Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36831A0/2FF15DBC923611F082CA2AE3DAE4EC9C/E2260ED092F711F0A755CCC9DAE4EC9C.roa
File: E2260ED092F711F0A755CCC9DAE4EC9C.roa (raw, json)
Hash identifier: Db2CiRM4uTKtHBAzQvrLoynjynVhOmVsLHGoU4aqlVA=
Subject key identifier: 35:01:14:67:EE:9B:E7:B6:C2:DE:E7:DB:9D:B7:C4:F8:7B:19:96:54
Certificate issuer: /CN=F36831A0AF/serialNumber=CCD7EE5F0F7377CF8533E65737ED111F2017B601
Certificate serial: 07
Authority key identifier: CC:D7:EE:5F:0F:73:77:CF:85:33:E6:57:37:ED:11:1F:20:17:B6:01
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/zNfuXw9zd8-FM-ZXN-0RHyAXtgE.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36831A0/2FF15DBC923611F082CA2AE3DAE4EC9C/E2260ED092F711F0A755CCC9DAE4EC9C.roa
Signing time: Tue 16 Sep 2025 12:23:00 +0000
ROA not before: Tue 16 Sep 2025 12:22:55 +0000
ROA not after: Thu 16 Sep 2027 12:22:55 +0000
asID: 37224
IP address blocks: 196.223.12.0/24 maxlen: 24
2001:43f8:150::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36831A0/2FF15DBC923611F082CA2AE3DAE4EC9C/zNfuXw9zd8-FM-ZXN-0RHyAXtgE.crl
rsync://rpki.afrinic.net/repository/member_repository/F36831A0/2FF15DBC923611F082CA2AE3DAE4EC9C/zNfuXw9zd8-FM-ZXN-0RHyAXtgE.mft
rsync://rpki.afrinic.net/repository/afrinic/zNfuXw9zd8-FM-ZXN-0RHyAXtgE.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 20 Sep 2025 00:06:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7 (0x7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36831A0AF, serialNumber=CCD7EE5F0F7377CF8533E65737ED111F2017B601
Validity
Not Before: Sep 16 12:22:55 2025 GMT
Not After : Sep 16 12:22:55 2027 GMT
Subject: CN=68c956a4-6a3d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:e6:3f:0d:e6:3f:c0:56:26:7c:e6:ae:91:21:
5e:00:f9:87:c1:c0:3a:a3:68:13:df:a3:af:b0:19:
53:af:f9:cf:72:96:3e:51:57:34:83:f4:54:0f:63:
86:56:d1:ad:06:6a:9f:0f:79:1a:17:45:6e:ef:8f:
b9:5b:d8:56:9e:42:14:f7:aa:41:42:b6:73:63:e8:
a5:4b:d3:0a:53:8f:a9:02:4c:96:83:a6:df:47:c2:
6f:98:c6:fa:da:4d:3c:4b:18:3f:56:c8:eb:93:fe:
b4:ec:34:65:7a:56:0f:00:c9:06:ad:82:c0:9c:3b:
fa:1c:a7:99:c8:85:e4:cf:1c:66:c7:82:b2:00:f9:
8a:b8:48:d8:6a:00:42:b0:c1:7c:f8:d9:96:33:6b:
b1:40:3a:a6:eb:15:cb:74:ef:1f:7f:b6:7f:d6:c5:
09:ef:d2:1d:94:14:c9:4b:ba:9b:3d:20:c5:0e:e4:
8d:69:f3:01:55:a0:f3:84:0d:88:b0:e9:56:99:cd:
ab:fd:c5:13:98:ec:7f:25:81:93:5a:ee:d8:10:33:
8f:48:2f:62:1b:b4:91:29:62:8b:d5:06:e6:0d:55:
28:67:05:fa:72:aa:b7:53:7b:bf:61:1a:c6:af:0b:
8e:7f:58:19:50:06:e8:9b:86:0e:87:1b:cd:eb:b1:
ce:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:01:14:67:EE:9B:E7:B6:C2:DE:E7:DB:9D:B7:C4:F8:7B:19:96:54
X509v3 Authority Key Identifier:
keyid:CC:D7:EE:5F:0F:73:77:CF:85:33:E6:57:37:ED:11:1F:20:17:B6:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36831A0/2FF15DBC923611F082CA2AE3DAE4EC9C/zNfuXw9zd8-FM-ZXN-0RHyAXtgE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/zNfuXw9zd8-FM-ZXN-0RHyAXtgE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36831A0/2FF15DBC923611F082CA2AE3DAE4EC9C/E2260ED092F711F0A755CCC9DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
