Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F369591C/672357D4C24711ED959790A0F1222468/E3C267F25E4F11F0940EFC9BDAE4EC9C.roa
File: E3C267F25E4F11F0940EFC9BDAE4EC9C.roa (raw, json)
Hash identifier: /diZHt8dfDU8ymyLaJDOGusaWBebTUtvPjH5WbW4syU=
Subject key identifier: 1D:E3:EE:F7:B3:72:D6:9A:3B:71:A8:78:19:B3:AC:A8:2D:7B:A9:11
Certificate issuer: /CN=F369591CRI/serialNumber=DCFEA3847722D2FEC7A039E99038F7538259D031
Certificate serial: 038B
Authority key identifier: DC:FE:A3:84:77:22:D2:FE:C7:A0:39:E9:90:38:F7:53:82:59:D0:31
Authority info access: rsync://rpki.afrinic.net/repository/ripe/3P6jhHci0v7HoDnpkDj3U4JZ0DE.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F369591C/672357D4C24711ED959790A0F1222468/E3C267F25E4F11F0940EFC9BDAE4EC9C.roa
Signing time: Fri 11 Jul 2025 12:09:27 +0000
ROA not before: Fri 11 Jul 2025 12:09:22 +0000
ROA not after: Tue 31 Dec 2030 12:09:22 +0000
asID: 15964
IP address blocks: 195.24.204.0/24 maxlen: 24
195.24.209.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F369591C/672357D4C24711ED959790A0F1222468/3P6jhHci0v7HoDnpkDj3U4JZ0DE.crl
rsync://rpki.afrinic.net/repository/member_repository/F369591C/672357D4C24711ED959790A0F1222468/3P6jhHci0v7HoDnpkDj3U4JZ0DE.mft
rsync://rpki.afrinic.net/repository/ripe/3P6jhHci0v7HoDnpkDj3U4JZ0DE.cer
rsync://rpki.afrinic.net/repository/ripe/f3rBgIl5g-Kek3wKGHgDwHJ1VUU.crl
rsync://rpki.afrinic.net/repository/ripe/f3rBgIl5g-Kek3wKGHgDwHJ1VUU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/ripe-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 29 Jul 2025 00:45:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 907 (0x38b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F369591CRI, serialNumber=DCFEA3847722D2FEC7A039E99038F7538259D031
Validity
Not Before: Jul 11 12:09:22 2025 GMT
Not After : Dec 31 12:09:22 2030 GMT
Subject: CN=6870fef7-46ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:4f:ca:ce:bd:90:5c:52:7f:54:d5:27:6c:35:
e2:f0:60:f6:c7:a2:8a:df:70:10:bc:de:fd:c5:f3:
03:a7:bf:e8:05:39:a4:57:10:99:b5:78:8b:99:21:
2c:5b:65:64:12:72:6c:b8:9c:3a:cb:59:aa:1a:28:
4b:b5:27:f6:f5:c1:f2:5f:c6:9c:0f:2f:a7:b7:3c:
de:ac:1e:cc:c0:1a:df:d9:4a:d1:47:4c:16:df:97:
6c:60:eb:3d:e2:73:22:a6:1a:20:00:70:0d:ee:35:
08:8e:e9:be:f9:89:7e:1e:45:80:66:29:fc:fd:76:
7d:97:a1:10:ce:97:b3:6c:ec:60:9d:0a:b7:a0:fe:
09:a8:23:7f:82:d1:ac:36:24:33:8d:9d:06:0c:58:
6b:7b:f4:74:d8:9d:3a:3c:5e:61:ec:43:d7:7b:4f:
98:1e:86:c8:ab:73:33:2d:03:92:fc:72:71:66:e0:
7e:83:27:ed:b5:18:90:2c:ff:d0:8f:ad:f5:99:6d:
e7:4c:b2:05:a2:d1:52:73:b6:fa:34:74:be:d2:45:
20:59:36:8b:df:7d:ec:aa:49:e2:79:88:81:8b:29:
fa:0b:24:e5:95:f2:de:35:56:b6:7b:92:bb:96:73:
d2:eb:e4:dc:5f:d9:29:e5:3e:6a:db:17:0c:0a:d3:
48:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:E3:EE:F7:B3:72:D6:9A:3B:71:A8:78:19:B3:AC:A8:2D:7B:A9:11
X509v3 Authority Key Identifier:
keyid:DC:FE:A3:84:77:22:D2:FE:C7:A0:39:E9:90:38:F7:53:82:59:D0:31
