Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3619AFB/CE504C0A9BA511ED9841AEC7F1222468/F1E5F272F07211EFAFA7997A762E951A.roa
File: F1E5F272F07211EFAFA7997A762E951A.roa (raw, json)
Hash identifier: zuqVO/yJxreB8Tl25mp3hH6BAgTW+c+L7Zu/GOdPyYc=
Subject key identifier: E2:76:29:7E:93:13:04:7D:E2:B2:04:FA:49:36:F5:ED:35:7B:D1:BC
Certificate issuer: /CN=F3619AFBAF/serialNumber=503D1828D4EF0CDC63A58A54F5C0C992D23BC1AA
Certificate serial: 031C
Authority key identifier: 50:3D:18:28:D4:EF:0C:DC:63:A5:8A:54:F5:C0:C9:92:D2:3B:C1:AA
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/UD0YKNTvDNxjpYpU9cDJktI7wao.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3619AFB/CE504C0A9BA511ED9841AEC7F1222468/F1E5F272F07211EFAFA7997A762E951A.roa
Signing time: Fri 21 Feb 2025 16:43:15 +0000
ROA not before: Fri 21 Feb 2025 16:43:11 +0000
ROA not after: Thu 21 Feb 2030 16:43:11 +0000
asID: 329182
IP address blocks: 102.213.88.0/24 maxlen: 32
2c0f:2980::/34 maxlen: 128
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3619AFB/CE504C0A9BA511ED9841AEC7F1222468/UD0YKNTvDNxjpYpU9cDJktI7wao.crl
rsync://rpki.afrinic.net/repository/member_repository/F3619AFB/CE504C0A9BA511ED9841AEC7F1222468/UD0YKNTvDNxjpYpU9cDJktI7wao.mft
rsync://rpki.afrinic.net/repository/afrinic/UD0YKNTvDNxjpYpU9cDJktI7wao.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 796 (0x31c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3619AFBAF
Validity
Not Before: Feb 21 16:43:11 2025 GMT
Not After : Feb 21 16:43:11 2030 GMT
Subject: CN=67b8ad23-27bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:fa:ba:45:af:64:b3:6e:64:3e:97:13:fd:93:
b6:7f:63:90:45:14:80:9d:b0:f6:cb:56:f7:ff:4e:
4d:01:dd:42:9a:eb:7e:f5:15:06:1d:2f:be:57:2c:
53:c9:ec:41:c0:f6:cc:3d:cd:1e:c3:9c:aa:6b:ae:
40:63:ea:d0:42:1a:4f:14:63:23:c7:1d:9d:ea:c7:
55:50:ab:fa:ec:0d:90:c7:51:ca:6d:84:8f:35:85:
f1:bf:95:6e:66:4b:af:75:0d:d0:48:90:ba:67:a5:
c0:cd:b7:8e:0f:38:06:ff:e5:39:04:55:37:a0:a9:
2b:a9:41:1e:70:79:54:2f:be:16:73:a2:22:fc:6b:
0f:9c:2f:a5:c3:2f:03:ca:42:10:10:3b:31:dd:2a:
18:82:59:b7:e3:52:be:b6:e6:a0:11:e1:03:0a:1b:
94:c0:83:0a:84:ca:e6:8a:38:bc:51:28:55:b5:2b:
df:2f:97:35:19:18:71:61:10:31:74:d9:d7:5a:4c:
99:5c:34:3f:7c:45:55:ab:f3:11:e1:bd:56:e1:6f:
f5:a5:79:ab:fa:c5:20:93:c9:94:a9:bc:e9:db:9f:
79:34:83:50:f0:28:cc:f1:62:6e:c3:6c:d9:3f:a1:
88:53:5a:c2:7d:64:a4:1b:cf:6b:16:3a:16:9c:2d:
56:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:76:29:7E:93:13:04:7D:E2:B2:04:FA:49:36:F5:ED:35:7B:D1:BC
X509v3 Authority Key Identifier:
keyid:50:3D:18:28:D4:EF:0C:DC:63:A5:8A:54:F5:C0:C9:92:D2:3B:C1:AA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3619AFB/CE504C0A9BA511ED9841AEC7F1222468/UD0YKNTvDNxjpYpU9cDJktI7wao.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/UD0YKNTvDNxjpYpU9cDJktI7wao.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3619AFB/CE504C0A9BA511ED9841AEC7F1222468/F1E5F272F07211EFAFA7997A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.213.88.0/24
