Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36B5EE7/15CB94DC6B9111F086EA8D85DAE4EC9C/32E8AC486B9211F083086A8ADAE4EC9C.roa
File: 32E8AC486B9211F083086A8ADAE4EC9C.roa (raw, json)
Hash identifier: durcaS2OL3nLFH2Q6dY7qEjXE7/+md5ImX74mESqnEk=
Subject key identifier: 2A:8E:D6:68:0B:D7:B2:63:14:AE:3C:C0:2E:44:DD:C1:CF:A0:BA:5D
Certificate issuer: /CN=F36B5EE7AF/serialNumber=EB4A89C924BA17F0E9BB995834F5235A8619B471
Certificate serial: 02
Authority key identifier: EB:4A:89:C9:24:BA:17:F0:E9:BB:99:58:34:F5:23:5A:86:19:B4:71
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/60qJySS6F_Dpu5lYNPUjWoYZtHE.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36B5EE7/15CB94DC6B9111F086EA8D85DAE4EC9C/32E8AC486B9211F083086A8ADAE4EC9C.roa
Signing time: Mon 28 Jul 2025 09:06:52 +0000
ROA not before: Mon 28 Jul 2025 09:06:34 +0000
ROA not after: Sat 28 Jul 2035 09:06:34 +0000
asID: 327794
IP address blocks: 41.79.220.0/22 maxlen: 24
102.36.0.0/17 maxlen: 24
2c0f:f268::/32 maxlen: 64
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36B5EE7/15CB94DC6B9111F086EA8D85DAE4EC9C/60qJySS6F_Dpu5lYNPUjWoYZtHE.crl
rsync://rpki.afrinic.net/repository/member_repository/F36B5EE7/15CB94DC6B9111F086EA8D85DAE4EC9C/60qJySS6F_Dpu5lYNPUjWoYZtHE.mft
rsync://rpki.afrinic.net/repository/afrinic/60qJySS6F_Dpu5lYNPUjWoYZtHE.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 04 Aug 2025 00:06:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36B5EE7AF, serialNumber=EB4A89C924BA17F0E9BB995834F5235A8619B471
Validity
Not Before: Jul 28 09:06:34 2025 GMT
Not After : Jul 28 09:06:34 2035 GMT
Subject: CN=68873dab-954a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:c6:ac:02:ed:2a:2c:60:20:2f:d9:9c:10:a5:
96:b7:50:89:92:0a:10:b8:a2:8e:d1:58:19:50:11:
1f:83:8d:29:2b:e1:32:21:89:1a:84:88:c9:2d:62:
b0:c0:de:fb:d3:83:12:1a:22:62:2a:f5:07:3c:29:
ab:e3:01:d1:73:2b:b2:50:14:9f:ae:e1:db:3f:b5:
40:84:ba:5c:54:e3:7f:1d:8b:4b:8b:61:e7:ef:b5:
b2:08:a3:de:ca:5d:42:ba:94:db:17:6d:8a:ad:b2:
69:85:9f:6a:db:8a:e8:41:3d:65:44:90:43:e5:ef:
67:6c:3c:95:90:44:46:78:9c:e3:e2:8c:5a:8b:3b:
77:18:06:b4:7e:df:6b:ba:f7:14:94:8c:0f:16:e4:
8f:e9:16:f6:4c:98:c6:85:00:0a:72:cd:8f:99:92:
81:0e:3f:40:d0:9f:22:48:94:27:39:17:50:c7:be:
d7:fe:55:f6:64:3f:49:63:5d:d7:fd:d0:ae:93:6a:
d0:d3:45:d0:a6:ea:ff:d8:4b:20:c7:16:cd:77:33:
09:81:e7:41:f8:b3:c8:a3:92:e2:73:f8:82:80:36:
1d:42:47:c5:e9:4f:2a:3f:95:f3:f8:39:5c:c3:4a:
54:a2:20:58:fd:4b:3b:5d:22:09:de:98:24:c4:52:
c8:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:8E:D6:68:0B:D7:B2:63:14:AE:3C:C0:2E:44:DD:C1:CF:A0:BA:5D
X509v3 Authority Key Identifier:
keyid:EB:4A:89:C9:24:BA:17:F0:E9:BB:99:58:34:F5:23:5A:86:19:B4:71
