Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36831A0/2FF15DBC923611F082CA2AE3DAE4EC9C/CAA0A8CA92F611F08941CFC1DAE4EC9C.roa
File: CAA0A8CA92F611F08941CFC1DAE4EC9C.roa (raw, json)
Hash identifier: cZYmCRPcuK5aw4+CfGix0WDAzqJ34AZ7hKPsTZ/sAy4=
Subject key identifier: 73:73:7A:59:B0:F0:79:25:B0:E9:FB:D7:18:67:A5:A3:0D:84:C6:38
Certificate issuer: /CN=F36831A0AF/serialNumber=CCD7EE5F0F7377CF8533E65737ED111F2017B601
Certificate serial: 03
Authority key identifier: CC:D7:EE:5F:0F:73:77:CF:85:33:E6:57:37:ED:11:1F:20:17:B6:01
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/zNfuXw9zd8-FM-ZXN-0RHyAXtgE.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36831A0/2FF15DBC923611F082CA2AE3DAE4EC9C/CAA0A8CA92F611F08941CFC1DAE4EC9C.roa
Signing time: Tue 16 Sep 2025 12:15:11 +0000
ROA not before: Tue 16 Sep 2025 12:15:06 +0000
ROA not after: Thu 16 Sep 2027 12:15:06 +0000
asID: 328014
IP address blocks: 196.49.7.0/24 maxlen: 24
2001:43f8:151::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36831A0/2FF15DBC923611F082CA2AE3DAE4EC9C/zNfuXw9zd8-FM-ZXN-0RHyAXtgE.crl
rsync://rpki.afrinic.net/repository/member_repository/F36831A0/2FF15DBC923611F082CA2AE3DAE4EC9C/zNfuXw9zd8-FM-ZXN-0RHyAXtgE.mft
rsync://rpki.afrinic.net/repository/afrinic/zNfuXw9zd8-FM-ZXN-0RHyAXtgE.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 20 Sep 2025 00:06:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3 (0x3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36831A0AF, serialNumber=CCD7EE5F0F7377CF8533E65737ED111F2017B601
Validity
Not Before: Sep 16 12:15:06 2025 GMT
Not After : Sep 16 12:15:06 2027 GMT
Subject: CN=68c954cf-994c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:c0:e0:7c:b6:e0:73:08:b8:31:13:89:b6:78:
a2:b9:59:02:b3:de:02:88:b5:14:7c:8e:d1:e4:9e:
ed:2b:dd:00:16:17:61:d7:72:92:73:a2:9b:41:6a:
62:dd:5c:15:19:fe:95:b9:8d:c2:39:64:e7:67:f4:
0b:1e:21:3f:8a:70:6e:3e:bb:95:e9:be:40:ad:80:
4b:aa:3e:7d:29:5b:72:31:49:24:0b:dd:a5:85:cd:
ee:fe:16:a1:e3:79:ca:00:80:50:ee:0c:07:4a:37:
c7:e1:72:d6:5e:7b:47:11:75:64:62:1c:17:5d:14:
bf:8f:33:45:80:20:96:3d:6a:76:39:63:75:b7:d8:
80:f8:75:81:b1:98:42:a1:e1:85:24:15:55:0e:6f:
12:f2:16:6a:21:d8:bf:ea:69:66:d7:90:9d:d1:7b:
29:f3:53:df:47:a9:f6:cd:f2:7c:a8:67:4b:a1:51:
92:9e:9f:e1:39:fb:3b:5e:b1:8a:ad:ec:47:7f:17:
e2:33:e1:72:a3:20:50:6e:89:1a:bc:33:42:51:11:
e7:26:60:d3:04:27:10:db:f8:0d:ba:fc:dd:19:11:
97:8f:73:d7:71:31:a4:f8:12:23:18:b7:be:ca:5a:
66:66:a4:20:f2:a5:b1:46:8c:89:2e:19:10:43:65:
53:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:73:7A:59:B0:F0:79:25:B0:E9:FB:D7:18:67:A5:A3:0D:84:C6:38
X509v3 Authority Key Identifier:
keyid:CC:D7:EE:5F:0F:73:77:CF:85:33:E6:57:37:ED:11:1F:20:17:B6:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36831A0/2FF15DBC923611F082CA2AE3DAE4EC9C/zNfuXw9zd8-FM-ZXN-0RHyAXtgE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/zNfuXw9zd8-FM-ZXN-0RHyAXtgE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36831A0/2FF15DBC923611F082CA2AE3DAE4EC9C/CAA0A8CA92F611F08941CFC1DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
