Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36E6DE6/F3F2DC9C50E411F0A509427ADAE4EC9C/0BF3367E50E611F0BBDDD082DAE4EC9C.roa
File: 0BF3367E50E611F0BBDDD082DAE4EC9C.roa (raw, json)
Hash identifier: b6mmX0pmUciTPgFCAT//NQwXI5tfH+5qdXUZdemBc5M=
Subject key identifier: EC:AE:00:B5:E7:8A:5C:08:49:29:5B:4D:D5:BF:08:55:FA:85:3A:AB
Certificate issuer: /CN=F36E6DE6AF/serialNumber=E1CA35D8E0D9BC51C096F90AFE02016F93A679A0
Certificate serial: 02
Authority key identifier: E1:CA:35:D8:E0:D9:BC:51:C0:96:F9:0A:FE:02:01:6F:93:A6:79:A0
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/4co12ODZvFHAlvkK_gIBb5OmeaA.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36E6DE6/F3F2DC9C50E411F0A509427ADAE4EC9C/0BF3367E50E611F0BBDDD082DAE4EC9C.roa
Signing time: Tue 24 Jun 2025 10:29:02 +0000
ROA not before: Tue 24 Jun 2025 10:28:58 +0000
ROA not after: Wed 24 Jun 2026 10:28:58 +0000
asID: 37661
IP address blocks: 154.68.192.0/18 maxlen: 18
2c0f:f638::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36E6DE6/F3F2DC9C50E411F0A509427ADAE4EC9C/4co12ODZvFHAlvkK_gIBb5OmeaA.crl
rsync://rpki.afrinic.net/repository/member_repository/F36E6DE6/F3F2DC9C50E411F0A509427ADAE4EC9C/4co12ODZvFHAlvkK_gIBb5OmeaA.mft
rsync://rpki.afrinic.net/repository/afrinic/4co12ODZvFHAlvkK_gIBb5OmeaA.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 04 Jul 2025 05:24:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36E6DE6AF, serialNumber=E1CA35D8E0D9BC51C096F90AFE02016F93A679A0
Validity
Not Before: Jun 24 10:28:58 2025 GMT
Not After : Jun 24 10:28:58 2026 GMT
Subject: CN=685a7dee-2fa7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:84:0a:b6:ad:40:81:ff:a2:f2:da:c5:02:1b:
cf:47:75:64:b9:56:8d:cf:21:21:47:dd:a1:d7:25:
9a:b6:74:f1:6e:44:10:10:f4:49:86:a7:ac:ac:70:
27:c3:92:38:2c:40:96:e8:df:1e:53:a2:ba:bb:af:
07:83:4c:84:c8:4c:72:ec:c9:6b:6c:cc:14:bc:d5:
ae:47:28:81:54:bc:30:a3:4b:3a:bd:e9:21:a2:3e:
11:39:ec:66:82:ab:3a:04:74:ca:32:25:6c:01:74:
af:ed:17:ee:36:41:9e:6e:71:b8:f1:d0:75:29:d4:
26:c0:4e:43:bf:7d:24:34:33:7c:8f:05:7a:3a:04:
06:a9:6f:70:b1:a3:cd:6a:4d:c4:40:a3:43:1e:4b:
13:6d:4d:c6:94:5a:08:49:22:0a:93:38:c0:76:c8:
74:65:8c:0d:6b:02:42:79:24:4f:ea:a2:27:fa:f6:
fc:fe:71:04:3f:0f:f3:32:4b:ff:e7:7c:77:d4:22:
80:b8:be:f1:64:ae:2e:90:6c:32:bd:1e:57:c4:0f:
19:61:ee:d0:42:ba:1e:ee:bb:e6:04:c2:21:ac:64:
31:88:b3:50:4e:a5:44:69:3f:34:dc:85:72:14:3f:
62:be:a2:a3:d1:e7:2d:fa:bb:8b:1f:1b:43:be:14:
56:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:AE:00:B5:E7:8A:5C:08:49:29:5B:4D:D5:BF:08:55:FA:85:3A:AB
X509v3 Authority Key Identifier:
keyid:E1:CA:35:D8:E0:D9:BC:51:C0:96:F9:0A:FE:02:01:6F:93:A6:79:A0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36E6DE6/F3F2DC9C50E411F0A509427ADAE4EC9C/4co12ODZvFHAlvkK_gIBb5OmeaA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/4co12ODZvFHAlvkK_gIBb5OmeaA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36E6DE6/F3F2DC9C50E411F0A509427ADAE4EC9C/0BF3367E50E611F0BBDDD082DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.68.192.0/18
IPv6:
2c0f:f638::/32
Signature Algorithm: sha256WithRSAEncryption
65:dd:5a:77:48:1d:3e:24:ef:01:11:5f:36:e2:1b:57:a7:0e:
07:a4:59:9d:80:ba:4a:96:55:6a:8d:2f:b7:9d:f4:ed:29:35:
48:02:6f:bb:68:8b:d6:92:6b:6a:94:37:29:55:d5:b6:66:d7:
b2:71:d2:9d:1e:98:cf:49:d1:11:fb:4f:50:2f:2f:00:50:5d:
14:fa:33:d7:6f:c0:54:c7:cf:43:bc:02:73:87:c4:f2:dc:d2:
80:c2:0d:4e:df:3b:d8:2e:81:11:48:a0:e9:e3:0b:da:72:57:
0e:1a:99:fa:f6:da:bd:33:92:03:13:34:a0:24:49:1b:a0:1a:
19:b6:1a:63:a0:01:ee:a4:67:81:db:50:dd:2d:2d:c9:43:3f:
ae:86:40:e9:0c:4e:bd:2c:fe:b6:85:f9:7e:4d:f0:bc:e2:94:
28:f6:9d:7f:fb:d1:24:31:c3:87:c7:43:04:24:80:8a:82:f1:
1e:0b:07:82:7e:ce:98:62:15:35:70:cf:6b:df:b1:18:f0:d3:
59:6b:a6:d0:e4:a1:c6:8f:7f:f5:19:c9:cb:d5:c3:90:87:4f:
7b:6c:be:75:76:1f:45:2c:d4:bf:aa:93:ba:7e:5b:f3:c7:b1:
a9:1f:87:6e:b0:7c:8f:15:02:e3:40:a0:a6:2b:88:b6:2c:d5:
a4:b8:7b:e0
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZF
NkRFNkFGMTEwLwYDVQQFEyhFMUNBMzVEOEUwRDlCQzUxQzA5NkY5MEFGRTAyMDE2
RjkzQTY3OUEwMB4XDTI1MDYyNDEwMjg1OFoXDTI2MDYyNDEwMjg1OFowGDEWMBQG
A1UEAxMNNjg1YTdkZWUtMmZhNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMqECratQIH/ovLaxQIbz0d1ZLlWjc8hIUfdodclmrZ08W5EEBD0SYanrKxw
J8OSOCxAlujfHlOiuruvB4NMhMhMcuzJa2zMFLzVrkcogVS8MKNLOr3pIaI+ETns
ZoKrOgR0yjIlbAF0r+0X7jZBnm5xuPHQdSnUJsBOQ799JDQzfI8FejoEBqlvcLGj
zWpNxECjQx5LE21NxpRaCEkiCpM4wHbIdGWMDWsCQnkkT+qiJ/r2/P5xBD8P8zJL
/+d8d9QigLi+8WSuLpBsMr0eV8QPGWHu0EK6Hu675gTCIaxkMYizUE6lRGk/NNyF
chQ/Yr6io9HnLfq7ix8bQ74UVokCAwEAAaOCArQwggKwMB0GA1UdDgQWBBTsrgC1
54pcCEkpW03VvwhV+oU6qzAfBgNVHSMEGDAWgBThyjXY4Nm8UcCW+Qr+AgFvk6Z5
oDAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2RTZERTYvRjNGMkRDOUM1MEU0MTFGMEE1MDk0MjdBREFFNEVDOUMvNGNvMTJP
RFp2RkhBbHZrS19nSUJiNU9tZWFBLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvNGNvMTJPRFp2RkhBbHZrS19nSUJiNU9tZWFBLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2RTZERTYvRjNGMkRDOUM1MEU0MTFGMEE1MDk0MjdBREFF
NEVDOUMvMEJGMzM2N0U1MEU2MTFGMEJCREREMDgyREFFNEVDOUMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEBppEwDANBAIAAjAHAwUALA/2
ODANBgkqhkiG9w0BAQsFAAOCAQEAZd1ad0gdPiTvARFfNuIbV6cOB6RZnYC6SpZV
ao0vt5307Sk1SAJvu2iL1pJrapQ3KVXVtmbXsnHSnR6Yz0nREftPUC8vAFBdFPoz
12/AVMfPQ7wCc4fE8tzSgMINTt872C6BEUig6eML2nJXDhqZ+vbavTOSAxM0oCRJ
G6AaGbYaY6AB7qRngdtQ3S0tyUM/roZA6QxOvSz+toX5fk3wvOKUKPadf/vRJDHD
h8dDBCSAioLxHgsHgn7OmGIVNXDPa9+xGPDTWWum0OShxo9/9RnJy9XDkIdPe2y+
dXYfRSzUv6qTun5b88exqR+HbrB8jxUC40CgpiuItizVpLh74A==
-----END CERTIFICATE-----
Generated at Thu Jul 3 06:56:07 2025 by rpki-client