Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36FDDEE/214C5AECB49B11EAA3F61F0FF8AEA228/F0EF141C4FAD11F0A2CF018ADAE4EC9C.roa
File: F0EF141C4FAD11F0A2CF018ADAE4EC9C.roa (raw, json)
Hash identifier: s9CANyFnnMQFBebtZSUl9JpC2l7TIpoth6Vtnvo8L04=
Subject key identifier: 14:40:1E:F6:D9:C6:4F:7F:42:7F:7C:74:5D:0A:CF:96:37:68:DB:CB
Certificate issuer: /CN=F36FDDEEAF/serialNumber=2CD31C3C251F5EDA183F938E7FCB3A4A1DBA89DD
Certificate serial: 0770
Authority key identifier: 2C:D3:1C:3C:25:1F:5E:DA:18:3F:93:8E:7F:CB:3A:4A:1D:BA:89:DD
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/LNMcPCUfXtoYP5OOf8s6Sh26id0.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36FDDEE/214C5AECB49B11EAA3F61F0FF8AEA228/F0EF141C4FAD11F0A2CF018ADAE4EC9C.roa
Signing time: Sun 22 Jun 2025 21:14:54 +0000
ROA not before: Sun 22 Jun 2025 21:14:50 +0000
ROA not after: Sat 30 Jun 2040 21:14:50 +0000
asID: 19905
IP address blocks: 41.206.0.0/19 maxlen: 24
41.220.64.0/20 maxlen: 24
102.88.0.0/13 maxlen: 24
197.210.0.0/16 maxlen: 24
2c0f:f5c0::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36FDDEE/214C5AECB49B11EAA3F61F0FF8AEA228/LNMcPCUfXtoYP5OOf8s6Sh26id0.crl
rsync://rpki.afrinic.net/repository/member_repository/F36FDDEE/214C5AECB49B11EAA3F61F0FF8AEA228/LNMcPCUfXtoYP5OOf8s6Sh26id0.mft
rsync://rpki.afrinic.net/repository/afrinic/LNMcPCUfXtoYP5OOf8s6Sh26id0.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 01 Jul 2025 00:06:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1904 (0x770)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36FDDEEAF, serialNumber=2CD31C3C251F5EDA183F938E7FCB3A4A1DBA89DD
Validity
Not Before: Jun 22 21:14:50 2025 GMT
Not After : Jun 30 21:14:50 2040 GMT
Subject: CN=6858724e-fd97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:52:a9:98:d5:f8:4d:23:dd:58:4a:29:1b:11:
a8:73:46:de:f9:d2:e3:01:d9:77:9d:76:50:8a:22:
f6:fb:5c:98:cb:f4:aa:fc:e0:4a:d2:e3:63:c2:98:
89:63:19:e4:ce:46:16:be:2f:17:d1:e1:72:47:b8:
c1:e4:c5:74:e1:0e:3e:1b:ea:66:14:d4:d8:e1:5a:
9a:dc:83:51:ac:5f:23:6a:68:52:54:2b:9b:69:fa:
e4:dd:1d:ba:0c:37:40:d2:e8:e5:2d:aa:17:a7:5e:
f4:c4:a5:c2:24:aa:b8:af:fa:37:cf:2e:75:31:33:
2d:10:bb:ce:7d:54:f5:fb:5b:a3:46:8e:38:f6:73:
71:5a:2d:b9:4a:21:d1:34:e4:69:24:70:17:62:5b:
5f:61:1c:bc:0a:42:43:63:01:cc:d7:9a:0c:76:65:
14:db:85:56:28:ee:9f:63:8d:06:48:fb:79:de:c5:
7a:1e:a1:49:46:e8:b4:63:52:71:f6:3a:a5:a2:11:
4a:d3:aa:a1:e0:d2:cd:53:3a:b5:df:7b:55:77:c5:
51:26:48:ce:49:c9:bc:8c:a6:8f:af:25:48:22:b2:
6d:ad:e0:ca:1b:8c:b1:66:12:bf:c2:5c:cd:92:23:
6a:24:56:fe:e0:83:56:3a:11:19:67:17:37:e2:c8:
4a:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:40:1E:F6:D9:C6:4F:7F:42:7F:7C:74:5D:0A:CF:96:37:68:DB:CB
X509v3 Authority Key Identifier:
keyid:2C:D3:1C:3C:25:1F:5E:DA:18:3F:93:8E:7F:CB:3A:4A:1D:BA:89:DD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36FDDEE/214C5AECB49B11EAA3F61F0FF8AEA228/LNMcPCUfXtoYP5OOf8s6Sh26id0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/LNMcPCUfXtoYP5OOf8s6Sh26id0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36FDDEE/214C5AECB49B11EAA3F61F0FF8AEA228/F0EF141C4FAD11F0A2CF018ADAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
41.206.0.0/19
41.220.64.0/20
102.88.0.0/13
197.210.0.0/16
IPv6:
2c0f:f5c0::/32
Signature Algorithm: sha256WithRSAEncryption
1c:d0:6f:51:42:12:04:ff:74:f7:a4:94:f5:00:22:f4:08:46:
01:12:39:5f:37:40:44:ce:85:80:74:bf:3a:99:9a:00:a3:9e:
a5:d4:e0:e4:e1:89:91:47:17:5b:2a:4e:1f:fa:84:26:d2:a0:
72:dc:ce:51:a0:29:32:0c:ce:7a:1f:c8:f7:3a:2d:da:30:38:
40:c4:81:80:8c:dd:3f:82:1c:44:24:4f:31:66:ff:19:aa:c5:
17:e0:d9:0d:ca:bc:49:89:ee:f9:cd:af:b9:71:ea:88:67:0f:
cf:06:a7:12:11:3d:06:ed:c1:8d:fd:63:4b:ff:30:ca:ba:94:
86:0d:ff:6f:fd:18:ad:49:ee:d1:fb:95:c4:29:3e:28:f7:5d:
79:c5:2f:fc:91:c8:9d:bb:0d:4c:4a:6a:be:ea:53:b9:20:ca:
2e:08:12:f4:83:ab:aa:d8:33:a2:ce:f5:b6:b3:c4:57:27:80:
b3:26:7e:11:af:5e:15:4c:02:61:f2:b7:1c:14:a4:54:15:0c:
89:ac:ac:02:0f:02:33:81:ac:2f:e8:6e:dd:f3:30:09:2d:ea:
5a:e5:83:31:87:66:b0:2b:a0:24:21:c5:7a:8f:f6:c1:bc:d1:
44:8a:18:96:c4:5c:cf:49:9e:6f:91:a7:e7:04:05:4d:5f:84:
41:5a:e1:96
-----BEGIN CERTIFICATE-----
MIIFojCCBIqgAwIBAgICB3AwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
RkRERUVBRjExMC8GA1UEBRMoMkNEMzFDM0MyNTFGNUVEQTE4M0Y5MzhFN0ZDQjNB
NEExREJBODlERDAeFw0yNTA2MjIyMTE0NTBaFw00MDA2MzAyMTE0NTBaMBgxFjAU
BgNVBAMTDTY4NTg3MjRlLWZkOTcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC2UqmY1fhNI91YSikbEahzRt750uMB2XeddlCKIvb7XJjL9Kr84ErS42PC
mIljGeTORha+LxfR4XJHuMHkxXThDj4b6mYU1NjhWprcg1GsXyNqaFJUK5tp+uTd
HboMN0DS6OUtqhenXvTEpcIkqriv+jfPLnUxMy0Qu859VPX7W6NGjjj2c3FaLblK
IdE05GkkcBdiW19hHLwKQkNjAczXmgx2ZRTbhVYo7p9jjQZI+3nexXoeoUlG6LRj
UnH2OqWiEUrTqqHg0s1TOrXfe1V3xVEmSM5JybyMpo+vJUgism2t4MobjLFmEr/C
XM2SI2okVv7gg1Y6ERlnFzfiyEpjAgMBAAGjggLEMIICwDAdBgNVHQ4EFgQUFEAe
9tnGT39Cf3x0XQrPljdo28swHwYDVR0jBBgwFoAULNMcPCUfXtoYP5OOf8s6Sh26
id0wDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkZEREVFLzIxNEM1QUVDQjQ5QjExRUFBM0Y2MUYwRkY4QUVBMjI4L0xOTWNQ
Q1VmWHRvWVA1T09mOHM2U2gyNmlkMC5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0xOTWNQQ1VmWHRvWVA1T09mOHM2U2gyNmlkMC5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkZEREVFLzIxNEM1QUVDQjQ5QjExRUFBM0Y2MUYwRkY4
QUVBMjI4L0YwRUYxNDFDNEZBRDExRjBBMkNGMDE4QURBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwPgYIKwYBBQUHAQcBAf8ELzAtMBwEAgABMBYDBAUpzgADBAQp3EADAwNmWAMD
AMXSMA0EAgACMAcDBQAsD/XAMA0GCSqGSIb3DQEBCwUAA4IBAQAc0G9RQhIE/3T3
pJT1ACL0CEYBEjlfN0BEzoWAdL86mZoAo56l1ODk4YmRRxdbKk4f+oQm0qBy3M5R
oCkyDM56H8j3Oi3aMDhAxIGAjN0/ghxEJE8xZv8ZqsUX4NkNyrxJie75za+5ceqI
Zw/PBqcSET0G7cGN/WNL/zDKupSGDf9v/RitSe7R+5XEKT4o9115xS/8kciduw1M
Smq+6lO5IMouCBL0g6uq2DOizvW2s8RXJ4CzJn4Rr14VTAJh8rccFKRUFQyJrKwC
DwIzgawv6G7d8zAJLepa5YMxh2awK6AkIcV6j/bBvNFEihiWxFzPSZ5vkafnBAVN
X4RBWuGW
-----END CERTIFICATE-----
Generated at Sun Jun 29 16:22:19 2025 by rpki-client