Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36C7A8F/0D485FCA0A9A11EE955F44294AD9E6FC/AD03A5023F8A11F08735E386DAE4EC9C.roa
File: AD03A5023F8A11F08735E386DAE4EC9C.roa (raw, json)
Hash identifier: u0IiCF72rfY2DVaQwjj716SKv5t/WEVer0mJ4pvV7nU=
Subject key identifier: 43:FC:29:1F:EC:CE:30:92:07:6B:63:87:5A:B8:CB:2C:BC:D5:D5:8C
Certificate issuer: /CN=F36C7A8FAF/serialNumber=E99E81FC8FE487C2F84DC9AFADC1FCDBB4029AF9
Certificate serial: 02FA
Authority key identifier: E9:9E:81:FC:8F:E4:87:C2:F8:4D:C9:AF:AD:C1:FC:DB:B4:02:9A:F9
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/6Z6B_I_kh8L4TcmvrcH827QCmvk.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36C7A8F/0D485FCA0A9A11EE955F44294AD9E6FC/AD03A5023F8A11F08735E386DAE4EC9C.roa
Signing time: Mon 02 Jun 2025 08:22:09 +0000
ROA not before: Sat 14 Jun 2025 08:22:05 +0000
ROA not after: Fri 31 May 2030 08:22:05 +0000
asID: 36959
IP address blocks: 41.222.16.0/21 maxlen: 21
Validation: Failed, certificate is not yet valid
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 762 (0x2fa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36C7A8FAF, serialNumber=E99E81FC8FE487C2F84DC9AFADC1FCDBB4029AF9
Validity
Not Before: Jun 14 08:22:05 2025 GMT
Not After : May 31 08:22:05 2030 GMT
Subject: CN=683d5f31-fb23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:4a:5d:d5:23:a7:5d:b1:b4:38:9e:d4:cf:98:
57:9c:26:d5:49:6e:c9:df:07:05:d9:4a:e0:48:58:
55:2e:a4:d5:58:d4:e7:e3:59:d3:f5:4e:4f:ad:5b:
79:a6:0b:e7:f5:54:34:ca:25:cc:47:ef:b9:74:87:
78:50:3e:37:1c:29:8d:6f:38:4d:31:aa:80:fe:c3:
9b:eb:2e:b9:96:b2:35:53:96:ae:f0:b5:9a:76:5a:
1d:2f:b4:ce:77:22:61:eb:92:77:47:ea:50:94:8c:
fb:2c:1d:70:fe:6f:2d:ce:50:4e:78:82:d7:11:91:
d0:60:3e:bd:45:8f:c1:b0:42:a5:a1:b1:5b:86:06:
7d:83:be:e8:f8:a5:0d:f8:32:a0:27:35:1a:fa:34:
15:3e:e4:36:89:63:df:66:9f:6a:1e:7b:10:c2:01:
6a:4a:de:6f:8d:af:8b:3c:fe:aa:be:c9:0d:3d:96:
6e:05:0b:2d:db:cf:c7:dd:b0:12:d3:23:56:15:8e:
49:b5:16:7f:f0:00:29:f7:b4:81:7e:71:b1:ef:82:
aa:0b:0a:54:3b:d4:0d:e8:d2:2b:63:10:9c:ba:1e:
d1:17:37:12:8d:a8:65:da:0c:97:8c:34:a0:2b:d9:
91:7c:9a:02:db:25:56:2e:99:64:e5:d0:2f:0c:3c:
05:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:FC:29:1F:EC:CE:30:92:07:6B:63:87:5A:B8:CB:2C:BC:D5:D5:8C
X509v3 Authority Key Identifier:
keyid:E9:9E:81:FC:8F:E4:87:C2:F8:4D:C9:AF:AD:C1:FC:DB:B4:02:9A:F9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36C7A8F/0D485FCA0A9A11EE955F44294AD9E6FC/6Z6B_I_kh8L4TcmvrcH827QCmvk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/6Z6B_I_kh8L4TcmvrcH827QCmvk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36C7A8F/0D485FCA0A9A11EE955F44294AD9E6FC/AD03A5023F8A11F08735E386DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
