Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36628D0/4F501028C73411EEB4A18965775412E6/FC64D1D48EE011F0B3A4FFD5DAE4EC9C.roa
File: FC64D1D48EE011F0B3A4FFD5DAE4EC9C.roa (raw, json)
Hash identifier: zY17Hz4jbMGQpgxbaFtO0TqzRfRypKeMCm7nEpXL5dE=
Subject key identifier: 52:D1:A4:2F:99:F4:64:FF:CB:E3:61:E4:77:54:32:16:D8:00:13:14
Certificate issuer: /CN=F36628D0AF/serialNumber=CF3F4F9243A61D3BED933CC0F3533CA2BE093BDC
Certificate serial: 0259
Authority key identifier: CF:3F:4F:92:43:A6:1D:3B:ED:93:3C:C0:F3:53:3C:A2:BE:09:3B:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/zz9PkkOmHTvtkzzA81M8or4JO9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36628D0/4F501028C73411EEB4A18965775412E6/FC64D1D48EE011F0B3A4FFD5DAE4EC9C.roa
Signing time: Thu 11 Sep 2025 07:29:01 +0000
ROA not before: Thu 11 Sep 2025 07:28:56 +0000
ROA not after: Tue 11 Sep 2035 07:28:56 +0000
asID: 329350
IP address blocks: 2c0f:6040:8000::/34 maxlen: 128
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36628D0/4F501028C73411EEB4A18965775412E6/zz9PkkOmHTvtkzzA81M8or4JO9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F36628D0/4F501028C73411EEB4A18965775412E6/zz9PkkOmHTvtkzzA81M8or4JO9w.mft
rsync://rpki.afrinic.net/repository/afrinic/zz9PkkOmHTvtkzzA81M8or4JO9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 19 Sep 2025 04:04:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 601 (0x259)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36628D0AF, serialNumber=CF3F4F9243A61D3BED933CC0F3533CA2BE093BDC
Validity
Not Before: Sep 11 07:28:56 2025 GMT
Not After : Sep 11 07:28:56 2035 GMT
Subject: CN=68c27a3d-4094
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:be:cc:f3:de:79:77:8b:6f:3e:3b:a5:45:b1:
52:cc:28:4c:4f:e0:4e:ae:2b:1e:5c:1b:04:e7:b2:
e9:68:11:ea:6b:1b:4d:02:32:72:dd:8c:ee:5a:3d:
15:d7:00:9b:c1:a6:87:f5:8c:6b:76:f2:19:fe:b3:
57:a6:e2:78:b4:df:da:e0:a5:5f:a8:22:b2:df:58:
87:63:15:cd:24:27:a9:29:18:50:f4:58:c2:99:e1:
77:1a:a2:77:c5:f4:52:80:66:89:6c:28:f9:7b:d8:
0b:09:8c:a8:3b:ce:d5:32:41:c2:85:45:49:14:c5:
f6:d4:1c:00:39:1b:a2:8b:52:28:2f:42:58:f7:c9:
f9:3d:21:72:1e:f3:c2:3b:4d:95:48:f7:51:cc:c7:
ca:ef:63:8e:b8:c8:b3:32:cf:cb:20:60:81:d3:1e:
f8:80:37:a3:58:94:65:17:c3:b0:de:43:fd:dc:53:
21:f6:42:61:12:be:d2:73:3a:71:76:62:49:11:3b:
66:68:78:f1:68:d7:64:69:1d:8e:d2:d5:7f:9c:99:
2e:72:ac:b5:5b:5a:d8:e7:6b:8a:23:13:81:42:43:
88:4d:5c:2f:74:ba:95:32:d8:47:4e:a3:b3:39:61:
a2:90:2e:6a:4d:66:d8:47:5f:c1:1e:21:08:0b:f6:
d5:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:D1:A4:2F:99:F4:64:FF:CB:E3:61:E4:77:54:32:16:D8:00:13:14
X509v3 Authority Key Identifier:
