Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3674908/7EB812DE564411F0BCB4D5EDDAE4EC9C/1944E674564511F0983236F2DAE4EC9C.roa
File: 1944E674564511F0983236F2DAE4EC9C.roa (raw, json)
Hash identifier: Y7C2EDuJLg0UUohvGlHcA8fBY7urPGjjAraukXhUClw=
Subject key identifier: 8B:4F:99:90:E2:AE:64:E7:28:55:03:CD:FC:DE:07:37:7F:AD:37:54
Certificate issuer: /CN=F3674908AR/serialNumber=602F986D9DBE3221417455D54EF23361F5476FE2
Certificate serial: 02
Authority key identifier: 60:2F:98:6D:9D:BE:32:21:41:74:55:D5:4E:F2:33:61:F5:47:6F:E2
Authority info access: rsync://rpki.afrinic.net/repository/arin/YC-YbZ2-MiFBdFXVTvIzYfVHb-I.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3674908/7EB812DE564411F0BCB4D5EDDAE4EC9C/1944E674564511F0983236F2DAE4EC9C.roa
Signing time: Tue 01 Jul 2025 06:32:03 +0000
ROA not before: Tue 01 Jul 2025 06:31:57 +0000
ROA not after: Sun 01 Jul 2035 06:31:57 +0000
asID: 37611
IP address blocks: 165.73.0.0/17 maxlen: 32
165.255.0.0/16 maxlen: 32
169.0.0.0/15 maxlen: 32
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3674908/7EB812DE564411F0BCB4D5EDDAE4EC9C/YC-YbZ2-MiFBdFXVTvIzYfVHb-I.crl
rsync://rpki.afrinic.net/repository/member_repository/F3674908/7EB812DE564411F0BCB4D5EDDAE4EC9C/YC-YbZ2-MiFBdFXVTvIzYfVHb-I.mft
rsync://rpki.afrinic.net/repository/arin/YC-YbZ2-MiFBdFXVTvIzYfVHb-I.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 05 Jul 2025 00:26:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3674908AR, serialNumber=602F986D9DBE3221417455D54EF23361F5476FE2
Validity
Not Before: Jul 1 06:31:57 2025 GMT
Not After : Jul 1 06:31:57 2035 GMT
Subject: CN=686380e3-7291
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:83:4a:0b:5e:22:e8:4b:eb:d5:fc:68:52:c8:
0b:23:6a:cb:4f:0a:3d:64:7f:03:f0:f1:24:2e:bb:
03:17:a9:29:e8:d8:da:41:a8:d9:2c:d3:56:d0:e5:
cf:22:91:b4:2c:36:ee:83:47:5a:5e:b2:59:57:49:
58:41:8c:fa:be:76:2e:50:73:2f:4b:ba:44:82:9f:
a8:0d:9e:c2:ae:d6:d2:dd:f6:27:4c:66:a7:6c:3d:
a3:df:da:f8:b6:53:5a:5c:a1:dc:3f:9d:84:7c:65:
e2:21:c6:35:72:5a:a4:d1:8b:af:63:f7:bb:28:f4:
da:46:86:78:61:78:59:ba:2f:97:ab:f4:0e:00:be:
ad:95:e4:f7:a1:cb:6b:36:d9:03:c8:d6:64:2b:24:
86:7b:ab:6c:5e:e1:01:c9:8b:32:07:9d:88:a4:89:
a1:b8:12:ed:67:6a:55:6f:a9:9c:60:b4:9a:58:9b:
4d:0d:21:b8:ea:4f:95:b1:39:50:f5:e2:5a:b6:5f:
34:71:69:9f:d1:5d:a8:c1:15:92:a8:c5:a1:6d:4c:
b1:0e:9b:ad:03:08:c6:1a:73:70:b4:3f:a7:d0:8c:
51:b4:ed:94:20:d5:a4:45:ae:ec:81:12:72:10:11:
9e:54:03:2e:5a:16:d9:24:94:a2:a5:30:26:49:4a:
27:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:4F:99:90:E2:AE:64:E7:28:55:03:CD:FC:DE:07:37:7F:AD:37:54
X509v3 Authority Key Identifier:
keyid:60:2F:98:6D:9D:BE:32:21:41:74:55:D5:4E:F2:33:61:F5:47:6F:E2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3674908/7EB812DE564411F0BCB4D5EDDAE4EC9C/YC-YbZ2-MiFBdFXVTvIzYfVHb-I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/YC-YbZ2-MiFBdFXVTvIzYfVHb-I.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3674908/7EB812DE564411F0BCB4D5EDDAE4EC9C/1944E674564511F0983236F2DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
