Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3663954/B2FDE4A22A2611EE864DCA484AD9E6FC/3B3C94A8355611F0A72D5BD3DAE4EC9C.roa
File: 3B3C94A8355611F0A72D5BD3DAE4EC9C.roa (raw, json)
Hash identifier: dNkXrkMo29JWmN/2Fiah29iTZ9KKxjxmwXwttQ5e+fY=
Subject key identifier: E5:A9:CB:7C:26:31:F5:A9:D9:8D:31:6F:4D:B1:F7:7A:EF:B3:0B:7E
Certificate issuer: /CN=F3663954AF/serialNumber=DDE405A3B9E32CBD199087597D6F290B6C341BCD
Certificate serial: 02B1
Authority key identifier: DD:E4:05:A3:B9:E3:2C:BD:19:90:87:59:7D:6F:29:0B:6C:34:1B:CD
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/3eQFo7njLL0ZkIdZfW8pC2w0G80.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3663954/B2FDE4A22A2611EE864DCA484AD9E6FC/3B3C94A8355611F0A72D5BD3DAE4EC9C.roa
Signing time: Tue 20 May 2025 08:41:33 +0000
ROA not before: Tue 20 May 2025 08:41:28 +0000
ROA not after: Tue 25 May 2027 08:41:28 +0000
asID: 37266
IP address blocks: 196.32.236.0/24 maxlen: 24
196.32.237.0/24 maxlen: 24
196.45.24.0/24 maxlen: 24
196.45.27.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3663954/B2FDE4A22A2611EE864DCA484AD9E6FC/3eQFo7njLL0ZkIdZfW8pC2w0G80.crl
rsync://rpki.afrinic.net/repository/member_repository/F3663954/B2FDE4A22A2611EE864DCA484AD9E6FC/3eQFo7njLL0ZkIdZfW8pC2w0G80.mft
rsync://rpki.afrinic.net/repository/afrinic/3eQFo7njLL0ZkIdZfW8pC2w0G80.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 08 Jun 2025 03:52:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 689 (0x2b1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3663954AF, serialNumber=DDE405A3B9E32CBD199087597D6F290B6C341BCD
Validity
Not Before: May 20 08:41:28 2025 GMT
Not After : May 25 08:41:28 2027 GMT
Subject: CN=682c403d-5e5e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:3a:ad:97:5a:41:26:e1:17:71:2e:d0:cc:43:
28:be:60:11:82:b1:96:fd:16:30:33:9f:fd:cb:55:
7e:21:8f:37:35:fe:cf:99:c5:01:c7:86:07:62:8a:
61:8a:50:8f:c8:c2:0f:71:3e:2c:ca:40:9a:9b:01:
ed:c9:f8:63:c3:95:52:9a:5c:fa:02:15:04:2e:33:
a4:77:e9:2a:b1:25:40:62:8b:37:79:a2:45:4c:57:
41:2c:6f:45:69:98:bc:70:5e:69:ce:f4:f5:c0:a5:
2a:55:a0:ed:0d:61:da:17:e4:5c:84:13:4e:82:ed:
9e:be:37:27:84:51:25:d7:53:90:ad:c0:8c:e9:2f:
87:4f:32:b7:0b:8f:bf:d3:1a:1f:31:15:24:a7:e3:
7c:a2:38:f2:33:e2:a6:40:ca:0a:26:08:00:5f:77:
f9:82:a3:01:d3:a3:b6:91:6f:ea:77:da:4e:6d:51:
64:bf:5c:47:04:56:79:fa:6d:8b:3e:33:13:1d:24:
cd:ad:69:4e:f2:8b:91:9a:56:7a:9e:52:4d:3a:3b:
31:35:94:fc:f4:51:61:d8:f8:a2:7b:92:e7:8e:d3:
51:9e:63:3f:69:6b:a4:22:6b:6d:d4:e1:16:59:25:
01:ae:89:ec:97:d2:2a:80:98:47:39:24:1d:2c:74:
22:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:A9:CB:7C:26:31:F5:A9:D9:8D:31:6F:4D:B1:F7:7A:EF:B3:0B:7E
X509v3 Authority Key Identifier:
