Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F361FA1F/331352E263C011F0BB4DE09ADAE4EC9C/B206F72063C011F0821CF49EDAE4EC9C.roa
File: B206F72063C011F0821CF49EDAE4EC9C.roa (raw, json)
Hash identifier: 2ME0DSdwIVYEEQ4M/Z8WDIVKNMg+bnP2LGB8V64oaDk=
Subject key identifier: C5:21:32:23:5B:A8:4D:87:2A:B5:1D:E1:87:32:57:7C:5E:FE:5D:B3
Certificate issuer: /CN=F361FA1FAF/serialNumber=5429E03C15B6912406E595A5A2D96D49240FAC09
Certificate serial: 02
Authority key identifier: 54:29:E0:3C:15:B6:91:24:06:E5:95:A5:A2:D9:6D:49:24:0F:AC:09
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/VCngPBW2kSQG5ZWlotltSSQPrAk.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F361FA1F/331352E263C011F0BB4DE09ADAE4EC9C/B206F72063C011F0821CF49EDAE4EC9C.roa
Signing time: Fri 18 Jul 2025 10:19:32 +0000
ROA not before: Fri 18 Jul 2025 10:19:28 +0000
ROA not after: Mon 31 Jul 2045 10:19:28 +0000
asID: 329469
IP address blocks: 102.208.81.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F361FA1F/331352E263C011F0BB4DE09ADAE4EC9C/VCngPBW2kSQG5ZWlotltSSQPrAk.crl
rsync://rpki.afrinic.net/repository/member_repository/F361FA1F/331352E263C011F0BB4DE09ADAE4EC9C/VCngPBW2kSQG5ZWlotltSSQPrAk.mft
rsync://rpki.afrinic.net/repository/afrinic/VCngPBW2kSQG5ZWlotltSSQPrAk.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 28 Jul 2025 05:31:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F361FA1FAF, serialNumber=5429E03C15B6912406E595A5A2D96D49240FAC09
Validity
Not Before: Jul 18 10:19:28 2025 GMT
Not After : Jul 31 10:19:28 2045 GMT
Subject: CN=687a1fb4-d2fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:b5:9a:b5:8a:b9:bf:17:b8:d5:44:54:20:fd:
3b:91:0d:de:e5:08:14:2c:7a:c3:17:60:b4:27:d8:
0c:28:cc:46:82:cb:b6:fa:24:74:a3:6f:51:04:8b:
5f:19:57:af:8e:eb:30:b1:4c:f2:65:b8:39:db:90:
e5:f0:a7:b2:ed:73:24:59:20:72:19:1d:a9:d5:31:
af:32:b5:45:42:6a:e0:9e:81:8d:2b:17:b9:33:b6:
d4:b2:5c:8e:fc:60:90:a2:e2:c5:66:b2:5a:35:45:
6c:d1:a9:50:44:25:24:9a:81:88:b3:26:cd:02:37:
3e:eb:88:59:53:fd:31:89:b0:23:74:8c:13:69:2f:
34:18:37:87:6e:c0:2b:90:13:8c:ac:e7:92:21:64:
c2:9e:5b:23:39:ed:17:79:5b:68:82:4b:00:56:2c:
49:8e:f5:80:69:67:27:a8:87:ae:46:e9:9f:28:f9:
69:53:77:49:0d:a0:4d:af:d1:ca:46:53:a8:8b:8c:
85:fe:2a:4b:e2:87:88:93:59:49:74:51:c4:fc:a9:
bb:18:1c:44:b1:e5:fb:03:57:75:3d:aa:af:26:e3:
69:4b:61:d6:2d:e2:17:c7:1d:05:3a:83:a7:89:0e:
95:d6:c0:67:4b:af:61:01:12:1a:45:9d:0d:55:a5:
a4:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:21:32:23:5B:A8:4D:87:2A:B5:1D:E1:87:32:57:7C:5E:FE:5D:B3
X509v3 Authority Key Identifier:
keyid:54:29:E0:3C:15:B6:91:24:06:E5:95:A5:A2:D9:6D:49:24:0F:AC:09
