Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3693767/B2C6E23257F511F0B65479ECDAE4EC9C/5D0DDA5258D211F08368F88ADAE4EC9C.roa
File: 5D0DDA5258D211F08368F88ADAE4EC9C.roa (raw, json)
Hash identifier: Q4kL3vyfzDzklyJDBs7p5NKPaFRaL6XxMRCXq1IWaKw=
Subject key identifier: 01:71:82:52:D7:7E:BC:93:DF:61:E5:8D:76:2D:E9:CD:13:F1:8F:85
Certificate issuer: /CN=F3693767AF/serialNumber=83F201DFD26D0329926E08CC0DD5BBEC507989F4
Certificate serial: 03
Authority key identifier: 83:F2:01:DF:D2:6D:03:29:92:6E:08:CC:0D:D5:BB:EC:50:79:89:F4
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/g_IB39JtAymSbgjMDdW77FB5ifQ.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3693767/B2C6E23257F511F0B65479ECDAE4EC9C/5D0DDA5258D211F08368F88ADAE4EC9C.roa
Signing time: Fri 04 Jul 2025 12:28:18 +0000
ROA not before: Sun 06 Jul 2025 12:28:11 +0000
ROA not after: Fri 31 Jul 2026 12:28:11 +0000
asID: 328312
IP address blocks: 2001:43fe:a00a::/48 maxlen: 64
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3693767/B2C6E23257F511F0B65479ECDAE4EC9C/g_IB39JtAymSbgjMDdW77FB5ifQ.crl
rsync://rpki.afrinic.net/repository/member_repository/F3693767/B2C6E23257F511F0B65479ECDAE4EC9C/g_IB39JtAymSbgjMDdW77FB5ifQ.mft
rsync://rpki.afrinic.net/repository/afrinic/g_IB39JtAymSbgjMDdW77FB5ifQ.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 29 Jul 2025 00:06:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3 (0x3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3693767AF, serialNumber=83F201DFD26D0329926E08CC0DD5BBEC507989F4
Validity
Not Before: Jul 6 12:28:11 2025 GMT
Not After : Jul 31 12:28:11 2026 GMT
Subject: CN=6867c8e2-3ea0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:f1:09:fb:3e:24:31:16:1c:00:56:2c:47:16:
f5:cc:0f:41:23:c9:76:57:36:3f:51:c6:af:97:2a:
67:0a:93:08:89:4d:9d:25:f9:3e:5f:db:ff:30:00:
80:3d:2d:be:ab:cb:c8:7c:89:ad:a1:e4:b5:cd:dd:
64:ac:7e:ea:f6:6e:1d:da:a2:9c:6a:ab:51:2b:b3:
f7:d0:4b:67:31:cf:58:ea:ce:5c:38:9f:17:64:d0:
bb:6d:f0:09:c2:b1:97:24:90:2f:26:bc:43:12:84:
85:89:d1:df:ad:3a:55:ff:3e:a6:aa:be:02:d5:f4:
c1:fd:26:f8:a1:1e:df:ec:d7:b8:18:e2:1a:dc:04:
ef:d0:d9:db:7a:76:60:7d:31:af:3d:13:72:02:07:
86:49:9f:c2:2c:47:65:be:06:f3:8d:99:66:96:fc:
29:fc:81:68:a8:f3:f0:0b:c4:11:74:6b:01:b7:1e:
9d:13:18:fd:38:66:7a:a6:96:d2:46:ab:b3:e4:cc:
07:72:75:33:61:9f:c1:c4:61:ee:58:45:95:f2:94:
c6:b7:52:ec:8c:63:b2:3e:97:b5:45:ff:98:f8:d6:
19:a8:1f:23:2e:55:c2:d2:54:71:30:f0:26:d0:c8:
65:80:08:5c:a7:5d:83:d4:e9:15:dd:03:c2:70:5a:
3c:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:71:82:52:D7:7E:BC:93:DF:61:E5:8D:76:2D:E9:CD:13:F1:8F:85
X509v3 Authority Key Identifier:
keyid:83:F2:01:DF:D2:6D:03:29:92:6E:08:CC:0D:D5:BB:EC:50:79:89:F4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3693767/B2C6E23257F511F0B65479ECDAE4EC9C/g_IB39JtAymSbgjMDdW77FB5ifQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/g_IB39JtAymSbgjMDdW77FB5ifQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3693767/B2C6E23257F511F0B65479ECDAE4EC9C/5D0DDA5258D211F08368F88ADAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2001:43fe:a00a::/48
Signature Algorithm: sha256WithRSAEncryption
23:5d:f4:b1:ac:6c:cc:81:d9:1a:54:2f:9a:1d:cd:14:be:09:
f5:60:a1:71:c6:f3:57:f7:4a:2a:35:df:f0:da:9f:76:35:68:
a2:90:70:f2:8a:38:b8:bb:ed:af:05:fe:4b:3f:a0:0d:ec:41:
4f:46:b1:28:98:43:4e:d2:d8:00:0b:46:84:c7:5d:7f:42:ee:
6c:28:01:53:ca:c5:1f:a4:a2:c6:e3:4d:08:63:7a:9c:eb:d4:
64:23:dc:e6:ce:14:ed:27:03:82:3e:d8:b4:9f:48:ad:52:0a:
3d:66:1d:57:7d:32:ea:ed:5d:1f:aa:ab:69:c8:83:e0:d3:6d:
c9:aa:3f:15:74:09:4b:b0:aa:49:b8:d6:8e:07:88:7e:26:60:
34:15:a2:04:a6:70:19:57:80:3f:4d:92:8a:71:1c:fe:6b:0c:
00:8d:79:73:89:c6:12:39:fe:9e:10:7e:35:66:60:d2:8f:c5:
49:21:9f:cf:ba:ca:c2:9d:23:33:64:53:8a:b1:57:1c:90:be:
40:1a:c9:bc:05:cf:57:39:4e:11:fa:05:4d:7b:55:11:6f:bc:
26:13:47:7d:42:21:8f:4b:b6:a6:de:d9:7c:e1:31:3f:c9:ea:
f6:6e:be:57:02:fd:65:32:02:2a:a7:5e:66:c5:28:15:df:de:
fd:5f:91:4d
-----BEGIN CERTIFICATE-----
MIIFhTCCBG2gAwIBAgIBAzANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY5
Mzc2N0FGMTEwLwYDVQQFEyg4M0YyMDFERkQyNkQwMzI5OTI2RTA4Q0MwREQ1QkJF
QzUwNzk4OUY0MB4XDTI1MDcwNjEyMjgxMVoXDTI2MDczMTEyMjgxMVowGDEWMBQG
A1UEAxMNNjg2N2M4ZTItM2VhMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMrxCfs+JDEWHABWLEcW9cwPQSPJdlc2P1HGr5cqZwqTCIlNnSX5Pl/b/zAA
gD0tvqvLyHyJraHktc3dZKx+6vZuHdqinGqrUSuz99BLZzHPWOrOXDifF2TQu23w
CcKxlySQLya8QxKEhYnR3606Vf8+pqq+AtX0wf0m+KEe3+zXuBjiGtwE79DZ23p2
YH0xrz0TcgIHhkmfwixHZb4G842ZZpb8KfyBaKjz8AvEEXRrAbcenRMY/ThmeqaW
0kars+TMB3J1M2GfwcRh7lhFlfKUxrdS7Ixjsj6XtUX/mPjWGagfIy5VwtJUcTDw
JtDIZYAIXKddg9TpFd0DwnBaPH0CAwEAAaOCAqgwggKkMB0GA1UdDgQWBBQBcYJS
1368k99h5Y12LenNE/GPhTAfBgNVHSMEGDAWgBSD8gHf0m0DKZJuCMwN1bvsUHmJ
9DAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2OTM3NjcvQjJDNkUyMzI1N0Y1MTFGMEI2NTQ3OUVDREFFNEVDOUMvZ19JQjM5
SnRBeW1TYmdqTURkVzc3RkI1aWZRLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvZ19JQjM5SnRBeW1TYmdqTURkVzc3RkI1aWZRLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2OTM3NjcvQjJDNkUyMzI1N0Y1MTFGMEI2NTQ3OUVDREFF
NEVDOUMvNUQwRERBNTI1OEQyMTFGMDgzNjhGODhBREFFNEVDOUMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABQ/6gCjANBgkqhkiG9w0B
AQsFAAOCAQEAI130saxszIHZGlQvmh3NFL4J9WChccbzV/dKKjXf8NqfdjVoopBw
8oo4uLvtrwX+Sz+gDexBT0axKJhDTtLYAAtGhMddf0LubCgBU8rFH6SixuNNCGN6
nOvUZCPc5s4U7ScDgj7YtJ9IrVIKPWYdV30y6u1dH6qraciD4NNtyao/FXQJS7Cq
SbjWjgeIfiZgNBWiBKZwGVeAP02SinEc/msMAI15c4nGEjn+nhB+NWZg0o/FSSGf
z7rKwp0jM2RTirFXHJC+QBrJvAXPVzlOEfoFTXtVEW+8JhNHfUIhj0u2pt7ZfOEx
P8nq9m6+VwL9ZTICKqdeZsUoFd/e/V+RTQ==
-----END CERTIFICATE-----
Generated at Sun Jul 27 07:51:37 2025 by rpki-client