Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36D2FA4/3425FC804CEA11F0948EF79BDAE4EC9C/DD733EA6501911F081EC1BD5DAE4EC9C.roa
File: DD733EA6501911F081EC1BD5DAE4EC9C.roa (raw, json)
Hash identifier: pTSTw7CMzw5Tzo3x06Bd0K5rfFXqGfOJjDBXR7lNILg=
Subject key identifier: 37:BA:EF:A0:5B:45:3E:7B:34:64:A3:E4:81:BF:0C:8E:12:91:2C:1D
Certificate issuer: /CN=F36D2FA4AR/serialNumber=4121D28E0BB9EAFEE02003F923AC740C26F58364
Certificate serial: 0A
Authority key identifier: 41:21:D2:8E:0B:B9:EA:FE:E0:20:03:F9:23:AC:74:0C:26:F5:83:64
Authority info access: rsync://rpki.afrinic.net/repository/arin/QSHSjgu56v7gIAP5I6x0DCb1g2Q.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36D2FA4/3425FC804CEA11F0948EF79BDAE4EC9C/DD733EA6501911F081EC1BD5DAE4EC9C.roa
Signing time: Mon 23 Jun 2025 10:07:27 +0000
ROA not before: Mon 23 Jun 2025 10:07:23 +0000
ROA not after: Mon 21 Jun 2049 10:07:23 +0000
asID: 3741
IP address blocks: 152.111.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36D2FA4/3425FC804CEA11F0948EF79BDAE4EC9C/QSHSjgu56v7gIAP5I6x0DCb1g2Q.crl
rsync://rpki.afrinic.net/repository/member_repository/F36D2FA4/3425FC804CEA11F0948EF79BDAE4EC9C/QSHSjgu56v7gIAP5I6x0DCb1g2Q.mft
rsync://rpki.afrinic.net/repository/arin/QSHSjgu56v7gIAP5I6x0DCb1g2Q.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 02 Jul 2025 00:26:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10 (0xa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36D2FA4AR, serialNumber=4121D28E0BB9EAFEE02003F923AC740C26F58364
Validity
Not Before: Jun 23 10:07:23 2025 GMT
Not After : Jun 21 10:07:23 2049 GMT
Subject: CN=6859275f-4336
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:73:a9:65:99:b9:15:06:8a:70:e7:f8:22:c8:
19:93:85:83:6b:5e:c7:62:b6:14:d7:39:c3:2f:b6:
8a:67:44:e4:7d:23:c4:dc:6e:e4:0f:0a:6f:1a:03:
6d:81:28:dc:6c:06:c2:fb:9b:48:b7:b8:66:3b:1d:
c7:f0:6e:c8:b1:ea:7a:96:a2:fc:57:76:64:34:12:
cf:74:99:c5:13:48:56:f8:47:40:73:70:12:e7:4d:
42:8e:61:e5:ef:c7:28:9c:19:75:9d:08:18:37:dc:
df:37:2d:4c:a6:d9:1c:90:46:83:f6:d5:4d:8b:78:
b3:7c:d9:72:b4:de:4f:49:e4:1d:0a:ca:60:1e:01:
28:b3:29:38:bc:91:a5:35:94:09:cf:8a:70:04:da:
86:1f:e9:54:a9:9f:52:cd:a4:f8:47:9e:0a:9a:af:
75:c4:f5:5f:96:09:e4:0a:b4:d9:88:d0:e5:83:e6:
a9:5d:ba:37:79:78:ea:7a:50:98:68:d3:c5:e5:70:
86:ce:32:86:45:55:76:2f:74:f4:85:40:3d:dc:3a:
5f:72:dd:04:4e:f7:18:6f:53:0b:75:cf:fb:50:51:
c3:04:cd:b7:91:dc:90:cd:de:fd:cf:10:bf:b1:1c:
3e:d5:b0:59:64:ab:13:f3:32:74:3d:26:8e:d7:4b:
16:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:BA:EF:A0:5B:45:3E:7B:34:64:A3:E4:81:BF:0C:8E:12:91:2C:1D
X509v3 Authority Key Identifier:
keyid:41:21:D2:8E:0B:B9:EA:FE:E0:20:03:F9:23:AC:74:0C:26:F5:83:64
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36D2FA4/3425FC804CEA11F0948EF79BDAE4EC9C/QSHSjgu56v7gIAP5I6x0DCb1g2Q.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/QSHSjgu56v7gIAP5I6x0DCb1g2Q.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36D2FA4/3425FC804CEA11F0948EF79BDAE4EC9C/DD733EA6501911F081EC1BD5DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