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F361FA1F/331352E263C011F0BB4DE09ADAE4EC9C/VCngPBW2kSQG5ZWlotltSSQPrAk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/VCngPBW2kSQG5ZWlotltSSQPrAk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F361FA1F/331352E263C011F0BB4DE09ADAE4EC9C/B206F72063C011F0821CF49EDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.208.81.0/24
Signature Algorithm: sha256WithRSAEncryption
44:4d:75:07:65:7f:ec:20:06:e3:ce:8c:04:18:db:b8:b1:48:
53:5d:0a:d7:15:ff:57:2d:8c:9b:4b:ba:52:be:75:2b:94:3c:
b9:11:82:e6:f5:7d:9e:64:1a:4d:62:a2:f9:64:00:f8:d0:30:
d7:86:98:1f:ae:52:70:da:20:7e:8b:c1:22:0f:13:bf:78:88:
8b:67:d1:c3:9e:44:74:57:26:d9:a8:ad:7a:b6:39:71:37:59:
f0:e7:5a:c6:f3:c2:a9:6c:39:df:ea:3d:52:21:64:b3:67:b5:
7d:43:e0:99:84:9a:0b:36:b3:ef:15:73:af:d4:f5:2e:29:be:
17:90:40:e3:ff:35:1e:f0:8c:ba:09:dd:a8:22:ff:eb:3c:a2:
85:d3:d8:6e:e0:5f:4f:4d:2f:3d:d0:a9:01:04:98:af:e1:4e:
01:04:f1:53:45:42:39:3e:f6:d5:b1:07:00:d4:13:7d:de:e0:
ca:31:de:e3:d1:98:94:dc:43:d9:ee:24:18:86:31:16:99:3a:
97:ad:91:97:bc:77:8c:fd:db:c4:50:25:d8:a8:94:8d:de:91:
78:c5:c2:7d:1b:cc:b9:00:ad:97:5f:81:ab:b1:a9:c2:7b:5f:
b2:43:b0:98:19:55:e9:22:71:49:99:71:8d:42:dc:5b:1e:d7:
44:e7:e3:59
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzYx
RkExRkFGMTEwLwYDVQQFEyg1NDI5RTAzQzE1QjY5MTI0MDZFNTk1QTVBMkQ5NkQ0
OTI0MEZBQzA5MB4XDTI1MDcxODEwMTkyOFoXDTQ1MDczMTEwMTkyOFowGDEWMBQG
A1UEAxMNNjg3YTFmYjQtZDJmZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALG1mrWKub8XuNVEVCD9O5EN3uUIFCx6wxdgtCfYDCjMRoLLtvokdKNvUQSL
XxlXr47rMLFM8mW4OduQ5fCnsu1zJFkgchkdqdUxrzK1RUJq4J6BjSsXuTO21LJc
jvxgkKLixWayWjVFbNGpUEQlJJqBiLMmzQI3PuuIWVP9MYmwI3SME2kvNBg3h27A
K5ATjKznkiFkwp5bIzntF3lbaIJLAFYsSY71gGlnJ6iHrkbpnyj5aVN3SQ2gTa/R
ykZTqIuMhf4qS+KHiJNZSXRRxPypuxgcRLHl+wNXdT2qrybjaUth1i3iF8cdBTqD
p4kOldbAZ0uvYQESGkWdDVWlpGcCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBTFITIj
W6hNhyq1HeGHMld8Xv5dszAfBgNVHSMEGDAWgBRUKeA8FbaRJAbllaWi2W1JJA+s
CTAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2MUZBMUYvMzMxMzUyRTI2M0MwMTFGMEJCNERFMDlBREFFNEVDOUMvVkNuZ1BC
VzJrU1FHNVpXbG90bHRTU1FQckFrLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvVkNuZ1BCVzJrU1FHNVpXbG90bHRTU1FQckFrLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2MUZBMUYvMzMxMzUyRTI2M0MwMTFGMEJCNERFMDlBREFF
NEVDOUMvQjIwNkY3MjA2M0MwMTFGMDgyMUNGNDlFREFFNEVDOUMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAGbQUTANBgkqhkiG9w0BAQsF
AAOCAQEARE11B2V/7CAG486MBBjbuLFIU10K1xX/Vy2Mm0u6Ur51K5Q8uRGC5vV9
nmQaTWKi+WQA+NAw14aYH65ScNogfovBIg8Tv3iIi2fRw55EdFcm2aiterY5cTdZ
8OdaxvPCqWw53+o9UiFks2e1fUPgmYSaCzaz7xVzr9T1Lim+F5BA4/81HvCMugnd
qCL/6zyihdPYbuBfT00vPdCpAQSYr+FOAQTxU0VCOT721bEHANQTfd7gyjHe49GY
lNxD2e4kGIYxFpk6l62Rl7x3jP3bxFAl2KiUjd6ReMXCfRvMuQCtl1+Bq7Gpwntf
skOwmBlV6SJxSZlxjULcWx7XROfjWQ==
-----END CERTIFICATE-----
Generated at Sun Jul 27 06:14:52 2025 by rpki-client