196.223.12.0/24
IPv6:
2001:43f8:150::/48
Signature Algorithm: sha256WithRSAEncryption
4b:c7:87:e9:92:90:8d:0b:2c:cf:1e:70:d6:44:c9:0d:c1:70:
94:60:97:99:83:9e:71:6c:d0:d3:62:a6:31:a6:67:be:b8:8c:
3f:2c:cd:c3:57:6a:4c:28:b6:d6:13:63:7b:1a:77:21:07:ab:
4e:af:ef:d8:7d:b0:c2:76:cb:43:08:21:a7:73:ca:a0:dd:3b:
6d:35:0e:ee:61:7e:62:2b:b5:c4:24:6d:f2:a5:9e:9d:aa:3f:
89:83:f4:a2:e2:11:f6:67:b2:53:d9:96:cb:07:30:4a:f3:e6:
38:17:cc:30:b6:d2:dc:ef:5d:87:73:cc:b1:dd:cc:e0:26:4e:
41:9b:33:9b:fe:be:6a:0d:3d:af:b6:05:30:08:39:35:a3:06:
e3:c0:5e:0f:6d:bd:41:11:b2:3a:91:2f:8a:8a:11:1f:62:83:
5f:b8:af:ae:c2:57:e8:73:bc:64:db:ce:b1:1b:aa:2f:3d:9b:
e3:0b:60:6a:4a:51:ef:69:c7:98:c4:8d:0a:58:8a:f8:36:f6:
72:85:0f:60:13:35:dc:6c:43:cb:13:a4:16:bc:98:36:a3:b0:
2e:c7:4c:e6:34:68:d7:26:46:af:75:a2:92:49:3c:af:2b:ad:
e3:9e:a7:39:2a:e2:26:f9:1a:14:6d:15:c4:d8:ce:f6:e5:d6:
3e:5b:37:0f
-----BEGIN CERTIFICATE-----
MIIFkzCCBHugAwIBAgIBBzANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY4
MzFBMEFGMTEwLwYDVQQFEyhDQ0Q3RUU1RjBGNzM3N0NGODUzM0U2NTczN0VEMTEx
RjIwMTdCNjAxMB4XDTI1MDkxNjEyMjI1NVoXDTI3MDkxNjEyMjI1NVowGDEWMBQG
A1UEAxMNNjhjOTU2YTQtNmEzZDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKrmPw3mP8BWJnzmrpEhXgD5h8HAOqNoE9+jr7AZU6/5z3KWPlFXNIP0VA9j
hlbRrQZqnw95GhdFbu+PuVvYVp5CFPeqQUK2c2PopUvTClOPqQJMloOm30fCb5jG
+tpNPEsYP1bI65P+tOw0ZXpWDwDJBq2CwJw7+hynmciF5M8cZseCsgD5irhI2GoA
QrDBfPjZljNrsUA6pusVy3TvH3+2f9bFCe/SHZQUyUu6mz0gxQ7kjWnzAVWg84QN
iLDpVpnNq/3FE5jsfyWBk1ru2BAzj0gvYhu0kSlii9UG5g1VKGcF+nKqt1N7v2Ea
xq8Ljn9YGVAG6JuGDocbzeuxzlMCAwEAAaOCArYwggKyMB0GA1UdDgQWBBQ1ARRn
7pvntsLe59udt8T4exmWVDAfBgNVHSMEGDAWgBTM1+5fD3N3z4Uz5lc37REfIBe2
ATAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2ODMxQTAvMkZGMTVEQkM5MjM2MTFGMDgyQ0EyQUUzREFFNEVDOUMvek5mdVh3
OXpkOC1GTS1aWE4tMFJIeUFYdGdFLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvek5mdVh3OXpkOC1GTS1aWE4tMFJIeUFYdGdFLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2ODMxQTAvMkZGMTVEQkM5MjM2MTFGMDgyQ0EyQUUzREFF
NEVDOUMvRTIyNjBFRDA5MkY3MTFGMEE3NTVDQ0M5REFFNEVDOUMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAwBggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEAMTfDDAPBAIAAjAJAwcAIAFD
+AFQMA0GCSqGSIb3DQEBCwUAA4IBAQBLx4fpkpCNCyzPHnDWRMkNwXCUYJeZg55x
bNDTYqYxpme+uIw/LM3DV2pMKLbWE2N7GnchB6tOr+/YfbDCdstDCCGnc8qg3Ttt
NQ7uYX5iK7XEJG3ypZ6dqj+Jg/Si4hH2Z7JT2ZbLBzBK8+Y4F8wwttLc712Hc8yx
3czgJk5BmzOb/r5qDT2vtgUwCDk1owbjwF4Pbb1BEbI6kS+KihEfYoNfuK+uwlfo
c7xk286xG6ovPZvjC2BqSlHvaceYxI0KWIr4NvZyhQ9gEzXcbEPLE6QWvJg2o7Au
x0zmNGjXJkavdaKSSTyvK63jnqc5KuIm+RoUbRXE2M725dY+WzcP
-----END CERTIFICATE-----
Generated at Thu Sep 18 13:28:43 2025 by rpki-client