Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36312D2/FFA25144F0FD11EBA85B643ED8A014CE/B7965ED03BA511F0AE50DEB1DAE4EC9C.roa
File: B7965ED03BA511F0AE50DEB1DAE4EC9C.roa (raw, json)
Hash identifier: LcgEafdHU0U0vp+b5LwucpjcHDyrMR5HiQFsJwwtMlQ=
Subject key identifier: A5:22:71:DB:15:48:0C:DF:D9:EE:E2:89:50:68:E7:E1:97:75:D6:4A
Certificate issuer: /CN=F36312D2AF/serialNumber=31BA5ACE57BF1DAFBA88DDAEF42EC8F1515E13C2
Certificate serial: 05C1
Authority key identifier: 31:BA:5A:CE:57:BF:1D:AF:BA:88:DD:AE:F4:2E:C8:F1:51:5E:13:C2
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/Mbpazle_Ha-6iN2u9C7I8VFeE8I.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36312D2/FFA25144F0FD11EBA85B643ED8A014CE/B7965ED03BA511F0AE50DEB1DAE4EC9C.roa
Signing time: Wed 28 May 2025 09:25:39 +0000
ROA not before: Wed 28 May 2025 09:25:34 +0000
ROA not after: Mon 31 Dec 2035 09:25:34 +0000
asID: 37236
IP address blocks: 102.213.128.0/22 maxlen: 22
102.213.128.0/22 maxlen: 24
102.213.128.0/23 maxlen: 23
102.213.128.0/24 maxlen: 24
102.213.129.0/24 maxlen: 24
102.213.130.0/24 maxlen: 24
102.213.131.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36312D2/FFA25144F0FD11EBA85B643ED8A014CE/Mbpazle_Ha-6iN2u9C7I8VFeE8I.crl
rsync://rpki.afrinic.net/repository/member_repository/F36312D2/FFA25144F0FD11EBA85B643ED8A014CE/Mbpazle_Ha-6iN2u9C7I8VFeE8I.mft
rsync://rpki.afrinic.net/repository/afrinic/Mbpazle_Ha-6iN2u9C7I8VFeE8I.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 09 Jun 2025 00:06:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1473 (0x5c1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36312D2AF, serialNumber=31BA5ACE57BF1DAFBA88DDAEF42EC8F1515E13C2
Validity
Not Before: May 28 09:25:34 2025 GMT
Not After : Dec 31 09:25:34 2035 GMT
Subject: CN=6836d693-9f5f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:27:8a:25:28:46:83:10:03:a0:c8:6d:a8:6b:
80:f2:bc:bc:d9:5a:b2:a9:ce:d5:7c:75:cd:df:0c:
3f:28:0f:3c:d4:83:fe:08:da:79:1b:3c:27:56:be:
af:a9:33:90:61:f8:12:39:14:da:fb:ee:85:4d:d9:
af:38:35:51:fa:dc:78:53:18:c8:aa:da:73:98:e8:
2a:4e:7e:f9:04:6f:87:9b:be:42:87:e0:f3:5e:6d:
a6:e3:86:7c:c0:12:48:be:cb:ed:6a:a4:46:eb:d0:
40:70:5d:3a:fb:d8:06:c2:5c:98:8f:bc:96:aa:9b:
b1:5f:c2:83:68:4f:0c:af:85:e6:30:91:0b:c2:5b:
3f:9d:47:6b:cb:6f:fb:f9:cd:de:bc:2e:76:34:c0:
e9:6c:c9:69:d9:4e:74:42:c4:58:71:d5:f3:93:7c:
c0:4b:2e:ce:2c:ad:c6:b0:63:c8:50:f7:53:fc:4b:
2f:e1:fd:87:8f:84:bc:8f:5b:bb:5c:62:81:89:d5:
f2:cf:33:37:c0:5b:e9:0b:56:a6:f9:11:ef:13:2b:
e3:c4:0e:df:a9:f7:8b:e8:20:3f:d8:35:65:6a:4f:
7c:8b:1e:ff:51:62:b9:ec:8e:32:ac:d9:3d:23:73:
59:99:d0:70:f8:bf:ed:25:19:94:39:7b:cf:36:9c:
ab:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:22:71:DB:15:48:0C:DF:D9:EE:E2:89:50:68:E7:E1:97:75:D6:4A
X509v3 Authority Key Identifier:
