Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F366A2B2/D3F441AE66E411F0A0DA6692DAE4EC9C/EF99DEAC66E711F0A50F79A4DAE4EC9C.roa
File: EF99DEAC66E711F0A50F79A4DAE4EC9C.roa (raw, json)
Hash identifier: 1ALkP5AE5BnLJ65DORy6a8qL9QHzH+dCAgd18lTAG+k=
Subject key identifier: 27:40:CA:D8:2E:F2:C9:8D:B9:D3:A8:BA:56:94:37:8F:D7:A5:B8:D9
Certificate issuer: /CN=F366A2B2AF/serialNumber=3AE7646CE6AD569F7616E6A6F6FD3B1986BED419
Certificate serial: 05
Authority key identifier: 3A:E7:64:6C:E6:AD:56:9F:76:16:E6:A6:F6:FD:3B:19:86:BE:D4:19
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/OudkbOatVp92Fuam9v07GYa-1Bk.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F366A2B2/D3F441AE66E411F0A0DA6692DAE4EC9C/EF99DEAC66E711F0A50F79A4DAE4EC9C.roa
Signing time: Tue 22 Jul 2025 10:38:00 +0000
ROA not before: Tue 22 Jul 2025 10:37:55 +0000
ROA not after: Tue 31 Dec 2030 10:37:55 +0000
asID: 328534
IP address blocks: 102.36.164.0/22 maxlen: 22
2c0f:ea50::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F366A2B2/D3F441AE66E411F0A0DA6692DAE4EC9C/OudkbOatVp92Fuam9v07GYa-1Bk.crl
rsync://rpki.afrinic.net/repository/member_repository/F366A2B2/D3F441AE66E411F0A0DA6692DAE4EC9C/OudkbOatVp92Fuam9v07GYa-1Bk.mft
rsync://rpki.afrinic.net/repository/afrinic/OudkbOatVp92Fuam9v07GYa-1Bk.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 29 Jul 2025 00:06:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5 (0x5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F366A2B2AF, serialNumber=3AE7646CE6AD569F7616E6A6F6FD3B1986BED419
Validity
Not Before: Jul 22 10:37:55 2025 GMT
Not After : Dec 31 10:37:55 2030 GMT
Subject: CN=687f6a07-9466
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:78:72:94:ee:ef:74:8e:a6:17:2a:c4:d1:41:
36:f2:a2:ca:e9:0a:d1:77:f3:9d:3c:7c:19:79:74:
2a:0c:fd:f7:5b:b5:19:74:3b:69:b8:9b:3f:7b:0d:
de:6c:7c:b9:c3:d3:a3:52:2d:7a:d8:7a:37:98:db:
a9:24:1d:81:03:72:1d:2f:cb:e3:49:49:ec:97:6f:
81:fa:1f:ed:a6:71:5c:53:20:32:4b:2e:c3:56:5d:
28:f7:79:e4:44:77:ef:9f:8d:7e:62:72:16:d4:9f:
ed:33:4d:42:cd:f1:99:15:2e:60:29:60:af:08:9c:
6d:c7:1c:c5:09:88:4f:1a:e6:a1:97:89:05:11:c8:
ab:bd:11:9d:54:28:39:37:7c:b2:06:22:3a:ef:a5:
20:72:6a:76:5f:88:2d:b7:08:5a:1d:a3:a6:ef:ee:
e7:db:8b:95:a5:95:fb:da:02:6d:1b:21:0f:75:69:
63:9a:8f:7e:4d:6a:13:87:08:d9:d8:29:32:62:7a:
30:c1:76:0c:4d:b8:99:cd:8e:36:1e:5a:a6:99:f4:
51:87:e7:66:f5:1a:1b:31:49:2b:85:5a:f2:a4:fd:
cb:a4:d1:ac:5e:8f:09:90:47:91:f7:d6:79:ca:a1:
21:f9:7b:f9:ff:fa:5b:5e:e6:0a:07:57:9d:7e:b0:
9b:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:40:CA:D8:2E:F2:C9:8D:B9:D3:A8:BA:56:94:37:8F:D7:A5:B8:D9
X509v3 Authority Key Identifier:
keyid:3A:E7:64:6C:E6:AD:56:9F:76:16:E6:A6:F6:FD:3B:19:86:BE:D4:19
