Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F363A48B/103FED46574711F0BA585979DAE4EC9C/075271E4574811F0A7DC6D7EDAE4EC9C.roa
File: 075271E4574811F0A7DC6D7EDAE4EC9C.roa (raw, json)
Hash identifier: zOGSgi/1KJ9xQcEdBGnV40++jUsJYV1/+BcJ8fXP1w8=
Subject key identifier: 05:40:02:9D:10:D8:38:C7:D3:B3:50:76:7E:BB:7D:38:8E:95:F7:1B
Certificate issuer: /CN=F363A48BAF/serialNumber=E3ED0A2B141E659C4521399CA3CC8F818C75F71D
Certificate serial: 02
Authority key identifier: E3:ED:0A:2B:14:1E:65:9C:45:21:39:9C:A3:CC:8F:81:8C:75:F7:1D
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/4-0KKxQeZZxFITmco8yPgYx19x0.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F363A48B/103FED46574711F0BA585979DAE4EC9C/075271E4574811F0A7DC6D7EDAE4EC9C.roa
Signing time: Wed 02 Jul 2025 13:25:32 +0000
ROA not before: Wed 02 Jul 2025 13:25:28 +0000
ROA not after: Mon 02 Jul 2035 13:25:28 +0000
asID: 329533
IP address blocks: 102.205.224.0/22 maxlen: 24
2c0f:5dc0::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F363A48B/103FED46574711F0BA585979DAE4EC9C/4-0KKxQeZZxFITmco8yPgYx19x0.crl
rsync://rpki.afrinic.net/repository/member_repository/F363A48B/103FED46574711F0BA585979DAE4EC9C/4-0KKxQeZZxFITmco8yPgYx19x0.mft
rsync://rpki.afrinic.net/repository/afrinic/4-0KKxQeZZxFITmco8yPgYx19x0.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 03 Aug 2025 00:07:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F363A48BAF, serialNumber=E3ED0A2B141E659C4521399CA3CC8F818C75F71D
Validity
Not Before: Jul 2 13:25:28 2025 GMT
Not After : Jul 2 13:25:28 2035 GMT
Subject: CN=6865334c-24f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:98:8d:8e:fb:01:8b:ae:79:ec:5a:24:bd:4b:
1b:d9:6f:58:d9:22:5d:33:1a:4c:1e:ab:a9:4e:68:
39:b3:1b:39:43:6d:d9:46:91:bd:d6:ca:06:42:be:
07:0f:74:60:2f:0e:be:44:05:97:fc:b7:7f:21:82:
33:c0:16:51:52:5c:99:c3:bd:5b:06:46:be:38:05:
01:f2:b0:55:cd:28:ef:43:cf:df:e3:39:fb:06:3c:
70:ab:4d:be:9c:de:42:47:a5:77:dc:19:e8:38:7b:
1c:fc:9a:0b:2f:e4:75:6c:43:66:b1:88:a0:28:be:
03:53:ca:e0:ff:75:95:5f:c2:70:94:f8:85:ba:09:
38:83:6a:fb:66:74:b4:31:77:e3:56:d8:af:03:46:
5e:f1:82:13:70:84:a0:e2:53:e9:90:c0:2d:09:91:
db:0b:fe:65:cd:6b:b4:de:43:d8:fa:2b:fd:fe:21:
33:24:fc:d2:e2:51:02:b7:32:24:aa:3b:90:b5:f8:
fd:5b:f1:92:c0:d7:c9:90:86:71:a4:fc:1f:7b:96:
65:1b:4c:c4:3a:1f:1e:5f:3b:fa:b6:77:aa:83:14:
3e:4c:5c:3c:8c:19:e2:5c:71:e0:75:e1:36:5c:cc:
7e:45:db:45:1e:86:f2:b6:22:3b:c8:f6:00:67:95:
8b:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:40:02:9D:10:D8:38:C7:D3:B3:50:76:7E:BB:7D:38:8E:95:F7:1B
X509v3 Authority Key Identifier:
keyid:E3:ED:0A:2B:14:1E:65:9C:45:21:39:9C:A3:CC:8F:81:8C:75:F7:1D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F363A48B/103FED46574711F0BA585979DAE4EC9C/4-0KKxQeZZxFITmco8yPgYx19x0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/4-0KKxQeZZxFITmco8yPgYx19x0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F363A48B/103FED46574711F0BA585979DAE4EC9C/075271E4574811F0A7DC6D7EDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.205.224.0/22
IPv6:
2c0f:5dc0::/32
Signature Algorithm: sha256WithRSAEncryption
29:ec:13:b8:30:76:54:33:9a:f2:fa:d9:fa:5d:09:fc:f9:71:
8d:8d:34:3e:30:75:1a:07:ba:6b:6b:8a:e3:65:54:c5:46:39:
d6:1f:97:49:e7:ce:1d:f9:59:d8:29:3a:5e:49:04:b8:3d:20:
cd:17:86:d2:81:d2:45:8b:90:f3:d3:49:df:85:1f:18:de:a0:
80:a3:e1:ae:01:4a:d7:90:cc:d3:b9:91:0c:94:40:d1:50:e1:
29:ac:34:22:cc:94:bd:c2:ab:0c:a8:9f:66:65:4d:ce:9b:9c:
dc:3c:34:5c:92:9c:d9:01:e0:a7:b0:5c:b7:a9:fe:b6:1c:28:
b5:f6:c7:1c:98:fa:98:a3:88:1f:a0:6e:09:97:b2:24:1c:90:
d7:ec:df:f5:12:1b:6d:3f:c5:f4:59:5f:97:fb:94:42:b9:5d:
8f:1d:8e:d9:b9:80:73:22:a3:9e:d5:c2:20:e6:3d:44:2e:d3:
16:92:fc:3d:48:f5:1f:61:40:9e:a3:d2:e2:49:b7:cc:95:f3:
5f:04:8c:fe:ab:73:41:bc:fe:80:2d:7c:84:fd:fe:3f:a4:67:
32:da:79:9c:d2:e8:3b:08:8a:1d:2c:f7:9e:53:c4:c5:23:9e:
47:85:bc:c0:72:27:d5:c0:81:77:4c:11:a0:46:c0:6c:53:b6:
0d:e3:23:3f
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzYz
QTQ4QkFGMTEwLwYDVQQFEyhFM0VEMEEyQjE0MUU2NTlDNDUyMTM5OUNBM0NDOEY4
MThDNzVGNzFEMB4XDTI1MDcwMjEzMjUyOFoXDTM1MDcwMjEzMjUyOFowGDEWMBQG
A1UEAxMNNjg2NTMzNGMtMjRmMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALaYjY77AYuueexaJL1LG9lvWNkiXTMaTB6rqU5oObMbOUNt2UaRvdbKBkK+
Bw90YC8OvkQFl/y3fyGCM8AWUVJcmcO9WwZGvjgFAfKwVc0o70PP3+M5+wY8cKtN
vpzeQkeld9wZ6Dh7HPyaCy/kdWxDZrGIoCi+A1PK4P91lV/CcJT4hboJOINq+2Z0
tDF341bYrwNGXvGCE3CEoOJT6ZDALQmR2wv+Zc1rtN5D2Por/f4hMyT80uJRArcy
JKo7kLX4/VvxksDXyZCGcaT8H3uWZRtMxDofHl87+rZ3qoMUPkxcPIwZ4lxx4HXh
NlzMfkXbRR6G8rYiO8j2AGeVi1cCAwEAAaOCArQwggKwMB0GA1UdDgQWBBQFQAKd
ENg4x9OzUHZ+u304jpX3GzAfBgNVHSMEGDAWgBTj7QorFB5lnEUhOZyjzI+BjHX3
HTAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2M0E0OEIvMTAzRkVENDY1NzQ3MTFGMEJBNTg1OTc5REFFNEVDOUMvNC0wS0t4
UWVaWnhGSVRtY284eVBnWXgxOXgwLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvNC0wS0t4UWVaWnhGSVRtY284eVBnWXgxOXgwLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2M0E0OEIvMTAzRkVENDY1NzQ3MTFGMEJBNTg1OTc5REFF
NEVDOUMvMDc1MjcxRTQ1NzQ4MTFGMEE3REM2RDdFREFFNEVDOUMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAmbN4DANBAIAAjAHAwUALA9d
wDANBgkqhkiG9w0BAQsFAAOCAQEAKewTuDB2VDOa8vrZ+l0J/PlxjY00PjB1Gge6
a2uK42VUxUY51h+XSefOHflZ2Ck6XkkEuD0gzReG0oHSRYuQ89NJ34UfGN6ggKPh
rgFK15DM07mRDJRA0VDhKaw0IsyUvcKrDKifZmVNzpuc3Dw0XJKc2QHgp7Bct6n+
thwotfbHHJj6mKOIH6BuCZeyJByQ1+zf9RIbbT/F9Flfl/uUQrldjx2O2bmAcyKj
ntXCIOY9RC7TFpL8PUj1H2FAnqPS4km3zJXzXwSM/qtzQbz+gC18hP3+P6RnMtp5
nNLoOwiKHSz3nlPExSOeR4W8wHIn1cCBd0wRoEbAbFO2DeMjPw==
-----END CERTIFICATE-----
Generated at Fri Aug 1 18:09:35 2025 by rpki-client