Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3674908/5ED4860A564411F0A5A4B7EDDAE4EC9C/1F963ED8564511F0A6FF3AF2DAE4EC9C.roa
File: 1F963ED8564511F0A6FF3AF2DAE4EC9C.roa (raw, json)
Hash identifier: X2krD4jdJ7pGQ3zXFaC89RNcw5IbwbOm7CUbTFo1if4=
Subject key identifier: 48:4A:40:BC:FB:3B:61:EF:81:69:53:56:E8:D4:CD:13:1E:8D:52:67
Certificate issuer: /CN=F3674908AF/serialNumber=38D217BBC9989F8B1CEC1B3A43601F11E3D11E4B
Certificate serial: 02
Authority key identifier: 38:D2:17:BB:C9:98:9F:8B:1C:EC:1B:3A:43:60:1F:11:E3:D1:1E:4B
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/ONIXu8mYn4sc7Bs6Q2AfEePRHks.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3674908/5ED4860A564411F0A5A4B7EDDAE4EC9C/1F963ED8564511F0A6FF3AF2DAE4EC9C.roa
Signing time: Tue 01 Jul 2025 06:32:13 +0000
ROA not before: Tue 01 Jul 2025 06:31:57 +0000
ROA not after: Sun 01 Jul 2035 06:31:57 +0000
asID: 37611
IP address blocks: 41.76.208.0/21 maxlen: 32
102.182.0.0/16 maxlen: 32
102.212.96.0/22 maxlen: 32
102.218.60.0/22 maxlen: 32
102.218.140.0/22 maxlen: 32
102.218.216.0/22 maxlen: 32
102.219.160.0/22 maxlen: 32
102.220.80.0/22 maxlen: 32
102.221.80.0/22 maxlen: 32
102.222.124.0/22 maxlen: 32
102.223.56.0/22 maxlen: 32
154.0.160.0/20 maxlen: 32
197.242.144.0/20 maxlen: 32
2c0e:7f00::/28 maxlen: 128
2c0f:f4c0::/32 maxlen: 128
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3674908/5ED4860A564411F0A5A4B7EDDAE4EC9C/ONIXu8mYn4sc7Bs6Q2AfEePRHks.crl
rsync://rpki.afrinic.net/repository/member_repository/F3674908/5ED4860A564411F0A5A4B7EDDAE4EC9C/ONIXu8mYn4sc7Bs6Q2AfEePRHks.mft
rsync://rpki.afrinic.net/repository/afrinic/ONIXu8mYn4sc7Bs6Q2AfEePRHks.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 05 Jul 2025 05:25:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3674908AF, serialNumber=38D217BBC9989F8B1CEC1B3A43601F11E3D11E4B
Validity
Not Before: Jul 1 06:31:57 2025 GMT
Not After : Jul 1 06:31:57 2035 GMT
Subject: CN=686380ed-ebdf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:8c:ed:57:be:25:bd:a3:7a:16:62:7a:79:d6:
8f:ae:75:73:e7:99:ae:dd:bd:60:22:4f:c4:2b:16:
04:17:c8:a2:e9:7a:d9:b5:82:f3:f4:4d:de:25:53:
09:98:4c:28:5f:7b:13:6f:90:a8:c1:18:6c:57:ad:
a8:01:51:88:d6:da:26:d6:4d:f8:cc:17:70:06:d0:
36:9a:ad:62:a2:fb:bc:44:48:bf:52:82:2d:87:20:
d4:df:2e:5d:9e:16:13:8e:0b:77:c7:e4:ef:6a:40:
7c:7f:05:c2:e8:54:25:97:69:95:c0:af:35:f1:22:
23:06:56:3b:74:67:b6:35:b1:ad:97:3f:74:f5:69:
2f:f3:98:60:d9:ec:1c:f8:1a:16:9e:b4:07:b0:3b:
87:cb:21:24:61:27:b5:7d:58:ee:9c:57:ce:0e:ae:
91:93:27:26:3e:96:38:22:62:52:88:36:d5:11:d0:
6f:0a:b7:b9:af:09:d0:49:7a:3d:90:1c:4f:b6:cd:
06:47:b1:0b:5d:c9:7b:80:72:10:a8:78:71:4b:3d:
d0:bd:f1:cf:b7:15:74:86:f0:12:a2:f6:e6:2a:d7:
f2:b3:19:30:79:4c:52:ed:ce:6d:86:6f:41:ee:88:
4b:a3:3c:db:dc:85:08:96:1a:5c:b1:45:11:87:0a:
30:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:4A:40:BC:FB:3B:61:EF:81:69:53:56:E8:D4:CD:13:1E:8D:52:67
X509v3 Authority Key Identifier:
keyid:38:D2:17:BB:C9:98:9F:8B:1C:EC:1B:3A:43:60:1F:11:E3:D1:1E:4B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3674908/5ED4860A564411F0A5A4B7EDDAE4EC9C/ONIXu8mYn4sc7Bs6Q2AfEePRHks.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/ONIXu8mYn4sc7Bs6Q2AfEePRHks.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3674908/5ED4860A564411F0A5A4B7EDDAE4EC9C/1F963ED8564511F0A6FF3AF2DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
41.76.208.0/21
102.182.0.0/16
102.212.96.0/22
102.218.60.0/22
102.218.140.0/22
102.218.216.0/22
102.219.160.0/22
102.220.80.0/22
102.221.80.0/22
102.222.124.0/22
102.223.56.0/22
154.0.160.0/20
197.242.144.0/20
IPv6:
2c0e:7f00::/28
2c0f:f4c0::/32
Signature Algorithm: sha256WithRSAEncryption
03:c1:e0:3d:8e:5f:d8:fb:7c:7a:0d:e7:ba:ab:35:8f:77:c2:
92:f3:94:75:73:26:c9:11:2e:98:31:d6:e3:c8:3f:a8:54:27:
2d:e9:23:31:e4:ca:42:fd:44:0b:ab:5f:88:dc:3d:65:c4:42:
d9:42:32:fb:b9:7b:f0:4e:7b:48:df:4c:dd:b9:87:df:52:31:
40:b1:81:3c:52:33:6d:59:fc:d3:4d:fd:bf:67:57:d3:d2:ff:
b9:c5:c2:9c:f9:eb:e5:d1:e0:02:de:05:3a:1e:18:12:a1:cf:
b9:42:f9:99:c3:82:27:da:27:59:15:aa:46:8a:86:02:46:0b:
23:b2:00:eb:41:b6:e2:5a:bb:df:c0:03:6c:ab:61:fc:4c:77:
b2:e4:36:ea:c3:02:bf:9e:b3:ef:37:04:62:de:07:9e:85:2c:
f5:6c:ef:c7:23:5f:30:aa:12:21:e6:a0:b8:5f:88:d4:f8:b2:
af:d8:dc:9c:d4:40:91:02:7f:27:f2:b0:02:be:a7:74:ed:ac:
bc:7c:e2:6c:59:09:91:f2:76:e6:8f:3e:4b:a5:00:69:c6:09:
71:a4:85:d1:4c:9c:e7:54:3a:b6:94:b7:4f:c5:4d:df:34:da:
2c:51:44:1b:88:71:72:d8:fe:e3:8e:72:dd:4f:e4:4a:03:28:
ac:fd:67:88
-----BEGIN CERTIFICATE-----
MIIF3zCCBMegAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY3
NDkwOEFGMTEwLwYDVQQFEygzOEQyMTdCQkM5OTg5RjhCMUNFQzFCM0E0MzYwMUYx
MUUzRDExRTRCMB4XDTI1MDcwMTA2MzE1N1oXDTM1MDcwMTA2MzE1N1owGDEWMBQG
A1UEAxMNNjg2MzgwZWQtZWJkZjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALaM7Ve+Jb2jehZiennWj651c+eZrt29YCJPxCsWBBfIoul62bWC8/RN3iVT
CZhMKF97E2+QqMEYbFetqAFRiNbaJtZN+MwXcAbQNpqtYqL7vERIv1KCLYcg1N8u
XZ4WE44Ld8fk72pAfH8FwuhUJZdplcCvNfEiIwZWO3RntjWxrZc/dPVpL/OYYNns
HPgaFp60B7A7h8shJGEntX1Y7pxXzg6ukZMnJj6WOCJiUog21RHQbwq3ua8J0El6
PZAcT7bNBkexC13Je4ByEKh4cUs90L3xz7cVdIbwEqL25irX8rMZMHlMUu3ObYZv
Qe6IS6M829yFCJYaXLFFEYcKMF8CAwEAAaOCAwIwggL+MB0GA1UdDgQWBBRISkC8
+zth74FpU1bo1M0THo1SZzAfBgNVHSMEGDAWgBQ40he7yZifixzsGzpDYB8R49Ee
SzAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NzQ5MDgvNUVENDg2MEE1NjQ0MTFGMEE1QTRCN0VEREFFNEVDOUMvT05JWHU4
bVluNHNjN0JzNlEyQWZFZVBSSGtzLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvT05JWHU4bVluNHNjN0JzNlEyQWZFZVBSSGtzLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2NzQ5MDgvNUVENDg2MEE1NjQ0MTFGMEE1QTRCN0VEREFF
NEVDOUMvMUY5NjNFRDg1NjQ1MTFGMEE2RkYzQUYyREFFNEVDOUMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDB8BggrBgEFBQcBBwEB/wRtMGswUwQCAAEwTQMEAylM0AMDAGa2AwQCZtRgAwQC
Zto8AwQCZtqMAwQCZtrYAwQCZtugAwQCZtxQAwQCZt1QAwQCZt58AwQCZt84AwQE
mgCgAwQExfKQMBQEAgACMA4DBQQsDn8AAwUALA/0wDANBgkqhkiG9w0BAQsFAAOC
AQEAA8HgPY5f2Pt8eg3nuqs1j3fCkvOUdXMmyREumDHW48g/qFQnLekjMeTKQv1E
C6tfiNw9ZcRC2UIy+7l78E57SN9M3bmH31IxQLGBPFIzbVn80039v2dX09L/ucXC
nPnr5dHgAt4FOh4YEqHPuUL5mcOCJ9onWRWqRoqGAkYLI7IA60G24lq738ADbKth
/Ex3suQ26sMCv56z7zcEYt4HnoUs9WzvxyNfMKoSIeaguF+I1Piyr9jcnNRAkQJ/
J/KwAr6ndO2svHzibFkJkfJ25o8+S6UAacYJcaSF0Uyc51Q6tpS3T8VN3zTaLFFE
G4hxctj+445y3U/kSgMorP1niA==
-----END CERTIFICATE-----
Generated at Thu Jul 3 13:05:13 2025 by rpki-client