Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3640D65/D6E7DE72669211F0B236DBEBDAE4EC9C/AF736D22669511F0AE6F0B7FDAE4EC9C.roa
File: AF736D22669511F0AE6F0B7FDAE4EC9C.roa (raw, json)
Hash identifier: z5Q6Me8+hrh2wppVl3E0nnD4XDb7iRxKouJNGG6mdYs=
Subject key identifier: 6B:D3:C2:63:5F:03:EF:51:41:E8:0A:0F:21:0E:D9:38:75:46:8C:4C
Certificate issuer: /CN=F3640D65AF/serialNumber=0088D4457E442602D766DBA90E1FC224BD7E8BB6
Certificate serial: 02
Authority key identifier: 00:88:D4:45:7E:44:26:02:D7:66:DB:A9:0E:1F:C2:24:BD:7E:8B:B6
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/AIjURX5EJgLXZtupDh_CJL1-i7Y.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3640D65/D6E7DE72669211F0B236DBEBDAE4EC9C/AF736D22669511F0AE6F0B7FDAE4EC9C.roa
Signing time: Tue 22 Jul 2025 00:49:13 +0000
ROA not before: Tue 22 Jul 2025 00:00:08 +0000
ROA not after: Sat 22 Jul 2028 00:00:08 +0000
asID: 329583
IP address blocks: 102.205.80.0/22 maxlen: 24
2c0f:2ac0::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3640D65/D6E7DE72669211F0B236DBEBDAE4EC9C/AIjURX5EJgLXZtupDh_CJL1-i7Y.crl
rsync://rpki.afrinic.net/repository/member_repository/F3640D65/D6E7DE72669211F0B236DBEBDAE4EC9C/AIjURX5EJgLXZtupDh_CJL1-i7Y.mft
rsync://rpki.afrinic.net/repository/afrinic/AIjURX5EJgLXZtupDh_CJL1-i7Y.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 29 Jul 2025 00:06:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3640D65AF, serialNumber=0088D4457E442602D766DBA90E1FC224BD7E8BB6
Validity
Not Before: Jul 22 00:00:08 2025 GMT
Not After : Jul 22 00:00:08 2028 GMT
Subject: CN=687ee009-ae74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:dd:fc:a0:38:28:33:fb:7d:11:bf:29:a8:dc:
08:7f:8b:35:55:fc:4b:30:a4:64:a0:70:e1:fc:2a:
6c:db:fb:32:46:45:2b:8e:5f:57:06:90:3a:f2:cf:
da:5f:dd:ee:bc:ad:b5:e0:2b:c7:51:72:5f:e3:f3:
ab:31:cf:94:e5:2b:b7:45:d3:13:a9:67:8d:0b:5c:
7d:45:47:fa:1d:cb:07:fd:21:fe:69:89:26:24:15:
1c:19:48:a5:b0:69:08:98:56:f9:ab:ac:80:6f:08:
45:08:89:ac:13:87:29:7c:e7:9e:61:25:39:b3:3f:
67:76:43:e7:d3:09:42:66:f8:02:2a:77:53:db:5f:
1e:00:1e:ab:80:94:65:f3:98:82:a4:36:94:fe:ad:
3b:47:3b:3e:07:17:47:fd:18:90:74:89:2e:d9:a6:
0d:9f:f8:f2:44:d0:82:0d:fd:57:22:66:f4:52:a9:
39:95:0e:c2:50:07:5f:98:73:2a:4d:61:71:09:3e:
2e:08:e8:d6:50:bd:9a:2b:c1:a8:5d:4b:34:c0:b0:
8d:29:a5:d1:a2:65:97:d8:e4:8e:81:c3:ed:b0:43:
c9:2c:70:ea:de:d3:f0:24:63:fe:1a:91:d0:61:47:
6b:84:40:52:24:5c:48:53:73:4a:88:ad:a7:cf:19:
eb:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:D3:C2:63:5F:03:EF:51:41:E8:0A:0F:21:0E:D9:38:75:46:8C:4C
X509v3 Authority Key Identifier:
keyid:00:88:D4:45:7E:44:26:02:D7:66:DB:A9:0E:1F:C2:24:BD:7E:8B:B6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3640D65/D6E7DE72669211F0B236DBEBDAE4EC9C/AIjURX5EJgLXZtupDh_CJL1-i7Y.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/AIjURX5EJgLXZtupDh_CJL1-i7Y.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3640D65/D6E7DE72669211F0B236DBEBDAE4EC9C/AF736D22669511F0AE6F0B7FDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.205.80.0/22
IPv6:
2c0f:2ac0::/32
Signature Algorithm: sha256WithRSAEncryption
c3:a2:62:db:6b:93:5f:0b:90:d3:ab:a2:e4:c6:8c:1b:a7:10:
c3:5d:3a:3d:d0:3f:16:0f:75:bc:97:01:06:5a:c4:e0:2a:9e:
15:62:b1:11:fd:3a:74:59:28:27:5d:9a:7f:b1:57:8a:8e:2d:
3e:33:b8:62:9c:0d:9d:58:f0:ae:8c:cf:43:b4:19:7d:25:cf:
68:8b:f3:4d:d1:63:17:b7:73:84:de:2e:e2:89:c2:2d:8d:5c:
0f:37:cf:d1:86:59:1b:89:04:f0:8e:60:b4:da:f4:e0:0b:fc:
d6:81:5e:63:b5:47:af:4d:e4:aa:19:ee:95:f5:e5:69:82:db:
a5:1b:99:07:9e:38:95:54:71:36:d2:4d:75:44:c5:1c:8b:00:
29:98:f8:dc:a5:db:c2:49:8b:93:a5:ff:c7:40:f2:6b:16:07:
02:34:61:9e:fc:68:46:c3:83:60:e0:39:9a:15:b1:be:9c:f5:
0c:a9:3b:f1:44:31:d5:87:a7:2a:ec:14:44:3a:a3:ba:0d:8c:
cb:39:0a:14:fd:29:1b:31:b7:2a:33:66:d1:2b:1c:6a:76:86:
58:98:e1:18:91:6f:2e:f3:ec:d0:a9:57:15:84:cc:45:76:bf:
66:7f:bf:c3:b5:8a:72:d1:fb:ae:74:01:d6:1a:03:eb:7f:83:
ce:c3:d3:06
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY0
MEQ2NUFGMTEwLwYDVQQFEygwMDg4RDQ0NTdFNDQyNjAyRDc2NkRCQTkwRTFGQzIy
NEJEN0U4QkI2MB4XDTI1MDcyMjAwMDAwOFoXDTI4MDcyMjAwMDAwOFowGDEWMBQG
A1UEAxMNNjg3ZWUwMDktYWU3NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMTd/KA4KDP7fRG/KajcCH+LNVX8SzCkZKBw4fwqbNv7MkZFK45fVwaQOvLP
2l/d7rytteArx1FyX+PzqzHPlOUrt0XTE6lnjQtcfUVH+h3LB/0h/mmJJiQVHBlI
pbBpCJhW+ausgG8IRQiJrBOHKXznnmElObM/Z3ZD59MJQmb4Aip3U9tfHgAeq4CU
ZfOYgqQ2lP6tO0c7PgcXR/0YkHSJLtmmDZ/48kTQgg39VyJm9FKpOZUOwlAHX5hz
Kk1hcQk+Lgjo1lC9mivBqF1LNMCwjSml0aJll9jkjoHD7bBDySxw6t7T8CRj/hqR
0GFHa4RAUiRcSFNzSoitp88Z66sCAwEAAaOCArQwggKwMB0GA1UdDgQWBBRr08Jj
XwPvUUHoCg8hDtk4dUaMTDAfBgNVHSMEGDAWgBQAiNRFfkQmAtdm26kOH8IkvX6L
tjAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NDBENjUvRDZFN0RFNzI2NjkyMTFGMEIyMzZEQkVCREFFNEVDOUMvQUlqVVJY
NUVKZ0xYWnR1cERoX0NKTDEtaTdZLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvQUlqVVJYNUVKZ0xYWnR1cERoX0NKTDEtaTdZLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2NDBENjUvRDZFN0RFNzI2NjkyMTFGMEIyMzZEQkVCREFF
NEVDOUMvQUY3MzZEMjI2Njk1MTFGMEFFNkYwQjdGREFFNEVDOUMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAmbNUDANBAIAAjAHAwUALA8q
wDANBgkqhkiG9w0BAQsFAAOCAQEAw6Ji22uTXwuQ06ui5MaMG6cQw106PdA/Fg91
vJcBBlrE4CqeFWKxEf06dFkoJ12af7FXio4tPjO4YpwNnVjwrozPQ7QZfSXPaIvz
TdFjF7dzhN4u4onCLY1cDzfP0YZZG4kE8I5gtNr04Av81oFeY7VHr03kqhnulfXl
aYLbpRuZB544lVRxNtJNdUTFHIsAKZj43KXbwkmLk6X/x0DyaxYHAjRhnvxoRsOD
YOA5mhWxvpz1DKk78UQx1YenKuwURDqjug2MyzkKFP0pGzG3KjNm0SscanaGWJjh
GJFvLvPs0KlXFYTMRXa/Zn+/w7WKctH7rnQB1hoD63+DzsPTBg==
-----END CERTIFICATE-----
Generated at Sun Jul 27 07:49:07 2025 by rpki-client