Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F364789C/72EFAF4C910111EABD3F2473F8AEA228/2EFD35103D2311F0BEF197E3DAE4EC9C.roa
File: 2EFD35103D2311F0BEF197E3DAE4EC9C.roa (raw, json)
Hash identifier: VAuof8+c3AiuaINM/EubJN5Nhm7qUAQjKjM22LUdNQ4=
Subject key identifier: 47:A2:7A:0D:B5:F8:1B:BC:38:51:0C:73:D7:C2:40:26:E0:28:03:76
Certificate issuer: /CN=F364789CAF/serialNumber=D1F7C00EF3EB06E8817CFDC1DB96060407E49C0D
Certificate serial: 0794
Authority key identifier: D1:F7:C0:0E:F3:EB:06:E8:81:7C:FD:C1:DB:96:06:04:07:E4:9C:0D
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/0ffADvPrBuiBfP3B25YGBAfknA0.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F364789C/72EFAF4C910111EABD3F2473F8AEA228/2EFD35103D2311F0BEF197E3DAE4EC9C.roa
Signing time: Fri 30 May 2025 06:56:17 +0000
ROA not before: Fri 30 May 2025 06:56:13 +0000
ROA not after: Thu 31 Jul 2025 06:56:13 +0000
asID: 328608
IP address blocks: 102.223.199.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F364789C/72EFAF4C910111EABD3F2473F8AEA228/0ffADvPrBuiBfP3B25YGBAfknA0.crl
rsync://rpki.afrinic.net/repository/member_repository/F364789C/72EFAF4C910111EABD3F2473F8AEA228/0ffADvPrBuiBfP3B25YGBAfknA0.mft
rsync://rpki.afrinic.net/repository/afrinic/0ffADvPrBuiBfP3B25YGBAfknA0.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 08 Jun 2025 00:06:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1940 (0x794)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F364789CAF, serialNumber=D1F7C00EF3EB06E8817CFDC1DB96060407E49C0D
Validity
Not Before: May 30 06:56:13 2025 GMT
Not After : Jul 31 06:56:13 2025 GMT
Subject: CN=68395691-2eb0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:8c:f1:0c:d6:bc:c1:d3:25:a4:c4:fd:f9:ac:
58:70:58:37:68:0d:5f:f2:87:f1:c9:d8:53:d3:5f:
49:4b:15:0d:8c:cd:0a:08:2e:08:1d:8a:e8:5c:2e:
1e:3f:04:45:6c:ef:34:2b:a0:d0:53:84:c9:1b:fa:
4a:55:0f:ab:98:4a:3d:5d:dd:d6:2d:39:78:31:90:
0f:c9:ad:a4:01:36:02:c8:62:cb:68:c3:55:1d:d6:
39:a5:ce:9a:f4:67:cc:c2:42:af:29:b8:d7:06:5e:
b9:42:04:c6:9b:a6:cb:c7:b2:16:6f:85:da:f8:e5:
c7:e2:f9:e1:c0:4a:31:19:77:bf:0e:dd:05:97:5f:
67:f8:dc:b4:c6:df:8e:ad:df:ba:3b:13:fa:0d:3e:
62:99:17:0e:58:2e:c2:e9:ed:53:29:88:a2:41:8b:
84:c8:7b:58:47:a2:49:39:bf:9e:7b:e0:87:0f:c3:
fb:d8:a8:ef:11:df:39:1c:a1:89:a8:b8:88:fd:4b:
3e:9a:3b:2c:bb:b7:15:42:fe:04:c7:03:98:62:9d:
16:3f:80:96:9f:c6:22:7d:27:24:2c:60:f5:94:3c:
8f:5a:45:7a:94:b6:13:39:7b:05:9c:d3:89:b0:f6:
fc:48:13:44:e8:e0:ab:e6:72:44:90:61:cb:de:95:
5b:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:A2:7A:0D:B5:F8:1B:BC:38:51:0C:73:D7:C2:40:26:E0:28:03:76
X509v3 Authority Key Identifier:
keyid:D1:F7:C0:0E:F3:EB:06:E8:81:7C:FD:C1:DB:96:06:04:07:E4:9C:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F364789C/72EFAF4C910111EABD3F2473F8AEA228/0ffADvPrBuiBfP3B25YGBAfknA0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/0ffADvPrBuiBfP3B25YGBAfknA0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F364789C/72EFAF4C910111EABD3F2473F8AEA228/2EFD35103D2311F0BEF197E3DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.223.199.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:e0:63:95:79:87:27:f4:62:5b:15:9d:55:3a:d6:e5:1d:5c:
6e:4f:04:41:d5:c5:d4:4a:59:d1:47:89:0c:0d:1d:c3:cd:08:
31:5b:36:b9:5a:4a:72:8d:df:c7:e3:ec:16:b4:f1:fb:95:a8:
1e:74:f2:4d:7a:45:50:cb:0a:60:c9:69:5c:a6:4a:1b:fc:5e:
fe:59:ce:89:6e:9f:4f:7a:a9:9c:35:59:87:62:ef:51:03:5a:
fa:f7:c2:26:19:cc:02:ca:ba:b7:67:a5:00:a1:37:d0:a1:bb:
4b:98:06:bd:be:b9:2c:d4:1c:a9:6f:f8:45:96:78:76:0d:22:
56:27:91:bd:b7:47:f3:97:79:60:d0:24:25:a3:a4:25:a9:61:
e7:ff:5a:31:c8:ba:e0:2d:2f:68:73:2c:61:3e:a8:e5:fb:d9:
9f:ca:98:ab:ff:75:93:16:50:a4:bd:67:de:ff:c9:18:15:ea:
6f:33:29:a0:7c:e9:9c:f6:f0:28:09:54:7c:e4:5a:98:7e:3e:
55:7a:76:80:e5:81:23:db:1f:3f:12:d3:30:f5:d5:50:0c:74:
98:68:ec:50:50:99:cd:8f:92:2b:96:9c:33:db:20:a9:d1:07:
98:5d:07:03:b1:a2:7c:15:ee:6b:16:9f:70:8c:d9:03:af:64:
00:ad:43:d2
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICB5QwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
NDc4OUNBRjExMC8GA1UEBRMoRDFGN0MwMEVGM0VCMDZFODgxN0NGREMxREI5NjA2
MDQwN0U0OUMwRDAeFw0yNTA1MzAwNjU2MTNaFw0yNTA3MzEwNjU2MTNaMBgxFjAU
BgNVBAMTDTY4Mzk1NjkxLTJlYjAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDIjPEM1rzB0yWkxP35rFhwWDdoDV/yh/HJ2FPTX0lLFQ2MzQoILggdiuhc
Lh4/BEVs7zQroNBThMkb+kpVD6uYSj1d3dYtOXgxkA/JraQBNgLIYstow1Ud1jml
zpr0Z8zCQq8puNcGXrlCBMabpsvHshZvhdr45cfi+eHASjEZd78O3QWXX2f43LTG
346t37o7E/oNPmKZFw5YLsLp7VMpiKJBi4TIe1hHokk5v5574IcPw/vYqO8R3zkc
oYmouIj9Sz6aOyy7txVC/gTHA5hinRY/gJafxiJ9JyQsYPWUPI9aRXqUthM5ewWc
04mw9vxIE0To4KvmckSQYcvelVtHAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUR6J6
DbX4G7w4UQxz18JAJuAoA3YwHwYDVR0jBBgwFoAU0ffADvPrBuiBfP3B25YGBAfk
nA0wDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjQ3ODlDLzcyRUZBRjRDOTEwMTExRUFCRDNGMjQ3M0Y4QUVBMjI4LzBmZkFE
dlByQnVpQmZQM0IyNVlHQkFma25BMC5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljLzBmZkFEdlByQnVpQmZQM0IyNVlHQkFma25BMC5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjQ3ODlDLzcyRUZBRjRDOTEwMTExRUFCRDNGMjQ3M0Y4
QUVBMjI4LzJFRkQzNTEwM0QyMzExRjBCRUYxOTdFM0RBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABm38cwDQYJKoZIhvcNAQEL
BQADggEBAA/gY5V5hyf0YlsVnVU61uUdXG5PBEHVxdRKWdFHiQwNHcPNCDFbNrla
SnKN38fj7Ba08fuVqB508k16RVDLCmDJaVymShv8Xv5Zzolun096qZw1WYdi71ED
Wvr3wiYZzALKurdnpQChN9Chu0uYBr2+uSzUHKlv+EWWeHYNIlYnkb23R/OXeWDQ
JCWjpCWpYef/WjHIuuAtL2hzLGE+qOX72Z/KmKv/dZMWUKS9Z97/yRgV6m8zKaB8
6Zz28CgJVHzkWph+PlV6doDlgSPbHz8S0zD11VAMdJho7FBQmc2PkiuWnDPbIKnR
B5hdBwOxonwV7msWn3CM2QOvZACtQ9I=
-----END CERTIFICATE-----
Generated at Fri Jun 6 14:16:22 2025 by rpki-client