IPv6:
2c0f:2980::/34
Signature Algorithm: sha256WithRSAEncryption
77:25:08:67:e6:d7:d3:99:53:9b:db:db:d0:6b:2b:a5:2a:01:
a6:61:59:7d:92:1a:30:3f:eb:57:dc:0d:f8:2e:19:cc:06:05:
d6:da:c0:e6:8a:43:a6:cf:f1:ca:74:fa:fb:80:75:68:a4:7b:
64:2c:8f:f2:60:dd:e7:7e:e2:8b:ec:93:06:db:d5:84:98:1a:
86:92:da:14:7a:87:51:b9:8a:f7:47:e8:87:f8:ef:1e:54:7f:
f8:9c:57:5e:cf:f9:5b:89:2d:77:31:41:92:79:e9:77:ef:af:
af:82:c0:f0:aa:85:29:0a:e3:8f:5e:50:43:b5:5d:eb:25:b8:
ce:c0:64:d1:6e:4c:31:a4:9c:05:12:a9:c3:92:a9:67:36:16:
22:66:62:60:7d:1a:7d:7a:42:6e:0f:ba:b3:28:d4:59:0b:bc:
8c:4f:6a:ba:c9:25:2d:1b:f1:a5:c0:c6:80:32:94:14:38:91:
04:66:4f:64:44:02:46:5f:36:e8:6a:8b:c2:60:93:21:8d:88:
a1:60:b7:46:7a:db:b2:62:27:01:cf:b9:58:42:61:ed:5a:c9:
ee:4d:7d:fc:70:c9:25:a2:43:07:0a:b5:8d:03:ab:2e:5c:dd:
dd:5f:eb:6a:8f:c0:35:ae:f7:b5:33:aa:98:a9:d8:82:a7:16:
f2:4c:93:a7
-----BEGIN CERTIFICATE-----
MIIFkzCCBHugAwIBAgICAxwwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
MTlBRkJBRjExMC8GA1UEBRMoNTAzRDE4MjhENEVGMENEQzYzQTU4QTU0RjVDMEM5
OTJEMjNCQzFBQTAeFw0yNTAyMjExNjQzMTFaFw0zMDAyMjExNjQzMTFaMBgxFjAU
BgNVBAMTDTY3YjhhZDIzLTI3YmMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDH+rpFr2SzbmQ+lxP9k7Z/Y5BFFICdsPbLVvf/Tk0B3UKa6371FQYdL75X
LFPJ7EHA9sw9zR7DnKprrkBj6tBCGk8UYyPHHZ3qx1VQq/rsDZDHUcpthI81hfG/
lW5mS691DdBIkLpnpcDNt44POAb/5TkEVTegqSupQR5weVQvvhZzoiL8aw+cL6XD
LwPKQhAQOzHdKhiCWbfjUr625qAR4QMKG5TAgwqEyuaKOLxRKFW1K98vlzUZGHFh
EDF02ddaTJlcND98RVWr8xHhvVbhb/Wleav6xSCTyZSpvOnbn3k0g1DwKMzxYm7D
bNk/oYhTWsJ9ZKQbz2sWOhacLVYdAgMBAAGjggK1MIICsTAdBgNVHQ4EFgQU4nYp
fpMTBH3isgT6STb17TV70bwwHwYDVR0jBBgwFoAUUD0YKNTvDNxjpYpU9cDJktI7
waowDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjE5QUZCL0NFNTA0QzBBOUJBNTExRUQ5ODQxQUVDN0YxMjIyNDY4L1VEMFlL
TlR2RE54anBZcFU5Y0RKa3RJN3dhby5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL1VEMFlLTlR2RE54anBZcFU5Y0RKa3RJN3dhby5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjE5QUZCL0NFNTA0QzBBOUJBNTExRUQ5ODQxQUVDN0Yx
MjIyNDY4L0YxRTVGMjcyRjA3MjExRUZBRkE3OTk3QTc2MkU5NTFBLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwLwYIKwYBBQUHAQcBAf8EIDAeMAwEAgABMAYDBABm1VgwDgQCAAIwCAMGBiwP
KYAAMA0GCSqGSIb3DQEBCwUAA4IBAQB3JQhn5tfTmVOb29vQayulKgGmYVl9khow
P+tX3A34LhnMBgXW2sDmikOmz/HKdPr7gHVopHtkLI/yYN3nfuKL7JMG29WEmBqG
ktoUeodRuYr3R+iH+O8eVH/4nFdez/lbiS13MUGSeel376+vgsDwqoUpCuOPXlBD
tV3rJbjOwGTRbkwxpJwFEqnDkqlnNhYiZmJgfRp9ekJuD7qzKNRZC7yMT2q6ySUt
G/GlwMaAMpQUOJEEZk9kRAJGXzboaovCYJMhjYihYLdGetuyYicBz7lYQmHtWsnu
TX38cMklokMHCrWNA6suXN3dX+tqj8A1rve1M6qYqdiCpxbyTJOn
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:44:19 2025 by rpki-client