Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F364379D/67C6AD4CBF3D11EDA6BF88F1F1222468/71F0925246CB11F0906DF5A4DAE4EC9C.roa
File: 71F0925246CB11F0906DF5A4DAE4EC9C.roa (raw, json)
Hash identifier: 4GpwoUFSemgnNHOneEphyunOOkVz96lSUfPWz4U/DVI=
Subject key identifier: F6:82:88:F0:A7:95:E3:74:FD:1F:41:8A:90:92:8A:21:27:2D:99:C4
Certificate issuer: /CN=F364379DAF/serialNumber=100CBD464A905A5B568F7ADCEF1F9D20BC752331
Certificate serial: 035C
Authority key identifier: 10:0C:BD:46:4A:90:5A:5B:56:8F:7A:DC:EF:1F:9D:20:BC:75:23:31
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/EAy9RkqQWltWj3rc7x-dILx1IzE.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F364379D/67C6AD4CBF3D11EDA6BF88F1F1222468/71F0925246CB11F0906DF5A4DAE4EC9C.roa
Signing time: Wed 11 Jun 2025 13:53:26 +0000
ROA not before: Wed 11 Jun 2025 13:53:21 +0000
ROA not after: Sat 17 Mar 2035 13:53:21 +0000
asID: 37014
IP address blocks: 41.223.72.0/24 maxlen: 24
41.223.73.0/24 maxlen: 24
41.223.74.0/24 maxlen: 24
41.223.75.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F364379D/67C6AD4CBF3D11EDA6BF88F1F1222468/EAy9RkqQWltWj3rc7x-dILx1IzE.crl
rsync://rpki.afrinic.net/repository/member_repository/F364379D/67C6AD4CBF3D11EDA6BF88F1F1222468/EAy9RkqQWltWj3rc7x-dILx1IzE.mft
rsync://rpki.afrinic.net/repository/afrinic/EAy9RkqQWltWj3rc7x-dILx1IzE.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Jul 2025 03:35:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 860 (0x35c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F364379DAF, serialNumber=100CBD464A905A5B568F7ADCEF1F9D20BC752331
Validity
Not Before: Jun 11 13:53:21 2025 GMT
Not After : Mar 17 13:53:21 2035 GMT
Subject: CN=68498a55-ca55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:1e:da:19:e5:24:52:3f:f3:5e:40:50:8d:a3:
cd:ae:9a:3c:d4:ca:78:50:1d:6d:76:9d:1c:8f:41:
55:0c:48:1e:52:90:77:8e:37:b0:3c:74:c5:31:19:
24:5a:6f:49:e9:1d:19:1c:1d:ff:f5:6f:94:65:e4:
0f:b0:35:2a:54:2f:6c:7c:a6:43:0d:7d:a2:0a:a5:
0b:bd:6c:c6:1c:ad:c3:50:85:21:3c:50:92:44:ec:
76:eb:74:29:1a:8c:a5:e4:c0:dd:e7:1e:da:bd:bd:
1a:a6:07:9e:82:ca:33:4f:4a:20:3a:a4:62:1f:40:
bf:38:59:48:b1:55:c1:80:11:be:d4:70:2f:9d:8d:
a7:2c:fb:31:cb:8f:d3:4b:96:b5:1d:8d:bf:a1:9f:
7e:84:d6:83:16:e3:96:3e:f1:5e:f5:b6:68:79:5d:
56:22:80:ca:d9:85:19:d0:ca:48:90:93:ea:7d:71:
46:7b:af:b0:00:73:da:ae:06:8b:f3:3e:a7:2f:e8:
32:e7:d2:34:29:c0:6c:ff:90:38:e9:62:81:63:dc:
c4:d3:b6:0b:28:9f:84:76:c2:1a:94:21:53:5e:bf:
65:71:8b:a4:b6:62:f9:9e:ef:5c:e6:5a:ac:91:fa:
05:94:c8:77:e2:86:fa:f1:90:c1:6c:8d:ea:ba:01:
3e:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:82:88:F0:A7:95:E3:74:FD:1F:41:8A:90:92:8A:21:27:2D:99:C4
X509v3 Authority Key Identifier:
keyid:10:0C:BD:46:4A:90:5A:5B:56:8F:7A:DC:EF:1F:9D:20:BC:75:23:31
