Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3671347/253D17E4818D11F09A3553D5DAE4EC9C/39D41848831711F0B79C4EEBDAE4EC9C.roa
File: 39D41848831711F0B79C4EEBDAE4EC9C.roa (raw, json)
Hash identifier: oqrQyadBMYdawxX49jq0Jbtm2txf/130uDVG0NFFiHw=
Subject key identifier: 85:76:2A:A2:C6:09:00:FC:AD:DC:6A:F7:FD:45:FE:75:1C:DE:CB:50
Certificate issuer: /CN=F3671347AF/serialNumber=3128B1596F1DA0AA6CEDCFC99DEC8E1D628489E5
Certificate serial: 1C
Authority key identifier: 31:28:B1:59:6F:1D:A0:AA:6C:ED:CF:C9:9D:EC:8E:1D:62:84:89:E5
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/MSixWW8doKps7c_JneyOHWKEieU.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3671347/253D17E4818D11F09A3553D5DAE4EC9C/39D41848831711F0B79C4EEBDAE4EC9C.roa
Signing time: Wed 27 Aug 2025 07:27:03 +0000
ROA not before: Wed 27 Aug 2025 07:26:58 +0000
ROA not after: Thu 31 Aug 2045 07:26:58 +0000
asID: 36983
IP address blocks: 41.222.110.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3671347/253D17E4818D11F09A3553D5DAE4EC9C/MSixWW8doKps7c_JneyOHWKEieU.crl
rsync://rpki.afrinic.net/repository/member_repository/F3671347/253D17E4818D11F09A3553D5DAE4EC9C/MSixWW8doKps7c_JneyOHWKEieU.mft
rsync://rpki.afrinic.net/repository/afrinic/MSixWW8doKps7c_JneyOHWKEieU.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 19 Sep 2025 05:13:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 28 (0x1c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3671347AF, serialNumber=3128B1596F1DA0AA6CEDCFC99DEC8E1D628489E5
Validity
Not Before: Aug 27 07:26:58 2025 GMT
Not After : Aug 31 07:26:58 2045 GMT
Subject: CN=68aeb347-87bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:b5:bd:fd:d9:73:83:65:4f:cc:0c:19:5a:1e:
25:f6:1e:df:34:12:c9:c8:c6:36:76:4b:b6:6b:3f:
ac:9e:ba:7f:7a:ce:ee:b9:6e:74:75:cb:18:08:e9:
e2:fe:e2:af:3d:3d:30:b5:df:ab:42:ef:d3:11:9d:
cb:34:4c:4b:36:e5:87:81:c5:96:5d:4a:84:9d:89:
b4:57:49:84:ff:59:ef:b7:ef:cb:cc:f9:1f:a0:55:
e8:53:5b:37:9b:9a:de:a0:77:fd:74:a9:d6:71:4d:
0a:58:ab:0a:4f:3b:37:62:bc:36:2b:99:a7:24:4e:
27:2c:f3:ce:7a:bd:45:3c:35:e2:e1:6c:e6:44:fe:
8b:fe:76:87:66:5c:35:88:1d:0a:4f:24:27:67:57:
32:53:5e:db:23:03:69:a0:5a:1e:7c:8a:50:c8:97:
2b:72:10:5a:c3:76:2f:48:e1:d2:b1:b9:11:4b:bb:
8b:3a:d6:d2:f5:c9:5a:3c:d6:a9:00:3c:8f:63:df:
34:50:b6:96:c8:85:cd:dc:c8:16:40:03:12:53:22:
29:a3:40:63:0d:ed:53:6a:a4:61:d6:b5:16:5c:d6:
2e:92:b2:a6:ef:5b:22:aa:d5:05:63:b6:e6:35:d0:
5c:60:90:a2:7a:24:d6:f3:fe:e0:71:a2:e9:90:a0:
78:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:76:2A:A2:C6:09:00:FC:AD:DC:6A:F7:FD:45:FE:75:1C:DE:CB:50
X509v3 Authority Key Identifier:
keyid:31:28:B1:59:6F:1D:A0:AA:6C:ED:CF:C9:9D:EC:8E:1D:62:84:89:E5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3671347/253D17E4818D11F09A3553D5DAE4EC9C/MSixWW8doKps7c_JneyOHWKEieU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/MSixWW8doKps7c_JneyOHWKEieU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3671347/253D17E4818D11F09A3553D5DAE4EC9C/39D41848831711F0B79C4EEBDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
41.222.110.0/24
Signature Algorithm: sha256WithRSAEncryption
57:42:fc:eb:b8:02:3f:24:8d:06:59:ef:4c:99:19:1c:39:1f:
9a:5f:78:41:eb:a1:89:40:04:9d:ad:8b:2b:50:a1:57:97:bf:
d8:85:41:80:bb:eb:fb:ce:5d:0a:c9:71:cb:2f:86:5c:5d:85:
0b:bf:2b:7b:ab:63:2f:f2:cd:fd:c7:59:7b:9b:a4:a3:5c:48:
2a:a0:82:62:46:0c:42:ad:85:ff:4d:59:96:2a:1a:20:91:b1:
7f:52:a1:95:30:6b:e6:a5:6a:2a:66:9d:10:5a:5d:25:3b:19:
a0:5c:95:15:09:2d:ef:7d:f9:c5:44:b5:c6:0c:a2:6b:6e:de:
fa:a4:85:2d:79:02:ec:8e:be:67:9b:e2:57:20:83:2e:45:46:
7f:89:cc:aa:cb:77:eb:0b:d0:f0:47:91:d7:ef:e3:39:1c:a6:
b8:9b:ee:f8:56:a8:67:5c:6f:77:b0:d4:08:e6:54:da:9e:ca:
dc:08:61:19:b5:e7:78:fd:33:53:0c:bd:76:b8:73:0c:a3:59:
55:cf:1a:50:d4:2b:65:46:a6:31:cd:b7:53:b6:be:15:1b:e4:
ad:fb:02:f8:1e:88:25:1f:1c:5c:52:37:4e:e8:0d:7e:a2:f5:
40:d4:70:7d:13:b4:56:89:f2:e6:14:5e:ce:69:c9:55:a8:c7:
c7:86:e9:0a
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBHDANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY3
MTM0N0FGMTEwLwYDVQQFEygzMTI4QjE1OTZGMURBMEFBNkNFRENGQzk5REVDOEUx
RDYyODQ4OUU1MB4XDTI1MDgyNzA3MjY1OFoXDTQ1MDgzMTA3MjY1OFowGDEWMBQG
A1UEAxMNNjhhZWIzNDctODdiZjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJq1vf3Zc4NlT8wMGVoeJfYe3zQSycjGNnZLtms/rJ66f3rO7rludHXLGAjp
4v7irz09MLXfq0Lv0xGdyzRMSzblh4HFll1KhJ2JtFdJhP9Z77fvy8z5H6BV6FNb
N5ua3qB3/XSp1nFNClirCk87N2K8NiuZpyROJyzzznq9RTw14uFs5kT+i/52h2Zc
NYgdCk8kJ2dXMlNe2yMDaaBaHnyKUMiXK3IQWsN2L0jh0rG5EUu7izrW0vXJWjzW
qQA8j2PfNFC2lsiFzdzIFkADElMiKaNAYw3tU2qkYda1FlzWLpKypu9bIqrVBWO2
5jXQXGCQonok1vP+4HGi6ZCgeJ0CAwEAAaOCAqUwggKhMB0GA1UdDgQWBBSFdiqi
xgkA/K3cavf9Rf51HN7LUDAfBgNVHSMEGDAWgBQxKLFZbx2gqmztz8md7I4dYoSJ
5TAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NzEzNDcvMjUzRDE3RTQ4MThEMTFGMDlBMzU1M0Q1REFFNEVDOUMvTVNpeFdX
OGRvS3BzN2NfSm5leU9IV0tFaWVVLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvTVNpeFdXOGRvS3BzN2NfSm5leU9IV0tFaWVVLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2NzEzNDcvMjUzRDE3RTQ4MThEMTFGMDlBMzU1M0Q1REFF
NEVDOUMvMzlENDE4NDg4MzE3MTFGMEI3OUM0RUVCREFFNEVDOUMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEACnebjANBgkqhkiG9w0BAQsF
AAOCAQEAV0L867gCPySNBlnvTJkZHDkfml94QeuhiUAEna2LK1ChV5e/2IVBgLvr
+85dCslxyy+GXF2FC78re6tjL/LN/cdZe5uko1xIKqCCYkYMQq2F/01ZlioaIJGx
f1KhlTBr5qVqKmadEFpdJTsZoFyVFQkt7335xUS1xgyia27e+qSFLXkC7I6+Z5vi
VyCDLkVGf4nMqst36wvQ8EeR1+/jORymuJvu+FaoZ1xvd7DUCOZU2p7K3AhhGbXn
eP0zUwy9drhzDKNZVc8aUNQrZUamMc23U7a+FRvkrfsC+B6IJR8cXFI3TugNfqL1
QNRwfRO0Vony5hRezmnJVajHx4bpCg==
-----END CERTIFICATE-----
Generated at Thu Sep 18 04:01:29 2025 by rpki-client