Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F363BA19/0E7F1DF6962A11EC8671E6E05A40D577/BCE084F00A1411F0AEEA6352762E951A.roa
File: BCE084F00A1411F0AEEA6352762E951A.roa (raw, json)
Hash identifier: cbyd0n+OvIwTNvwQzp7bThP9YSpmzXNuvqcWJbRWQl8=
Subject key identifier: EC:D3:DD:CC:E4:65:A6:CB:C4:B6:F2:35:3E:8B:76:65:4F:DC:8F:FB
Certificate issuer: /CN=F363BA19AF/serialNumber=6AEA24B099C32B22E4E48BB9F26CF578BEF6BFF3
Certificate serial: 0880
Authority key identifier: 6A:EA:24:B0:99:C3:2B:22:E4:E4:8B:B9:F2:6C:F5:78:BE:F6:BF:F3
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/auoksJnDKyLk5Iu58mz1eL72v_M.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F363BA19/0E7F1DF6962A11EC8671E6E05A40D577/BCE084F00A1411F0AEEA6352762E951A.roa
Signing time: Wed 26 Mar 2025 07:34:23 +0000
ROA not before: Wed 26 Mar 2025 07:34:19 +0000
ROA not after: Thu 26 Mar 2026 07:34:19 +0000
asID: 4766
IP address blocks: 102.135.85.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F363BA19/0E7F1DF6962A11EC8671E6E05A40D577/auoksJnDKyLk5Iu58mz1eL72v_M.crl
rsync://rpki.afrinic.net/repository/member_repository/F363BA19/0E7F1DF6962A11EC8671E6E05A40D577/auoksJnDKyLk5Iu58mz1eL72v_M.mft
rsync://rpki.afrinic.net/repository/afrinic/auoksJnDKyLk5Iu58mz1eL72v_M.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2176 (0x880)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F363BA19AF
Validity
Not Before: Mar 26 07:34:19 2025 GMT
Not After : Mar 26 07:34:19 2026 GMT
Subject: CN=67e3adff-4de5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:d7:eb:b5:97:69:c9:f6:8c:9a:61:02:27:6c:
3a:b3:bf:63:97:44:88:6f:d8:9d:3c:4d:7a:1c:98:
4a:62:40:77:f8:03:83:46:c5:8f:d3:fe:2d:17:c5:
47:90:2a:dc:19:cd:10:db:54:08:9e:12:a6:2d:11:
3a:ea:04:16:2e:b8:06:ca:b0:fd:a5:32:45:aa:61:
20:41:bb:10:ab:b7:0c:db:62:a5:9d:62:19:0d:5f:
76:9c:82:be:50:93:6b:ed:d0:0d:a8:8e:82:2f:39:
27:1b:66:ff:ee:bb:51:6e:f2:0e:41:a0:55:fb:d7:
cf:16:3c:63:80:b2:c0:6a:6f:cf:9b:eb:ff:05:9e:
26:55:b9:09:7b:ca:65:ea:4f:fb:c7:06:cd:35:84:
ec:df:b5:2e:5a:0c:1d:44:72:0f:46:86:ba:56:5d:
c1:ac:70:f1:20:34:25:35:6c:c9:85:a9:b4:9c:27:
10:76:48:8f:4f:69:e6:d9:25:27:62:f4:33:5d:53:
88:12:ea:a4:df:70:42:c0:e0:49:30:57:cd:21:18:
29:d9:b7:2a:35:3b:7b:02:c4:cc:4f:45:9e:87:af:
be:1b:6f:c1:74:5e:01:65:77:56:38:63:6f:19:c6:
ff:5a:da:7a:37:2b:7e:bf:77:29:f1:b6:aa:08:91:
80:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:D3:DD:CC:E4:65:A6:CB:C4:B6:F2:35:3E:8B:76:65:4F:DC:8F:FB
X509v3 Authority Key Identifier:
keyid:6A:EA:24:B0:99:C3:2B:22:E4:E4:8B:B9:F2:6C:F5:78:BE:F6:BF:F3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F363BA19/0E7F1DF6962A11EC8671E6E05A40D577/auoksJnDKyLk5Iu58mz1eL72v_M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/auoksJnDKyLk5Iu58mz1eL72v_M.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F363BA19/0E7F1DF6962A11EC8671E6E05A40D577/BCE084F00A1411F0AEEA6352762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.135.85.0/24
