Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F363235D/677CFDEC4C3911F083EC3397DAE4EC9C/956D6C004C7A11F0941F5DBBDAE4EC9C.roa
File: 956D6C004C7A11F0941F5DBBDAE4EC9C.roa (raw, json)
Hash identifier: 4pbVD/R5drzn4R/PeVc+1JSe6FAId7REQJilHo0BefE=
Subject key identifier: BE:76:CF:41:E7:94:89:18:09:E6:0A:EA:0F:1D:58:02:DB:1D:5C:A4
Certificate issuer: /CN=F363235DAF/serialNumber=05A978E3D547F5593E4B031970385986945058C6
Certificate serial: 13
Authority key identifier: 05:A9:78:E3:D5:47:F5:59:3E:4B:03:19:70:38:59:86:94:50:58:C6
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/Bal449VH9Vk-SwMZcDhZhpRQWMY.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F363235D/677CFDEC4C3911F083EC3397DAE4EC9C/956D6C004C7A11F0941F5DBBDAE4EC9C.roa
Signing time: Wed 18 Jun 2025 19:29:43 +0000
ROA not before: Wed 18 Jun 2025 19:29:38 +0000
ROA not after: Tue 18 Jun 2030 19:29:38 +0000
asID: 328716
IP address blocks: 102.222.120.0/24 maxlen: 24
102.222.121.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F363235D/677CFDEC4C3911F083EC3397DAE4EC9C/Bal449VH9Vk-SwMZcDhZhpRQWMY.crl
rsync://rpki.afrinic.net/repository/member_repository/F363235D/677CFDEC4C3911F083EC3397DAE4EC9C/Bal449VH9Vk-SwMZcDhZhpRQWMY.mft
rsync://rpki.afrinic.net/repository/afrinic/Bal449VH9Vk-SwMZcDhZhpRQWMY.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 04 Jul 2025 05:23:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19 (0x13)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F363235DAF, serialNumber=05A978E3D547F5593E4B031970385986945058C6
Validity
Not Before: Jun 18 19:29:38 2025 GMT
Not After : Jun 18 19:29:38 2030 GMT
Subject: CN=685313a7-f21b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:1a:ae:05:93:61:94:f6:0d:4b:35:1a:cf:b6:
2a:2b:c3:1c:ba:d6:54:65:cf:ee:ed:01:8b:e4:78:
24:51:6e:17:8c:c6:39:8b:e9:bd:69:ad:d8:28:0e:
f3:f0:3f:12:aa:03:87:a1:94:3b:18:c3:1d:7a:16:
61:f3:ff:32:73:e5:8a:c9:af:04:b2:cd:2f:bc:ad:
83:64:f2:2f:97:4a:14:f8:2c:6c:28:6d:98:9e:50:
aa:d6:67:7c:0c:c0:89:a6:c0:26:bb:89:87:2e:8a:
13:2f:ae:e3:7e:0d:7e:d5:db:9e:91:77:af:53:46:
ed:26:3f:26:45:b7:ac:5d:68:3b:83:e3:e7:fd:75:
33:8d:ce:5f:7f:e7:60:cc:ea:44:f4:77:3f:c5:16:
2c:95:f2:05:44:45:c2:a5:2b:3b:30:df:c0:48:6e:
07:64:e6:36:ee:69:9b:b4:48:87:d3:3e:ac:99:0b:
20:c3:ce:97:0e:2f:e9:5f:35:82:9e:90:33:a9:af:
89:71:a4:90:e2:65:71:7d:93:5b:6d:c1:50:2e:c5:
24:a7:be:de:b6:af:99:ce:c8:68:36:fc:91:0a:3d:
d7:b9:63:c8:ea:46:7e:29:26:b3:ae:98:d9:d6:ff:
8c:e3:3c:9f:a2:77:f9:fb:15:a3:23:82:bf:3d:d4:
4a:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:76:CF:41:E7:94:89:18:09:E6:0A:EA:0F:1D:58:02:DB:1D:5C:A4
X509v3 Authority Key Identifier:
