Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3675C2B/C61954AAB83811EDB1717BB1F1222468/31E6ED6E5E4A11F0B9EEF8F1DAE4EC9C.roa
File: 31E6ED6E5E4A11F0B9EEF8F1DAE4EC9C.roa (raw, json)
Hash identifier: wY2O3owjl7AYpJtBNGgcE5jUl65qutwOOti84IXPCgg=
Subject key identifier: 05:15:EB:72:45:74:78:78:D2:40:63:C8:C7:2D:9D:F5:69:69:19:DD
Certificate issuer: /CN=F3675C2BAF/serialNumber=2D91C9F255C0983474A4D4C60E8FE0EC31EEB7EA
Certificate serial: 0380
Authority key identifier: 2D:91:C9:F2:55:C0:98:34:74:A4:D4:C6:0E:8F:E0:EC:31:EE:B7:EA
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/LZHJ8lXAmDR0pNTGDo_g7DHut-o.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3675C2B/C61954AAB83811EDB1717BB1F1222468/31E6ED6E5E4A11F0B9EEF8F1DAE4EC9C.roa
Signing time: Fri 11 Jul 2025 11:28:41 +0000
ROA not before: Fri 11 Jul 2025 11:28:36 +0000
ROA not after: Tue 31 Jul 2035 11:28:36 +0000
asID: 37228
IP address blocks: 105.178.0.0/17 maxlen: 24
105.179.0.0/19 maxlen: 24
2c0f:3880::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3675C2B/C61954AAB83811EDB1717BB1F1222468/LZHJ8lXAmDR0pNTGDo_g7DHut-o.crl
rsync://rpki.afrinic.net/repository/member_repository/F3675C2B/C61954AAB83811EDB1717BB1F1222468/LZHJ8lXAmDR0pNTGDo_g7DHut-o.mft
rsync://rpki.afrinic.net/repository/afrinic/LZHJ8lXAmDR0pNTGDo_g7DHut-o.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 29 Jul 2025 00:06:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 896 (0x380)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3675C2BAF, serialNumber=2D91C9F255C0983474A4D4C60E8FE0EC31EEB7EA
Validity
Not Before: Jul 11 11:28:36 2025 GMT
Not After : Jul 31 11:28:36 2035 GMT
Subject: CN=6870f569-857f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fd:ae:6b:a5:e3:05:23:49:93:52:35:b9:e1:ad:
9e:95:eb:da:49:8e:da:8b:15:3b:85:6c:2e:41:3a:
41:4a:06:0e:f5:1f:4a:8a:3b:80:fc:74:d7:73:4c:
9f:b6:a9:90:0b:0f:51:ec:dd:39:eb:be:9b:1c:b2:
f2:11:17:b4:e3:50:65:85:67:89:54:0f:de:91:ac:
75:8f:80:98:e1:b6:f9:1b:81:3d:30:b6:8b:56:dd:
ac:f9:07:4a:bb:2b:e3:e2:03:2f:8e:7d:c9:5d:d4:
3a:8b:d5:0b:5c:be:bb:8e:9f:ad:ab:87:96:d0:9d:
ca:f2:55:43:1c:b4:0f:dc:c5:6e:fa:75:78:4d:db:
f9:23:5e:8a:c4:f5:6c:81:34:bc:c2:ff:c8:5e:2c:
41:a1:0f:96:7a:da:9d:d5:e5:fe:b7:98:cc:a2:2a:
aa:2f:b7:19:97:bf:8a:8a:64:e6:d4:a2:85:fe:48:
dd:82:af:32:6f:5e:1c:5b:95:77:7a:73:9e:f0:bb:
f6:83:fe:7d:c0:c5:80:5c:ef:b5:15:ee:53:44:59:
0d:b2:14:8c:70:ef:4d:dc:cb:ce:1e:5b:9a:89:b7:
01:16:15:11:d9:dd:2f:92:ac:50:58:94:a6:37:af:
d8:9a:fb:b2:c1:fa:54:56:ca:f7:16:7e:a8:dd:bc:
e2:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:15:EB:72:45:74:78:78:D2:40:63:C8:C7:2D:9D:F5:69:69:19:DD
X509v3 Authority Key Identifier:
keyid:2D:91:C9:F2:55:C0:98:34:74:A4:D4:C6:0E:8F:E0:EC:31:EE:B7:EA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3675C2B/C61954AAB83811EDB1717BB1F1222468/LZHJ8lXAmDR0pNTGDo_g7DHut-o.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/LZHJ8lXAmDR0pNTGDo_g7DHut-o.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3675C2B/C61954AAB83811EDB1717BB1F1222468/31E6ED6E5E4A11F0B9EEF8F1DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
105.178.0.0/17
105.179.0.0/19
IPv6:
2c0f:3880::/32
Signature Algorithm: sha256WithRSAEncryption
18:9e:b4:7d:49:6a:c7:a4:8e:08:a6:41:71:62:9d:b7:39:7d:
84:6a:c7:9a:26:52:64:51:9b:78:4e:2e:84:33:e2:a4:b0:a3:
8d:6e:45:7d:84:b9:51:47:29:61:5b:1e:8c:cc:90:19:e4:a1:
c6:ec:11:20:d9:1d:b3:6f:90:ab:b3:c1:80:bd:4d:05:30:3c:
ba:0a:b3:96:fc:62:05:f7:cd:bc:38:41:dc:02:3d:ce:9d:93:
a7:3c:69:2b:b4:1a:97:ff:8b:e5:9d:e1:4b:5d:0c:8d:b4:87:
b6:2b:f1:5d:17:79:36:99:53:62:68:79:ef:ac:d1:44:7e:d4:
51:d5:61:d2:db:7b:35:ab:22:b2:19:0e:be:af:86:5a:d4:41:
32:a6:1d:c6:68:2e:f5:09:49:f9:1b:44:a1:8b:53:53:2e:5f:
03:6a:97:fe:34:62:5f:ee:b0:f9:78:b1:2b:4c:98:3c:02:5e:
8f:9c:45:1c:76:61:82:a7:f7:6c:1b:da:c6:83:7f:ec:64:a8:
d9:9d:94:a2:a2:70:5e:1d:3b:79:f8:d7:dc:52:49:d3:e3:42:
b5:97:d6:a1:a1:50:cb:c9:a3:83:b1:b1:9b:21:80:5f:1f:fc:
a4:0f:d2:ac:c5:e0:30:23:ac:04:b4:3d:59:35:b6:18:f8:46:
e4:fd:ed:d4
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgICA4AwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
NzVDMkJBRjExMC8GA1UEBRMoMkQ5MUM5RjI1NUMwOTgzNDc0QTRENEM2MEU4RkUw
RUMzMUVFQjdFQTAeFw0yNTA3MTExMTI4MzZaFw0zNTA3MzExMTI4MzZaMBgxFjAU
BgNVBAMTDTY4NzBmNTY5LTg1N2YwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQD9rmul4wUjSZNSNbnhrZ6V69pJjtqLFTuFbC5BOkFKBg71H0qKO4D8dNdz
TJ+2qZALD1Hs3TnrvpscsvIRF7TjUGWFZ4lUD96RrHWPgJjhtvkbgT0wtotW3az5
B0q7K+PiAy+Ofcld1DqL1QtcvruOn62rh5bQncryVUMctA/cxW76dXhN2/kjXorE
9WyBNLzC/8heLEGhD5Z62p3V5f63mMyiKqovtxmXv4qKZObUooX+SN2CrzJvXhxb
lXd6c57wu/aD/n3AxYBc77UV7lNEWQ2yFIxw703cy84eW5qJtwEWFRHZ3S+SrFBY
lKY3r9ia+7LB+lRWyvcWfqjdvOKRAgMBAAGjggK6MIICtjAdBgNVHQ4EFgQUBRXr
ckV0eHjSQGPIxy2d9WlpGd0wHwYDVR0jBBgwFoAULZHJ8lXAmDR0pNTGDo/g7DHu
t+owDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjc1QzJCL0M2MTk1NEFBQjgzODExRURCMTcxN0JCMUYxMjIyNDY4L0xaSEo4
bFhBbURSMHBOVEdEb19nN0RIdXQtby5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0xaSEo4bFhBbURSMHBOVEdEb19nN0RIdXQtby5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjc1QzJCL0M2MTk1NEFBQjgzODExRURCMTcxN0JCMUYx
MjIyNDY4LzMxRTZFRDZFNUU0QTExRjBCOUVFRjhGMURBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwNAYIKwYBBQUHAQcBAf8EJTAjMBIEAgABMAwDBAdpsgADBAVpswAwDQQCAAIw
BwMFACwPOIAwDQYJKoZIhvcNAQELBQADggEBABietH1JasekjgimQXFinbc5fYRq
x5omUmRRm3hOLoQz4qSwo41uRX2EuVFHKWFbHozMkBnkocbsESDZHbNvkKuzwYC9
TQUwPLoKs5b8YgX3zbw4QdwCPc6dk6c8aSu0Gpf/i+Wd4UtdDI20h7Yr8V0XeTaZ
U2Joee+s0UR+1FHVYdLbezWrIrIZDr6vhlrUQTKmHcZoLvUJSfkbRKGLU1MuXwNq
l/40Yl/usPl4sStMmDwCXo+cRRx2YYKn92wb2saDf+xkqNmdlKKicF4dO3n419xS
SdPjQrWX1qGhUMvJo4OxsZshgF8f/KQP0qzF4DAjrAS0PVk1thj4RuT97dQ=
-----END CERTIFICATE-----
Generated at Sun Jul 27 07:49:07 2025 by rpki-client