Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36628D0/4F501028C73411EEB4A18965775412E6/DE17D8988EE011F09D4FC2D5DAE4EC9C.roa
File: DE17D8988EE011F09D4FC2D5DAE4EC9C.roa (raw, json)
Hash identifier: Zz8H6d1f6QpmD+EtnMHU3iTAeKWNSu5vjH3b+kGHQZI=
Subject key identifier: A3:15:23:7D:D7:89:3C:28:FF:5E:CA:48:54:35:3F:35:96:04:F6:DB
Certificate issuer: /CN=F36628D0AF/serialNumber=CF3F4F9243A61D3BED933CC0F3533CA2BE093BDC
Certificate serial: 0257
Authority key identifier: CF:3F:4F:92:43:A6:1D:3B:ED:93:3C:C0:F3:53:3C:A2:BE:09:3B:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/zz9PkkOmHTvtkzzA81M8or4JO9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36628D0/4F501028C73411EEB4A18965775412E6/DE17D8988EE011F09D4FC2D5DAE4EC9C.roa
Signing time: Thu 11 Sep 2025 07:28:10 +0000
ROA not before: Thu 11 Sep 2025 07:28:06 +0000
ROA not after: Tue 11 Sep 2035 07:28:06 +0000
asID: 329350
IP address blocks: 2c0f:6040:4000::/34 maxlen: 128
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36628D0/4F501028C73411EEB4A18965775412E6/zz9PkkOmHTvtkzzA81M8or4JO9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F36628D0/4F501028C73411EEB4A18965775412E6/zz9PkkOmHTvtkzzA81M8or4JO9w.mft
rsync://rpki.afrinic.net/repository/afrinic/zz9PkkOmHTvtkzzA81M8or4JO9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 19 Sep 2025 04:04:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 599 (0x257)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36628D0AF, serialNumber=CF3F4F9243A61D3BED933CC0F3533CA2BE093BDC
Validity
Not Before: Sep 11 07:28:06 2025 GMT
Not After : Sep 11 07:28:06 2035 GMT
Subject: CN=68c27a0a-f427
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:5b:d2:db:d8:06:4c:23:94:8d:50:0d:d2:87:
79:7b:c3:6e:9f:91:f1:1b:53:b4:cc:f5:fa:18:3e:
9f:fb:86:b1:dd:d7:ae:ff:60:bc:5f:a0:6c:2b:e5:
72:60:0c:40:e7:3e:1b:8b:6a:cb:e3:d8:fa:66:0a:
cd:d5:74:99:72:82:5b:f1:8f:8e:da:7d:ea:21:1f:
f6:db:4c:79:1f:7e:55:9a:26:33:1a:81:b0:3d:6f:
a8:e6:84:18:47:50:d8:de:be:3f:05:e3:01:32:9f:
44:8f:1b:de:83:f9:f6:8c:ff:03:98:14:76:82:83:
15:ed:c2:d1:ad:37:e8:ab:28:6f:15:e3:75:7d:3b:
78:72:a6:eb:3a:f0:fc:cc:3e:29:2c:1a:2e:4f:50:
53:c7:e7:c5:58:42:15:81:05:7f:57:77:70:05:78:
65:0f:e7:23:f5:99:ef:77:64:d0:fa:6d:f9:9a:b2:
50:ae:d0:91:c1:e3:9d:3f:71:25:4d:2b:93:de:b9:
1e:06:8a:47:9d:6c:68:3e:23:8d:d1:7d:17:d5:3d:
30:dc:ec:2c:ef:53:77:fa:a6:43:45:08:77:b8:23:
23:9d:24:4b:1f:51:68:a1:be:2e:ba:da:85:05:e3:
5a:de:4f:a1:23:b7:65:d2:ac:c4:38:b2:b9:fc:c2:
50:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:15:23:7D:D7:89:3C:28:FF:5E:CA:48:54:35:3F:35:96:04:F6:DB
X509v3 Authority Key Identifier:
keyid:CF:3F:4F:92:43:A6:1D:3B:ED:93:3C:C0:F3:53:3C:A2:BE:09:3B:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36628D0/4F501028C73411EEB4A18965775412E6/zz9PkkOmHTvtkzzA81M8or4JO9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/zz9PkkOmHTvtkzzA81M8or4JO9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36628D0/4F501028C73411EEB4A18965775412E6/DE17D8988EE011F09D4FC2D5DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2c0f:6040:4000::/34
Signature Algorithm: sha256WithRSAEncryption
79:d0:ea:1e:54:2c:95:0d:ca:87:0b:48:e6:b2:3d:5c:63:2c:
dd:49:89:80:3b:b1:dd:fe:8a:b6:e2:af:52:f8:65:f9:b4:50:
fd:58:df:43:87:60:e4:24:1c:c9:b2:ef:de:cc:f7:44:e0:03:
48:3b:16:b1:00:2f:59:62:2f:8d:9b:80:26:7d:de:d9:48:88:
bd:3c:8a:f2:12:df:a1:b5:ee:78:16:54:ba:93:40:f9:ac:c2:
0d:19:78:73:02:c2:e1:0c:81:b7:b3:f1:96:99:4b:07:af:8a:
bc:3a:6a:b9:f7:b7:7c:3f:aa:e2:65:b8:b5:4f:f9:fc:59:6a:
fc:be:ad:48:1b:3e:4a:ad:6f:aa:81:5b:12:2d:76:27:38:84:
e7:e3:46:55:67:77:ea:6c:d3:cf:c4:91:6b:a5:24:4e:e2:11:
f2:ec:9c:5d:f1:da:d7:f4:a7:98:3a:c7:19:7e:25:32:df:bf:
a9:1d:bd:6d:e7:39:79:60:c7:13:1e:73:f6:f4:79:54:d2:3c:
28:bd:0e:7c:b8:e2:9e:8f:33:87:ea:2b:cc:87:7a:a3:51:12:
e4:62:69:82:82:94:17:5a:3b:14:85:27:3c:b4:9f:b0:02:a2:
ec:a6:66:0c:b7:c7:4c:3d:f6:b6:c1:b2:f7:54:f1:63:62:33:
29:b0:53:da
-----BEGIN CERTIFICATE-----
MIIFhTCCBG2gAwIBAgICAlcwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
NjI4RDBBRjExMC8GA1UEBRMoQ0YzRjRGOTI0M0E2MUQzQkVEOTMzQ0MwRjM1MzND
QTJCRTA5M0JEQzAeFw0yNTA5MTEwNzI4MDZaFw0zNTA5MTEwNzI4MDZaMBgxFjAU
BgNVBAMTDTY4YzI3YTBhLWY0MjcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCtW9Lb2AZMI5SNUA3Sh3l7w26fkfEbU7TM9foYPp/7hrHd167/YLxfoGwr
5XJgDEDnPhuLasvj2PpmCs3VdJlyglvxj47afeohH/bbTHkfflWaJjMagbA9b6jm
hBhHUNjevj8F4wEyn0SPG96D+faM/wOYFHaCgxXtwtGtN+irKG8V43V9O3hypus6
8PzMPiksGi5PUFPH58VYQhWBBX9Xd3AFeGUP5yP1me93ZND6bfmaslCu0JHB450/
cSVNK5PeuR4GikedbGg+I43RfRfVPTDc7CzvU3f6pkNFCHe4IyOdJEsfUWihvi66
2oUF41reT6Ejt2XSrMQ4srn8wlDHAgMBAAGjggKnMIICozAdBgNVHQ4EFgQUoxUj
fdeJPCj/XspIVDU/NZYE9tswHwYDVR0jBBgwFoAUzz9PkkOmHTvtkzzA81M8or4J
O9wwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjYyOEQwLzRGNTAxMDI4QzczNDExRUVCNEExODk2NTc3NTQxMkU2L3p6OVBr
a09tSFR2dGt6ekE4MU04b3I0Sk85dy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL3p6OVBra09tSFR2dGt6ekE4MU04b3I0Sk85dy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjYyOEQwLzRGNTAxMDI4QzczNDExRUVCNEExODk2NTc3
NTQxMkU2L0RFMTdEODk4OEVFMDExRjA5RDRGQzJENURBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgACMAgDBgYsD2BAQDANBgkqhkiG9w0B
AQsFAAOCAQEAedDqHlQslQ3KhwtI5rI9XGMs3UmJgDux3f6KtuKvUvhl+bRQ/Vjf
Q4dg5CQcybLv3sz3ROADSDsWsQAvWWIvjZuAJn3e2UiIvTyK8hLfobXueBZUupNA
+azCDRl4cwLC4QyBt7PxlplLB6+KvDpqufe3fD+q4mW4tU/5/Flq/L6tSBs+Sq1v
qoFbEi12JziE5+NGVWd36mzTz8SRa6UkTuIR8uycXfHa1/SnmDrHGX4lMt+/qR29
bec5eWDHEx5z9vR5VNI8KL0OfLjino8zh+orzId6o1ES5GJpgoKUF1o7FIUnPLSf
sAKi7KZmDLfHTD32tsGy91TxY2IzKbBT2g==
-----END CERTIFICATE-----
Generated at Thu Sep 18 02:23:55 2025 by rpki-client