keyid:05:A9:78:E3:D5:47:F5:59:3E:4B:03:19:70:38:59:86:94:50:58:C6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F363235D/677CFDEC4C3911F083EC3397DAE4EC9C/Bal449VH9Vk-SwMZcDhZhpRQWMY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/Bal449VH9Vk-SwMZcDhZhpRQWMY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F363235D/677CFDEC4C3911F083EC3397DAE4EC9C/956D6C004C7A11F0941F5DBBDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.222.120.0/23
Signature Algorithm: sha256WithRSAEncryption
64:19:4c:a1:01:94:9d:cc:50:49:61:3f:4c:f9:d8:08:af:08:
8a:19:c6:87:0f:3c:0a:0c:f3:7f:52:06:83:0f:44:b3:d2:ca:
71:7d:ba:d2:8d:ae:34:dd:d2:38:c8:03:d9:c6:7c:2b:5e:27:
ae:29:b0:bb:5b:cd:ca:e5:06:9b:cb:cd:76:a2:57:d8:b8:71:
7a:fb:70:de:b8:0d:21:52:ec:2c:4c:98:29:d6:64:b6:7f:76:
5f:01:40:9e:6e:6b:e1:4a:a2:c3:bd:80:7f:21:e3:1f:d8:fd:
16:e9:f2:3a:26:a5:e1:89:38:39:2d:86:3a:a7:74:47:92:d6:
c7:84:eb:66:6b:87:a1:7f:87:2d:52:cc:89:77:16:47:b1:3a:
d5:f9:dd:56:bd:22:bd:2e:af:37:71:58:ad:3b:1d:3e:d1:ff:
8e:41:ed:92:9d:4c:68:d7:0b:91:be:c4:fd:ff:5a:86:18:44:
73:82:60:35:7c:62:15:ad:41:7f:84:0d:8c:e4:c1:c7:b1:05:
de:e8:a5:59:75:26:45:73:b6:f5:af:f5:4e:dc:48:0a:b5:0d:
79:5b:2f:7f:e7:97:ce:d8:72:35:ee:fe:9b:40:5b:dd:95:9e:
c7:7c:cc:1c:e4:a2:5a:35:ff:c1:da:4e:6e:cf:91:87:c5:ad:
5a:52:df:fc
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBEzANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzYz
MjM1REFGMTEwLwYDVQQFEygwNUE5NzhFM0Q1NDdGNTU5M0U0QjAzMTk3MDM4NTk4
Njk0NTA1OEM2MB4XDTI1MDYxODE5MjkzOFoXDTMwMDYxODE5MjkzOFowGDEWMBQG
A1UEAxMNNjg1MzEzYTctZjIxYjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL0argWTYZT2DUs1Gs+2KivDHLrWVGXP7u0Bi+R4JFFuF4zGOYvpvWmt2CgO
8/A/EqoDh6GUOxjDHXoWYfP/MnPlismvBLLNL7ytg2TyL5dKFPgsbChtmJ5QqtZn
fAzAiabAJruJhy6KEy+u434NftXbnpF3r1NG7SY/JkW3rF1oO4Pj5/11M43OX3/n
YMzqRPR3P8UWLJXyBURFwqUrOzDfwEhuB2TmNu5pm7RIh9M+rJkLIMPOlw4v6V81
gp6QM6mviXGkkOJlcX2TW23BUC7FJKe+3ravmc7IaDb8kQo917ljyOpGfikms66Y
2db/jOM8n6J3+fsVoyOCvz3USgMCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBS+ds9B
55SJGAnmCuoPHVgC2x1cpDAfBgNVHSMEGDAWgBQFqXjj1Uf1WT5LAxlwOFmGlFBY
xjAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2MzIzNUQvNjc3Q0ZERUM0QzM5MTFGMDgzRUMzMzk3REFFNEVDOUMvQmFsNDQ5
Vkg5VmstU3dNWmNEaFpocFJRV01ZLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvQmFsNDQ5Vkg5VmstU3dNWmNEaFpocFJRV01ZLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2MzIzNUQvNjc3Q0ZERUM0QzM5MTFGMDgzRUMzMzk3REFF
NEVDOUMvOTU2RDZDMDA0QzdBMTFGMDk0MUY1REJCREFFNEVDOUMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAWbeeDANBgkqhkiG9w0BAQsF
AAOCAQEAZBlMoQGUncxQSWE/TPnYCK8IihnGhw88Cgzzf1IGgw9Es9LKcX260o2u
NN3SOMgD2cZ8K14nrimwu1vNyuUGm8vNdqJX2Lhxevtw3rgNIVLsLEyYKdZktn92
XwFAnm5r4Uqiw72AfyHjH9j9FunyOial4Yk4OS2GOqd0R5LWx4TrZmuHoX+HLVLM
iXcWR7E61fndVr0ivS6vN3FYrTsdPtH/jkHtkp1MaNcLkb7E/f9ahhhEc4JgNXxi
Fa1Bf4QNjOTBx7EF3uilWXUmRXO29a/1TtxICrUNeVsvf+eXzthyNe7+m0Bb3ZWe
x3zMHOSiWjX/wdpObs+Rh8WtWlLf/A==
-----END CERTIFICATE-----
Generated at Thu Jul 3 05:56:32 2025 by rpki-client