41.222.16.0/21
Signature Algorithm: sha256WithRSAEncryption
75:f4:a4:4c:f4:2b:80:f9:a8:5f:6b:ab:9f:27:33:a1:51:8e:
41:64:0b:af:91:de:c1:43:06:07:f5:40:5d:46:f6:32:5d:64:
08:60:c1:91:93:43:85:47:ca:03:4a:fc:bf:7b:56:00:c9:92:
12:02:f0:4d:60:ba:de:cf:0e:23:97:3c:19:47:bc:cd:66:a7:
4a:75:fb:92:0a:da:9f:83:83:fa:9c:0f:55:ec:f2:5d:21:f2:
b6:e9:f4:70:36:db:de:0d:1d:ca:93:44:c3:06:99:eb:3e:d0:
5e:39:ec:23:62:d3:81:41:d4:9d:cc:08:2b:be:e9:7b:0e:8a:
db:2f:3e:25:96:b9:1d:92:5c:a8:25:c2:45:69:da:23:3e:cf:
60:e6:3c:3c:1c:1b:bf:f5:84:bb:db:c2:0e:f7:cd:17:15:6a:
e9:4a:cb:06:4d:f6:c5:08:aa:e2:e6:b2:3f:61:c0:63:08:f0:
3b:b0:4c:6a:07:2f:79:36:d7:b7:f6:ed:9c:b9:3c:9f:96:78:
c3:1a:75:70:c4:32:c0:9c:8c:0f:df:88:20:ba:b9:b5:09:87:
4a:1b:dc:7c:09:e1:17:a2:60:85:d8:3d:33:41:70:f8:60:dd:
88:73:19:93:e7:d0:6d:a4:e5:31:05:de:5b:2d:fd:7a:c8:4c:
33:24:b9:68
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICAvowDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
QzdBOEZBRjExMC8GA1UEBRMoRTk5RTgxRkM4RkU0ODdDMkY4NERDOUFGQURDMUZD
REJCNDAyOUFGOTAeFw0yNTA2MTQwODIyMDVaFw0zMDA1MzEwODIyMDVaMBgxFjAU
BgNVBAMTDTY4M2Q1ZjMxLWZiMjMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDOSl3VI6ddsbQ4ntTPmFecJtVJbsnfBwXZSuBIWFUupNVY1OfjWdP1Tk+t
W3mmC+f1VDTKJcxH77l0h3hQPjccKY1vOE0xqoD+w5vrLrmWsjVTlq7wtZp2Wh0v
tM53ImHrkndH6lCUjPssHXD+by3OUE54gtcRkdBgPr1Fj8GwQqWhsVuGBn2Dvuj4
pQ34MqAnNRr6NBU+5DaJY99mn2oeexDCAWpK3m+Nr4s8/qq+yQ09lm4FCy3bz8fd
sBLTI1YVjkm1Fn/wACn3tIF+cbHvgqoLClQ71A3o0itjEJy6HtEXNxKNqGXaDJeM
NKAr2ZF8mgLbJVYumWTl0C8MPAXFAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUQ/wp
H+zOMJIHa2OHWrjLLLzV1YwwHwYDVR0jBBgwFoAU6Z6B/I/kh8L4TcmvrcH827QC
mvkwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkM3QThGLzBENDg1RkNBMEE5QTExRUU5NTVGNDQyOTRBRDlFNkZDLzZaNkJf
SV9raDhMNFRjbXZyY0g4MjdRQ212ay5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljLzZaNkJfSV9raDhMNFRjbXZyY0g4MjdRQ212ay5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkM3QThGLzBENDg1RkNBMEE5QTExRUU5NTVGNDQyOTRB
RDlFNkZDL0FEMDNBNTAyM0Y4QTExRjA4NzM1RTM4NkRBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAMp3hAwDQYJKoZIhvcNAQEL
BQADggEBAHX0pEz0K4D5qF9rq58nM6FRjkFkC6+R3sFDBgf1QF1G9jJdZAhgwZGT
Q4VHygNK/L97VgDJkhIC8E1gut7PDiOXPBlHvM1mp0p1+5IK2p+Dg/qcD1Xs8l0h
8rbp9HA2294NHcqTRMMGmes+0F457CNi04FB1J3MCCu+6XsOitsvPiWWuR2SXKgl
wkVp2iM+z2DmPDwcG7/1hLvbwg73zRcVaulKywZN9sUIquLmsj9hwGMI8DuwTGoH
L3k217f27Zy5PJ+WeMMadXDEMsCcjA/fiCC6ubUJh0ob3HwJ4ReiYIXYPTNBcPhg
3YhzGZPn0G2k5TEF3lst/XrITDMkuWg=
-----END CERTIFICATE-----
Generated at Sat Jun 7 14:14:27 2025 by rpki-client