Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3616EA4/D074417C354E11F097434DA3DAE4EC9C/A9CB3386354F11F09EC9F1A7DAE4EC9C.roa
File: A9CB3386354F11F09EC9F1A7DAE4EC9C.roa (raw, json)
Hash identifier: 7U1mV0n4hOOQ2C/rrtUaR6Lca9wumtLagsFczOgXBJk=
Subject key identifier: F0:7F:79:90:2D:0C:47:78:15:E0:D9:C6:E7:76:04:18:3B:22:6F:AC
Certificate issuer: /CN=F3616EA4AF/serialNumber=87687436089642259E1C794447175A2C7658EAAC
Certificate serial: 02
Authority key identifier: 87:68:74:36:08:96:42:25:9E:1C:79:44:47:17:5A:2C:76:58:EA:AC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/h2h0NgiWQiWeHHlERxdaLHZY6qw.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3616EA4/D074417C354E11F097434DA3DAE4EC9C/A9CB3386354F11F09EC9F1A7DAE4EC9C.roa
Signing time: Tue 20 May 2025 07:54:32 +0000
ROA not before: Tue 20 May 2025 07:54:27 +0000
ROA not after: Mon 01 May 2028 07:54:27 +0000
asID: 329429
IP address blocks: 102.206.124.0/22 maxlen: 22
2c0f:3540::/56 maxlen: 56
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3616EA4/D074417C354E11F097434DA3DAE4EC9C/h2h0NgiWQiWeHHlERxdaLHZY6qw.crl
rsync://rpki.afrinic.net/repository/member_repository/F3616EA4/D074417C354E11F097434DA3DAE4EC9C/h2h0NgiWQiWeHHlERxdaLHZY6qw.mft
rsync://rpki.afrinic.net/repository/afrinic/h2h0NgiWQiWeHHlERxdaLHZY6qw.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 09 Jun 2025 05:21:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3616EA4AF, serialNumber=87687436089642259E1C794447175A2C7658EAAC
Validity
Not Before: May 20 07:54:27 2025 GMT
Not After : May 1 07:54:27 2028 GMT
Subject: CN=682c3538-8c3e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:ce:7f:32:9e:43:6b:e6:65:ee:c7:e2:d7:e5:
e5:ce:9c:15:f2:20:c7:51:c9:bc:e9:fa:78:ea:d2:
bf:9d:e3:6a:4f:3b:35:f7:a0:65:fa:d3:bd:0c:98:
0e:2d:be:72:13:b6:85:27:ef:86:f6:a4:ef:8e:48:
15:48:06:28:6f:e0:99:fe:59:36:fe:3e:6b:e4:fc:
fe:66:3f:7f:c8:b7:0e:18:3a:2c:1e:be:49:54:ca:
f9:42:b6:9a:54:bb:ec:d5:74:36:47:4b:c5:dd:7a:
73:c2:65:ad:50:c3:53:b1:61:24:06:8b:15:6c:e2:
ae:81:67:e8:15:7f:48:1b:21:20:d5:f2:a1:33:6e:
b6:88:b8:d6:9c:7e:7f:8d:3e:f3:69:6b:cb:60:02:
c5:ae:84:3c:ed:0f:1f:6c:43:32:ff:e3:b6:43:cb:
ca:df:8d:5d:e7:a8:3a:c5:51:9f:08:af:b3:89:55:
94:71:ac:bf:4a:f1:b9:ce:9d:11:d0:90:c8:59:4d:
51:38:b9:00:c3:cd:22:bf:9e:8d:97:19:d4:c6:55:
b6:ed:4a:88:f6:69:1d:44:a5:b3:b3:0b:b8:8b:a5:
03:6f:07:5e:b5:7a:db:1e:1a:aa:e9:bb:49:cc:8f:
15:db:47:8d:e1:f9:fd:51:90:56:8c:a9:be:30:50:
44:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:7F:79:90:2D:0C:47:78:15:E0:D9:C6:E7:76:04:18:3B:22:6F:AC
X509v3 Authority Key Identifier:
keyid:87:68:74:36:08:96:42:25:9E:1C:79:44:47:17:5A:2C:76:58:EA:AC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3616EA4/D074417C354E11F097434DA3DAE4EC9C/h2h0NgiWQiWeHHlERxdaLHZY6qw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/h2h0NgiWQiWeHHlERxdaLHZY6qw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3616EA4/D074417C354E11F097434DA3DAE4EC9C/A9CB3386354F11F09EC9F1A7DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.206.124.0/22
IPv6:
2c0f:3540::/56
Signature Algorithm: sha256WithRSAEncryption
2e:8e:a7:3f:e4:82:2d:85:a3:dd:71:47:c7:93:40:85:f6:c2:
46:25:01:71:c5:24:b4:08:98:e9:a4:ea:6e:df:c3:c0:16:49:
ed:b3:d5:ac:e4:4b:9e:66:cd:e0:00:4c:fb:9f:c7:4e:1f:81:
ae:a0:e0:65:53:0c:67:fd:0d:6c:1d:f5:de:d4:ff:96:32:02:
f5:d1:fd:48:db:77:d5:9a:7d:44:e9:7d:41:d0:66:41:78:be:
70:6b:cf:62:d1:00:b1:c1:a8:11:a7:81:25:86:73:2a:90:27:
8f:53:71:11:e3:d1:8f:f9:ea:79:2c:3a:d7:51:f6:ab:98:10:
72:c7:67:85:35:fc:a1:9a:18:d7:df:be:55:f9:60:7c:fe:85:
ac:0d:5d:4f:11:ee:4e:2a:4d:cc:68:a1:39:dc:00:51:5d:df:
4a:f1:b7:e0:5c:b2:3d:f3:06:75:95:d1:77:85:64:47:ad:65:
50:83:d7:44:0c:56:bc:f0:32:c8:d7:47:4c:db:fd:63:90:65:
80:74:b5:3a:d5:78:5a:da:c2:e6:76:2f:8f:54:0f:86:00:e1:
74:f5:db:7d:1d:91:1f:a8:99:bc:48:1d:71:e0:c4:9d:2b:7b:
58:25:59:12:81:ba:cb:25:f1:6b:cd:fe:ff:19:c2:a9:91:75:
50:bf:fa:11
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzYx
NkVBNEFGMTEwLwYDVQQFEyg4NzY4NzQzNjA4OTY0MjI1OUUxQzc5NDQ0NzE3NUEy
Qzc2NThFQUFDMB4XDTI1MDUyMDA3NTQyN1oXDTI4MDUwMTA3NTQyN1owGDEWMBQG
A1UEAxMNNjgyYzM1MzgtOGMzZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAObOfzKeQ2vmZe7H4tfl5c6cFfIgx1HJvOn6eOrSv53jak87NfegZfrTvQyY
Di2+chO2hSfvhvak745IFUgGKG/gmf5ZNv4+a+T8/mY/f8i3Dhg6LB6+SVTK+UK2
mlS77NV0NkdLxd16c8JlrVDDU7FhJAaLFWziroFn6BV/SBshINXyoTNutoi41px+
f40+82lry2ACxa6EPO0PH2xDMv/jtkPLyt+NXeeoOsVRnwivs4lVlHGsv0rxuc6d
EdCQyFlNUTi5AMPNIr+ejZcZ1MZVtu1KiPZpHUSls7MLuIulA28HXrV62x4aqum7
ScyPFdtHjeH5/VGQVoypvjBQROkCAwEAAaOCArcwggKzMB0GA1UdDgQWBBTwf3mQ
LQxHeBXg2cbndgQYOyJvrDAfBgNVHSMEGDAWgBSHaHQ2CJZCJZ4ceURHF1osdljq
rDAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2MTZFQTQvRDA3NDQxN0MzNTRFMTFGMDk3NDM0REEzREFFNEVDOUMvaDJoME5n
aVdRaVdlSEhsRVJ4ZGFMSFpZNnF3LmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvaDJoME5naVdRaVdlSEhsRVJ4ZGFMSFpZNnF3LmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2MTZFQTQvRDA3NDQxN0MzNTRFMTFGMDk3NDM0REEzREFF
NEVDOUMvQTlDQjMzODYzNTRGMTFGMDlFQzlGMUE3REFFNEVDOUMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAxBggrBgEFBQcBBwEB/wQiMCAwDAQCAAEwBgMEAmbOfDAQBAIAAjAKAwgALA81
QAAAADANBgkqhkiG9w0BAQsFAAOCAQEALo6nP+SCLYWj3XFHx5NAhfbCRiUBccUk
tAiY6aTqbt/DwBZJ7bPVrORLnmbN4ABM+5/HTh+BrqDgZVMMZ/0NbB313tT/ljIC
9dH9SNt31Zp9ROl9QdBmQXi+cGvPYtEAscGoEaeBJYZzKpAnj1NxEePRj/nqeSw6
11H2q5gQcsdnhTX8oZoY19++VflgfP6FrA1dTxHuTipNzGihOdwAUV3fSvG34Fyy
PfMGdZXRd4VkR61lUIPXRAxWvPAyyNdHTNv9Y5BlgHS1OtV4WtrC5nYvj1QPhgDh
dPXbfR2RH6iZvEgdceDEnSt7WCVZEoG6yyXxa83+/xnCqZF1UL/6EQ==
-----END CERTIFICATE-----
Generated at Sun Jun 8 00:31:43 2025 by rpki-client