Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F365FABE/1D3B5B38534211F097EA85DADAE4EC9C/497D8EB8534311F0B05935E3DAE4EC9C.roa
File: 497D8EB8534311F0B05935E3DAE4EC9C.roa (raw, json)
Hash identifier: YGkbpmAeUV4rskhmBcZerr91FRofN9D9bHZg7NxQG48=
Subject key identifier: 4E:94:46:A4:71:07:7E:F0:86:4F:17:3E:39:85:9B:87:4B:BC:A4:12
Certificate issuer: /CN=F365FABEAF/serialNumber=325EE3B250B9C682BFB020B336CBA289E1BCD230
Certificate serial: 02
Authority key identifier: 32:5E:E3:B2:50:B9:C6:82:BF:B0:20:B3:36:CB:A2:89:E1:BC:D2:30
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/Ml7jslC5xoK_sCCzNsuiieG80jA.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F365FABE/1D3B5B38534211F097EA85DADAE4EC9C/497D8EB8534311F0B05935E3DAE4EC9C.roa
Signing time: Fri 27 Jun 2025 10:41:32 +0000
ROA not before: Fri 27 Jun 2025 10:41:26 +0000
ROA not after: Fri 26 Jun 2026 10:41:26 +0000
asID: 37453
IP address blocks: 41.78.195.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F365FABE/1D3B5B38534211F097EA85DADAE4EC9C/Ml7jslC5xoK_sCCzNsuiieG80jA.crl
rsync://rpki.afrinic.net/repository/member_repository/F365FABE/1D3B5B38534211F097EA85DADAE4EC9C/Ml7jslC5xoK_sCCzNsuiieG80jA.mft
rsync://rpki.afrinic.net/repository/afrinic/Ml7jslC5xoK_sCCzNsuiieG80jA.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 05 Jul 2025 00:06:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F365FABEAF, serialNumber=325EE3B250B9C682BFB020B336CBA289E1BCD230
Validity
Not Before: Jun 27 10:41:26 2025 GMT
Not After : Jun 26 10:41:26 2026 GMT
Subject: CN=685e755c-a936
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:da:59:a0:92:5a:19:98:b3:35:4c:53:c8:c5:
92:da:03:f8:fc:f4:65:2d:86:75:b7:7e:3f:12:8e:
84:f8:93:b1:03:ef:f9:05:38:d2:36:a6:df:0f:8e:
9e:6d:77:ca:f3:46:c6:d5:3f:aa:9e:f1:da:1e:35:
05:1c:6f:dd:1e:66:c7:48:ee:28:1e:45:03:6d:b3:
fe:96:3a:d7:40:dd:4a:75:e4:7c:95:5a:81:77:37:
03:b1:15:13:a9:16:85:c8:18:b4:dc:46:50:f4:cb:
f9:a4:87:4e:5a:1f:be:d1:06:de:56:c3:01:80:01:
47:1c:5d:34:44:9f:dd:16:b9:96:24:ec:3b:65:05:
d8:7b:be:40:ee:96:72:4a:07:96:6a:4d:18:d9:88:
29:9a:70:ab:b7:30:d4:dd:d1:4d:97:d0:77:17:18:
ce:57:75:ea:60:06:fb:90:39:77:7e:59:2a:fa:ed:
ed:71:e4:7d:54:f1:a1:7f:5d:db:b5:f1:ff:90:d1:
66:b6:2f:03:53:c0:1a:fc:19:6e:d5:10:31:9e:cd:
90:6d:c9:14:5d:59:3d:28:f9:af:85:04:d7:f1:da:
7c:8f:08:2c:e8:c1:d7:15:ab:43:b3:e6:e8:f5:f1:
f4:06:ed:ad:19:3a:b4:b5:e9:18:18:d9:bb:c5:c4:
b3:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:94:46:A4:71:07:7E:F0:86:4F:17:3E:39:85:9B:87:4B:BC:A4:12
X509v3 Authority Key Identifier:
keyid:32:5E:E3:B2:50:B9:C6:82:BF:B0:20:B3:36:CB:A2:89:E1:BC:D2:30