165.73.0.0/17
165.255.0.0/16
169.0.0.0/15
Signature Algorithm: sha256WithRSAEncryption
0c:07:ea:1f:e3:a8:7e:ac:d8:1c:62:1c:4b:c0:e4:e2:de:7e:
cc:a8:ec:d3:1a:93:48:cf:e3:76:b8:a7:77:1a:34:1b:66:fb:
5e:ee:d6:c9:e9:d2:47:2a:59:df:a6:d7:9d:63:81:18:79:e2:
56:78:5c:33:2a:da:7a:89:5e:54:87:c6:28:6a:03:89:63:0f:
16:ca:4b:69:3f:e5:ea:4e:53:c0:a7:7f:69:ed:e9:6d:8b:6f:
77:55:d3:fc:6d:5f:a9:c4:74:75:a7:49:0c:da:3f:3c:3b:02:
f4:10:e9:98:f1:86:30:ad:fc:9c:d0:0d:7e:fa:79:f1:d4:f3:
41:11:81:e3:a7:6c:d2:9d:72:a0:8b:ce:49:a7:8b:40:87:ec:
d6:58:63:5c:9f:12:58:00:2e:f2:9e:96:68:1d:8f:71:15:7f:
4c:3f:07:9a:a6:d1:07:9e:75:e9:c7:67:a6:91:37:6a:4c:0f:
c3:2a:51:6e:07:be:b4:94:c0:92:2f:0c:f3:3c:27:a3:b6:25:
da:dd:d9:cf:c3:5e:aa:17:92:73:f4:8c:13:c3:f6:e4:16:c8:
e8:8e:fc:76:f9:ca:e7:ac:8b:a4:a2:0c:16:54:da:41:40:8b:
ff:00:27:61:e6:88:1a:40:75:a6:e7:a9:b3:9f:50:a2:04:53:
6a:d1:3c:e4
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY3
NDkwOEFSMTEwLwYDVQQFEyg2MDJGOTg2RDlEQkUzMjIxNDE3NDU1RDU0RUYyMzM2
MUY1NDc2RkUyMB4XDTI1MDcwMTA2MzE1N1oXDTM1MDcwMTA2MzE1N1owGDEWMBQG
A1UEAxMNNjg2MzgwZTMtNzI5MTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALmDSgteIuhL69X8aFLICyNqy08KPWR/A/DxJC67AxepKejY2kGo2SzTVtDl
zyKRtCw27oNHWl6yWVdJWEGM+r52LlBzL0u6RIKfqA2ewq7W0t32J0xmp2w9o9/a
+LZTWlyh3D+dhHxl4iHGNXJapNGLr2P3uyj02kaGeGF4Wbovl6v0DgC+rZXk96HL
azbZA8jWZCskhnurbF7hAcmLMgediKSJobgS7WdqVW+pnGC0mlibTQ0huOpPlbE5
UPXiWrZfNHFpn9FdqMEVkqjFoW1MsQ6brQMIxhpzcLQ/p9CMUbTtlCDVpEWu7IES
chARnlQDLloW2SSUoqUwJklKJ8MCAwEAAaOCAqwwggKoMB0GA1UdDgQWBBSLT5mQ
4q5k5yhVA8383gc3f603VDAfBgNVHSMEGDAWgBRgL5htnb4yIUF0VdVO8jNh9Udv
4jAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NzQ5MDgvN0VCODEyREU1NjQ0MTFGMEJDQjRENUVEREFFNEVDOUMvWUMtWWJa
Mi1NaUZCZEZYVlR2SXpZZlZIYi1JLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2FyaW4v
WUMtWWJaMi1NaUZCZEZYVlR2SXpZZlZIYi1JLmNlcjBPBgNVHSABAf8ERTBDMEEG
CCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmljLm5l
dC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUFBzAL
hoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3Jl
cG9zaXRvcnkvRjM2NzQ5MDgvN0VCODEyREU1NjQ0MTFGMEJDQjRENUVEREFFNEVD
OUMvMTk0NEU2NzQ1NjQ1MTFGMDk4MzIzNkYyREFFNEVDOUMucm9hMDUGCCsGAQUF
BzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAp
BggrBgEFBQcBBwEB/wQaMBgwFgQCAAEwEAMEB6VJAAMDAKX/AwMBqQAwDQYJKoZI
hvcNAQELBQADggEBAAwH6h/jqH6s2BxiHEvA5OLefsyo7NMak0jP43a4p3caNBtm
+17u1snp0kcqWd+m151jgRh54lZ4XDMq2nqJXlSHxihqA4ljDxbKS2k/5epOU8Cn
f2nt6W2Lb3dV0/xtX6nEdHWnSQzaPzw7AvQQ6ZjxhjCt/JzQDX76efHU80ERgeOn
bNKdcqCLzkmni0CH7NZYY1yfElgALvKelmgdj3EVf0w/B5qm0QeedenHZ6aRN2pM
D8MqUW4HvrSUwJIvDPM8J6O2Jdrd2c/DXqoXknP0jBPD9uQWyOiO/Hb5yuesi6Si
DBZU2kFAi/8AJ2HmiBpAdabnqbOfUKIEU2rRPOQ=
-----END CERTIFICATE-----
Generated at Thu Jul 3 20:46:42 2025 by rpki-client