Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3663954/B2FDE4A22A2611EE864DCA484AD9E6FC/AA85EAE4360F11F08E7B1CAFDAE4EC9C.roa
File: AA85EAE4360F11F08E7B1CAFDAE4EC9C.roa (raw, json)
Hash identifier: KqakcfmbrA2BIbq/4uC8DnJ5j63ssavBmkP7waw6iDc=
Subject key identifier: 7A:3B:08:AF:15:8D:83:6B:1B:81:18:07:00:94:84:77:61:99:08:1B
Certificate issuer: /CN=F3663954AF/serialNumber=DDE405A3B9E32CBD199087597D6F290B6C341BCD
Certificate serial: 02B5
Authority key identifier: DD:E4:05:A3:B9:E3:2C:BD:19:90:87:59:7D:6F:29:0B:6C:34:1B:CD
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/3eQFo7njLL0ZkIdZfW8pC2w0G80.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3663954/B2FDE4A22A2611EE864DCA484AD9E6FC/AA85EAE4360F11F08E7B1CAFDAE4EC9C.roa
Signing time: Wed 21 May 2025 06:48:57 +0000
ROA not before: Wed 21 May 2025 06:48:51 +0000
ROA not after: Tue 01 Jun 2027 06:48:51 +0000
asID: 37266
IP address blocks: 196.32.232.0/24 maxlen: 24
196.32.233.0/24 maxlen: 24
196.32.234.0/24 maxlen: 24
196.32.235.0/24 maxlen: 24
196.32.238.0/24 maxlen: 24
196.32.239.0/24 maxlen: 24
196.45.17.0/24 maxlen: 24
196.45.18.0/24 maxlen: 24
196.45.20.0/24 maxlen: 24
196.45.25.0/24 maxlen: 24
196.45.26.0/24 maxlen: 24
196.45.28.0/24 maxlen: 24
196.45.29.0/24 maxlen: 24
196.45.30.0/24 maxlen: 24
196.45.31.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3663954/B2FDE4A22A2611EE864DCA484AD9E6FC/3eQFo7njLL0ZkIdZfW8pC2w0G80.crl
rsync://rpki.afrinic.net/repository/member_repository/F3663954/B2FDE4A22A2611EE864DCA484AD9E6FC/3eQFo7njLL0ZkIdZfW8pC2w0G80.mft
rsync://rpki.afrinic.net/repository/afrinic/3eQFo7njLL0ZkIdZfW8pC2w0G80.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 10 Jun 2025 00:06:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 693 (0x2b5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3663954AF, serialNumber=DDE405A3B9E32CBD199087597D6F290B6C341BCD
Validity
Not Before: May 21 06:48:51 2025 GMT
Not After : Jun 1 06:48:51 2027 GMT
Subject: CN=682d7758-08ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:ef:12:f4:53:9f:d5:35:cd:a1:8e:53:69:ab:
86:5b:c0:65:eb:0e:2b:f4:5b:c7:62:36:c8:f0:5d:
bc:07:77:a7:ec:b7:ac:c9:97:81:76:be:1c:82:88:
10:d4:79:b3:97:2f:d3:c9:87:df:a5:72:4a:47:ef:
fd:fd:82:7f:89:3f:47:48:01:f2:72:ed:c0:f5:a2:
17:ad:69:fb:c2:88:3d:a5:50:53:4e:74:ab:6f:8a:
0a:46:dd:16:ff:72:e3:9e:aa:f1:b8:33:f8:a6:61:
97:1f:c8:16:86:c2:9a:5e:b2:85:ed:b4:fe:0e:e1:
ca:4d:4f:89:04:09:b6:b4:6b:43:d3:8d:78:99:97:
98:03:77:42:d0:ce:53:e5:9e:ea:ec:8d:f1:8d:e3:
b1:34:dc:98:f2:ae:b6:75:ef:a8:44:b0:d5:e7:72:
9a:32:a7:3e:b7:87:8b:f7:ed:4c:20:44:5b:96:ff:
a9:4d:73:57:29:28:0a:6b:48:19:74:de:98:57:0a:
21:11:dc:6e:d1:b9:f8:d6:e1:9c:55:27:e5:5f:23:
ad:19:79:3a:bf:69:db:bb:85:75:f7:12:77:b3:b9:
a2:7c:d8:41:74:c1:20:49:6d:a3:4d:87:f3:a4:24:
22:df:0e:86:8a:d1:df:27:e0:91:dc:c0:69:e9:31:
f7:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:3B:08:AF:15:8D:83:6B:1B:81:18:07:00:94:84:77:61:99:08:1B
X509v3 Authority Key Identifier:
keyid:DD:E4:05:A3:B9:E3:2C:BD:19:90:87:59:7D:6F:29:0B:6C:34:1B:CD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3663954/B2FDE4A22A2611EE864DCA484AD9E6FC/3eQFo7njLL0ZkIdZfW8pC2w0G80.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/3eQFo7njLL0ZkIdZfW8pC2w0G80.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3663954/B2FDE4A22A2611EE864DCA484AD9E6FC/AA85EAE4360F11F08E7B1CAFDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
196.32.232.0/22
196.32.238.0/23
196.45.17.0-196.45.18.255
196.45.20.0/24
196.45.25.0-196.45.26.255
196.45.28.0/22
Signature Algorithm: sha256WithRSAEncryption
36:e5:e3:ea:33:85:6c:34:85:9f:19:e1:6d:0c:b6:24:63:b5:
fe:dd:4d:1a:1f:ed:59:15:3a:99:b1:aa:d1:e1:63:79:bf:ec:
c5:50:d8:84:0b:60:94:4d:fb:cf:0b:ee:af:9e:90:6e:68:b3:
83:75:bd:af:23:d4:16:af:1f:e5:0c:5a:31:6b:dd:65:86:be:
78:fb:36:3f:af:72:af:09:c7:73:fd:ff:bf:7d:96:4e:e2:48:
af:7f:75:8a:95:9f:83:ea:3a:eb:44:52:26:02:06:ec:94:64:
ec:56:3d:7f:2d:8b:09:80:fa:1c:a1:79:2f:a0:ac:cd:6d:fc:
37:1e:8a:92:80:d2:ca:6b:e1:cc:6e:70:3c:05:d8:2b:34:73:
b9:df:b2:fb:e0:83:73:39:83:8f:11:0e:23:c3:d8:8c:89:bc:
64:95:30:1a:1a:6f:7d:7a:27:20:c3:c0:14:e0:e7:e9:33:79:
75:0a:51:ce:c4:59:3d:e0:80:ae:b6:58:43:b0:c0:84:c7:9b:
84:fe:05:a8:ed:b8:48:35:f4:32:e3:f0:50:84:0e:e8:49:09:
53:b0:99:99:31:05:d5:0c:bd:6e:e2:bc:79:e0:ff:c3:79:05:
d5:17:ae:41:b4:73:bc:e3:b1:79:04:d5:1d:fe:89:b3:a4:67:
f4:87:88:59
-----BEGIN CERTIFICATE-----
MIIFsTCCBJmgAwIBAgICArUwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
NjM5NTRBRjExMC8GA1UEBRMoRERFNDA1QTNCOUUzMkNCRDE5OTA4NzU5N0Q2RjI5
MEI2QzM0MUJDRDAeFw0yNTA1MjEwNjQ4NTFaFw0yNzA2MDEwNjQ4NTFaMBgxFjAU
BgNVBAMTDTY4MmQ3NzU4LTA4YWUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC57xL0U5/VNc2hjlNpq4ZbwGXrDiv0W8diNsjwXbwHd6fst6zJl4F2vhyC
iBDUebOXL9PJh9+lckpH7/39gn+JP0dIAfJy7cD1ohetafvCiD2lUFNOdKtvigpG
3Rb/cuOeqvG4M/imYZcfyBaGwppesoXttP4O4cpNT4kECba0a0PTjXiZl5gDd0LQ
zlPlnursjfGN47E03JjyrrZ176hEsNXncpoypz63h4v37UwgRFuW/6lNc1cpKApr
SBl03phXCiER3G7RufjW4ZxVJ+VfI60ZeTq/adu7hXX3EnezuaJ82EF0wSBJbaNN
h/OkJCLfDoaK0d8n4JHcwGnpMfc7AgMBAAGjggLTMIICzzAdBgNVHQ4EFgQUejsI
rxWNg2sbgRgHAJSEd2GZCBswHwYDVR0jBBgwFoAU3eQFo7njLL0ZkIdZfW8pC2w0
G80wDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjYzOTU0L0IyRkRFNEEyMkEyNjExRUU4NjREQ0E0ODRBRDlFNkZDLzNlUUZv
N25qTEwwWmtJZFpmVzhwQzJ3MEc4MC5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljLzNlUUZvN25qTEwwWmtJZFpmVzhwQzJ3MEc4MC5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjYzOTU0L0IyRkRFNEEyMkEyNjExRUU4NjREQ0E0ODRB
RDlFNkZDL0FBODVFQUU0MzYwRjExRjA4RTdCMUNBRkRBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwTQYIKwYBBQUHAQcBAf8EPjA8MDoEAgABMDQDBALEIOgDBAHEIO4wDAMEAMQt
EQMEAMQtEgMEAMQtFDAMAwQAxC0ZAwQAxC0aAwQCxC0cMA0GCSqGSIb3DQEBCwUA
A4IBAQA25ePqM4VsNIWfGeFtDLYkY7X+3U0aH+1ZFTqZsarR4WN5v+zFUNiEC2CU
TfvPC+6vnpBuaLODdb2vI9QWrx/lDFoxa91lhr54+zY/r3KvCcdz/f+/fZZO4kiv
f3WKlZ+D6jrrRFImAgbslGTsVj1/LYsJgPocoXkvoKzNbfw3HoqSgNLKa+HMbnA8
BdgrNHO537L74INzOYOPEQ4jw9iMibxklTAaGm99eicgw8AU4OfpM3l1ClHOxFk9
4ICutlhDsMCEx5uE/gWo7bhINfQy4/BQhA7oSQlTsJmZMQXVDL1u4rx54P/DeQXV
F65BtHO847F5BNUd/omzpGf0h4hZ
-----END CERTIFICATE-----
Generated at Sun Jun 8 06:43:04 2025 by rpki-client