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F365FABE/1D3B5B38534211F097EA85DADAE4EC9C/Ml7jslC5xoK_sCCzNsuiieG80jA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/Ml7jslC5xoK_sCCzNsuiieG80jA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F365FABE/1D3B5B38534211F097EA85DADAE4EC9C/497D8EB8534311F0B05935E3DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
41.78.195.0/24
Signature Algorithm: sha256WithRSAEncryption
83:ce:ca:bd:17:12:5e:80:11:fd:1c:6e:91:a0:31:bc:09:5e:
0f:1f:9b:95:f2:8f:12:1e:39:64:0f:f9:48:23:bb:43:39:2e:
73:49:8b:93:49:2b:01:70:0b:89:21:f8:ce:ed:f5:4a:21:b4:
15:94:72:e9:84:d1:b3:4b:93:50:40:03:0f:55:89:5e:93:88:
29:71:61:a3:0a:29:93:3a:d4:00:e0:2c:c7:32:f6:24:61:a1:
8d:a6:d9:66:e3:fd:99:f2:f1:7d:ac:81:d1:4e:f9:83:51:d1:
3d:c3:97:1f:87:89:06:04:48:19:d9:2e:1b:1a:19:7d:33:9c:
66:ed:aa:8c:bd:fe:42:93:96:ed:b8:8a:26:3b:a7:ba:37:e0:
0c:3a:c3:26:0d:47:a7:7c:b3:19:c6:55:33:f4:33:10:cb:66:
dd:d3:fe:71:9f:1f:06:58:82:7c:c2:39:50:7a:4a:31:1e:89:
59:5e:ca:3d:c2:2e:16:69:dc:90:0c:80:f3:46:d5:c4:13:c1:
65:37:1f:e1:c8:93:09:ba:21:71:9b:c2:6e:b3:8b:87:e9:99:
45:7f:e4:87:86:7d:e7:2d:7a:12:78:b0:0a:f8:1e:13:a6:99:
aa:79:27:a5:3d:6d:a7:7f:67:f7:c6:e3:cb:ab:44:c9:a3:33:
4a:01:25:ec
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY1
RkFCRUFGMTEwLwYDVQQFEygzMjVFRTNCMjUwQjlDNjgyQkZCMDIwQjMzNkNCQTI4
OUUxQkNEMjMwMB4XDTI1MDYyNzEwNDEyNloXDTI2MDYyNjEwNDEyNlowGDEWMBQG
A1UEAxMNNjg1ZTc1NWMtYTkzNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALDaWaCSWhmYszVMU8jFktoD+Pz0ZS2Gdbd+PxKOhPiTsQPv+QU40jam3w+O
nm13yvNGxtU/qp7x2h41BRxv3R5mx0juKB5FA22z/pY610DdSnXkfJVagXc3A7EV
E6kWhcgYtNxGUPTL+aSHTlofvtEG3lbDAYABRxxdNESf3Ra5liTsO2UF2Hu+QO6W
ckoHlmpNGNmIKZpwq7cw1N3RTZfQdxcYzld16mAG+5A5d35ZKvrt7XHkfVTxoX9d
27Xx/5DRZrYvA1PAGvwZbtUQMZ7NkG3JFF1ZPSj5r4UE1/HafI8ILOjB1xWrQ7Pm
6PXx9AbtrRk6tLXpGBjZu8XEsysCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBROlEak
cQd+8IZPFz45hZuHS7ykEjAfBgNVHSMEGDAWgBQyXuOyULnGgr+wILM2y6KJ4bzS
MDAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NUZBQkUvMUQzQjVCMzg1MzQyMTFGMDk3RUE4NURBREFFNEVDOUMvTWw3anNs
QzV4b0tfc0NDek5zdWlpZUc4MGpBLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvTWw3anNsQzV4b0tfc0NDek5zdWlpZUc4MGpBLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2NUZBQkUvMUQzQjVCMzg1MzQyMTFGMDk3RUE4NURBREFF
NEVDOUMvNDk3RDhFQjg1MzQzMTFGMEIwNTkzNUUzREFFNEVDOUMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAClOwzANBgkqhkiG9w0BAQsF
AAOCAQEAg87KvRcSXoAR/RxukaAxvAleDx+blfKPEh45ZA/5SCO7Qzkuc0mLk0kr
AXALiSH4zu31SiG0FZRy6YTRs0uTUEADD1WJXpOIKXFhowopkzrUAOAsxzL2JGGh
jabZZuP9mfLxfayB0U75g1HRPcOXH4eJBgRIGdkuGxoZfTOcZu2qjL3+QpOW7biK
JjunujfgDDrDJg1Hp3yzGcZVM/QzEMtm3dP+cZ8fBliCfMI5UHpKMR6JWV7KPcIu
FmnckAyA80bVxBPBZTcf4ciTCbohcZvCbrOLh+mZRX/kh4Z95y16EniwCvgeE6aZ
qnknpT1tp39n98bjy6tEyaMzSgEl7A==
-----END CERTIFICATE-----
Generated at Thu Jul 3 09:09:29 2025 by rpki-client