Signature Algorithm: sha256WithRSAEncryption
a3:f3:b0:94:bd:7a:1f:5a:e5:78:56:6d:ff:05:15:2e:dd:25:
15:14:fd:12:94:f1:b6:12:e2:ea:87:cf:d7:74:b3:54:95:c6:
0b:82:f6:21:14:1c:c6:10:67:63:82:e5:d0:a6:76:71:9d:38:
e4:05:d6:98:47:05:fe:ee:5b:ff:a7:98:75:52:c6:0b:ce:52:
92:83:55:6d:38:eb:4c:ba:3f:39:14:0a:8b:86:78:a6:dc:5e:
19:8e:cb:cd:dd:79:fb:dc:f7:54:25:75:d7:60:83:94:70:78:
2c:50:ed:0e:bb:7a:ea:e7:de:41:bd:24:93:13:ff:49:b8:b1:
f2:9c:0f:a6:00:84:db:4c:44:61:7a:5d:d1:aa:2e:cf:79:71:
db:61:ad:11:1e:f7:c8:34:9c:c7:74:1f:51:49:e3:a1:2c:23:
10:a1:a0:18:cd:8c:bc:bf:c9:c3:5f:46:86:ed:91:47:2c:3e:
6b:83:a3:83:ca:d1:2f:b9:3f:64:8d:11:c1:d9:b1:f9:61:5c:
ca:d2:f0:d2:b9:07:48:69:f5:0e:e2:04:4b:cc:bb:a3:62:42:
56:04:3e:cf:e8:f2:0a:f8:3a:ce:4c:b2:87:2c:42:62:66:67:
5f:c2:a0:04:7f:53:d2:f1:81:33:fd:09:38:46:21:ba:c3:23:
1f:a2:ea:57
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICCIAwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
M0JBMTlBRjExMC8GA1UEBRMoNkFFQTI0QjA5OUMzMkIyMkU0RTQ4QkI5RjI2Q0Y1
NzhCRUY2QkZGMzAeFw0yNTAzMjYwNzM0MTlaFw0yNjAzMjYwNzM0MTlaMBgxFjAU
BgNVBAMTDTY3ZTNhZGZmLTRkZTUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQD11+u1l2nJ9oyaYQInbDqzv2OXRIhv2J08TXocmEpiQHf4A4NGxY/T/i0X
xUeQKtwZzRDbVAieEqYtETrqBBYuuAbKsP2lMkWqYSBBuxCrtwzbYqWdYhkNX3ac
gr5Qk2vt0A2ojoIvOScbZv/uu1Fu8g5BoFX7188WPGOAssBqb8+b6/8FniZVuQl7
ymXqT/vHBs01hOzftS5aDB1Ecg9GhrpWXcGscPEgNCU1bMmFqbScJxB2SI9PaebZ
JSdi9DNdU4gS6qTfcELA4EkwV80hGCnZtyo1O3sCxMxPRZ6Hr74bb8F0XgFld1Y4
Y28Zxv9a2no3K36/dynxtqoIkYCzAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQU7NPd
zORlpsvEtvI1Pot2ZU/cj/swHwYDVR0jBBgwFoAUauoksJnDKyLk5Iu58mz1eL72
v/MwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjNCQTE5LzBFN0YxREY2OTYyQTExRUM4NjcxRTZFMDVBNDBENTc3L2F1b2tz
Sm5ES3lMazVJdTU4bXoxZUw3MnZfTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL2F1b2tzSm5ES3lMazVJdTU4bXoxZUw3MnZfTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjNCQTE5LzBFN0YxREY2OTYyQTExRUM4NjcxRTZFMDVB
NDBENTc3L0JDRTA4NEYwMEExNDExRjBBRUVBNjM1Mjc2MkU5NTFBLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABmh1UwDQYJKoZIhvcNAQEL
BQADggEBAKPzsJS9eh9a5XhWbf8FFS7dJRUU/RKU8bYS4uqHz9d0s1SVxguC9iEU
HMYQZ2OC5dCmdnGdOOQF1phHBf7uW/+nmHVSxgvOUpKDVW0460y6PzkUCouGeKbc
XhmOy83defvc91Qldddgg5RweCxQ7Q67eurn3kG9JJMT/0m4sfKcD6YAhNtMRGF6
XdGqLs95cdthrREe98g0nMd0H1FJ46EsIxChoBjNjLy/ycNfRobtkUcsPmuDo4PK
0S+5P2SNEcHZsflhXMrS8NK5B0hp9Q7iBEvMu6NiQlYEPs/o8gr4Os5MsocsQmJm
Z1/CoAR/U9LxgTP9CThGIbrDIx+i6lc=
-----END CERTIFICATE-----
Generated at Fri Apr 4 20:14:43 2025 by rpki-client