Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36848BC/C0FEE47C26D011F09019149EDAE4EC9C/91C51C4457F911F0AC734B88DAE4EC9C.roa
File: 91C51C4457F911F0AC734B88DAE4EC9C.roa (raw, json)
Hash identifier: jLmJyUTO89F5T9pEtytMOZ40rOclSZZKyrwwRKMAe9A=
Subject key identifier: 2C:70:82:77:8F:6C:E5:59:E2:B9:6A:AD:9E:32:A0:6A:B7:B7:9B:66
Certificate issuer: /CN=F36848BCAF/serialNumber=F72445BFF5EA83351F2E660D4D812D8F3481ECF3
Certificate serial: 44
Authority key identifier: F7:24:45:BF:F5:EA:83:35:1F:2E:66:0D:4D:81:2D:8F:34:81:EC:F3
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/9yRFv_XqgzUfLmYNTYEtjzSB7PM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36848BC/C0FEE47C26D011F09019149EDAE4EC9C/91C51C4457F911F0AC734B88DAE4EC9C.roa
Signing time: Thu 03 Jul 2025 10:36:26 +0000
ROA not before: Thu 03 Jul 2025 10:36:19 +0000
ROA not after: Mon 03 Jul 2028 10:36:19 +0000
asID: 328761
IP address blocks: 102.221.112.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36848BC/C0FEE47C26D011F09019149EDAE4EC9C/9yRFv_XqgzUfLmYNTYEtjzSB7PM.crl
rsync://rpki.afrinic.net/repository/member_repository/F36848BC/C0FEE47C26D011F09019149EDAE4EC9C/9yRFv_XqgzUfLmYNTYEtjzSB7PM.mft
rsync://rpki.afrinic.net/repository/afrinic/9yRFv_XqgzUfLmYNTYEtjzSB7PM.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Jul 2025 05:19:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 68 (0x44)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36848BCAF, serialNumber=F72445BFF5EA83351F2E660D4D812D8F3481ECF3
Validity
Not Before: Jul 3 10:36:19 2025 GMT
Not After : Jul 3 10:36:19 2028 GMT
Subject: CN=68665d29-2a66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:60:bb:8b:da:32:ab:fe:b3:0b:e3:04:17:e6:
de:91:aa:81:f3:63:d2:e4:42:f7:01:93:b5:77:a6:
15:a6:04:86:79:f7:0c:9d:9c:43:37:50:af:96:1c:
28:c5:e9:ee:c2:87:7b:8f:63:d0:de:1f:68:93:3e:
85:bc:f9:e6:47:77:8a:79:74:dc:5d:4b:51:1f:1c:
ec:47:dc:c6:7c:eb:1f:39:48:17:42:ba:12:15:e2:
06:9a:fa:f1:8c:05:62:a1:74:59:bc:ba:37:7e:7b:
05:e6:5c:96:30:d4:40:51:49:1d:ac:af:9e:43:cc:
a4:42:b1:0f:41:70:d8:93:ce:67:8f:ff:06:9a:f6:
88:9b:84:a8:64:fe:87:b9:47:89:c7:f9:e9:61:09:
4a:15:fe:a6:c6:b1:5e:96:91:ca:97:4b:91:3d:5d:
8c:7e:13:f1:06:9c:a6:74:88:02:6a:f3:70:4b:21:
8b:50:99:a1:8b:48:32:cf:a9:6e:41:55:2a:22:d9:
57:37:dd:08:33:68:c8:81:f3:c2:c7:fc:53:ea:19:
25:6c:0f:60:1e:cf:67:f9:dc:98:7a:ce:bd:f8:d5:
08:1f:a3:6e:10:02:ac:92:e0:39:5b:45:a5:89:3d:
aa:a7:8b:f4:48:9e:47:f2:ad:7c:f9:0a:27:73:39:
a3:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:70:82:77:8F:6C:E5:59:E2:B9:6A:AD:9E:32:A0:6A:B7:B7:9B:66
X509v3 Authority Key Identifier:
keyid:F7:24:45:BF:F5:EA:83:35:1F:2E:66:0D:4D:81:2D:8F:34:81:EC:F3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36848BC/C0FEE47C26D011F09019149EDAE4EC9C/9yRFv_XqgzUfLmYNTYEtjzSB7PM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/9yRFv_XqgzUfLmYNTYEtjzSB7PM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36848BC/C0FEE47C26D011F09019149EDAE4EC9C/91C51C4457F911F0AC734B88DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.221.112.0/23
Signature Algorithm: sha256WithRSAEncryption
4b:c3:e7:72:dd:e2:82:07:11:25:98:35:2c:90:cd:89:78:f6:
c3:68:87:de:ea:c9:b2:41:da:7e:ce:0b:20:79:c0:1c:41:cf:
72:dd:80:cc:23:ae:bf:23:5e:67:1c:69:d9:9f:c2:5f:1b:58:
06:da:62:20:00:dc:40:54:be:4c:b8:5a:cb:6a:f3:30:d9:85:
7c:fd:36:8c:db:00:5c:b7:03:c7:61:8d:c7:3e:e5:3d:cf:60:
d8:7d:12:4f:f4:25:f5:78:34:2a:b2:2f:ec:34:e3:47:7f:5a:
f6:3c:ac:c6:12:5c:eb:a8:9c:0a:23:cf:af:9c:05:c4:bb:73:
64:3a:3e:02:26:6d:03:71:c2:af:2c:62:71:bf:05:a8:40:6a:
ad:2e:d2:6f:e5:cf:f2:e7:48:ea:9f:98:02:f1:67:c7:f9:75:
0f:29:c5:2d:86:61:97:5c:5a:60:26:d7:12:69:f2:a2:ab:0c:
35:25:7f:df:fb:b8:05:bb:85:3c:59:87:c4:20:a4:e1:a4:2c:
85:d1:f3:07:6e:85:f6:78:5a:e8:37:72:4e:78:67:00:46:32:
2e:e5:db:9d:fa:c6:54:16:2d:51:de:5e:13:b0:ca:d2:3a:3d:
54:b0:6c:95:25:ce:6d:e2:06:74:69:7d:61:94:3f:72:af:fc:
2d:ab:cb:80
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBRDANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY4
NDhCQ0FGMTEwLwYDVQQFEyhGNzI0NDVCRkY1RUE4MzM1MUYyRTY2MEQ0RDgxMkQ4
RjM0ODFFQ0YzMB4XDTI1MDcwMzEwMzYxOVoXDTI4MDcwMzEwMzYxOVowGDEWMBQG
A1UEAxMNNjg2NjVkMjktMmE2NjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMJgu4vaMqv+swvjBBfm3pGqgfNj0uRC9wGTtXemFaYEhnn3DJ2cQzdQr5Yc
KMXp7sKHe49j0N4faJM+hbz55kd3inl03F1LUR8c7EfcxnzrHzlIF0K6EhXiBpr6
8YwFYqF0Wby6N357BeZcljDUQFFJHayvnkPMpEKxD0Fw2JPOZ4//Bpr2iJuEqGT+
h7lHicf56WEJShX+psaxXpaRypdLkT1djH4T8QacpnSIAmrzcEshi1CZoYtIMs+p
bkFVKiLZVzfdCDNoyIHzwsf8U+oZJWwPYB7PZ/ncmHrOvfjVCB+jbhACrJLgOVtF
pYk9qqeL9EieR/KtfPkKJ3M5o7kCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBQscIJ3
j2zlWeK5aq2eMqBqt7ebZjAfBgNVHSMEGDAWgBT3JEW/9eqDNR8uZg1NgS2PNIHs
8zAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2ODQ4QkMvQzBGRUU0N0MyNkQwMTFGMDkwMTkxNDlFREFFNEVDOUMvOXlSRnZf
WHFnelVmTG1ZTlRZRXRqelNCN1BNLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvOXlSRnZfWHFnelVmTG1ZTlRZRXRqelNCN1BNLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2ODQ4QkMvQzBGRUU0N0MyNkQwMTFGMDkwMTkxNDlFREFF
NEVDOUMvOTFDNTFDNDQ1N0Y5MTFGMEFDNzM0Qjg4REFFNEVDOUMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAWbdcDANBgkqhkiG9w0BAQsF
AAOCAQEAS8Pnct3iggcRJZg1LJDNiXj2w2iH3urJskHafs4LIHnAHEHPct2AzCOu
vyNeZxxp2Z/CXxtYBtpiIADcQFS+TLhay2rzMNmFfP02jNsAXLcDx2GNxz7lPc9g
2H0ST/Ql9Xg0KrIv7DTjR39a9jysxhJc66icCiPPr5wFxLtzZDo+AiZtA3HCryxi
cb8FqEBqrS7Sb+XP8udI6p+YAvFnx/l1DynFLYZhl1xaYCbXEmnyoqsMNSV/3/u4
BbuFPFmHxCCk4aQshdHzB26F9nha6DdyTnhnAEYyLuXbnfrGVBYtUd5eE7DK0jo9
VLBslSXObeIGdGl9YZQ/cq/8LavLgA==
-----END CERTIFICATE-----
Generated at Fri Jul 4 17:20:40 2025 by rpki-client