152.111.0.0/16
Signature Algorithm: sha256WithRSAEncryption
39:38:bb:e7:d3:af:ec:67:0d:eb:90:97:7e:88:38:1c:8b:6c:
5e:c6:45:0d:15:86:58:73:c9:c1:00:7a:07:41:81:80:12:c5:
ca:fb:7a:73:1d:30:d3:39:bc:31:fb:09:6a:4b:ac:29:09:d1:
84:a4:78:d9:40:a7:f1:23:14:91:9e:e1:dd:c8:9f:cd:be:60:
f4:6e:d2:13:bf:76:62:d0:e9:82:17:e7:f5:6a:2b:63:26:6a:
c5:77:16:0b:2c:4a:e0:47:63:93:dc:37:35:70:bb:74:d3:b0:
4e:76:01:bc:70:5c:50:fe:08:26:37:7a:ff:88:85:07:95:e6:
c6:cc:4a:53:19:8a:96:ad:39:b6:da:9b:04:93:be:6f:e4:e6:
a3:57:6b:b1:b0:03:a8:28:42:5b:40:3a:12:c0:cb:36:15:a6:
87:bd:ce:ab:3b:28:3f:4d:80:c2:91:2f:bf:2c:3e:87:15:ff:
99:2a:0e:87:e7:3f:f4:fc:c5:17:3c:e3:be:4a:d8:78:a0:97:
36:78:dc:a8:e4:ad:9f:35:29:50:86:0b:bf:b8:a7:31:15:14:
c8:b4:5f:0d:c5:67:3b:16:fb:23:50:40:61:d1:d8:eb:be:a0:
e8:3f:2d:b6:0b:bc:6b:90:9e:00:fe:e1:85:e2:41:a0:1e:4f:
ed:c0:c7:88
-----BEGIN CERTIFICATE-----
MIIFfjCCBGagAwIBAgIBCjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZE
MkZBNEFSMTEwLwYDVQQFEyg0MTIxRDI4RTBCQjlFQUZFRTAyMDAzRjkyM0FDNzQw
QzI2RjU4MzY0MB4XDTI1MDYyMzEwMDcyM1oXDTQ5MDYyMTEwMDcyM1owGDEWMBQG
A1UEAxMNNjg1OTI3NWYtNDMzNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJlzqWWZuRUGinDn+CLIGZOFg2tex2K2FNc5wy+2imdE5H0jxNxu5A8KbxoD
bYEo3GwGwvubSLe4Zjsdx/BuyLHqepai/Fd2ZDQSz3SZxRNIVvhHQHNwEudNQo5h
5e/HKJwZdZ0IGDfc3zctTKbZHJBGg/bVTYt4s3zZcrTeT0nkHQrKYB4BKLMpOLyR
pTWUCc+KcATahh/pVKmfUs2k+EeeCpqvdcT1X5YJ5Aq02YjQ5YPmqV26N3l46npQ
mGjTxeVwhs4yhkVVdi909IVAPdw6X3LdBE73GG9TC3XP+1BRwwTNt5HckM3e/c8Q
v7EcPtWwWWSrE/MydD0mjtdLFtcCAwEAAaOCAqEwggKdMB0GA1UdDgQWBBQ3uu+g
W0U+ezRko+SBvwyOEpEsHTAfBgNVHSMEGDAWgBRBIdKOC7nq/uAgA/kjrHQMJvWD
ZDAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2RDJGQTQvMzQyNUZDODA0Q0VBMTFGMDk0OEVGNzlCREFFNEVDOUMvUVNIU2pn
dTU2djdnSUFQNUk2eDBEQ2IxZzJRLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2FyaW4v
UVNIU2pndTU2djdnSUFQNUk2eDBEQ2IxZzJRLmNlcjBPBgNVHSABAf8ERTBDMEEG
CCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmljLm5l
dC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUFBzAL
hoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3Jl
cG9zaXRvcnkvRjM2RDJGQTQvMzQyNUZDODA0Q0VBMTFGMDk0OEVGNzlCREFFNEVD
OUMvREQ3MzNFQTY1MDE5MTFGMDgxRUMxQkQ1REFFNEVDOUMucm9hMDUGCCsGAQUF
BzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAe
BggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJhvMA0GCSqGSIb3DQEBCwUAA4IB
AQA5OLvn06/sZw3rkJd+iDgci2xexkUNFYZYc8nBAHoHQYGAEsXK+3pzHTDTObwx
+wlqS6wpCdGEpHjZQKfxIxSRnuHdyJ/NvmD0btITv3Zi0OmCF+f1aitjJmrFdxYL
LErgR2OT3Dc1cLt007BOdgG8cFxQ/ggmN3r/iIUHlebGzEpTGYqWrTm22psEk75v
5OajV2uxsAOoKEJbQDoSwMs2FaaHvc6rOyg/TYDCkS+/LD6HFf+ZKg6H5z/0/MUX
POO+Sth4oJc2eNyo5K2fNSlQhgu/uKcxFRTItF8NxWc7FvsjUEBh0djrvqDoPy22
C7xrkJ4A/uGF4kGgHk/twMeI
-----END CERTIFICATE-----
Generated at Mon Jun 30 18:53:38 2025 by rpki-client