Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36A7FC6/831676A6EE3911ED836CCC6A4AD9E6FC/AA9ABA5642D411F0B38EE4DEDAE4EC9C.roa
File: AA9ABA5642D411F0B38EE4DEDAE4EC9C.roa (raw, json)
Hash identifier: pdHoehgzkEsYPixEIbNAhE6JMM6V0LCrLDRC9qMstoA=
Subject key identifier: 08:E9:34:53:9B:7A:16:73:32:D5:4F:AC:D7:F9:BD:6F:66:D3:5E:1B
Certificate issuer: /CN=F36A7FC6AF/serialNumber=1AC49EE7B15886E7DCDE79321E8242C9932483C9
Certificate serial: 0311
Authority key identifier: 1A:C4:9E:E7:B1:58:86:E7:DC:DE:79:32:1E:82:42:C9:93:24:83:C9
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/GsSe57FYhufc3nkyHoJCyZMkg8k.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36A7FC6/831676A6EE3911ED836CCC6A4AD9E6FC/AA9ABA5642D411F0B38EE4DEDAE4EC9C.roa
Signing time: Fri 06 Jun 2025 12:49:21 +0000
ROA not before: Fri 06 Jun 2025 12:49:06 +0000
ROA not after: Sun 06 Jun 2027 12:49:06 +0000
asID: 36864
IP address blocks: 41.203.192.0/20 maxlen: 24
196.200.48.0/20 maxlen: 24
2c0f:f900::/32 maxlen: 52
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36A7FC6/831676A6EE3911ED836CCC6A4AD9E6FC/GsSe57FYhufc3nkyHoJCyZMkg8k.crl
rsync://rpki.afrinic.net/repository/member_repository/F36A7FC6/831676A6EE3911ED836CCC6A4AD9E6FC/GsSe57FYhufc3nkyHoJCyZMkg8k.mft
rsync://rpki.afrinic.net/repository/afrinic/GsSe57FYhufc3nkyHoJCyZMkg8k.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 10 Jun 2025 00:06:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 785 (0x311)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36A7FC6AF, serialNumber=1AC49EE7B15886E7DCDE79321E8242C9932483C9
Validity
Not Before: Jun 6 12:49:06 2025 GMT
Not After : Jun 6 12:49:06 2027 GMT
Subject: CN=6842e3d1-265c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:3f:9b:93:47:36:9d:8b:29:b9:fa:b8:59:09:
e3:92:68:37:f7:61:19:94:6d:3e:7d:6e:f1:fd:c0:
86:24:d0:58:49:47:61:7f:31:d6:24:2c:0d:2c:cf:
13:02:4b:e9:77:18:1a:b0:ef:6a:cd:ad:00:67:53:
20:cc:0e:ee:2b:ae:26:4b:0d:13:40:0b:da:90:38:
f1:3e:a5:bb:07:44:a6:d6:cc:22:c8:3e:f3:16:88:
61:98:5c:2a:86:71:3e:81:3d:18:7b:ed:25:56:69:
95:05:88:0b:55:21:db:f3:68:83:a5:bb:7f:21:41:
19:37:19:1c:34:ab:c9:cb:08:82:3e:87:d2:4f:1f:
19:27:2f:23:27:f0:e6:4e:5e:5d:6c:04:0c:ae:e0:
5d:cd:25:e4:34:ed:1f:c3:65:05:15:42:e6:eb:03:
4a:9f:c6:6c:76:bb:94:78:3e:08:06:2d:4e:29:e7:
54:a0:f9:94:c6:16:1f:68:dd:22:f6:f1:c8:d9:6a:
bd:22:79:6b:85:37:4c:2a:09:3f:58:af:60:2e:90:
4a:91:08:11:92:47:f7:e5:08:be:eb:03:c1:db:e9:
05:12:dd:e8:5a:44:fa:2c:22:58:8c:32:7c:72:da:
0b:65:b5:59:2b:30:a5:29:59:04:90:f4:34:4a:66:
b4:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:E9:34:53:9B:7A:16:73:32:D5:4F:AC:D7:F9:BD:6F:66:D3:5E:1B
X509v3 Authority Key Identifier:
keyid:1A:C4:9E:E7:B1:58:86:E7:DC:DE:79:32:1E:82:42:C9:93:24:83:C9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36A7FC6/831676A6EE3911ED836CCC6A4AD9E6FC/GsSe57FYhufc3nkyHoJCyZMkg8k.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/GsSe57FYhufc3nkyHoJCyZMkg8k.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36A7FC6/831676A6EE3911ED836CCC6A4AD9E6FC/AA9ABA5642D411F0B38EE4DEDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
41.203.192.0/20
196.200.48.0/20
IPv6:
2c0f:f900::/32
Signature Algorithm: sha256WithRSAEncryption
d7:c3:92:ae:fa:4f:70:4d:b0:09:18:c3:48:27:58:30:27:74:
fd:3a:79:f3:21:61:a1:ea:29:aa:8a:8b:c8:7a:03:32:54:b2:
20:14:50:b9:f0:60:b1:07:9b:78:88:f1:f0:dc:25:0a:6c:c6:
42:e3:7c:d6:de:e8:40:4e:66:0b:2e:77:c4:00:0b:9e:dd:cf:
1e:79:cf:46:68:0e:67:77:74:54:22:c5:1c:72:ed:16:69:a5:
5e:91:39:0c:da:aa:d6:c8:2a:d7:6f:2d:e5:07:fc:ca:26:61:
20:9a:e8:c8:50:4c:93:7c:b2:5e:1f:99:20:9b:8b:f8:b3:ee:
b3:d6:a3:96:23:50:68:b2:e0:47:49:58:7c:f3:bc:b2:91:45:
6b:80:65:94:bc:82:cd:ef:39:e0:b2:92:1d:3f:6d:be:cb:ad:
6e:f8:fd:9c:e5:64:e8:64:e1:54:af:6d:12:e6:4f:af:96:71:
a8:77:9d:ae:43:2d:92:03:8c:11:d5:98:81:de:bc:8c:80:3d:
56:05:84:9d:3e:9a:01:68:43:c4:1a:de:49:fd:c9:a4:85:25:
d8:31:c5:a7:65:9d:f0:fa:1a:0e:69:14:4f:1e:80:8f:d1:57:
a8:33:27:47:71:64:39:2e:44:0c:c6:ce:7c:7c:54:c2:df:66:
a6:1f:4b:8f
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgICAxEwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
QTdGQzZBRjExMC8GA1UEBRMoMUFDNDlFRTdCMTU4ODZFN0RDREU3OTMyMUU4MjQy
Qzk5MzI0ODNDOTAeFw0yNTA2MDYxMjQ5MDZaFw0yNzA2MDYxMjQ5MDZaMBgxFjAU
BgNVBAMTDTY4NDJlM2QxLTI2NWMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDhP5uTRzadiym5+rhZCeOSaDf3YRmUbT59bvH9wIYk0FhJR2F/MdYkLA0s
zxMCS+l3GBqw72rNrQBnUyDMDu4rriZLDRNAC9qQOPE+pbsHRKbWzCLIPvMWiGGY
XCqGcT6BPRh77SVWaZUFiAtVIdvzaIOlu38hQRk3GRw0q8nLCII+h9JPHxknLyMn
8OZOXl1sBAyu4F3NJeQ07R/DZQUVQubrA0qfxmx2u5R4PggGLU4p51Sg+ZTGFh9o
3SL28cjZar0ieWuFN0wqCT9Yr2AukEqRCBGSR/flCL7rA8Hb6QUS3ehaRPosIliM
Mnxy2gtltVkrMKUpWQSQ9DRKZrQHAgMBAAGjggK6MIICtjAdBgNVHQ4EFgQUCOk0
U5t6FnMy1U+s1/m9b2bTXhswHwYDVR0jBBgwFoAUGsSe57FYhufc3nkyHoJCyZMk
g8kwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkE3RkM2LzgzMTY3NkE2RUUzOTExRUQ4MzZDQ0M2QTRBRDlFNkZDL0dzU2U1
N0ZZaHVmYzNua3lIb0pDeVpNa2c4ay5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0dzU2U1N0ZZaHVmYzNua3lIb0pDeVpNa2c4ay5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkE3RkM2LzgzMTY3NkE2RUUzOTExRUQ4MzZDQ0M2QTRB
RDlFNkZDL0FBOUFCQTU2NDJENDExRjBCMzhFRTRERURBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwNAYIKwYBBQUHAQcBAf8EJTAjMBIEAgABMAwDBAQpy8ADBATEyDAwDQQCAAIw
BwMFACwP+QAwDQYJKoZIhvcNAQELBQADggEBANfDkq76T3BNsAkYw0gnWDAndP06
efMhYaHqKaqKi8h6AzJUsiAUULnwYLEHm3iI8fDcJQpsxkLjfNbe6EBOZgsud8QA
C57dzx55z0ZoDmd3dFQixRxy7RZppV6ROQzaqtbIKtdvLeUH/MomYSCa6MhQTJN8
sl4fmSCbi/iz7rPWo5YjUGiy4EdJWHzzvLKRRWuAZZS8gs3vOeCykh0/bb7LrW74
/ZzlZOhk4VSvbRLmT6+Wcah3na5DLZIDjBHVmIHevIyAPVYFhJ0+mgFoQ8Qa3kn9
yaSFJdgxxadlnfD6Gg5pFE8egI/RV6gzJ0dxZDkuRAzGznx8VMLfZqYfS48=
-----END CERTIFICATE-----
Generated at Sun Jun 8 16:29:22 2025 by rpki-client