Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F369591C/3474032EC24711EDAFA6C79FF1222468/C2C1572A575B11F09F7D4F7FDAE4EC9C.roa
File: C2C1572A575B11F09F7D4F7FDAE4EC9C.roa (raw, json)
Hash identifier: oT7LXoUtdT1Oeg52MZHLEf/CMeovLLw6njnrby9Y2rA=
Subject key identifier: 9E:FD:E5:1E:28:23:35:7C:A4:B6:DC:CC:DF:E5:F6:10:55:8B:E2:E1
Certificate issuer: /CN=F369591CAF/serialNumber=C1090D37DA9FFEEE1A9C229BAFF1190BD22E8934
Certificate serial: 0391
Authority key identifier: C1:09:0D:37:DA:9F:FE:EE:1A:9C:22:9B:AF:F1:19:0B:D2:2E:89:34
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/wQkNN9qf_u4anCKbr_EZC9IuiTQ.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F369591C/3474032EC24711EDAFA6C79FF1222468/C2C1572A575B11F09F7D4F7FDAE4EC9C.roa
Signing time: Wed 02 Jul 2025 15:46:47 +0000
ROA not before: Wed 02 Jul 2025 15:46:31 +0000
ROA not after: Tue 31 Dec 2030 15:46:31 +0000
asID: 15964
IP address blocks: 41.204.76.0/24 maxlen: 24
41.204.94.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F369591C/3474032EC24711EDAFA6C79FF1222468/wQkNN9qf_u4anCKbr_EZC9IuiTQ.crl
rsync://rpki.afrinic.net/repository/member_repository/F369591C/3474032EC24711EDAFA6C79FF1222468/wQkNN9qf_u4anCKbr_EZC9IuiTQ.mft
rsync://rpki.afrinic.net/repository/afrinic/wQkNN9qf_u4anCKbr_EZC9IuiTQ.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 05 Jul 2025 09:07:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 913 (0x391)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F369591CAF, serialNumber=C1090D37DA9FFEEE1A9C229BAFF1190BD22E8934
Validity
Not Before: Jul 2 15:46:31 2025 GMT
Not After : Dec 31 15:46:31 2030 GMT
Subject: CN=68655467-1f1b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:3b:7e:93:76:25:7f:e1:b8:0e:cf:70:ad:8a:
7f:e7:3e:06:61:83:d0:a1:cb:b2:fc:84:89:95:35:
24:82:87:63:f1:c7:bc:ad:eb:9f:64:1a:58:e9:81:
ed:b0:e7:16:e9:1c:d4:08:68:32:e4:c2:74:06:be:
33:ff:c0:20:2c:94:64:fe:61:d9:3b:45:63:7c:61:
65:03:82:ec:8f:9f:8b:e8:76:ce:8a:ef:d0:0c:d7:
05:11:30:25:d2:86:54:82:79:c0:ad:81:7a:66:f9:
61:a5:4f:ee:81:d9:35:40:ba:0d:ec:1b:98:e1:39:
41:9e:e3:33:67:2f:a4:42:c1:ad:44:1a:17:49:7e:
c2:4a:af:3c:f9:73:96:ca:c4:6c:e3:2c:eb:e7:3b:
83:4a:36:6f:44:b7:5c:4e:8d:4c:68:8b:30:64:13:
a4:ec:8d:30:aa:39:24:f3:2a:9e:ac:ab:83:79:3a:
d9:61:2f:41:f6:c1:9e:6d:50:f4:ea:b8:75:de:2f:
17:d5:86:ce:dd:82:cf:82:0e:35:70:5c:c7:d8:f7:
57:86:5c:58:41:c1:e4:3c:e6:b3:f5:c6:8c:09:e9:
d5:eb:da:b6:30:f9:41:45:99:36:27:c8:3e:d5:64:
a4:69:9d:14:ac:2a:4e:4d:a9:44:73:23:96:5c:15:
11:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:FD:E5:1E:28:23:35:7C:A4:B6:DC:CC:DF:E5:F6:10:55:8B:E2:E1
X509v3 Authority Key Identifier:
keyid:C1:09:0D:37:DA:9F:FE:EE:1A:9C:22:9B:AF:F1:19:0B:D2:2E:89:34
