Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36A44EA/90E3EB36890911E984EC3C5FF8AEA228/A59E099282C411F0B018AEC1DAE4EC9C.roa
File: A59E099282C411F0B018AEC1DAE4EC9C.roa (raw, json)
Hash identifier: okBnUm/NcC2euNDAK0BM3ThQh/20GIpH4iqpfDhnEF8=
Subject key identifier: 91:5C:AF:8E:BE:ED:F2:AD:E5:0C:F2:6B:47:47:85:6C:AF:2F:8D:15
Certificate issuer: /CN=F36A44EAAF/serialNumber=9A57D1A048476C90D98C3CA698705D62D4DD44D3
Certificate serial: 0924
Authority key identifier: 9A:57:D1:A0:48:47:6C:90:D9:8C:3C:A6:98:70:5D:62:D4:DD:44:D3
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/mlfRoEhHbJDZjDymmHBdYtTdRNM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36A44EA/90E3EB36890911E984EC3C5FF8AEA228/A59E099282C411F0B018AEC1DAE4EC9C.roa
Signing time: Tue 26 Aug 2025 21:35:56 +0000
ROA not before: Tue 26 Aug 2025 21:35:51 +0000
ROA not after: Mon 31 Dec 2035 21:35:51 +0000
asID: 37564
IP address blocks: 2c0f:f5f0::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36A44EA/90E3EB36890911E984EC3C5FF8AEA228/mlfRoEhHbJDZjDymmHBdYtTdRNM.crl
rsync://rpki.afrinic.net/repository/member_repository/F36A44EA/90E3EB36890911E984EC3C5FF8AEA228/mlfRoEhHbJDZjDymmHBdYtTdRNM.mft
rsync://rpki.afrinic.net/repository/afrinic/mlfRoEhHbJDZjDymmHBdYtTdRNM.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 18 Sep 2025 00:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2340 (0x924)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36A44EAAF, serialNumber=9A57D1A048476C90D98C3CA698705D62D4DD44D3
Validity
Not Before: Aug 26 21:35:51 2025 GMT
Not After : Dec 31 21:35:51 2035 GMT
Subject: CN=68ae28bb-ad2f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:3d:1b:ea:0b:9a:aa:ad:e7:42:0c:57:0b:e9:
fc:06:45:e6:af:a7:0b:5b:8e:dc:b9:77:6e:b2:5b:
a2:2b:65:6e:fa:a6:f9:cc:d7:b0:8e:94:8e:0c:df:
65:af:41:a7:66:11:8a:7a:bf:0b:bc:fb:97:7f:74:
6a:56:62:ef:d3:86:d9:fb:df:2c:52:56:bf:7b:f5:
e9:c1:40:ed:3b:2d:f9:20:a0:e2:84:ee:68:9a:a9:
d6:08:23:4d:23:00:b3:0a:eb:9c:08:35:74:41:43:
b3:5e:b6:e1:d3:70:51:8b:02:60:fd:ed:38:51:27:
2e:90:57:e4:98:17:d7:a2:03:38:5c:cc:54:ec:20:
a4:25:dd:9a:82:26:51:ec:be:cd:f9:18:f8:b5:66:
34:26:62:f6:63:8d:a8:54:7b:d4:72:b2:1e:b6:b7:
e6:28:3a:6d:59:ed:e6:68:5e:0e:4d:33:a5:54:9c:
6c:1c:91:07:38:0c:db:63:ea:45:f8:68:11:81:79:
1b:3d:70:e0:71:07:10:43:bf:85:6f:89:6f:11:ba:
cb:90:93:27:66:4c:66:e3:c3:e6:b5:98:dc:0c:44:
11:b6:38:1f:16:53:ca:2d:b2:70:7e:cb:57:be:32:
1f:3e:8a:44:04:85:55:e8:0b:b1:af:cc:8f:5e:45:
cc:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:5C:AF:8E:BE:ED:F2:AD:E5:0C:F2:6B:47:47:85:6C:AF:2F:8D:15
X509v3 Authority Key Identifier:
keyid:9A:57:D1:A0:48:47:6C:90:D9:8C:3C:A6:98:70:5D:62:D4:DD:44:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36A44EA/90E3EB36890911E984EC3C5FF8AEA228/mlfRoEhHbJDZjDymmHBdYtTdRNM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/mlfRoEhHbJDZjDymmHBdYtTdRNM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36A44EA/90E3EB36890911E984EC3C5FF8AEA228/A59E099282C411F0B018AEC1DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2c0f:f5f0::/32
Signature Algorithm: sha256WithRSAEncryption
53:2b:9e:33:d0:ca:80:83:0f:80:11:44:f2:11:44:4c:26:b0:
9b:f0:2f:22:dc:36:05:2a:3f:11:3c:62:5b:35:ec:f3:03:d5:
6d:7a:ac:bd:ec:e7:0a:5e:54:4a:a9:6f:38:4e:07:58:b4:93:
c2:db:0c:e9:31:e0:2c:58:ac:e7:ce:b7:13:a8:b5:7e:5d:6e:
03:a6:a3:ac:57:28:02:13:ff:2d:2d:be:13:15:3f:cf:53:a6:
ee:77:c1:86:6c:e1:b6:3f:fa:fd:7f:5b:15:0a:42:7c:f5:66:
6f:d1:78:ee:22:e9:fa:13:64:45:e4:9a:49:2f:e0:17:ca:f4:
17:10:a4:c0:c3:88:66:e5:6e:aa:24:20:cf:6d:64:b9:12:f3:
10:2f:33:35:71:f0:c4:5e:0a:33:f2:bd:89:3d:10:04:52:54:
91:f2:5f:d3:94:bb:4d:9c:70:35:0c:7d:be:78:0a:a4:a2:48:
ed:fd:a0:e6:31:18:b4:8d:9d:6f:bd:11:6b:c4:2a:28:49:b8:
8d:22:49:0e:74:a9:3c:3f:a7:26:6b:e7:a4:71:9b:3f:fa:e7:
ab:1a:45:9c:29:75:43:ec:02:03:6d:e3:50:35:6b:e5:23:0d:
d4:28:37:e4:18:2a:59:7f:2a:ca:ca:c2:07:3c:39:65:bb:70:
a2:6e:7f:bb
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICCSQwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
QTQ0RUFBRjExMC8GA1UEBRMoOUE1N0QxQTA0ODQ3NkM5MEQ5OEMzQ0E2OTg3MDVE
NjJENERENDREMzAeFw0yNTA4MjYyMTM1NTFaFw0zNTEyMzEyMTM1NTFaMBgxFjAU
BgNVBAMTDTY4YWUyOGJiLWFkMmYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDLPRvqC5qqredCDFcL6fwGReavpwtbjty5d26yW6IrZW76pvnM17COlI4M
32WvQadmEYp6vwu8+5d/dGpWYu/Thtn73yxSVr979enBQO07LfkgoOKE7miaqdYI
I00jALMK65wINXRBQ7NetuHTcFGLAmD97ThRJy6QV+SYF9eiAzhczFTsIKQl3ZqC
JlHsvs35GPi1ZjQmYvZjjahUe9Rysh62t+YoOm1Z7eZoXg5NM6VUnGwckQc4DNtj
6kX4aBGBeRs9cOBxBxBDv4VviW8RusuQkydmTGbjw+a1mNwMRBG2OB8WU8otsnB+
y1e+Mh8+ikQEhVXoC7GvzI9eRcyZAgMBAAGjggKmMIICojAdBgNVHQ4EFgQUkVyv
jr7t8q3lDPJrR0eFbK8vjRUwHwYDVR0jBBgwFoAUmlfRoEhHbJDZjDymmHBdYtTd
RNMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkE0NEVBLzkwRTNFQjM2ODkwOTExRTk4NEVDM0M1RkY4QUVBMjI4L21sZlJv
RWhIYkpEWmpEeW1tSEJkWXRUZFJOTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL21sZlJvRWhIYkpEWmpEeW1tSEJkWXRUZFJOTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkE0NEVBLzkwRTNFQjM2ODkwOTExRTk4NEVDM0M1RkY4
QUVBMjI4L0E1OUUwOTkyODJDNDExRjBCMDE4QUVDMURBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAsD/XwMA0GCSqGSIb3DQEB
CwUAA4IBAQBTK54z0MqAgw+AEUTyEURMJrCb8C8i3DYFKj8RPGJbNezzA9Vteqy9
7OcKXlRKqW84TgdYtJPC2wzpMeAsWKznzrcTqLV+XW4DpqOsVygCE/8tLb4TFT/P
U6bud8GGbOG2P/r9f1sVCkJ89WZv0XjuIun6E2RF5JpJL+AXyvQXEKTAw4hm5W6q
JCDPbWS5EvMQLzM1cfDEXgoz8r2JPRAEUlSR8l/TlLtNnHA1DH2+eAqkokjt/aDm
MRi0jZ1vvRFrxCooSbiNIkkOdKk8P6cma+ekcZs/+uerGkWcKXVD7AIDbeNQNWvl
Iw3UKDfkGCpZfyrKysIHPDllu3Cibn+7
-----END CERTIFICATE-----
Generated at Tue Sep 16 07:46:33 2025 by rpki-client