Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F361B707/97762DB65D5A11F0A1BEE598DAE4EC9C/CB94846E5D6211F0B1684ACBDAE4EC9C.roa
File: CB94846E5D6211F0B1684ACBDAE4EC9C.roa (raw, json)
Hash identifier: q7K9u94mHC6e9oaI7qiGUP+yKcVwp0btej/mCAe6shI=
Subject key identifier: AD:9E:CC:14:BD:93:41:84:9A:CB:FE:BD:91:0C:DE:22:F4:3B:D9:75
Certificate issuer: /CN=F361B707AF/serialNumber=03B1EC5489A7245A540D08253DF855295EA2175B
Certificate serial: 09
Authority key identifier: 03:B1:EC:54:89:A7:24:5A:54:0D:08:25:3D:F8:55:29:5E:A2:17:5B
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/A7HsVImnJFpUDQglPfhVKV6iF1s.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F361B707/97762DB65D5A11F0A1BEE598DAE4EC9C/CB94846E5D6211F0B1684ACBDAE4EC9C.roa
Signing time: Thu 10 Jul 2025 07:52:16 +0000
ROA not before: Thu 10 Jul 2025 07:52:11 +0000
ROA not after: Wed 10 Jul 2030 07:52:11 +0000
asID: 37604
IP address blocks: 41.191.64.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F361B707/97762DB65D5A11F0A1BEE598DAE4EC9C/A7HsVImnJFpUDQglPfhVKV6iF1s.crl
rsync://rpki.afrinic.net/repository/member_repository/F361B707/97762DB65D5A11F0A1BEE598DAE4EC9C/A7HsVImnJFpUDQglPfhVKV6iF1s.mft
rsync://rpki.afrinic.net/repository/afrinic/A7HsVImnJFpUDQglPfhVKV6iF1s.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 11 Aug 2025 00:06:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9 (0x9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F361B707AF, serialNumber=03B1EC5489A7245A540D08253DF855295EA2175B
Validity
Not Before: Jul 10 07:52:11 2025 GMT
Not After : Jul 10 07:52:11 2030 GMT
Subject: CN=686f7130-4a50
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:35:ae:19:2d:9c:31:06:52:20:b6:d2:3b:89:
f3:1a:80:80:97:3b:30:aa:64:f0:11:38:90:6b:5c:
91:6b:3d:2e:ba:fd:46:31:da:eb:f8:65:b7:3d:5a:
71:95:ea:48:4b:77:79:c8:f4:95:a7:e0:44:a8:c1:
8a:d9:c0:4e:13:86:f3:41:d9:82:f6:5e:1b:02:7a:
3a:58:9b:9e:6e:f9:a6:81:d9:d6:9a:96:a3:50:1e:
6f:ce:5b:76:7b:4a:66:9b:1d:ad:55:3a:18:00:e1:
6b:10:e8:46:a6:4b:d5:dc:20:e5:14:64:a4:d4:b9:
25:04:76:17:35:58:47:c2:0d:b5:45:24:a0:a1:d3:
4c:b1:4d:f7:c1:cd:51:e3:a0:fe:90:be:44:84:39:
3d:28:25:7f:f7:b4:bf:d6:ce:af:ff:5a:b6:ed:67:
74:73:ff:86:5d:a6:14:d4:bb:3d:a6:77:81:51:5a:
c9:3f:7e:25:b1:e2:19:26:ff:10:23:61:f6:7e:5d:
53:f0:23:1d:8e:da:b7:27:a4:c9:6b:f2:51:ee:3d:
c6:21:4a:52:5f:9d:43:a5:38:cc:9a:47:4f:5a:67:
e5:d2:a1:a9:cd:30:d8:9f:59:16:e6:b3:e5:a9:ed:
7c:cd:60:ce:0a:93:56:1f:d6:ac:a9:07:60:cb:81:
6c:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:9E:CC:14:BD:93:41:84:9A:CB:FE:BD:91:0C:DE:22:F4:3B:D9:75
X509v3 Authority Key Identifier:
keyid:03:B1:EC:54:89:A7:24:5A:54:0D:08:25:3D:F8:55:29:5E:A2:17:5B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F361B707/97762DB65D5A11F0A1BEE598DAE4EC9C/A7HsVImnJFpUDQglPfhVKV6iF1s.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/A7HsVImnJFpUDQglPfhVKV6iF1s.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F361B707/97762DB65D5A11F0A1BEE598DAE4EC9C/CB94846E5D6211F0B1684ACBDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
41.191.64.0/22
Signature Algorithm: sha256WithRSAEncryption
21:8f:32:c6:83:36:9a:be:63:b8:a7:78:61:d8:a7:e5:01:1a:
7f:ab:a0:5d:00:70:71:20:e5:30:52:04:29:3f:d1:80:84:42:
05:ae:0b:8b:0d:36:55:41:20:3b:cd:f6:d6:5e:61:48:38:13:
d0:6d:cc:79:2b:e3:85:dc:f2:dc:ba:9d:9f:5e:7b:8d:55:de:
08:05:27:95:cf:8d:98:81:c9:1c:d3:e6:4b:f2:67:54:21:af:
f3:1f:91:7b:22:a9:0e:6f:96:10:ee:66:ea:2a:da:8c:6f:88:
58:45:10:f8:e8:9e:37:a7:91:47:19:db:60:3a:d0:b2:ed:9c:
93:c9:13:52:d5:07:6f:85:eb:de:d6:a2:71:43:15:2c:91:ca:
77:81:1d:c9:ca:93:ef:2f:67:0e:59:3c:07:9d:16:7a:06:63:
7c:c9:42:db:95:03:6e:38:68:b5:4f:39:d1:a7:5e:87:54:51:
df:ad:f9:58:f8:f0:b2:27:27:b9:f3:da:8c:a5:8b:1b:99:cb:
21:ef:0c:71:c1:89:5a:0f:a1:24:c7:78:ea:c0:49:c1:c0:25:
1b:f0:e5:90:e7:73:ad:2e:46:6b:18:f3:4e:a8:69:7d:c9:cd:
1a:ac:25:0b:38:6b:c1:01:43:57:96:93:8d:b8:f6:32:f7:e4:
4f:4a:72:bd
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBCTANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzYx
QjcwN0FGMTEwLwYDVQQFEygwM0IxRUM1NDg5QTcyNDVBNTQwRDA4MjUzREY4NTUy
OTVFQTIxNzVCMB4XDTI1MDcxMDA3NTIxMVoXDTMwMDcxMDA3NTIxMVowGDEWMBQG
A1UEAxMNNjg2ZjcxMzAtNGE1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALY1rhktnDEGUiC20juJ8xqAgJc7MKpk8BE4kGtckWs9Lrr9RjHa6/hltz1a
cZXqSEt3ecj0lafgRKjBitnAThOG80HZgvZeGwJ6Olibnm75poHZ1pqWo1Aeb85b
dntKZpsdrVU6GADhaxDoRqZL1dwg5RRkpNS5JQR2FzVYR8INtUUkoKHTTLFN98HN
UeOg/pC+RIQ5PSglf/e0v9bOr/9atu1ndHP/hl2mFNS7PaZ3gVFayT9+JbHiGSb/
ECNh9n5dU/AjHY7atyekyWvyUe49xiFKUl+dQ6U4zJpHT1pn5dKhqc0w2J9ZFuaz
5antfM1gzgqTVh/WrKkHYMuBbHECAwEAAaOCAqUwggKhMB0GA1UdDgQWBBStnswU
vZNBhJrL/r2RDN4i9DvZdTAfBgNVHSMEGDAWgBQDsexUiackWlQNCCU9+FUpXqIX
WzAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2MUI3MDcvOTc3NjJEQjY1RDVBMTFGMEExQkVFNTk4REFFNEVDOUMvQTdIc1ZJ
bW5KRnBVRFFnbFBmaFZLVjZpRjFzLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvQTdIc1ZJbW5KRnBVRFFnbFBmaFZLVjZpRjFzLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2MUI3MDcvOTc3NjJEQjY1RDVBMTFGMEExQkVFNTk4REFF
NEVDOUMvQ0I5NDg0NkU1RDYyMTFGMEIxNjg0QUNCREFFNEVDOUMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAim/QDANBgkqhkiG9w0BAQsF
AAOCAQEAIY8yxoM2mr5juKd4Ydin5QEaf6ugXQBwcSDlMFIEKT/RgIRCBa4Liw02
VUEgO8321l5hSDgT0G3MeSvjhdzy3Lqdn157jVXeCAUnlc+NmIHJHNPmS/JnVCGv
8x+ReyKpDm+WEO5m6irajG+IWEUQ+OieN6eRRxnbYDrQsu2ck8kTUtUHb4Xr3tai
cUMVLJHKd4EdycqT7y9nDlk8B50WegZjfMlC25UDbjhotU850adeh1RR3635WPjw
sicnufPajKWLG5nLIe8MccGJWg+hJMd46sBJwcAlG/DlkOdzrS5GaxjzTqhpfcnN
GqwlCzhrwQFDV5aTjbj2MvfkT0pyvQ==
-----END CERTIFICATE-----
Generated at Sat Aug 9 20:48:52 2025 by rpki-client