Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36364C2/643B7A54B58411ECB7CFC7755A40D577/F40DF332363C11F08BDA31D8DAE4EC9C.roa
File: F40DF332363C11F08BDA31D8DAE4EC9C.roa (raw, json)
Hash identifier: tpknoYxFRYkKkestWOBfXYnFDZcfLPeGP0oSSacczQ4=
Subject key identifier: 7C:75:68:2D:8A:AB:49:12:1D:41:2A:6C:1D:A9:0D:97:D4:7F:48:C1
Certificate issuer: /CN=F36364C2AF/serialNumber=5EE80C7E888C71B3102418780BD6E10A52D17088
Certificate serial: 04A6
Authority key identifier: 5E:E8:0C:7E:88:8C:71:B3:10:24:18:78:0B:D6:E1:0A:52:D1:70:88
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/XugMfoiMcbMQJBh4C9bhClLRcIg.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36364C2/643B7A54B58411ECB7CFC7755A40D577/F40DF332363C11F08BDA31D8DAE4EC9C.roa
Signing time: Wed 21 May 2025 12:13:07 +0000
ROA not before: Wed 21 May 2025 12:13:02 +0000
ROA not after: Mon 21 May 2035 12:13:02 +0000
asID: 328974
IP address blocks: 102.206.84.0/22 maxlen: 24
102.217.228.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36364C2/643B7A54B58411ECB7CFC7755A40D577/XugMfoiMcbMQJBh4C9bhClLRcIg.crl
rsync://rpki.afrinic.net/repository/member_repository/F36364C2/643B7A54B58411ECB7CFC7755A40D577/XugMfoiMcbMQJBh4C9bhClLRcIg.mft
rsync://rpki.afrinic.net/repository/afrinic/XugMfoiMcbMQJBh4C9bhClLRcIg.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 09 Jun 2025 02:54:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1190 (0x4a6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36364C2AF, serialNumber=5EE80C7E888C71B3102418780BD6E10A52D17088
Validity
Not Before: May 21 12:13:02 2025 GMT
Not After : May 21 12:13:02 2035 GMT
Subject: CN=682dc353-c4df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:02:71:80:8d:4a:96:b0:48:14:01:b6:ee:57:
49:fa:c2:39:31:86:cf:27:55:7f:13:1c:0b:85:cd:
83:42:29:88:92:91:bd:ec:96:5c:72:80:e1:ad:68:
6e:c5:96:30:b2:44:5e:87:31:29:38:12:0e:8a:aa:
ac:8c:30:5f:82:0e:d6:f0:ac:a6:57:0b:e0:61:02:
04:fd:2a:b5:fd:a2:54:63:78:d3:60:52:99:e0:7d:
90:3e:56:f4:d0:43:65:67:f7:e9:2e:44:ac:00:0b:
f3:2f:33:0e:24:e1:45:8d:0b:56:30:ca:14:36:a7:
0d:6c:bd:a9:a2:55:f1:0b:57:23:f2:f1:07:7a:e3:
14:5b:e0:6b:27:38:11:95:97:6f:3b:b8:fe:11:3a:
db:f4:f4:fa:8d:f6:02:3d:cd:5e:80:70:29:77:54:
34:1f:2b:a6:58:a8:21:f7:51:01:12:a6:6e:18:d5:
83:36:b1:5d:f0:58:90:ed:43:5f:46:5c:89:c2:f7:
df:38:15:18:2c:1c:59:47:4b:f9:5e:81:37:59:ba:
f3:27:4d:60:e1:c0:ab:a1:fe:14:7f:a2:10:8e:d0:
cc:d8:2e:a4:94:4b:cc:d1:7b:eb:fc:5e:8f:aa:cf:
c0:60:d4:e0:17:7a:02:61:f7:92:1b:ce:a9:a5:4a:
60:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:75:68:2D:8A:AB:49:12:1D:41:2A:6C:1D:A9:0D:97:D4:7F:48:C1
X509v3 Authority Key Identifier:
keyid:5E:E8:0C:7E:88:8C:71:B3:10:24:18:78:0B:D6:E1:0A:52:D1:70:88
