Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F362B2F5/B5C786A63B9111F0A0FE1AB2DAE4EC9C/39B8368C3BAA11F09A3A42CEDAE4EC9C.roa
File: 39B8368C3BAA11F09A3A42CEDAE4EC9C.roa (raw, json)
Hash identifier: NGOVvxGcMctTOcLjdKtNGDdIQDHinApagvdcC37+4wQ=
Subject key identifier: 1E:DA:75:40:5E:9E:D8:3A:F8:F5:7F:25:1A:0F:26:09:4E:88:7D:B2
Certificate issuer: /CN=F362B2F5AF/serialNumber=04C70D0FE10C8F6B2AF827B7C66617ADC2EF21E5
Certificate serial: 06
Authority key identifier: 04:C7:0D:0F:E1:0C:8F:6B:2A:F8:27:B7:C6:66:17:AD:C2:EF:21:E5
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/BMcND-EMj2sq-Ce3xmYXrcLvIeU.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F362B2F5/B5C786A63B9111F0A0FE1AB2DAE4EC9C/39B8368C3BAA11F09A3A42CEDAE4EC9C.roa
Signing time: Wed 28 May 2025 09:57:55 +0000
ROA not before: Wed 28 May 2025 09:57:50 +0000
ROA not after: Thu 31 May 2035 09:57:50 +0000
asID: 138915
IP address blocks: 102.217.236.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F362B2F5/B5C786A63B9111F0A0FE1AB2DAE4EC9C/BMcND-EMj2sq-Ce3xmYXrcLvIeU.crl
rsync://rpki.afrinic.net/repository/member_repository/F362B2F5/B5C786A63B9111F0A0FE1AB2DAE4EC9C/BMcND-EMj2sq-Ce3xmYXrcLvIeU.mft
rsync://rpki.afrinic.net/repository/afrinic/BMcND-EMj2sq-Ce3xmYXrcLvIeU.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 07 Jun 2025 00:06:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6 (0x6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F362B2F5AF, serialNumber=04C70D0FE10C8F6B2AF827B7C66617ADC2EF21E5
Validity
Not Before: May 28 09:57:50 2025 GMT
Not After : May 31 09:57:50 2035 GMT
Subject: CN=6836de23-d58b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:f4:0c:76:16:8b:d0:22:c9:fc:35:59:19:1a:
0b:8c:4f:90:c2:98:1e:32:ab:fe:b8:5b:c9:9a:42:
5f:28:dd:42:18:c6:23:57:cf:cf:63:4e:53:47:bd:
20:b6:e6:25:e3:2a:13:fa:7f:64:6b:ad:5e:71:ee:
70:d3:b8:91:f9:21:34:75:50:de:25:2f:c5:45:25:
17:e7:7d:92:c4:4b:ba:29:20:1a:f9:0b:6e:c7:ad:
cb:39:bf:1c:02:ad:e2:4a:1c:5b:2d:55:73:ba:26:
5b:86:49:21:4d:fc:53:4e:7e:61:99:92:4a:33:8e:
28:7a:fd:8d:72:32:e9:a9:7e:5c:41:9e:44:8d:a8:
94:45:49:ee:87:58:87:1b:fe:14:a4:01:f2:f4:2c:
7f:ff:3a:30:7b:81:8e:04:bb:be:da:a5:8d:32:57:
10:51:8a:38:8f:7c:6c:fc:d8:fa:a2:ac:f3:6c:e4:
30:3f:f3:c3:32:c8:52:ec:24:4a:b7:30:9f:ed:7d:
0d:76:03:36:9d:98:30:4a:1c:a2:29:b7:85:28:7a:
3d:46:cd:2a:72:f0:c9:fb:f0:f2:84:ab:fc:1b:c9:
c1:e6:77:09:d7:9a:88:70:34:09:d1:9b:6d:a6:cf:
67:a8:1c:f0:ae:42:6a:58:48:14:06:45:1b:23:39:
3d:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:DA:75:40:5E:9E:D8:3A:F8:F5:7F:25:1A:0F:26:09:4E:88:7D:B2
X509v3 Authority Key Identifier:
keyid:04:C7:0D:0F:E1:0C:8F:6B:2A:F8:27:B7:C6:66:17:AD:C2:EF:21:E5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F362B2F5/B5C786A63B9111F0A0FE1AB2DAE4EC9C/BMcND-EMj2sq-Ce3xmYXrcLvIeU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/BMcND-EMj2sq-Ce3xmYXrcLvIeU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F362B2F5/B5C786A63B9111F0A0FE1AB2DAE4EC9C/39B8368C3BAA11F09A3A42CEDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.217.236.0/22
Signature Algorithm: sha256WithRSAEncryption
8f:84:d9:23:6a:cb:30:d7:58:17:83:4f:35:da:fb:f3:b6:76:
e2:6b:ce:d6:ce:24:13:76:97:38:3d:65:05:e2:62:9d:91:b8:
fa:40:39:23:40:b9:8a:d8:a8:ac:bd:67:8c:84:5b:2e:a7:8c:
0f:66:5d:96:32:e8:46:60:8f:7d:a5:ab:09:af:0f:67:5b:fa:
4f:e8:92:a5:52:55:f6:de:5a:fb:7f:d3:02:ff:26:b6:bb:07:
6d:e8:98:5f:1f:55:81:66:c5:06:98:78:7a:56:37:d5:29:54:
18:2b:44:08:fe:51:59:bc:46:c1:8b:26:e2:1f:f9:92:98:dc:
60:53:3a:32:ac:ac:25:e7:a3:62:9b:fd:41:ef:04:de:4c:4f:
0a:63:62:1f:49:f9:f7:57:fc:dc:f2:8a:01:d3:e7:0d:6a:f1:
d9:f4:9e:ac:85:dd:3e:ea:80:f3:85:b5:3c:d8:cc:1c:04:2d:
a8:6f:e7:cb:63:2f:ac:03:94:20:b2:c1:a5:a8:a0:71:5d:38:
53:08:b2:9f:be:96:1b:69:66:2d:f5:90:37:56:f7:38:47:71:
4f:da:1e:7b:05:b6:eb:fa:cc:69:71:10:df:81:3c:8b:e1:48:
d7:73:bd:6a:be:06:cc:2c:2a:c7:0b:f5:30:40:aa:56:5b:e0:
07:66:cd:d1
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBBjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzYy
QjJGNUFGMTEwLwYDVQQFEygwNEM3MEQwRkUxMEM4RjZCMkFGODI3QjdDNjY2MTdB
REMyRUYyMUU1MB4XDTI1MDUyODA5NTc1MFoXDTM1MDUzMTA5NTc1MFowGDEWMBQG
A1UEAxMNNjgzNmRlMjMtZDU4YjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMz0DHYWi9Aiyfw1WRkaC4xPkMKYHjKr/rhbyZpCXyjdQhjGI1fPz2NOU0e9
ILbmJeMqE/p/ZGutXnHucNO4kfkhNHVQ3iUvxUUlF+d9ksRLuikgGvkLbsetyzm/
HAKt4kocWy1Vc7omW4ZJIU38U05+YZmSSjOOKHr9jXIy6al+XEGeRI2olEVJ7odY
hxv+FKQB8vQsf/86MHuBjgS7vtqljTJXEFGKOI98bPzY+qKs82zkMD/zwzLIUuwk
Srcwn+19DXYDNp2YMEocoim3hSh6PUbNKnLwyfvw8oSr/BvJweZ3CdeaiHA0CdGb
babPZ6gc8K5CalhIFAZFGyM5PckCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBQe2nVA
Xp7YOvj1fyUaDyYJToh9sjAfBgNVHSMEGDAWgBQExw0P4QyPayr4J7fGZhetwu8h
5TAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2MkIyRjUvQjVDNzg2QTYzQjkxMTFGMEEwRkUxQUIyREFFNEVDOUMvQk1jTkQt
RU1qMnNxLUNlM3htWVhyY0x2SWVVLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvQk1jTkQtRU1qMnNxLUNlM3htWVhyY0x2SWVVLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2MkIyRjUvQjVDNzg2QTYzQjkxMTFGMEEwRkUxQUIyREFF
NEVDOUMvMzlCODM2OEMzQkFBMTFGMDlBM0E0MkNFREFFNEVDOUMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAmbZ7DANBgkqhkiG9w0BAQsF
AAOCAQEAj4TZI2rLMNdYF4NPNdr787Z24mvO1s4kE3aXOD1lBeJinZG4+kA5I0C5
itiorL1njIRbLqeMD2ZdljLoRmCPfaWrCa8PZ1v6T+iSpVJV9t5a+3/TAv8mtrsH
beiYXx9VgWbFBph4elY31SlUGCtECP5RWbxGwYsm4h/5kpjcYFM6MqysJeejYpv9
Qe8E3kxPCmNiH0n591f83PKKAdPnDWrx2fSerIXdPuqA84W1PNjMHAQtqG/ny2Mv
rAOUILLBpaigcV04Uwiyn76WG2lmLfWQN1b3OEdxT9oeewW26/rMaXEQ34E8i+FI
13O9ar4GzCwqxwv1MECqVlvgB2bN0Q==
-----END CERTIFICATE-----
Generated at Thu Jun 5 18:19:12 2025 by rpki-client