Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36E570F/A29FCCC0AF2B11EF88A7C19A762E951A/DA41C29671D111F0BF5546BDDAE4EC9C.roa
File: DA41C29671D111F0BF5546BDDAE4EC9C.roa (raw, json)
Hash identifier: S1ofN7RhaiysBhFcvN2CHke75yw9unDXh2RMVYPir68=
Subject key identifier: 9B:8A:57:D0:68:1C:D6:80:2A:EC:32:E6:1B:E8:45:F9:FA:AF:07:82
Certificate issuer: /CN=F36E570FAF/serialNumber=4F2E5D06850FA94B9222CF7FFE76F8B2F3012125
Certificate serial: 0103
Authority key identifier: 4F:2E:5D:06:85:0F:A9:4B:92:22:CF:7F:FE:76:F8:B2:F3:01:21:25
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/Ty5dBoUPqUuSIs9__nb4svMBISU.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36E570F/A29FCCC0AF2B11EF88A7C19A762E951A/DA41C29671D111F0BF5546BDDAE4EC9C.roa
Signing time: Tue 05 Aug 2025 07:57:38 +0000
ROA not before: Tue 05 Aug 2025 07:57:32 +0000
ROA not after: Wed 15 Aug 2035 07:57:32 +0000
asID: 327814
IP address blocks: 102.212.56.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36E570F/A29FCCC0AF2B11EF88A7C19A762E951A/Ty5dBoUPqUuSIs9__nb4svMBISU.crl
rsync://rpki.afrinic.net/repository/member_repository/F36E570F/A29FCCC0AF2B11EF88A7C19A762E951A/Ty5dBoUPqUuSIs9__nb4svMBISU.mft
rsync://rpki.afrinic.net/repository/afrinic/Ty5dBoUPqUuSIs9__nb4svMBISU.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 08 Aug 2025 05:06:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 259 (0x103)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36E570FAF, serialNumber=4F2E5D06850FA94B9222CF7FFE76F8B2F3012125
Validity
Not Before: Aug 5 07:57:32 2025 GMT
Not After : Aug 15 07:57:32 2035 GMT
Subject: CN=6891b971-48c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:60:6d:17:a2:95:ef:a6:9c:2c:ff:4f:97:8c:
1f:cb:dc:e9:1e:16:88:67:ef:3c:03:67:4e:b2:68:
eb:9a:f8:28:36:21:67:7d:18:76:54:70:bb:48:e3:
50:51:95:3f:c2:26:22:30:07:94:4d:1d:80:52:f4:
98:3b:1f:75:b7:99:3e:7b:73:24:6b:03:93:e1:65:
85:cb:43:e1:70:f1:4c:90:b8:6b:90:ec:af:98:41:
7a:1f:4a:b8:cd:1f:3c:97:04:b6:b3:75:ce:0b:34:
b6:86:a0:5b:c8:7b:25:57:e6:43:1f:3f:5f:de:0d:
b8:6a:78:0c:c5:f8:87:d1:84:cb:ec:ca:a2:92:42:
e5:56:b7:54:f6:1b:bc:a3:b4:25:e7:9d:c7:7c:06:
e2:5d:13:a0:02:c8:60:61:73:a0:66:96:c2:90:b1:
85:38:fb:a5:85:6d:b8:0c:46:96:47:63:1e:2f:48:
ce:9c:7f:c7:4c:b5:4e:b4:3f:0c:be:1a:d4:ca:f3:
ce:11:64:1c:03:86:52:73:c7:89:20:12:0f:ec:41:
75:98:dd:38:54:30:16:2f:0e:fb:e0:38:06:76:1f:
ea:d6:76:36:8c:7f:6b:e2:f5:a1:25:7e:bc:4d:f6:
d0:32:13:8c:12:0c:ca:1c:b4:0a:09:c9:8a:1e:f6:
41:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:8A:57:D0:68:1C:D6:80:2A:EC:32:E6:1B:E8:45:F9:FA:AF:07:82
X509v3 Authority Key Identifier:
keyid:4F:2E:5D:06:85:0F:A9:4B:92:22:CF:7F:FE:76:F8:B2:F3:01:21:25
