9f:a1:d4:f3:c0:29:e2:d3:
59:d2:45:c6:4d:8b:e2:8a:da:0b:02:fc:42:03:1f:
88:fe:90:53:3e:00:fa:05:c1:d1:06:82:c1:cb:cd:
14:4d:19:cd:34:4c:24:e4:b7:97:af:ba:68:72:94:
ba:94:cb:ff:83:69:95:4a:23:50:3b:4a:ea:bf:a3:
b4:86:0a:77:8a:65:eb:53:db:3d:26:46:af:49:dd:
c0:1c:c0:42:5d:4b:a7:4f:76:8d:e5:f7:e3:5f:56:
1d:c6:57:3e:23:b8:8b:87:fe:8f:e9:a6:58:2e:97:
3f:fa:c4:b2:64:69:54:ca:de:3d:47:c2:6f:f8:e2:
da:94:19:0b:47:66:2a:fb:eb:42:a2:ce:a6:ae:63:
06:ef:39:98:98:38:66:4e:8b:98:9a:bb:17:c8:40:
f9:0e:f8:e4:b3:e5:b8:4c:dd:6f:8b:d3:b8:4c:45:
e0:1c:cc:c1:ff:b5:92:95:fd:0f:4a:18:62:d6:c2:
62:13:56:05:b1:72:0e:f9:1c:a4:80:d5:49:f4:6b:
02:51:80:49:c0:ab:b0:c5:14:f5:16:be:80:d5:95:
6c:8d:2f:f9:69:a3:81:80:b5:59:4f:b1:49:a7:14:
4c:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:A1:BE:AB:B0:C2:84:EF:9B:4E:C2:4F:8D:73:3E:EE:2B:B2:A1:82
X509v3 Authority Key Identifier:
keyid:79:7B:59:39:58:74:D2:EE:6E:C8:CB:FD:07:6B:2A:BC:61:3D:89:B4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3651B12/040F5AC25BF011F0ABEB4ED6DAE4EC9C/eXtZOVh00u5uyMv9B2sqvGE9ibQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/eXtZOVh00u5uyMv9B2sqvGE9ibQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3651B12/040F5AC25BF011F0ABEB4ED6DAE4EC9C/42A35D1A5BF511F08A463C7ADAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
41.200.64.0/18
Signature Algorithm: sha256WithRSAEncryption
99:1e:b5:45:4e:d3:30:6f:30:9c:42:15:45:e9:b3:38:17:2f:
d1:c2:82:5d:b5:08:e2:af:78:50:8e:2c:e1:92:dd:33:f0:0b:
c0:85:bd:4c:8e:25:21:d7:35:b2:52:c2:ab:a7:2d:a0:32:40:
c4:e2:ab:77:55:2f:ba:fd:7f:f5:cb:07:34:55:e9:fd:d3:72:
9f:f5:99:9d:d1:9f:93:a0:4f:3a:c0:47:dc:52:0f:d3:49:c2:
94:e7:58:96:7a:03:e0:57:b7:3d:ba:14:00:7c:5e:dc:0e:c9:
ed:02:25:64:6d:24:37:4a:61:88:7f:f1:cc:6c:6d:82:69:16:
1b:d4:09:78:57:c7:2a:f4:da:35:c7:4f:2d:34:4d:e2:02:b7:
06:f4:12:a3:a9:f9:3f:2c:f1:5e:8f:c2:4a:df:f0:82:24:17:
76:c2:94:ee:18:a8:8d:3c:d3:b2:13:49:a8:25:f9:68:e2:20:
7b:5d:f6:f2:88:b0:5b:9c:22:50:52:c4:8a:58:bb:64:48:c9:
5c:2b:0e:4a:68:96:87:29:45:28:67:f3:5d:91:84:f7:06:5c:
02:ff:eb:22:f2:38:9b:33:d2:21:e4:e9:1f:bc:e2:ea:53:ef:
65:52:37:b5:d3:5a:b0:a4:b3:73:47:c7:8d:45:db:a8:bd:a7:
bf:09:0f:11
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY1
MUIxMkFGMTEwLwYDVQQFEyg3OTdCNTkzOTU4NzREMkVFNkVDOENCRkQwNzZCMkFC
QzYxM0Q4OUI0MB4XDTI1MDcwODEyMTUzNFoXDTI3MDcwODEyMTUzNFowGDEWMBQG
A1UEAxMNNjg2ZDBiZWMtZTNlMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALKLl5A5Qjx/W4Ylj2573T7BEHJY8J+h1PPAKeLTWdJFxk2L4oraCwL8QgMf
iP6QUz4A+gXB0QaCwcvNFE0ZzTRMJOS3l6+6aHKUupTL/4NplUojUDtK6r+jtIYK
d4pl61PbPSZGr0ndwBzAQl1Lp092jeX3419WHcZXPiO4i4f+j+mmWC6XP/rEsmRp
VMrePUfCb/ji2pQZC0dmKvvrQqLOpq5jBu85mJg4Zk6LmJq7F8hA+Q745LPluEzd
b4vTuExF4BzMwf+1kpX9D0oYYtbCYhNWBbFyDvkcpIDVSfRrAlGAScCrsMUU9Ra+
gNWVbI0v+WmjgYC1WU+xSacUTMsCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBQ8ob6r
sMKE75tOwk+Ncz7uK7KhgjAfBgNVHSMEGDAWgBR5e1k5WHTS7m7Iy/0Hayq8YT2J
tDAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NTFCMTIvMDQwRjVBQzI1QkYwMTFGMEFCRUI0RUQ2REFFNEVDOUMvZVh0Wk9W
aDAwdTV1eU12OUIyc3F2R0U5aWJRLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvZVh0Wk9WaDAwdTV1eU12OUIyc3F2R0U5aWJRLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2NTFCMTIvMDQwRjVBQzI1QkYwMTFGMEFCRUI0RUQ2REFF
NEVDOUMvNDJBMzVEMUE1QkY1MTFGMDhBNDYzQzdBREFFNEVDOUMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBinIQDANBgkqhkiG9w0BAQsF
AAOCAQEAmR61RU7TMG8wnEIVRemzOBcv0cKCXbUI4q94UI4s4ZLdM/ALwIW9TI4l
Idc1slLCq6ctoDJAxOKrd1Uvuv1/9csHNFXp/dNyn/WZndGfk6BPOsBH3FIP00nC
lOdYlnoD4Fe3PboUAHxe3A7J7QIlZG0kN0phiH/xzGxtgmkWG9QJeFfHKvTaNcdP
LTRN4gK3BvQSo6n5PyzxXo/CSt/wgiQXdsKU7hiojTzTshNJqCX5aOIge1328oiw
W5wiUFLEili7ZEjJXCsOSmiWhylFKGfzXZGE9wZcAv/rIvI4mzPSIeTpH7zi6lPv
ZVI3tdNasKSzc0fHjUXbqL2nvwkPEQ==
-----END CERTIFICATE-----
Generated at Sat Aug 2 13:53:24 2025 by rpki-client