keyid:31:BA:5A:CE:57:BF:1D:AF:BA:88:DD:AE:F4:2E:C8:F1:51:5E:13:C2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36312D2/FFA25144F0FD11EBA85B643ED8A014CE/Mbpazle_Ha-6iN2u9C7I8VFeE8I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/Mbpazle_Ha-6iN2u9C7I8VFeE8I.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36312D2/FFA25144F0FD11EBA85B643ED8A014CE/B7965ED03BA511F0AE50DEB1DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.213.128.0/22
Signature Algorithm: sha256WithRSAEncryption
0b:34:f2:55:ae:7e:7a:c6:d9:c4:8d:ee:2e:2c:36:3c:65:90:
07:d8:4f:a0:7c:2e:d7:c6:a6:03:c4:29:6b:5a:87:d2:a8:a2:
3f:b5:5c:a5:cb:37:01:0b:b5:30:c5:92:ab:21:63:14:df:fa:
17:f2:ee:2f:bc:4a:f8:d8:aa:9f:ba:5c:49:51:d4:34:16:2b:
6a:7f:08:d2:28:a3:f0:16:04:4c:33:4a:0b:a6:d1:cf:9e:51:
b4:11:73:7d:88:2d:c8:01:97:9f:71:03:6d:f0:a6:01:f1:fe:
1b:80:de:f6:9b:47:fb:52:46:16:c5:7f:e1:54:f3:81:dd:72:
34:d8:0d:3f:2e:6a:f6:2b:79:12:b0:17:57:65:f9:cb:89:e8:
e8:ba:88:8c:23:49:f9:3c:1c:83:a5:96:17:8c:a5:d3:64:09:
ff:82:06:8a:40:d4:c9:c5:04:7c:5e:d5:cb:98:1c:4c:08:3f:
4f:f3:c8:40:96:8d:f9:2e:b4:8d:e1:53:48:af:89:ae:05:f3:
f1:9d:45:2e:4f:f0:79:a9:09:34:9b:aa:2b:5c:a6:6b:4b:1b:
72:83:87:19:dc:7e:87:a5:16:cb:90:42:8d:70:74:c8:94:5c:
aa:4b:b2:a7:0d:55:84:b7:a0:78:81:cd:0e:ed:4a:72:a6:5b:
9c:59:d4:1f
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICBcEwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
MzEyRDJBRjExMC8GA1UEBRMoMzFCQTVBQ0U1N0JGMURBRkJBODhEREFFRjQyRUM4
RjE1MTVFMTNDMjAeFw0yNTA1MjgwOTI1MzRaFw0zNTEyMzEwOTI1MzRaMBgxFjAU
BgNVBAMTDTY4MzZkNjkzLTlmNWYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCoJ4olKEaDEAOgyG2oa4DyvLzZWrKpztV8dc3fDD8oDzzUg/4I2nkbPCdW
vq+pM5Bh+BI5FNr77oVN2a84NVH63HhTGMiq2nOY6CpOfvkEb4ebvkKH4PNebabj
hnzAEki+y+1qpEbr0EBwXTr72AbCXJiPvJaqm7FfwoNoTwyvheYwkQvCWz+dR2vL
b/v5zd68LnY0wOlsyWnZTnRCxFhx1fOTfMBLLs4srcawY8hQ91P8Sy/h/YePhLyP
W7tcYoGJ1fLPMzfAW+kLVqb5Ee8TK+PEDt+p94voID/YNWVqT3yLHv9RYrnsjjKs
2T0jc1mZ0HD4v+0lGZQ5e882nKtTAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUpSJx
2xVIDN/Z7uKJUGjn4Zd11kowHwYDVR0jBBgwFoAUMbpazle/Ha+6iN2u9C7I8VFe
E8IwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjMxMkQyL0ZGQTI1MTQ0RjBGRDExRUJBODVCNjQzRUQ4QTAxNENFL01icGF6
bGVfSGEtNmlOMnU5QzdJOFZGZUU4SS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL01icGF6bGVfSGEtNmlOMnU5QzdJOFZGZUU4SS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjMxMkQyL0ZGQTI1MTQ0RjBGRDExRUJBODVCNjQzRUQ4
QTAxNENFL0I3OTY1RUQwM0JBNTExRjBBRTUwREVCMURBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJm1YAwDQYJKoZIhvcNAQEL
BQADggEBAAs08lWufnrG2cSN7i4sNjxlkAfYT6B8LtfGpgPEKWtah9Kooj+1XKXL
NwELtTDFkqshYxTf+hfy7i+8SvjYqp+6XElR1DQWK2p/CNIoo/AWBEwzSgum0c+e
UbQRc32ILcgBl59xA23wpgHx/huA3vabR/tSRhbFf+FU84HdcjTYDT8uavYreRKw
F1dl+cuJ6Oi6iIwjSfk8HIOllheMpdNkCf+CBopA1MnFBHxe1cuYHEwIP0/zyECW
jfkutI3hU0ivia4F8/GdRS5P8HmpCTSbqitcpmtLG3KDhxncfoelFsuQQo1wdMiU
XKpLsqcNVYS3oHiBzQ7tSnKmW5xZ1B8=
-----END CERTIFICATE-----
Generated at Sat Jun 7 04:12:32 2025 by rpki-client