Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36BC6CC/0F853534DD3811EFB2E4C477762E951A/981965A640C911F0AA7BC28FDAE4EC9C.roa
File: 981965A640C911F0AA7BC28FDAE4EC9C.roa (raw, json)
Hash identifier: /+6/RjZuNbqQtneE80fqEs+UIumXvOJpiE0MpFoYgdc=
Subject key identifier: C2:A8:6A:FB:65:F5:69:BF:1E:EA:EF:B2:17:FD:FB:CA:17:B8:91:14
Certificate issuer: /CN=F36BC6CCAF/serialNumber=31F79501F700C6A67662DE27B615EEC830B1B876
Certificate serial: 8A
Authority key identifier: 31:F7:95:01:F7:00:C6:A6:76:62:DE:27:B6:15:EE:C8:30:B1:B8:76
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/MfeVAfcAxqZ2Yt4nthXuyDCxuHY.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36BC6CC/0F853534DD3811EFB2E4C477762E951A/981965A640C911F0AA7BC28FDAE4EC9C.roa
Signing time: Tue 03 Jun 2025 22:25:04 +0000
ROA not before: Wed 04 Jun 2025 22:24:59 +0000
ROA not after: Wed 04 Jun 2036 22:24:59 +0000
asID: 37563
IP address blocks: 197.231.200.0/24 maxlen: 24
197.231.201.0/24 maxlen: 24
197.231.202.0/24 maxlen: 24
197.231.203.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36BC6CC/0F853534DD3811EFB2E4C477762E951A/MfeVAfcAxqZ2Yt4nthXuyDCxuHY.crl
rsync://rpki.afrinic.net/repository/member_repository/F36BC6CC/0F853534DD3811EFB2E4C477762E951A/MfeVAfcAxqZ2Yt4nthXuyDCxuHY.mft
rsync://rpki.afrinic.net/repository/afrinic/MfeVAfcAxqZ2Yt4nthXuyDCxuHY.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 10 Jun 2025 00:06:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 138 (0x8a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36BC6CCAF, serialNumber=31F79501F700C6A67662DE27B615EEC830B1B876
Validity
Not Before: Jun 4 22:24:59 2025 GMT
Not After : Jun 4 22:24:59 2036 GMT
Subject: CN=683f7640-9f6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:5a:84:f6:83:94:a7:7e:87:85:0f:1a:27:c2:
68:43:c7:e4:6f:3b:8f:5f:e3:2d:3a:5b:ea:51:b8:
22:15:d6:54:bc:25:01:df:6d:4f:5a:24:33:d4:5d:
f9:db:32:0b:ef:67:12:73:13:bd:9a:4b:f0:c3:ca:
ec:e8:97:0d:b1:37:45:1e:8f:da:09:71:b8:d4:6f:
8c:9e:a4:73:b3:72:95:1a:3c:7b:54:31:c8:44:0c:
65:ca:9a:fa:c7:de:eb:c6:f2:a3:8a:75:37:83:d0:
e6:ce:b5:19:76:3b:37:fd:c5:a8:45:6f:f0:ab:e5:
32:8c:b8:8a:3e:16:44:f5:38:d8:2c:91:c0:72:3b:
8d:68:01:11:88:4c:03:70:b3:ec:4a:9f:c0:86:83:
bf:bb:0d:14:38:10:72:a2:c6:75:9e:6a:64:fc:0b:
a1:76:1e:e5:9d:96:59:84:7d:44:2c:19:eb:6f:f8:
62:9a:d3:ee:c9:3a:2c:ee:f4:54:df:d2:af:fb:d1:
2d:19:28:c9:e4:91:d8:0c:a2:53:81:97:76:a4:2a:
12:c2:7c:25:d0:78:a0:af:a0:40:bc:6e:98:ce:4a:
04:e7:83:77:14:73:82:45:c6:7c:23:66:b0:ea:a1:
78:d1:e4:02:bd:d2:d9:0f:59:2f:0d:7b:53:ac:b5:
90:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:A8:6A:FB:65:F5:69:BF:1E:EA:EF:B2:17:FD:FB:CA:17:B8:91:14
X509v3 Authority Key Identifier:
keyid:31:F7:95:01:F7:00:C6:A6:76:62:DE:27:B6:15:EE:C8:30:B1:B8:76