196.49.7.0/24
IPv6:
2001:43f8:151::/48
Signature Algorithm: sha256WithRSAEncryption
7d:d5:33:ed:3f:37:36:25:ff:c2:c7:22:39:80:1a:48:c1:d6:
a4:24:26:98:42:6a:93:7c:dc:72:50:30:9b:c6:f7:1e:c1:81:
e0:d0:a2:82:45:aa:38:1e:98:63:66:89:32:13:d0:bc:7e:e1:
97:ae:f0:a6:f5:e8:98:a8:91:ce:cb:85:1e:8a:76:3d:ab:db:
58:c0:aa:2d:cf:80:f8:b0:1b:b2:60:cc:94:7c:89:22:17:87:
16:78:d3:f5:47:c8:93:d8:a4:69:75:03:9d:a1:f8:59:95:e9:
88:7f:11:e5:96:1d:4d:8c:66:51:8e:6f:98:78:b4:a5:1c:a3:
7b:87:16:cd:85:df:a9:34:f4:03:11:ce:7d:94:6f:3a:ed:2f:
3e:cf:5d:54:65:b7:db:79:d6:3b:72:f0:0d:eb:5e:db:f7:9c:
30:19:31:7a:df:47:48:91:91:7b:70:3d:be:ed:34:bd:3a:e5:
f4:59:6d:2d:8d:b7:fe:f9:cb:08:7c:01:2f:fe:13:ab:77:b1:
61:f3:90:4d:18:bc:f5:7f:51:6a:b2:35:67:86:94:49:fa:f7:
d9:64:4f:c0:43:34:9c:41:73:00:3a:72:4c:b3:d3:c9:3d:ab:
a0:32:6e:c0:5a:f7:af:1a:7a:ab:73:26:18:67:1c:f3:59:8d:
86:81:03:ba
-----BEGIN CERTIFICATE-----
MIIFkzCCBHugAwIBAgIBAzANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY4
MzFBMEFGMTEwLwYDVQQFEyhDQ0Q3RUU1RjBGNzM3N0NGODUzM0U2NTczN0VEMTEx
RjIwMTdCNjAxMB4XDTI1MDkxNjEyMTUwNloXDTI3MDkxNjEyMTUwNlowGDEWMBQG
A1UEAxMNNjhjOTU0Y2YtOTk0YzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKLA4Hy24HMIuDETibZ4orlZArPeAoi1FHyO0eSe7SvdABYXYddyknOim0Fq
Yt1cFRn+lbmNwjlk52f0Cx4hP4pwbj67lem+QK2AS6o+fSlbcjFJJAvdpYXN7v4W
oeN5ygCAUO4MB0o3x+Fy1l57RxF1ZGIcF10Uv48zRYAglj1qdjljdbfYgPh1gbGY
QqHhhSQVVQ5vEvIWaiHYv+ppZteQndF7KfNT30ep9s3yfKhnS6FRkp6f4Tn7O16x
iq3sR38X4jPhcqMgUG6JGrwzQlER5yZg0wQnENv4Dbr83RkRl49z13ExpPgSIxi3
vspaZmakIPKlsUaMiS4ZEENlU08CAwEAAaOCArYwggKyMB0GA1UdDgQWBBRzc3pZ
sPB5JbDp+9cYZ6WjDYTGODAfBgNVHSMEGDAWgBTM1+5fD3N3z4Uz5lc37REfIBe2
ATAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2ODMxQTAvMkZGMTVEQkM5MjM2MTFGMDgyQ0EyQUUzREFFNEVDOUMvek5mdVh3
OXpkOC1GTS1aWE4tMFJIeUFYdGdFLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvek5mdVh3OXpkOC1GTS1aWE4tMFJIeUFYdGdFLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2ODMxQTAvMkZGMTVEQkM5MjM2MTFGMDgyQ0EyQUUzREFF
NEVDOUMvQ0FBMEE4Q0E5MkY2MTFGMDg5NDFDRkMxREFFNEVDOUMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAwBggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEAMQxBzAPBAIAAjAJAwcAIAFD
+AFRMA0GCSqGSIb3DQEBCwUAA4IBAQB91TPtPzc2Jf/CxyI5gBpIwdakJCaYQmqT
fNxyUDCbxvcewYHg0KKCRao4HphjZokyE9C8fuGXrvCm9eiYqJHOy4UeinY9q9tY
wKotz4D4sBuyYMyUfIkiF4cWeNP1R8iT2KRpdQOdofhZlemIfxHllh1NjGZRjm+Y
eLSlHKN7hxbNhd+pNPQDEc59lG867S8+z11UZbfbedY7cvAN617b95wwGTF630dI
kZF7cD2+7TS9OuX0WW0tjbf++csIfAEv/hOrd7Fh85BNGLz1f1FqsjVnhpRJ+vfZ
ZE/AQzScQXMAOnJMs9PJPaugMm7AWvevGnqrcyYYZxzzWY2GgQO6
-----END CERTIFICATE-----
Generated at Thu Sep 18 13:28:44 2025 by rpki-client