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F366A2B2/D3F441AE66E411F0A0DA6692DAE4EC9C/OudkbOatVp92Fuam9v07GYa-1Bk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/OudkbOatVp92Fuam9v07GYa-1Bk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F366A2B2/D3F441AE66E411F0A0DA6692DAE4EC9C/EF99DEAC66E711F0A50F79A4DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.36.164.0/22
IPv6:
2c0f:ea50::/32
Signature Algorithm: sha256WithRSAEncryption
71:44:c9:3e:88:56:1b:0e:e8:f9:8c:46:ca:66:7e:bf:f3:d1:
bf:55:4e:6d:b6:cf:dc:90:79:68:28:4d:9f:dd:31:42:fd:b5:
00:85:34:38:72:64:79:7d:21:10:43:18:13:92:e6:88:0f:6b:
5f:54:4b:9a:9b:b1:96:3b:a0:5f:c4:a9:19:56:9b:a1:30:8e:
39:b9:87:42:77:3e:0d:60:f6:7a:d9:f4:5a:27:82:54:6e:10:
93:82:dc:b9:00:9a:0c:63:e2:a9:43:b6:9f:2b:2a:11:fd:7e:
64:ab:55:75:1b:ef:27:70:73:76:5c:eb:22:2b:d2:a0:ee:e7:
86:ab:01:2f:af:7f:12:15:d5:a4:54:db:10:fa:f2:14:8a:c0:
67:b0:84:82:a7:53:a5:32:31:a0:21:00:11:ec:2d:ae:13:78:
f9:57:9c:1c:45:8c:5d:ae:05:5b:e4:ff:9d:9e:33:39:44:38:
8a:36:9f:fd:b6:d9:07:4a:94:ac:af:f7:00:cb:85:0c:cd:ce:
82:8c:ae:f8:23:2d:f3:76:71:8f:f9:09:61:2c:ee:e8:3f:8f:
6a:3a:7f:38:79:b2:58:76:d8:e6:58:f3:a1:62:ce:3b:c8:d0:
1d:4f:63:2b:6f:d5:43:44:1e:53:28:73:ec:f0:8a:61:5a:84:
eb:02:94:9e
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgIBBTANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY2
QTJCMkFGMTEwLwYDVQQFEygzQUU3NjQ2Q0U2QUQ1NjlGNzYxNkU2QTZGNkZEM0Ix
OTg2QkVENDE5MB4XDTI1MDcyMjEwMzc1NVoXDTMwMTIzMTEwMzc1NVowGDEWMBQG
A1UEAxMNNjg3ZjZhMDctOTQ2NjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANR4cpTu73SOphcqxNFBNvKiyukK0XfznTx8GXl0Kgz991u1GXQ7abibP3sN
3mx8ucPTo1Iteth6N5jbqSQdgQNyHS/L40lJ7Jdvgfof7aZxXFMgMksuw1ZdKPd5
5ER375+NfmJyFtSf7TNNQs3xmRUuYClgrwicbcccxQmITxrmoZeJBRHIq70RnVQo
OTd8sgYiOu+lIHJqdl+ILbcIWh2jpu/u59uLlaWV+9oCbRshD3VpY5qPfk1qE4cI
2dgpMmJ6MMF2DE24mc2ONh5appn0UYfnZvUaGzFJK4Va8qT9y6TRrF6PCZBHkffW
ecqhIfl7+f/6W17mCgdXnX6wmzkCAwEAAaOCArQwggKwMB0GA1UdDgQWBBQnQMrY
LvLJjbnTqLpWlDeP16W42TAfBgNVHSMEGDAWgBQ652Rs5q1Wn3YW5qb2/TsZhr7U
GTAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NkEyQjIvRDNGNDQxQUU2NkU0MTFGMEEwREE2NjkyREFFNEVDOUMvT3Vka2JP
YXRWcDkyRnVhbTl2MDdHWWEtMUJrLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvT3Vka2JPYXRWcDkyRnVhbTl2MDdHWWEtMUJrLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2NkEyQjIvRDNGNDQxQUU2NkU0MTFGMEEwREE2NjkyREFF
NEVDOUMvRUY5OURFQUM2NkU3MTFGMEE1MEY3OUE0REFFNEVDOUMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAmYkpDANBAIAAjAHAwUALA/q
UDANBgkqhkiG9w0BAQsFAAOCAQEAcUTJPohWGw7o+YxGymZ+v/PRv1VObbbP3JB5
aChNn90xQv21AIU0OHJkeX0hEEMYE5LmiA9rX1RLmpuxljugX8SpGVaboTCOObmH
Qnc+DWD2etn0WieCVG4Qk4LcuQCaDGPiqUO2nysqEf1+ZKtVdRvvJ3BzdlzrIivS
oO7nhqsBL69/EhXVpFTbEPryFIrAZ7CEgqdTpTIxoCEAEewtrhN4+VecHEWMXa4F
W+T/nZ4zOUQ4ijaf/bbZB0qUrK/3AMuFDM3Ogoyu+CMt83Zxj/kJYSzu6D+Pajp/
OHmyWHbY5ljzoWLOO8jQHU9jK2/VQ0QeUyhz7PCKYVqE6wKUng==
-----END CERTIFICATE-----
Generated at Sun Jul 27 07:47:59 2025 by rpki-client