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36E570F/A29FCCC0AF2B11EF88A7C19A762E951A/Ty5dBoUPqUuSIs9__nb4svMBISU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/Ty5dBoUPqUuSIs9__nb4svMBISU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36E570F/A29FCCC0AF2B11EF88A7C19A762E951A/DA41C29671D111F0BF5546BDDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.212.56.0/22
Signature Algorithm: sha256WithRSAEncryption
61:9c:04:24:64:79:b2:14:a5:24:31:5b:47:bf:0a:63:24:e1:
b1:1b:d0:8e:c4:1b:7b:e0:76:21:69:fa:5d:af:73:08:63:35:
91:f1:b8:e9:27:2e:6f:bc:79:55:64:e9:65:65:64:a1:95:46:
90:82:e4:4b:fe:64:c0:8d:fc:72:31:cd:e8:e4:dd:b5:0c:26:
95:a8:96:f2:da:f4:6f:a9:ff:cf:25:88:5e:b2:dc:8c:ec:46:
32:1c:5a:8a:9f:19:24:1f:f6:6e:d0:46:ba:5a:a8:3a:a0:41:
42:93:3f:6c:f0:59:89:1c:b8:e3:48:2f:c6:8f:dd:fe:f0:48:
5d:f1:71:ca:5f:26:55:40:d6:56:2f:a1:65:b0:d6:11:f7:cb:
57:15:7d:47:b8:4a:86:53:6f:00:8e:58:04:25:e7:0d:33:98:
1d:e8:5f:98:ef:9e:10:89:8c:17:5b:60:44:35:2c:34:7a:ce:
bb:2e:7b:6a:51:21:43:8c:fb:dd:ad:e8:91:66:c2:f5:6f:d4:
6b:e9:1c:63:8a:13:87:a9:b3:79:21:af:44:9c:db:49:10:3a:
ab:7f:13:97:53:0b:d6:52:54:af:32:90:df:c4:3a:65:d9:cc:
23:f6:46:d5:de:fa:ad:c3:92:b0:3a:de:dd:b8:2a:8b:8f:98:
ee:9d:f1:75
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICAQMwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
RTU3MEZBRjExMC8GA1UEBRMoNEYyRTVEMDY4NTBGQTk0QjkyMjJDRjdGRkU3NkY4
QjJGMzAxMjEyNTAeFw0yNTA4MDUwNzU3MzJaFw0zNTA4MTUwNzU3MzJaMBgxFjAU
BgNVBAMTDTY4OTFiOTcxLTQ4YzUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDVYG0XopXvppws/0+XjB/L3OkeFohn7zwDZ06yaOua+Cg2IWd9GHZUcLtI
41BRlT/CJiIwB5RNHYBS9Jg7H3W3mT57cyRrA5PhZYXLQ+Fw8UyQuGuQ7K+YQXof
SrjNHzyXBLazdc4LNLaGoFvIeyVX5kMfP1/eDbhqeAzF+IfRhMvsyqKSQuVWt1T2
G7yjtCXnncd8BuJdE6ACyGBhc6BmlsKQsYU4+6WFbbgMRpZHYx4vSM6cf8dMtU60
Pwy+GtTK884RZBwDhlJzx4kgEg/sQXWY3ThUMBYvDvvgOAZ2H+rWdjaMf2vi9aEl
frxN9tAyE4wSDMoctAoJyYoe9kFRAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUm4pX
0Ggc1oAq7DLmG+hF+fqvB4IwHwYDVR0jBBgwFoAUTy5dBoUPqUuSIs9//nb4svMB
ISUwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkU1NzBGL0EyOUZDQ0MwQUYyQjExRUY4OEE3QzE5QTc2MkU5NTFBL1R5NWRC
b1VQcVV1U0lzOV9fbmI0c3ZNQklTVS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL1R5NWRCb1VQcVV1U0lzOV9fbmI0c3ZNQklTVS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkU1NzBGL0EyOUZDQ0MwQUYyQjExRUY4OEE3QzE5QTc2
MkU5NTFBL0RBNDFDMjk2NzFEMTExRjBCRjU1NDZCRERBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJm1DgwDQYJKoZIhvcNAQEL
BQADggEBAGGcBCRkebIUpSQxW0e/CmMk4bEb0I7EG3vgdiFp+l2vcwhjNZHxuOkn
Lm+8eVVk6WVlZKGVRpCC5Ev+ZMCN/HIxzejk3bUMJpWolvLa9G+p/88liF6y3Izs
RjIcWoqfGSQf9m7QRrpaqDqgQUKTP2zwWYkcuONIL8aP3f7wSF3xccpfJlVA1lYv
oWWw1hH3y1cVfUe4SoZTbwCOWAQl5w0zmB3oX5jvnhCJjBdbYEQ1LDR6zrsue2pR
IUOM+92t6JFmwvVv1GvpHGOKE4eps3khr0Sc20kQOqt/E5dTC9ZSVK8ykN/EOmXZ
zCP2RtXe+q3DkrA63t24KouPmO6d8XU=
-----END CERTIFICATE-----
Generated at Thu Aug 7 01:13:49 2025 by rpki-client