keyid:DD:E4:05:A3:B9:E3:2C:BD:19:90:87:59:7D:6F:29:0B:6C:34:1B:CD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3663954/B2FDE4A22A2611EE864DCA484AD9E6FC/3eQFo7njLL0ZkIdZfW8pC2w0G80.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/3eQFo7njLL0ZkIdZfW8pC2w0G80.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3663954/B2FDE4A22A2611EE864DCA484AD9E6FC/3B3C94A8355611F0A72D5BD3DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
196.32.236.0/23
196.45.24.0/24
196.45.27.0/24
Signature Algorithm: sha256WithRSAEncryption
27:9c:e5:55:4b:cb:f3:3d:38:78:f1:18:80:99:1d:a5:b9:17:
a1:f7:17:18:df:de:6e:14:c0:bf:f8:23:a0:03:e2:a1:a2:b0:
cf:28:40:8e:62:8d:c1:05:15:c0:be:51:ca:98:4f:1b:93:a7:
cc:96:75:4b:ff:ab:8a:f2:9f:e0:23:b6:c2:c5:49:8e:ec:3d:
0d:cd:3b:46:0c:ef:c8:b4:81:84:55:d2:f7:3e:9c:fe:f8:b4:
2a:d0:8f:ae:81:a0:89:d7:20:f0:20:94:0f:d8:d6:03:a8:5a:
2e:76:48:9c:a4:ba:d3:b5:45:9a:b3:a2:00:d3:0d:54:13:a9:
51:31:ce:50:07:fe:f3:c8:d7:87:ea:50:d7:2c:ee:58:30:74:
8d:27:44:6a:b3:93:f5:b2:60:8f:2c:d8:81:8d:21:46:86:4f:
be:22:20:5d:33:96:7d:22:e7:09:75:7e:64:a2:a8:ee:f0:77:
00:99:13:b9:ca:0a:e3:c4:02:95:36:24:05:46:c6:7f:84:68:
2c:64:80:63:8c:d7:dc:42:71:b0:dd:f3:bd:2d:a2:fa:0c:58:
2b:72:ed:fb:c4:ae:e8:dc:80:33:a6:75:93:8c:ac:15:21:2b:
25:b1:d9:e9:b3:64:be:74:f4:24:9e:c2:44:1d:d5:fa:5c:8f:
95:2d:d3:b2
-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgICArEwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
NjM5NTRBRjExMC8GA1UEBRMoRERFNDA1QTNCOUUzMkNCRDE5OTA4NzU5N0Q2RjI5
MEI2QzM0MUJDRDAeFw0yNTA1MjAwODQxMjhaFw0yNzA1MjUwODQxMjhaMBgxFjAU
BgNVBAMTDTY4MmM0MDNkLTVlNWUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC6Oq2XWkEm4RdxLtDMQyi+YBGCsZb9FjAzn/3LVX4hjzc1/s+ZxQHHhgdi
imGKUI/Iwg9xPizKQJqbAe3J+GPDlVKaXPoCFQQuM6R36SqxJUBiizd5okVMV0Es
b0VpmLxwXmnO9PXApSpVoO0NYdoX5FyEE06C7Z6+NyeEUSXXU5CtwIzpL4dPMrcL
j7/TGh8xFSSn43yiOPIz4qZAygomCABfd/mCowHTo7aRb+p32k5tUWS/XEcEVnn6
bYs+MxMdJM2taU7yi5GaVnqeUk06OzE1lPz0UWHY+KJ7kueO01GeYz9pa6Qia23U
4RZZJQGuieyX0iqAmEc5JB0sdCJ3AgMBAAGjggKxMIICrTAdBgNVHQ4EFgQU5anL
fCYx9anZjTFvTbH3eu+zC34wHwYDVR0jBBgwFoAU3eQFo7njLL0ZkIdZfW8pC2w0
G80wDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjYzOTU0L0IyRkRFNEEyMkEyNjExRUU4NjREQ0E0ODRBRDlFNkZDLzNlUUZv
N25qTEwwWmtJZFpmVzhwQzJ3MEc4MC5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljLzNlUUZvN25qTEwwWmtJZFpmVzhwQzJ3MEc4MC5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjYzOTU0L0IyRkRFNEEyMkEyNjExRUU4NjREQ0E0ODRB
RDlFNkZDLzNCM0M5NEE4MzU1NjExRjBBNzJENUJEM0RBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBIDBAHEIOwDBADELRgDBADELRsw
DQYJKoZIhvcNAQELBQADggEBACec5VVLy/M9OHjxGICZHaW5F6H3Fxjf3m4UwL/4
I6AD4qGisM8oQI5ijcEFFcC+UcqYTxuTp8yWdUv/q4ryn+AjtsLFSY7sPQ3NO0YM
78i0gYRV0vc+nP74tCrQj66BoInXIPAglA/Y1gOoWi52SJykutO1RZqzogDTDVQT
qVExzlAH/vPI14fqUNcs7lgwdI0nRGqzk/WyYI8s2IGNIUaGT74iIF0zln0i5wl1
fmSiqO7wdwCZE7nKCuPEApU2JAVGxn+EaCxkgGOM19xCcbDd870tovoMWCty7fvE
rujcgDOmdZOMrBUhKyWx2emzZL509CSewkQd1fpcj5Ut07I=
-----END CERTIFICATE-----
Generated at Sat Jun 7 06:04:18 2025 by rpki-client