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36B5EE7/15CB94DC6B9111F086EA8D85DAE4EC9C/60qJySS6F_Dpu5lYNPUjWoYZtHE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/60qJySS6F_Dpu5lYNPUjWoYZtHE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36B5EE7/15CB94DC6B9111F086EA8D85DAE4EC9C/32E8AC486B9211F083086A8ADAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
41.79.220.0/22
102.36.0.0/17
IPv6:
2c0f:f268::/32
Signature Algorithm: sha256WithRSAEncryption
34:81:50:e9:58:12:d6:2c:8c:81:13:27:d6:5b:04:db:37:12:
b2:c5:fa:be:0a:67:c8:aa:bb:4c:09:38:b8:6e:21:20:86:2b:
db:6d:a4:f3:1e:c1:21:0a:da:fb:f6:72:2d:23:c0:f4:32:9c:
e0:92:d3:e7:48:ca:5e:52:62:a0:c0:ce:72:9b:d3:0a:9d:a9:
cd:7d:7d:a0:59:89:b1:75:2e:aa:02:65:a8:5c:71:55:9e:ac:
3b:70:6a:06:fe:be:5f:aa:e5:cb:23:ca:b7:44:45:f3:ea:ac:
5f:e2:38:4f:f7:7a:85:01:47:bd:65:1f:99:21:3d:7f:d4:5f:
b6:88:8b:26:ad:41:ee:57:8e:ea:b2:53:4b:94:3d:4b:22:2c:
bf:fc:be:5f:15:fb:cc:37:fc:1c:c6:0f:44:11:06:f8:96:fd:
b8:47:c0:cd:e2:2a:c1:bd:99:bf:43:81:87:aa:b1:9f:39:58:
46:23:20:3b:8e:2c:3f:56:4d:fc:1f:54:ea:8d:ba:80:26:db:
d3:1a:3c:b2:6c:73:96:f0:61:ee:95:44:97:02:26:9d:d3:05:
d8:95:ff:a5:a3:0c:08:ae:d7:66:92:f4:aa:ca:ff:dc:47:60:
7a:a4:fc:50:2e:64:e4:f5:c0:75:80:87:43:a0:31:18:fe:99:
43:a0:08:f1
-----BEGIN CERTIFICATE-----
MIIFlzCCBH+gAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZC
NUVFN0FGMTEwLwYDVQQFEyhFQjRBODlDOTI0QkExN0YwRTlCQjk5NTgzNEY1MjM1
QTg2MTlCNDcxMB4XDTI1MDcyODA5MDYzNFoXDTM1MDcyODA5MDYzNFowGDEWMBQG
A1UEAxMNNjg4NzNkYWItOTU0YTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOTGrALtKixgIC/ZnBCllrdQiZIKELiijtFYGVARH4ONKSvhMiGJGoSIyS1i
sMDe+9ODEhoiYir1Bzwpq+MB0XMrslAUn67h2z+1QIS6XFTjfx2LS4th5++1sgij
3spdQrqU2xdtiq2yaYWfatuK6EE9ZUSQQ+XvZ2w8lZBERnic4+KMWos7dxgGtH7f
a7r3FJSMDxbkj+kW9kyYxoUACnLNj5mSgQ4/QNCfIkiUJzkXUMe+1/5V9mQ/SWNd
1/3QrpNq0NNF0Kbq/9hLIMcWzXczCYHnQfizyKOS4nP4goA2HUJHxelPKj+V8/g5
XMNKVKIgWP1LO10iCd6YJMRSyLcCAwEAAaOCArowggK2MB0GA1UdDgQWBBQqjtZo
C9eyYxSuPMAuRN3Bz6C6XTAfBgNVHSMEGDAWgBTrSonJJLoX8Om7mVg09SNahhm0
cTAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2QjVFRTcvMTVDQjk0REM2QjkxMTFGMDg2RUE4RDg1REFFNEVDOUMvNjBxSnlT
UzZGX0RwdTVsWU5QVWpXb1ladEhFLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvNjBxSnlTUzZGX0RwdTVsWU5QVWpXb1ladEhFLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2QjVFRTcvMTVDQjk0REM2QjkxMTFGMDg2RUE4RDg1REFF
NEVDOUMvMzJFOEFDNDg2QjkyMTFGMDgzMDg2QThBREFFNEVDOUMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDA0BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEAilP3AMEB2YkADANBAIAAjAH
AwUALA/yaDANBgkqhkiG9w0BAQsFAAOCAQEANIFQ6VgS1iyMgRMn1lsE2zcSssX6
vgpnyKq7TAk4uG4hIIYr222k8x7BIQra+/ZyLSPA9DKc4JLT50jKXlJioMDOcpvT
Cp2pzX19oFmJsXUuqgJlqFxxVZ6sO3BqBv6+X6rlyyPKt0RF8+qsX+I4T/d6hQFH
vWUfmSE9f9RftoiLJq1B7leO6rJTS5Q9SyIsv/y+XxX7zDf8HMYPRBEG+Jb9uEfA
zeIqwb2Zv0OBh6qxnzlYRiMgO44sP1ZN/B9U6o26gCbb0xo8smxzlvBh7pVElwIm
ndMF2JX/paMMCK7XZpL0qsr/3EdgeqT8UC5k5PXAdYCHQ6AxGP6ZQ6AI8Q==
-----END CERTIFICATE-----
Generated at Sat Aug 2 13:46:12 2025 by rpki-client