Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3616EA4/D074417C354E11F097434DA3DAE4EC9C/8ABD40685DBA11F0882F677FDAE4EC9C.roa
File: 8ABD40685DBA11F0882F677FDAE4EC9C.roa (raw, json)
Hash identifier: LtTHAsI+8AgzrnAlcOiN9VsFsRmyEiAm6n6J+entv6Q=
Subject key identifier: 51:D4:63:92:CE:FA:C0:B3:2E:3F:37:B8:03:9B:4B:28:B9:BE:98:74
Certificate issuer: /CN=F3616EA4AF/serialNumber=87687436089642259E1C794447175A2C7658EAAC
Certificate serial: 3B
Authority key identifier: 87:68:74:36:08:96:42:25:9E:1C:79:44:47:17:5A:2C:76:58:EA:AC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/h2h0NgiWQiWeHHlERxdaLHZY6qw.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3616EA4/D074417C354E11F097434DA3DAE4EC9C/8ABD40685DBA11F0882F677FDAE4EC9C.roa
Signing time: Thu 10 Jul 2025 18:20:23 +0000
ROA not before: Thu 10 Jul 2025 18:20:18 +0000
ROA not after: Fri 30 Jul 2027 18:20:18 +0000
asID: 329429
IP address blocks: 102.206.124.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3616EA4/D074417C354E11F097434DA3DAE4EC9C/h2h0NgiWQiWeHHlERxdaLHZY6qw.crl
rsync://rpki.afrinic.net/repository/member_repository/F3616EA4/D074417C354E11F097434DA3DAE4EC9C/h2h0NgiWQiWeHHlERxdaLHZY6qw.mft
rsync://rpki.afrinic.net/repository/afrinic/h2h0NgiWQiWeHHlERxdaLHZY6qw.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 29 Jul 2025 00:06:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 59 (0x3b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3616EA4AF, serialNumber=87687436089642259E1C794447175A2C7658EAAC
Validity
Not Before: Jul 10 18:20:18 2025 GMT
Not After : Jul 30 18:20:18 2027 GMT
Subject: CN=68700466-58d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:68:f5:cb:aa:a2:a7:84:f3:f7:0e:73:80:e4:
1d:b0:3c:2c:c4:ff:44:49:dd:71:27:86:32:ba:bb:
dc:a4:a0:c1:aa:37:e6:e3:78:6b:63:08:3d:94:d0:
5e:0b:ca:94:2c:ee:ea:0f:b7:f2:02:90:cd:a3:c0:
6b:20:96:61:47:fa:a5:80:0d:53:f9:34:1d:bb:7c:
b1:1f:f0:10:1a:7c:1c:54:51:b6:96:83:15:41:ca:
48:34:1d:64:d5:b5:19:c8:da:89:4e:e5:df:0a:33:
83:75:79:1f:90:56:f8:15:a7:7d:05:70:d6:ae:8e:
46:2c:27:e2:f6:40:d5:5e:2b:8b:70:be:34:4b:e6:
30:e7:89:b9:c6:fb:db:b6:02:ce:90:fe:69:96:ae:
e7:16:a2:44:32:4d:0e:02:21:8e:47:9d:4f:74:a5:
da:b1:3b:8b:14:49:cf:5e:45:d7:39:33:ae:bf:ca:
e1:f4:16:8e:fd:f7:a9:3d:fa:2c:4e:4a:0c:cd:54:
34:e9:fe:49:3b:4e:06:78:1c:9e:92:32:87:d1:f7:
73:67:47:fa:60:a1:cb:30:e7:07:9a:ac:a3:8a:29:
e1:5b:35:4a:91:13:73:d6:1f:5f:d7:5c:c3:d9:45:
80:fe:21:1a:a7:4c:69:bb:7e:76:66:26:ea:62:04:
01:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:D4:63:92:CE:FA:C0:B3:2E:3F:37:B8:03:9B:4B:28:B9:BE:98:74
X509v3 Authority Key Identifier:
keyid:87:68:74:36:08:96:42:25:9E:1C:79:44:47:17:5A:2C:76:58:EA:AC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3616EA4/D074417C354E11F097434DA3DAE4EC9C/h2h0NgiWQiWeHHlERxdaLHZY6qw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/h2h0NgiWQiWeHHlERxdaLHZY6qw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3616EA4/D074417C354E11F097434DA3DAE4EC9C/8ABD40685DBA11F0882F677FDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.206.124.0/22
Signature Algorithm: sha256WithRSAEncryption
15:c7:8d:3b:81:bc:da:81:90:e4:5e:4f:8b:e9:33:e1:cb:9a:
7a:de:13:40:ea:0d:23:af:c1:a1:16:02:2b:24:b8:3d:b2:53:
e1:e6:1d:c1:ef:08:d1:28:2d:7a:1c:9c:e5:24:fd:58:e2:ee:
48:c3:6f:d6:2b:96:ce:99:bf:a7:62:8c:d9:b7:4c:03:f4:10:
c2:44:d0:23:31:fa:59:04:48:ac:8d:c9:58:93:93:ea:61:ca:
0d:56:24:ab:d3:de:2e:72:4f:c3:05:cb:49:0b:de:d7:35:cf:
89:b8:4e:fd:40:01:bd:f1:f1:90:b6:f8:4c:6b:ab:ad:fe:01:
83:23:d5:7f:38:c4:1a:3f:45:f2:67:ac:7b:48:17:60:46:99:
50:57:cb:15:40:f5:fe:93:d8:f3:30:3c:a7:9b:52:38:ce:31:
d8:81:96:f8:85:0a:22:15:d3:fd:e7:43:1c:ee:25:07:39:ec:
55:26:c3:12:20:de:31:98:d1:9d:ce:2f:d0:bc:3e:d9:33:b4:
f2:26:ab:60:42:5b:26:70:63:3a:c3:c6:96:49:17:47:63:01:
d3:c2:c4:41:32:5f:e4:ff:33:63:58:25:62:b8:11:6b:63:f9:
45:71:9b:14:6f:e7:f8:1f:3f:1b:29:d7:3b:d9:db:8f:4c:66:
43:be:3c:24
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBOzANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzYx
NkVBNEFGMTEwLwYDVQQFEyg4NzY4NzQzNjA4OTY0MjI1OUUxQzc5NDQ0NzE3NUEy
Qzc2NThFQUFDMB4XDTI1MDcxMDE4MjAxOFoXDTI3MDczMDE4MjAxOFowGDEWMBQG
A1UEAxMNNjg3MDA0NjYtNThkOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKlo9cuqoqeE8/cOc4DkHbA8LMT/REndcSeGMrq73KSgwao35uN4a2MIPZTQ
XgvKlCzu6g+38gKQzaPAayCWYUf6pYANU/k0Hbt8sR/wEBp8HFRRtpaDFUHKSDQd
ZNW1GcjaiU7l3wozg3V5H5BW+BWnfQVw1q6ORiwn4vZA1V4ri3C+NEvmMOeJucb7
27YCzpD+aZau5xaiRDJNDgIhjkedT3Sl2rE7ixRJz15F1zkzrr/K4fQWjv33qT36
LE5KDM1UNOn+STtOBngcnpIyh9H3c2dH+mChyzDnB5qso4op4Vs1SpETc9YfX9dc
w9lFgP4hGqdMabt+dmYm6mIEAVcCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBRR1GOS
zvrAsy4/N7gDm0soub6YdDAfBgNVHSMEGDAWgBSHaHQ2CJZCJZ4ceURHF1osdljq
rDAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2MTZFQTQvRDA3NDQxN0MzNTRFMTFGMDk3NDM0REEzREFFNEVDOUMvaDJoME5n
aVdRaVdlSEhsRVJ4ZGFMSFpZNnF3LmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvaDJoME5naVdRaVdlSEhsRVJ4ZGFMSFpZNnF3LmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2MTZFQTQvRDA3NDQxN0MzNTRFMTFGMDk3NDM0REEzREFF
NEVDOUMvOEFCRDQwNjg1REJBMTFGMDg4MkY2NzdGREFFNEVDOUMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAmbOfDANBgkqhkiG9w0BAQsF
AAOCAQEAFceNO4G82oGQ5F5Pi+kz4cuaet4TQOoNI6/BoRYCKyS4PbJT4eYdwe8I
0Sgtehyc5ST9WOLuSMNv1iuWzpm/p2KM2bdMA/QQwkTQIzH6WQRIrI3JWJOT6mHK
DVYkq9PeLnJPwwXLSQve1zXPibhO/UABvfHxkLb4TGurrf4BgyPVfzjEGj9F8mes
e0gXYEaZUFfLFUD1/pPY8zA8p5tSOM4x2IGW+IUKIhXT/edDHO4lBznsVSbDEiDe
MZjRnc4v0Lw+2TO08iarYEJbJnBjOsPGlkkXR2MB08LEQTJf5P8zY1glYrgRa2P5
RXGbFG/n+B8/GynXO9nbj0xmQ748JA==
-----END CERTIFICATE-----
Generated at Sun Jul 27 14:05:32 2025 by rpki-client