Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F364ECB6/8696F7A6FDD511EC94AA4FCBF1222468/8A3DCB9072AE11F0B83B26D8DAE4EC9C.roa
File: 8A3DCB9072AE11F0B83B26D8DAE4EC9C.roa (raw, json)
Hash identifier: h7BfLem+lt8sj9UINDClAa5pp82tMDXEYcWtLgpqyKw=
Subject key identifier: C5:81:AA:8F:F2:0F:79:D0:32:87:4D:53:42:67:EA:6D:24:E3:E5:8F
Certificate issuer: /CN=F364ECB6AF/serialNumber=E774A130238F972BAED328BD4038FCAF82D784B7
Certificate serial: 048E
Authority key identifier: E7:74:A1:30:23:8F:97:2B:AE:D3:28:BD:40:38:FC:AF:82:D7:84:B7
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/53ShMCOPlyuu0yi9QDj8r4LXhLc.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F364ECB6/8696F7A6FDD511EC94AA4FCBF1222468/8A3DCB9072AE11F0B83B26D8DAE4EC9C.roa
Signing time: Wed 06 Aug 2025 10:17:22 +0000
ROA not before: Wed 06 Aug 2025 10:17:17 +0000
ROA not after: Fri 06 Aug 2027 10:17:17 +0000
asID: 36902
IP address blocks: 41.203.240.0/20 maxlen: 24
41.220.96.0/20 maxlen: 24
154.70.160.0/19 maxlen: 24
196.46.148.0/22 maxlen: 24
197.234.0.0/20 maxlen: 24
2c0f:efa0::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F364ECB6/8696F7A6FDD511EC94AA4FCBF1222468/53ShMCOPlyuu0yi9QDj8r4LXhLc.crl
rsync://rpki.afrinic.net/repository/member_repository/F364ECB6/8696F7A6FDD511EC94AA4FCBF1222468/53ShMCOPlyuu0yi9QDj8r4LXhLc.mft
rsync://rpki.afrinic.net/repository/afrinic/53ShMCOPlyuu0yi9QDj8r4LXhLc.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 13 Aug 2025 00:06:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1166 (0x48e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F364ECB6AF, serialNumber=E774A130238F972BAED328BD4038FCAF82D784B7
Validity
Not Before: Aug 6 10:17:17 2025 GMT
Not After : Aug 6 10:17:17 2027 GMT
Subject: CN=68932bb2-803a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:81:71:46:04:d5:61:ae:2c:48:d9:15:22:d9:
d8:3e:e4:80:0a:e0:98:c1:ba:b2:8e:b3:a6:27:4f:
c5:ff:fa:88:0d:1f:84:ed:21:ec:d8:4a:ea:5b:cd:
bc:bf:d3:23:a9:7b:c2:fe:68:e3:3c:1b:89:8c:8a:
e0:92:c9:cf:69:27:ca:52:72:5f:79:f4:75:65:28:
58:8e:3a:15:22:20:89:ad:1a:43:2d:0b:24:f5:25:
f2:62:e9:e8:31:ed:d4:58:fe:89:cd:81:61:ca:48:
a3:de:03:6c:c6:8a:e7:35:a1:fa:6c:3f:a7:a9:43:
2e:7a:79:7c:d4:a9:23:e7:7a:c0:89:b2:3c:31:3e:
44:fc:8c:9d:90:44:af:ae:0b:f8:cb:10:b9:f0:f1:
b7:54:f1:6e:d1:7d:48:37:b5:da:b6:c7:5d:b9:a4:
7b:78:5b:d6:cc:5b:cf:72:8f:1e:1e:ff:27:14:c9:
f1:17:fb:c5:c1:4b:a0:c3:fa:ed:99:71:f1:b0:b1:
be:54:78:29:4c:df:e7:9e:24:8c:05:95:5a:c9:a3:
16:96:b8:cc:29:36:88:0f:7e:60:36:d3:98:69:2b:
57:c5:c3:b4:15:78:99:33:b9:7e:76:cb:be:07:be:
3f:67:2e:ae:89:62:1f:4b:68:63:43:f7:80:d6:ac:
a7:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:81:AA:8F:F2:0F:79:D0:32:87:4D:53:42:67:EA:6D:24:E3:E5:8F
X509v3 Authority Key Identifier:
keyid:E7:74:A1:30:23:8F:97:2B:AE:D3:28:BD:40:38:FC:AF:82:D7:84:B7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F364ECB6/8696F7A6FDD511EC94AA4FCBF1222468/53ShMCOPlyuu0yi9QDj8r4LXhLc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/53ShMCOPlyuu0yi9QDj8r4LXhLc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F364ECB6/8696F7A6FDD511EC94AA4FCBF1222468/8A3DCB9072AE11F0B83B26D8DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
41.203.240.0/20
41.220.96.0/20
154.70.160.0/19
196.46.148.0/22
197.234.0.0/20
IPv6:
2c0f:efa0::/32
Signature Algorithm: sha256WithRSAEncryption
b1:0c:81:3e:76:69:1c:5c:5b:9e:b6:2d:04:b2:9a:04:fc:ce:
81:02:84:b9:c3:e9:5a:db:ec:f7:58:45:2d:be:85:53:62:57:
af:d9:04:5c:27:c6:b2:95:af:7f:ab:f2:bf:93:29:6a:88:cf:
47:0a:a5:09:b3:d3:df:f8:41:cc:07:15:70:9d:fe:1b:a2:4f:
5c:1c:04:17:9d:a2:c1:51:48:0b:d5:08:93:b6:a9:82:9a:44:
b8:de:ca:d6:0b:75:dd:9c:d6:5b:38:e6:de:88:b7:1e:61:fb:
92:c2:a6:ee:e9:52:87:26:77:1e:d3:21:3c:8e:4d:73:2d:62:
9a:ac:af:10:2e:c4:a6:42:14:99:e6:5f:18:b8:35:82:16:00:
2c:ec:13:56:59:5a:34:61:e8:0b:e7:dc:de:bf:b6:4e:b1:df:
f5:16:a9:2b:f0:79:ce:a7:d8:48:c3:dc:36:90:16:29:5d:96:
95:c4:56:46:27:4b:25:a8:67:fb:c6:7c:a7:ae:f0:25:a2:35:
0a:d6:d8:b1:ff:1f:f7:60:27:43:fb:c8:de:61:9a:81:77:19:
e3:3a:2a:7f:5b:3a:2f:3a:6d:af:14:87:15:65:dd:e8:05:6c:
e7:fa:dc:71:24:1b:b2:29:c9:bb:9b:81:9b:75:40:b1:5a:b9:
01:a7:d6:e5
-----BEGIN CERTIFICATE-----
MIIFqjCCBJKgAwIBAgICBI4wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
NEVDQjZBRjExMC8GA1UEBRMoRTc3NEExMzAyMzhGOTcyQkFFRDMyOEJENDAzOEZD
QUY4MkQ3ODRCNzAeFw0yNTA4MDYxMDE3MTdaFw0yNzA4MDYxMDE3MTdaMBgxFjAU
BgNVBAMTDTY4OTMyYmIyLTgwM2EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDpgXFGBNVhrixI2RUi2dg+5IAK4JjBurKOs6YnT8X/+ogNH4TtIezYSupb
zby/0yOpe8L+aOM8G4mMiuCSyc9pJ8pScl959HVlKFiOOhUiIImtGkMtCyT1JfJi
6egx7dRY/onNgWHKSKPeA2zGiuc1ofpsP6epQy56eXzUqSPnesCJsjwxPkT8jJ2Q
RK+uC/jLELnw8bdU8W7RfUg3tdq2x125pHt4W9bMW89yjx4e/ycUyfEX+8XBS6DD
+u2ZcfGwsb5UeClM3+eeJIwFlVrJoxaWuMwpNogPfmA205hpK1fFw7QVeJkzuX52
y74Hvj9nLq6JYh9LaGND94DWrKdrAgMBAAGjggLMMIICyDAdBgNVHQ4EFgQUxYGq
j/IPedAyh01TQmfqbSTj5Y8wHwYDVR0jBBgwFoAU53ShMCOPlyuu0yi9QDj8r4LX
hLcwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjRFQ0I2Lzg2OTZGN0E2RkRENTExRUM5NEFBNEZDQkYxMjIyNDY4LzUzU2hN
Q09QbHl1dTB5aTlRRGo4cjRMWGhMYy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljLzUzU2hNQ09QbHl1dTB5aTlRRGo4cjRMWGhMYy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjRFQ0I2Lzg2OTZGN0E2RkRENTExRUM5NEFBNEZDQkYx
MjIyNDY4LzhBM0RDQjkwNzJBRTExRjBCODNCMjZEOERBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwRgYIKwYBBQUHAQcBAf8ENzA1MCQEAgABMB4DBAQpy/ADBAQp3GADBAWaRqAD
BALELpQDBATF6gAwDQQCAAIwBwMFACwP76AwDQYJKoZIhvcNAQELBQADggEBALEM
gT52aRxcW562LQSymgT8zoEChLnD6Vrb7PdYRS2+hVNiV6/ZBFwnxrKVr3+r8r+T
KWqIz0cKpQmz09/4QcwHFXCd/huiT1wcBBedosFRSAvVCJO2qYKaRLjeytYLdd2c
1ls45t6Itx5h+5LCpu7pUocmdx7TITyOTXMtYpqsrxAuxKZCFJnmXxi4NYIWACzs
E1ZZWjRh6Avn3N6/tk6x3/UWqSvwec6n2EjD3DaQFildlpXEVkYnSyWoZ/vGfKeu
8CWiNQrW2LH/H/dgJ0P7yN5hmoF3GeM6Kn9bOi86ba8UhxVl3egFbOf63HEkG7Ip
ybubgZt1QLFauQGn1uU=
-----END CERTIFICATE-----
Generated at Mon Aug 11 10:08:46 2025 by rpki-client