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F364379D/67C6AD4CBF3D11EDA6BF88F1F1222468/EAy9RkqQWltWj3rc7x-dILx1IzE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/EAy9RkqQWltWj3rc7x-dILx1IzE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F364379D/67C6AD4CBF3D11EDA6BF88F1F1222468/71F0925246CB11F0906DF5A4DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
41.223.72.0/22
Signature Algorithm: sha256WithRSAEncryption
10:f4:05:1d:ec:66:be:1b:02:21:f4:9b:9d:6a:35:df:ed:68:
a5:26:f0:ca:76:b1:eb:36:2a:5b:05:50:36:f2:d5:38:cd:31:
b4:b3:5a:8f:f7:f8:db:69:77:0b:67:88:f4:18:d1:13:8b:84:
1d:e1:2d:f8:75:86:bc:7f:0b:16:0b:60:ff:2b:75:18:f9:16:
f0:0b:3b:63:13:59:94:bb:a0:e2:34:74:a2:48:bb:48:e9:ca:
03:ae:ce:9e:31:1e:82:bf:e3:5d:63:c5:d7:1b:46:22:42:84:
24:3e:40:ab:46:01:57:0f:0b:c3:a4:42:70:1d:97:35:18:af:
86:7a:01:34:18:91:2c:bd:67:bb:d0:14:a8:c9:08:e5:8e:75:
f9:98:fe:60:9f:0d:23:62:60:97:e1:68:bf:75:b4:99:36:67:
48:ba:a0:73:f2:27:05:15:02:78:91:4c:71:44:8f:71:f5:a7:
0f:22:58:3d:11:48:17:fc:4a:69:3e:dd:7b:9d:29:02:33:ec:
ca:d2:26:32:22:6d:6f:86:3c:29:bc:ea:23:16:10:1f:c1:b6:
5d:be:60:1f:20:e9:d2:d9:c7:07:2c:1d:19:74:8a:cf:48:a7:
63:3a:68:20:f6:aa:65:2e:76:97:f3:47:c5:c9:60:c2:d8:6e:
eb:9e:5b:67
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICA1wwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
NDM3OURBRjExMC8GA1UEBRMoMTAwQ0JENDY0QTkwNUE1QjU2OEY3QURDRUYxRjlE
MjBCQzc1MjMzMTAeFw0yNTA2MTExMzUzMjFaFw0zNTAzMTcxMzUzMjFaMBgxFjAU
BgNVBAMTDTY4NDk4YTU1LWNhNTUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCyHtoZ5SRSP/NeQFCNo82umjzUynhQHW12nRyPQVUMSB5SkHeON7A8dMUx
GSRab0npHRkcHf/1b5Rl5A+wNSpUL2x8pkMNfaIKpQu9bMYcrcNQhSE8UJJE7Hbr
dCkajKXkwN3nHtq9vRqmB56CyjNPSiA6pGIfQL84WUixVcGAEb7UcC+djacs+zHL
j9NLlrUdjb+hn36E1oMW45Y+8V71tmh5XVYigMrZhRnQykiQk+p9cUZ7r7AAc9qu
BovzPqcv6DLn0jQpwGz/kDjpYoFj3MTTtgson4R2whqUIVNev2Vxi6S2Yvme71zm
WqyR+gWUyHfihvrxkMFsjeq6AT5NAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQU9oKI
8KeV43T9H0GKkJKKISctmcQwHwYDVR0jBBgwFoAUEAy9RkqQWltWj3rc7x+dILx1
IzEwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjQzNzlELzY3QzZBRDRDQkYzRDExRURBNkJGODhGMUYxMjIyNDY4L0VBeTlS
a3FRV2x0V2ozcmM3eC1kSUx4MUl6RS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0VBeTlSa3FRV2x0V2ozcmM3eC1kSUx4MUl6RS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjQzNzlELzY3QzZBRDRDQkYzRDExRURBNkJGODhGMUYx
MjIyNDY4LzcxRjA5MjUyNDZDQjExRjA5MDZERjVBNERBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAIp30gwDQYJKoZIhvcNAQEL
BQADggEBABD0BR3sZr4bAiH0m51qNd/taKUm8Mp2ses2KlsFUDby1TjNMbSzWo/3
+NtpdwtniPQY0ROLhB3hLfh1hrx/CxYLYP8rdRj5FvALO2MTWZS7oOI0dKJIu0jp
ygOuzp4xHoK/411jxdcbRiJChCQ+QKtGAVcPC8OkQnAdlzUYr4Z6ATQYkSy9Z7vQ
FKjJCOWOdfmY/mCfDSNiYJfhaL91tJk2Z0i6oHPyJwUVAniRTHFEj3H1pw8iWD0R
SBf8Smk+3XudKQIz7MrSJjIibW+GPCm86iMWEB/Btl2+YB8g6dLZxwcsHRl0is9I
p2M6aCD2qmUudpfzR8XJYMLYbuueW2c=
-----END CERTIFICATE-----
Generated at Fri Jul 4 13:35:05 2025 by rpki-client