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36364C2/643B7A54B58411ECB7CFC7755A40D577/XugMfoiMcbMQJBh4C9bhClLRcIg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/XugMfoiMcbMQJBh4C9bhClLRcIg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36364C2/643B7A54B58411ECB7CFC7755A40D577/F40DF332363C11F08BDA31D8DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.206.84.0/22
102.217.228.0/22
Signature Algorithm: sha256WithRSAEncryption
10:7e:3c:3a:ca:d0:9e:4b:68:92:24:c9:d5:ef:0e:d8:86:ad:
6d:ff:eb:d3:5d:43:04:20:c0:2c:09:8d:37:c6:99:5a:06:c5:
f5:f1:be:ed:99:bb:07:0c:85:ec:7b:55:4c:19:26:34:46:97:
3e:ee:0b:67:71:59:38:4c:68:e2:0e:a1:6d:c1:62:c2:3d:00:
7e:d8:76:5b:d9:00:e7:f5:e0:ff:c9:7e:3c:c6:84:30:f1:5f:
c7:d7:6b:66:8a:a8:06:80:80:f7:73:9b:ac:a6:28:51:68:66:
b4:5d:81:65:b8:1e:20:6e:f9:8d:27:a8:4a:f9:40:1f:1d:56:
60:7b:4b:6a:e7:e6:c5:12:12:63:93:17:9c:7b:d5:7c:23:31:
99:eb:05:06:64:65:de:ac:df:22:66:d8:4c:74:44:af:c1:24:
8c:45:e5:7a:df:19:cb:cc:bb:e1:20:d8:7a:2d:99:00:2d:b9:
da:54:55:e6:22:70:1f:3a:42:23:e5:35:88:0d:43:8d:69:cf:
81:c7:b1:86:92:a0:5a:56:87:c0:42:1e:9c:f2:f7:9b:4a:fb:
88:4f:a0:3f:6c:ae:5f:7d:d4:67:b9:43:f5:9e:7e:80:b3:68:
70:92:8e:0a:5c:3e:3b:2c:4d:e8:b2:93:8a:54:1c:e7:0b:03:
48:39:1d:5f
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgICBKYwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
MzY0QzJBRjExMC8GA1UEBRMoNUVFODBDN0U4ODhDNzFCMzEwMjQxODc4MEJENkUx
MEE1MkQxNzA4ODAeFw0yNTA1MjExMjEzMDJaFw0zNTA1MjExMjEzMDJaMBgxFjAU
BgNVBAMTDTY4MmRjMzUzLWM0ZGYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDhAnGAjUqWsEgUAbbuV0n6wjkxhs8nVX8THAuFzYNCKYiSkb3sllxygOGt
aG7FljCyRF6HMSk4Eg6KqqyMMF+CDtbwrKZXC+BhAgT9KrX9olRjeNNgUpngfZA+
VvTQQ2Vn9+kuRKwAC/MvMw4k4UWNC1YwyhQ2pw1svamiVfELVyPy8Qd64xRb4Gsn
OBGVl287uP4ROtv09PqN9gI9zV6AcCl3VDQfK6ZYqCH3UQESpm4Y1YM2sV3wWJDt
Q19GXInC9984FRgsHFlHS/legTdZuvMnTWDhwKuh/hR/ohCO0MzYLqSUS8zRe+v8
Xo+qz8Bg1OAXegJh95IbzqmlSmChAgMBAAGjggKrMIICpzAdBgNVHQ4EFgQUfHVo
LYqrSRIdQSpsHakNl9R/SMEwHwYDVR0jBBgwFoAUXugMfoiMcbMQJBh4C9bhClLR
cIgwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjM2NEMyLzY0M0I3QTU0QjU4NDExRUNCN0NGQzc3NTVBNDBENTc3L1h1Z01m
b2lNY2JNUUpCaDRDOWJoQ2xMUmNJZy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL1h1Z01mb2lNY2JNUUpCaDRDOWJoQ2xMUmNJZy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjM2NEMyLzY0M0I3QTU0QjU4NDExRUNCN0NGQzc3NTVB
NDBENTc3L0Y0MERGMzMyMzYzQzExRjA4QkRBMzFEOERBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBAJmzlQDBAJm2eQwDQYJKoZI
hvcNAQELBQADggEBABB+PDrK0J5LaJIkydXvDtiGrW3/69NdQwQgwCwJjTfGmVoG
xfXxvu2ZuwcMhex7VUwZJjRGlz7uC2dxWThMaOIOoW3BYsI9AH7YdlvZAOf14P/J
fjzGhDDxX8fXa2aKqAaAgPdzm6ymKFFoZrRdgWW4HiBu+Y0nqEr5QB8dVmB7S2rn
5sUSEmOTF5x71XwjMZnrBQZkZd6s3yJm2Ex0RK/BJIxF5XrfGcvMu+Eg2HotmQAt
udpUVeYicB86QiPlNYgNQ41pz4HHsYaSoFpWh8BCHpzy95tK+4hPoD9srl991Ge5
Q/WefoCzaHCSjgpcPjssTeiyk4pUHOcLA0g5HV8=
-----END CERTIFICATE-----
Generated at Sat Jun 7 14:08:36 2025 by rpki-client