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F369591C/672357D4C24711ED959790A0F1222468/3P6jhHci0v7HoDnpkDj3U4JZ0DE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/ripe/3P6jhHci0v7HoDnpkDj3U4JZ0DE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F369591C/672357D4C24711ED959790A0F1222468/E3C267F25E4F11F0940EFC9BDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
195.24.204.0/24
195.24.209.0/24
Signature Algorithm: sha256WithRSAEncryption
63:14:95:0a:e8:a9:67:cb:59:d1:41:7a:14:e1:f3:59:76:25:
4f:37:50:56:a4:d4:b3:b2:83:f4:fa:7e:c6:db:c4:34:19:30:
3e:06:d7:c5:84:3a:0f:65:3d:04:5d:b0:9e:37:db:49:7d:5f:
2b:fc:55:15:fb:b3:62:81:cf:89:f9:1d:ee:05:75:f7:38:e3:
f1:3e:9a:2e:ad:8e:dc:bf:58:5f:7f:46:5d:89:b8:d2:af:2a:
dc:30:7c:bb:d0:06:9e:28:f5:db:12:ba:78:c6:94:71:f7:7d:
50:d3:d4:16:19:d1:94:15:e4:e5:8d:b7:e9:d6:7a:ab:a1:0e:
3b:d4:32:ab:0e:af:12:a0:10:90:f2:07:0a:59:e4:82:35:61:
38:4d:e1:e4:7c:7f:1b:fc:80:7f:81:d8:76:48:62:e9:b2:88:
73:a8:48:9e:60:1d:e1:06:54:a8:87:83:5b:58:49:8a:cc:5b:
72:8e:e9:99:5d:3b:d3:b3:a8:de:19:c8:21:2e:e3:87:e5:af:
c5:79:78:8e:b7:c5:55:c2:ca:77:c3:74:96:c0:1a:e4:96:ae:
f9:bc:2a:98:b5:2f:8e:ab:92:32:1e:94:a1:5a:63:52:22:21:
ee:32:61:4c:ab:95:27:9a:9a:34:2d:99:ac:6d:91:54:6a:7e:
11:6b:a5:82
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICA4swDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
OTU5MUNSSTExMC8GA1UEBRMoRENGRUEzODQ3NzIyRDJGRUM3QTAzOUU5OTAzOEY3
NTM4MjU5RDAzMTAeFw0yNTA3MTExMjA5MjJaFw0zMDEyMzExMjA5MjJaMBgxFjAU
BgNVBAMTDTY4NzBmZWY3LTQ2ZWMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDJT8rOvZBcUn9U1SdsNeLwYPbHoorfcBC83v3F8wOnv+gFOaRXEJm1eIuZ
ISxbZWQScmy4nDrLWaoaKEu1J/b1wfJfxpwPL6e3PN6sHszAGt/ZStFHTBbfl2xg
6z3icyKmGiAAcA3uNQiO6b75iX4eRYBmKfz9dn2XoRDOl7Ns7GCdCreg/gmoI3+C
0aw2JDONnQYMWGt79HTYnTo8XmHsQ9d7T5gehsirczMtA5L8cnFm4H6DJ+21GJAs
/9CPrfWZbedMsgWi0VJztvo0dL7SRSBZNovffeyqSeJ5iIGLKfoLJOWV8t41VrZ7
kruWc9Lr5Nxf2SnlPmrbFwwK00hDAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUHePu
97Ny1po7cah4GbOsqC17qREwHwYDVR0jBBgwFoAU3P6jhHci0v7HoDnpkDj3U4JZ
0DEwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjk1OTFDLzY3MjM1N0Q0QzI0NzExRUQ5NTk3OTBBMEYxMjIyNDY4LzNQNmpo
SGNpMHY3SG9EbnBrRGozVTRKWjBERS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9yaXBl
LzNQNmpoSGNpMHY3SG9EbnBrRGozVTRKWjBERS5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjk1OTFDLzY3MjM1N0Q0QzI0NzExRUQ5NTk3OTBBMEYxMjIy
NDY4L0UzQzI2N0YyNUU0RjExRjA5NDBFRkM5QkRBRTRFQzlDLnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
JQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBADDGMwDBADDGNEwDQYJKoZIhvcN
AQELBQADggEBAGMUlQroqWfLWdFBehTh81l2JU83UFak1LOyg/T6fsbbxDQZMD4G
18WEOg9lPQRdsJ4320l9Xyv8VRX7s2KBz4n5He4Fdfc44/E+mi6tjty/WF9/Rl2J
uNKvKtwwfLvQBp4o9dsSunjGlHH3fVDT1BYZ0ZQV5OWNt+nWequhDjvUMqsOrxKg
EJDyBwpZ5II1YThN4eR8fxv8gH+B2HZIYumyiHOoSJ5gHeEGVKiHg1tYSYrMW3KO
6ZldO9OzqN4ZyCEu44flr8V5eI63xVXCynfDdJbAGuSWrvm8Kpi1L46rkjIelKFa
Y1IiIe4yYUyrlSeamjQtmaxtkVRqfhFrpYI=
-----END CERTIFICATE-----
Generated at Sun Jul 27 08:38:46 2025 by rpki-client