Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F364DD25/F30273FA529D11F095582EAADAE4EC9C/D0193846529E11F0BBC03EB2DAE4EC9C.roa
File: D0193846529E11F0BBC03EB2DAE4EC9C.roa (raw, json)
Hash identifier: RPEdKIAKBSzqVLXcECrRATliI7vLtXP88nKKeklWY7A=
Subject key identifier: B6:D7:E6:69:7B:5A:7A:70:77:F0:93:B0:98:A7:AA:DD:BB:69:40:A8
Certificate issuer: /CN=F364DD25AF/serialNumber=04D6CAC23B145B66ED68BED67F2C1D87665CF5B2
Certificate serial: 02
Authority key identifier: 04:D6:CA:C2:3B:14:5B:66:ED:68:BE:D6:7F:2C:1D:87:66:5C:F5:B2
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/BNbKwjsUW2btaL7Wfywdh2Zc9bI.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F364DD25/F30273FA529D11F095582EAADAE4EC9C/D0193846529E11F0BBC03EB2DAE4EC9C.roa
Signing time: Thu 26 Jun 2025 15:04:10 +0000
ROA not before: Thu 26 Jun 2025 15:04:05 +0000
ROA not after: Tue 01 Jun 2027 15:04:05 +0000
asID: 328965
IP address blocks: 102.218.129.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F364DD25/F30273FA529D11F095582EAADAE4EC9C/BNbKwjsUW2btaL7Wfywdh2Zc9bI.crl
rsync://rpki.afrinic.net/repository/member_repository/F364DD25/F30273FA529D11F095582EAADAE4EC9C/BNbKwjsUW2btaL7Wfywdh2Zc9bI.mft
rsync://rpki.afrinic.net/repository/afrinic/BNbKwjsUW2btaL7Wfywdh2Zc9bI.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Jul 2025 00:06:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F364DD25AF, serialNumber=04D6CAC23B145B66ED68BED67F2C1D87665CF5B2
Validity
Not Before: Jun 26 15:04:05 2025 GMT
Not After : Jun 1 15:04:05 2027 GMT
Subject: CN=685d616a-f86a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:88:34:de:7e:b8:e1:69:e9:a9:96:e1:f7:b9:
db:60:f8:a6:b6:02:49:3a:38:4d:f8:fa:47:6a:1b:
67:e6:d6:d5:67:a9:4c:b2:56:d2:0b:8a:17:95:ff:
3c:ff:72:81:76:9c:72:0a:01:ac:f2:30:ce:8d:42:
7b:16:24:74:b3:35:fe:2c:1a:32:84:88:84:f2:3c:
3e:7c:4f:a1:b3:e5:f5:3b:c8:c6:2e:5b:7c:c3:62:
55:0f:8f:21:99:2d:f9:d5:df:87:ec:c0:85:52:a9:
da:89:16:fb:0d:98:d8:e1:a6:d3:04:b2:09:14:25:
84:0a:77:75:f7:a0:85:9d:50:bc:f4:12:60:51:27:
c1:7e:e3:56:9b:d7:e6:b2:d6:cf:6e:e1:f1:44:33:
3e:11:6d:1a:24:81:46:36:0b:7d:b6:6c:a5:23:04:
74:90:77:84:38:33:e7:c1:07:3b:05:12:12:74:9c:
87:cb:7d:1e:76:ef:2d:f8:38:da:4c:fe:cf:ce:e7:
5b:14:8a:46:82:07:26:9f:7e:cd:9e:36:25:29:8f:
9c:f0:ed:d1:bf:be:d5:20:70:09:cd:82:26:c3:b7:
ae:de:c8:a9:5a:17:4a:37:51:7b:a5:97:f6:28:3e:
ac:66:d1:92:e6:6d:9d:1b:92:26:1e:71:48:8f:61:
9c:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:D7:E6:69:7B:5A:7A:70:77:F0:93:B0:98:A7:AA:DD:BB:69:40:A8
X509v3 Authority Key Identifier:
keyid:04:D6:CA:C2:3B:14:5B:66:ED:68:BE:D6:7F:2C:1D:87:66:5C:F5:B2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F364DD25/F30273FA529D11F095582EAADAE4EC9C/BNbKwjsUW2btaL7Wfywdh2Zc9bI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/BNbKwjsUW2btaL7Wfywdh2Zc9bI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F364DD25/F30273FA529D11F095582EAADAE4EC9C/D0193846529E11F0BBC03EB2DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.218.129.0/24
Signature Algorithm: sha256WithRSAEncryption
17:3f:3d:99:58:ee:e8:1d:05:05:bb:fa:49:8b:06:bf:40:14:
9d:43:db:62:47:26:40:a7:1d:21:ff:4b:b8:34:83:f2:2c:33:
23:ca:96:48:fb:8b:15:a6:c4:63:69:35:52:44:5b:2b:22:50:
7e:83:53:b8:61:5c:63:75:a5:ae:b4:22:47:bf:e4:fd:26:49:
1f:58:f1:47:91:ee:ca:b1:f0:90:7a:18:f0:02:ae:70:62:d3:
43:6a:09:a7:ed:bb:0e:99:d9:a5:fd:55:cd:b9:4d:7f:cb:b1:
fd:2e:51:1d:26:60:19:07:c1:12:18:b7:a3:6c:b2:ca:f5:b6:
75:96:c0:e8:b5:57:60:1d:09:e4:57:13:08:0e:f9:53:46:07:
a1:c7:5e:63:13:4d:a8:c2:7e:78:bd:f7:c5:ec:23:c8:04:60:
50:60:a9:3e:88:93:d7:35:75:a8:46:60:22:30:f8:09:d9:46:
84:e5:d3:41:fb:b6:38:16:24:7f:19:1d:03:6f:9f:97:eb:c2:
b1:09:19:46:a0:9d:8d:95:a2:23:57:70:ca:6e:8e:e8:f6:b8:
ae:f3:bb:df:e9:7c:35:37:5e:49:b2:7c:16:c0:a2:0c:7f:69:
f3:52:8f:db:88:97:af:9f:9f:fe:46:2e:bc:6c:41:12:a6:d5:
57:f0:25:1a
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY0
REQyNUFGMTEwLwYDVQQFEygwNEQ2Q0FDMjNCMTQ1QjY2RUQ2OEJFRDY3RjJDMUQ4
NzY2NUNGNUIyMB4XDTI1MDYyNjE1MDQwNVoXDTI3MDYwMTE1MDQwNVowGDEWMBQG
A1UEAxMNNjg1ZDYxNmEtZjg2YTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKSINN5+uOFp6amW4fe522D4prYCSTo4Tfj6R2obZ+bW1WepTLJW0guKF5X/
PP9ygXaccgoBrPIwzo1CexYkdLM1/iwaMoSIhPI8PnxPobPl9TvIxi5bfMNiVQ+P
IZkt+dXfh+zAhVKp2okW+w2Y2OGm0wSyCRQlhAp3dfeghZ1QvPQSYFEnwX7jVpvX
5rLWz27h8UQzPhFtGiSBRjYLfbZspSMEdJB3hDgz58EHOwUSEnSch8t9HnbvLfg4
2kz+z87nWxSKRoIHJp9+zZ42JSmPnPDt0b++1SBwCc2CJsO3rt7IqVoXSjdRe6WX
9ig+rGbRkuZtnRuSJh5xSI9hnA0CAwEAAaOCAqUwggKhMB0GA1UdDgQWBBS21+Zp
e1p6cHfwk7CYp6rdu2lAqDAfBgNVHSMEGDAWgBQE1srCOxRbZu1ovtZ/LB2HZlz1
sjAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NEREMjUvRjMwMjczRkE1MjlEMTFGMDk1NTgyRUFBREFFNEVDOUMvQk5iS3dq
c1VXMmJ0YUw3V2Z5d2RoMlpjOWJJLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvQk5iS3dqc1VXMmJ0YUw3V2Z5d2RoMlpjOWJJLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2NEREMjUvRjMwMjczRkE1MjlEMTFGMDk1NTgyRUFBREFF
NEVDOUMvRDAxOTM4NDY1MjlFMTFGMEJCQzAzRUIyREFFNEVDOUMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAGbagTANBgkqhkiG9w0BAQsF
AAOCAQEAFz89mVju6B0FBbv6SYsGv0AUnUPbYkcmQKcdIf9LuDSD8iwzI8qWSPuL
FabEY2k1UkRbKyJQfoNTuGFcY3WlrrQiR7/k/SZJH1jxR5HuyrHwkHoY8AKucGLT
Q2oJp+27DpnZpf1VzblNf8ux/S5RHSZgGQfBEhi3o2yyyvW2dZbA6LVXYB0J5FcT
CA75U0YHocdeYxNNqMJ+eL33xewjyARgUGCpPoiT1zV1qEZgIjD4CdlGhOXTQfu2
OBYkfxkdA2+fl+vCsQkZRqCdjZWiI1dwym6O6Pa4rvO73+l8NTdeSbJ8FsCiDH9p
81KP24iXr5+f/kYuvGxBEqbVV/AlGg==
-----END CERTIFICATE-----
Generated at Fri Jul 4 08:05:51 2025 by rpki-client