keyid:CF:3F:4F:92:43:A6:1D:3B:ED:93:3C:C0:F3:53:3C:A2:BE:09:3B:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36628D0/4F501028C73411EEB4A18965775412E6/zz9PkkOmHTvtkzzA81M8or4JO9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/zz9PkkOmHTvtkzzA81M8or4JO9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36628D0/4F501028C73411EEB4A18965775412E6/FC64D1D48EE011F0B3A4FFD5DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2c0f:6040:8000::/34
Signature Algorithm: sha256WithRSAEncryption
4a:a0:dc:f5:99:c9:6d:66:d1:1f:f0:2f:0c:5a:1d:f2:6f:ad:
15:96:8a:74:0b:b0:2d:7f:72:2d:87:cb:78:32:cb:4a:74:bf:
85:bb:86:a7:c1:8c:0a:67:52:91:74:59:d3:f9:a8:10:11:5f:
3d:b5:be:fa:d0:84:9d:f3:24:5f:32:89:83:c0:1a:d2:32:7d:
70:37:53:77:c8:76:94:4a:92:a5:70:e7:aa:c9:ba:d7:3f:af:
1a:ee:34:56:89:95:54:03:52:13:8c:fc:b8:f1:d6:30:28:67:
fa:32:51:89:e6:47:9c:1f:e6:e1:5a:fe:eb:67:11:ea:18:32:
4c:ba:db:b4:4e:7c:df:fd:db:f3:52:e1:d8:27:45:23:77:e5:
a3:f6:36:cf:6c:8a:e6:cf:6a:bf:8a:33:2c:f3:be:5f:7d:84:
37:1f:51:a0:d1:b9:72:d4:91:de:a8:cd:5c:2c:e8:ae:50:1c:
51:c7:56:be:b1:67:6e:7c:b0:a2:f9:31:ea:15:4f:1a:89:57:
10:8c:99:99:26:02:25:78:f8:13:c8:23:a7:a5:95:94:00:48:
17:0c:68:06:50:14:49:91:c2:79:b4:ea:95:71:22:67:64:25:
05:0a:74:dc:46:33:8d:52:e4:ac:13:eb:3d:75:f3:be:ba:ba:
65:fc:21:e3
-----BEGIN CERTIFICATE-----
MIIFhTCCBG2gAwIBAgICAlkwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
NjI4RDBBRjExMC8GA1UEBRMoQ0YzRjRGOTI0M0E2MUQzQkVEOTMzQ0MwRjM1MzND
QTJCRTA5M0JEQzAeFw0yNTA5MTEwNzI4NTZaFw0zNTA5MTEwNzI4NTZaMBgxFjAU
BgNVBAMTDTY4YzI3YTNkLTQwOTQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDPvszz3nl3i28+O6VFsVLMKExP4E6uKx5cGwTnsuloEeprG00CMnLdjO5a
PRXXAJvBpof1jGt28hn+s1em4ni039rgpV+oIrLfWIdjFc0kJ6kpGFD0WMKZ4Xca
onfF9FKAZolsKPl72AsJjKg7ztUyQcKFRUkUxfbUHAA5G6KLUigvQlj3yfk9IXIe
88I7TZVI91HMx8rvY464yLMyz8sgYIHTHviAN6NYlGUXw7DeQ/3cUyH2QmESvtJz
OnF2YkkRO2ZoePFo12RpHY7S1X+cmS5yrLVbWtjna4ojE4FCQ4hNXC90upUy2EdO
o7M5YaKQLmpNZthHX8EeIQgL9tXdAgMBAAGjggKnMIICozAdBgNVHQ4EFgQUUtGk
L5n0ZP/L42Hkd1QyFtgAExQwHwYDVR0jBBgwFoAUzz9PkkOmHTvtkzzA81M8or4J
O9wwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjYyOEQwLzRGNTAxMDI4QzczNDExRUVCNEExODk2NTc3NTQxMkU2L3p6OVBr
a09tSFR2dGt6ekE4MU04b3I0Sk85dy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL3p6OVBra09tSFR2dGt6ekE4MU04b3I0Sk85dy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjYyOEQwLzRGNTAxMDI4QzczNDExRUVCNEExODk2NTc3
NTQxMkU2L0ZDNjREMUQ0OEVFMDExRjBCM0E0RkZENURBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgACMAgDBgYsD2BAgDANBgkqhkiG9w0B
AQsFAAOCAQEASqDc9ZnJbWbRH/AvDFod8m+tFZaKdAuwLX9yLYfLeDLLSnS/hbuG
p8GMCmdSkXRZ0/moEBFfPbW++tCEnfMkXzKJg8Aa0jJ9cDdTd8h2lEqSpXDnqsm6
1z+vGu40VomVVANSE4z8uPHWMChn+jJRieZHnB/m4Vr+62cR6hgyTLrbtE583/3b
81Lh2CdFI3flo/Y2z2yK5s9qv4ozLPO+X32ENx9RoNG5ctSR3qjNXCzorlAcUcdW
vrFnbnywovkx6hVPGolXEIyZmSYCJXj4E8gjp6WVlABIFwxoBlAUSZHCebTqlXEi
Z2QlBQp03EYzjVLkrBPrPXXzvrq6Zfwh4w==
-----END CERTIFICATE-----
Generated at Thu Sep 18 02:21:33 2025 by rpki-client