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F369591C/3474032EC24711EDAFA6C79FF1222468/wQkNN9qf_u4anCKbr_EZC9IuiTQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/wQkNN9qf_u4anCKbr_EZC9IuiTQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F369591C/3474032EC24711EDAFA6C79FF1222468/C2C1572A575B11F09F7D4F7FDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
41.204.76.0/24
41.204.94.0/24
Signature Algorithm: sha256WithRSAEncryption
60:16:a9:d6:ef:d6:27:38:1e:3d:2d:4b:30:e5:3c:62:07:a2:
a7:e4:dd:5c:07:9c:10:00:27:bd:60:e6:00:02:c0:5f:21:de:
56:7b:1b:58:07:1a:b8:c8:0a:25:ca:f1:cb:c9:ba:44:36:4d:
b8:0a:f5:fb:d9:69:8a:23:35:fd:41:5c:ef:23:24:57:40:2d:
5e:83:34:1d:b9:97:7a:de:e8:0c:6e:1f:95:c7:bf:47:e2:b6:
26:5a:60:8b:ad:08:10:8c:e9:18:7b:b9:75:58:6b:44:14:3a:
2b:d4:2d:d9:e5:df:1f:1e:56:e0:d5:77:17:e3:80:12:43:68:
d9:62:0a:42:fa:49:06:6e:12:aa:15:39:e8:c0:16:f8:ab:c8:
a0:53:24:7b:cf:7a:26:11:90:79:23:60:b9:be:c7:e1:2b:77:
5c:4a:15:3a:64:1a:e2:9c:ce:e7:50:dd:72:de:36:60:dc:fa:
84:da:69:ea:67:4b:61:b8:72:34:6d:7a:a8:62:11:bf:e6:28:
41:f1:21:fc:85:f1:7a:e7:98:11:d9:86:e8:56:18:2a:89:46:
c5:37:8a:c4:64:58:09:20:b8:34:13:63:53:3e:a0:f8:ae:0f:
d9:99:0d:b6:ee:c0:e7:b0:5d:82:73:d7:93:dd:dc:2b:2b:7f:
3e:bc:90:d1
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgICA5EwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
OTU5MUNBRjExMC8GA1UEBRMoQzEwOTBEMzdEQTlGRkVFRTFBOUMyMjlCQUZGMTE5
MEJEMjJFODkzNDAeFw0yNTA3MDIxNTQ2MzFaFw0zMDEyMzExNTQ2MzFaMBgxFjAU
BgNVBAMTDTY4NjU1NDY3LTFmMWIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDDO36TdiV/4bgOz3Ctin/nPgZhg9Chy7L8hImVNSSCh2Pxx7yt659kGljp
ge2w5xbpHNQIaDLkwnQGvjP/wCAslGT+Ydk7RWN8YWUDguyPn4vods6K79AM1wUR
MCXShlSCecCtgXpm+WGlT+6B2TVAug3sG5jhOUGe4zNnL6RCwa1EGhdJfsJKrzz5
c5bKxGzjLOvnO4NKNm9Et1xOjUxoizBkE6TsjTCqOSTzKp6sq4N5OtlhL0H2wZ5t
UPTquHXeLxfVhs7dgs+CDjVwXMfY91eGXFhBweQ85rP1xowJ6dXr2rYw+UFFmTYn
yD7VZKRpnRSsKk5NqURzI5ZcFRGXAgMBAAGjggKrMIICpzAdBgNVHQ4EFgQUnv3l
HigjNXykttzM3+X2EFWL4uEwHwYDVR0jBBgwFoAUwQkNN9qf/u4anCKbr/EZC9Iu
iTQwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjk1OTFDLzM0NzQwMzJFQzI0NzExRURBRkE2Qzc5RkYxMjIyNDY4L3dRa05O
OXFmX3U0YW5DS2JyX0VaQzlJdWlUUS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL3dRa05OOXFmX3U0YW5DS2JyX0VaQzlJdWlUUS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjk1OTFDLzM0NzQwMzJFQzI0NzExRURBRkE2Qzc5RkYx
MjIyNDY4L0MyQzE1NzJBNTc1QjExRjA5RjdENEY3RkRBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBAApzEwDBAApzF4wDQYJKoZI
hvcNAQELBQADggEBAGAWqdbv1ic4Hj0tSzDlPGIHoqfk3VwHnBAAJ71g5gACwF8h
3lZ7G1gHGrjICiXK8cvJukQ2TbgK9fvZaYojNf1BXO8jJFdALV6DNB25l3re6Axu
H5XHv0fitiZaYIutCBCM6Rh7uXVYa0QUOivULdnl3x8eVuDVdxfjgBJDaNliCkL6
SQZuEqoVOejAFviryKBTJHvPeiYRkHkjYLm+x+Erd1xKFTpkGuKczudQ3XLeNmDc
+oTaaepnS2G4cjRteqhiEb/mKEHxIfyF8XrnmBHZhuhWGCqJRsU3isRkWAkguDQT
Y1M+oPiuD9mZDbbuwOewXYJz15Pd3Csrfz68kNE=
-----END CERTIFICATE-----
Generated at Thu Jul 3 13:07:24 2025 by rpki-client