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36BC6CC/0F853534DD3811EFB2E4C477762E951A/MfeVAfcAxqZ2Yt4nthXuyDCxuHY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/MfeVAfcAxqZ2Yt4nthXuyDCxuHY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36BC6CC/0F853534DD3811EFB2E4C477762E951A/981965A640C911F0AA7BC28FDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
197.231.200.0/22
Signature Algorithm: sha256WithRSAEncryption
bf:8c:33:24:26:28:dd:98:f5:fa:52:ca:56:41:15:60:f9:2a:
eb:38:b7:1e:bf:f2:6e:2f:cc:92:a2:2f:8f:65:a6:d3:e2:13:
9f:64:b6:27:58:eb:80:20:70:64:4c:b1:ca:57:4e:88:ba:dd:
fc:bc:ab:45:37:9a:96:d8:57:a0:c9:94:b8:e2:ed:3b:8d:6a:
ae:7e:51:af:82:65:ec:de:ef:bf:73:7e:1e:b7:56:2b:b3:f0:
99:44:8b:ed:da:15:e5:ae:05:67:3d:a5:08:43:8c:44:64:a0:
1b:53:a7:4c:44:28:b4:b0:84:79:c6:f6:d1:53:e5:9f:7e:46:
8a:e6:01:0d:3e:18:81:c5:82:a9:5e:39:d9:f7:e0:80:a2:6f:
25:e6:76:bc:0d:2e:65:58:dd:23:27:1d:8a:d2:11:50:0f:71:
eb:d2:17:ef:46:d2:24:41:85:ba:c7:0c:16:e1:6c:ae:69:e5:
12:9b:87:07:79:b3:c7:3f:bb:26:3f:cc:b1:f4:66:f0:b2:ec:
5f:e5:e9:e6:d3:6a:8b:1b:72:72:ee:bc:32:0a:82:3f:64:44:
76:ec:0a:e8:59:32:06:5c:50:b0:59:49:ad:f2:e4:4f:cc:b2:
36:00:fc:29:0c:27:e2:b1:bb:f8:e1:e0:dc:96:71:24:ae:55:
ca:51:fe:09
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICAIowDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
QkM2Q0NBRjExMC8GA1UEBRMoMzFGNzk1MDFGNzAwQzZBNjc2NjJERTI3QjYxNUVF
QzgzMEIxQjg3NjAeFw0yNTA2MDQyMjI0NTlaFw0zNjA2MDQyMjI0NTlaMBgxFjAU
BgNVBAMTDTY4M2Y3NjQwLTlmNmYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQD2WoT2g5SnfoeFDxonwmhDx+RvO49f4y06W+pRuCIV1lS8JQHfbU9aJDPU
XfnbMgvvZxJzE72aS/DDyuzolw2xN0Uej9oJcbjUb4yepHOzcpUaPHtUMchEDGXK
mvrH3uvG8qOKdTeD0ObOtRl2Ozf9xahFb/Cr5TKMuIo+FkT1ONgskcByO41oARGI
TANws+xKn8CGg7+7DRQ4EHKixnWeamT8C6F2HuWdllmEfUQsGetv+GKa0+7JOizu
9FTf0q/70S0ZKMnkkdgMolOBl3akKhLCfCXQeKCvoEC8bpjOSgTng3cUc4JFxnwj
ZrDqoXjR5AK90tkPWS8Ne1OstZD7AgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUwqhq
+2X1ab8e6u+yF/37yhe4kRQwHwYDVR0jBBgwFoAUMfeVAfcAxqZ2Yt4nthXuyDCx
uHYwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkJDNkNDLzBGODUzNTM0REQzODExRUZCMkU0QzQ3Nzc2MkU5NTFBL01mZVZB
ZmNBeHFaMll0NG50aFh1eURDeHVIWS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL01mZVZBZmNBeHFaMll0NG50aFh1eURDeHVIWS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkJDNkNDLzBGODUzNTM0REQzODExRUZCMkU0QzQ3Nzc2
MkU5NTFBLzk4MTk2NUE2NDBDOTExRjBBQTdCQzI4RkRBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBALF58gwDQYJKoZIhvcNAQEL
BQADggEBAL+MMyQmKN2Y9fpSylZBFWD5Kus4tx6/8m4vzJKiL49lptPiE59ktidY
64AgcGRMscpXToi63fy8q0U3mpbYV6DJlLji7TuNaq5+Ua+CZeze779zfh63Viuz
8JlEi+3aFeWuBWc9pQhDjERkoBtTp0xEKLSwhHnG9tFT5Z9+RormAQ0+GIHFgqle
Odn34ICibyXmdrwNLmVY3SMnHYrSEVAPcevSF+9G0iRBhbrHDBbhbK5p5RKbhwd5
s8c/uyY/zLH0ZvCy7F/l6ebTaosbcnLuvDIKgj9kRHbsCuhZMgZcULBZSa3y5E/M
sjYA/CkMJ+Kxu/jh4NyWcSSuVcpR/gk=
-----END CERTIFICATE-----
Generated at Sun Jun 8 23:31:30 2025 by rpki-client