Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3657B9B/2B343DB038D711EC866DDE7DD8A014CE/AEB08BE23CB311F0A3A36586DAE4EC9C.roa
File: AEB08BE23CB311F0A3A36586DAE4EC9C.roa (raw, json)
Hash identifier: U3rXSw5pvREzEYNmu5t5TwCQxiXYw/SdogPjZlJiIYw=
Subject key identifier: 69:15:4D:D1:29:2E:06:B3:01:ED:4A:5C:F3:8A:C4:E0:3B:70:C5:E6
Certificate issuer: /CN=F3657B9BAF/serialNumber=E4443D06E276DC2695FD1B243C1EA1BF9DB85226
Certificate serial: 0547
Authority key identifier: E4:44:3D:06:E2:76:DC:26:95:FD:1B:24:3C:1E:A1:BF:9D:B8:52:26
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/5EQ9BuJ23CaV_RskPB6hv524UiY.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3657B9B/2B343DB038D711EC866DDE7DD8A014CE/AEB08BE23CB311F0A3A36586DAE4EC9C.roa
Signing time: Thu 29 May 2025 17:38:08 +0000
ROA not before: Thu 29 May 2025 17:38:03 +0000
ROA not after: Mon 31 Dec 2035 17:38:03 +0000
asID: 328641
IP address blocks: 102.223.164.0/22 maxlen: 24
2c0f:e868::/32 maxlen: 64
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3657B9B/2B343DB038D711EC866DDE7DD8A014CE/5EQ9BuJ23CaV_RskPB6hv524UiY.crl
rsync://rpki.afrinic.net/repository/member_repository/F3657B9B/2B343DB038D711EC866DDE7DD8A014CE/5EQ9BuJ23CaV_RskPB6hv524UiY.mft
rsync://rpki.afrinic.net/repository/afrinic/5EQ9BuJ23CaV_RskPB6hv524UiY.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 08 Jun 2025 00:06:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1351 (0x547)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3657B9BAF, serialNumber=E4443D06E276DC2695FD1B243C1EA1BF9DB85226
Validity
Not Before: May 29 17:38:03 2025 GMT
Not After : Dec 31 17:38:03 2035 GMT
Subject: CN=68389b80-aee1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:9b:78:1f:29:d1:41:81:1e:6a:65:9b:11:7d:
92:02:b7:9f:c1:9d:ea:72:ec:5d:ad:02:2b:9f:96:
8b:66:49:c7:f9:f6:28:f2:e2:12:fe:a6:69:00:c6:
25:4f:1f:db:9d:84:87:fa:96:fb:1f:dd:80:ff:ce:
0b:c3:63:33:50:c9:f6:ef:42:22:93:40:75:79:87:
c3:16:c2:a5:b3:54:1c:25:46:1c:45:d4:4c:d9:ba:
61:18:00:64:2b:6c:1f:05:5f:47:c9:43:c8:91:a3:
72:d9:7e:36:60:16:33:97:73:d8:96:41:7f:18:a1:
8d:29:33:0c:22:19:78:6a:a1:aa:44:d0:a9:c9:49:
67:74:bc:cd:47:42:b4:83:36:b2:7f:e9:64:d7:28:
dc:93:eb:00:58:40:e9:49:ee:18:f1:57:4d:cd:66:
ae:64:9c:88:fc:5b:09:f4:91:94:49:49:65:50:b1:
04:ce:0e:90:3c:86:88:25:74:ab:7a:11:42:0e:3c:
a5:66:22:8c:bc:c8:49:58:03:6b:40:4c:d1:1a:47:
3b:78:37:c7:31:29:ac:fa:39:40:cb:31:b7:84:eb:
b0:21:15:f0:e5:11:5d:9b:c8:ea:e7:b2:2e:be:f8:
11:06:98:cb:c5:89:01:78:bc:2a:aa:ed:4d:66:5e:
bd:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:15:4D:D1:29:2E:06:B3:01:ED:4A:5C:F3:8A:C4:E0:3B:70:C5:E6
X509v3 Authority Key Identifier:
keyid:E4:44:3D:06:E2:76:DC:26:95:FD:1B:24:3C:1E:A1:BF:9D:B8:52:26
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3657B9B/2B343DB038D711EC866DDE7DD8A014CE/5EQ9BuJ23CaV_RskPB6hv524UiY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/5EQ9BuJ23CaV_RskPB6hv524UiY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3657B9B/2B343DB038D711EC866DDE7DD8A014CE/AEB08BE23CB311F0A3A36586DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.223.164.0/22
IPv6:
2c0f:e868::/32
Signature Algorithm: sha256WithRSAEncryption
5d:2b:d5:f5:8e:27:24:cd:2d:a9:1a:d7:76:b6:cb:fc:b0:fa:
24:f7:62:23:f8:8d:6e:06:56:d3:5b:be:d7:78:64:2c:1c:ef:
e9:ac:6b:e9:07:e7:0e:16:2c:e3:dc:f8:4f:9d:22:b5:89:76:
11:7c:4b:65:c1:4c:56:8a:88:da:55:04:9f:d4:9a:5c:7c:fb:
6e:ff:ac:e2:09:a9:27:22:22:92:32:a4:36:8d:06:39:5b:32:
53:97:2c:95:b8:0f:83:96:be:c8:06:70:3f:07:b6:f6:0f:f6:
e7:c0:e6:7d:f6:1e:f8:b9:90:5a:93:0b:1f:c2:98:a0:bf:7d:
53:08:2e:25:6b:97:8d:0d:dc:88:e0:ea:d3:7c:86:df:71:e9:
f9:c0:37:a5:ae:85:4c:f3:e7:1e:bf:c5:77:b8:fb:6f:9b:ee:
fc:db:e9:44:36:55:02:66:54:b2:d9:da:5b:07:57:1f:65:be:
fe:34:0d:fb:a4:0c:a1:e0:3f:63:2d:77:82:9e:98:c0:a6:62:
4d:58:25:39:15:22:24:f1:d7:31:0e:c8:b1:2a:46:2a:f3:76:
31:bf:ae:7e:c9:fa:95:f7:c7:61:7e:ed:95:7c:35:bb:f7:68:
db:6e:fb:6e:a1:7d:f3:09:07:80:6f:90:8c:b9:fc:af:10:a1:
c3:75:46:c5
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgICBUcwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
NTdCOUJBRjExMC8GA1UEBRMoRTQ0NDNEMDZFMjc2REMyNjk1RkQxQjI0M0MxRUEx
QkY5REI4NTIyNjAeFw0yNTA1MjkxNzM4MDNaFw0zNTEyMzExNzM4MDNaMBgxFjAU
BgNVBAMTDTY4Mzg5YjgwLWFlZTEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDOm3gfKdFBgR5qZZsRfZICt5/Bnepy7F2tAiuflotmScf59ijy4hL+pmkA
xiVPH9udhIf6lvsf3YD/zgvDYzNQyfbvQiKTQHV5h8MWwqWzVBwlRhxF1EzZumEY
AGQrbB8FX0fJQ8iRo3LZfjZgFjOXc9iWQX8YoY0pMwwiGXhqoapE0KnJSWd0vM1H
QrSDNrJ/6WTXKNyT6wBYQOlJ7hjxV03NZq5knIj8Wwn0kZRJSWVQsQTODpA8hogl
dKt6EUIOPKVmIoy8yElYA2tATNEaRzt4N8cxKaz6OUDLMbeE67AhFfDlEV2byOrn
si6++BEGmMvFiQF4vCqq7U1mXr2fAgMBAAGjggK0MIICsDAdBgNVHQ4EFgQUaRVN
0SkuBrMB7Upc84rE4DtwxeYwHwYDVR0jBBgwFoAU5EQ9BuJ23CaV/RskPB6hv524
UiYwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjU3QjlCLzJCMzQzREIwMzhENzExRUM4NjZEREU3REQ4QTAxNENFLzVFUTlC
dUoyM0NhVl9Sc2tQQjZodjUyNFVpWS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljLzVFUTlCdUoyM0NhVl9Sc2tQQjZodjUyNFVpWS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjU3QjlCLzJCMzQzREIwMzhENzExRUM4NjZEREU3REQ4
QTAxNENFL0FFQjA4QkUyM0NCMzExRjBBM0EzNjU4NkRBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBAJm36QwDQQCAAIwBwMFACwP
6GgwDQYJKoZIhvcNAQELBQADggEBAF0r1fWOJyTNLaka13a2y/yw+iT3YiP4jW4G
VtNbvtd4ZCwc7+msa+kH5w4WLOPc+E+dIrWJdhF8S2XBTFaKiNpVBJ/Umlx8+27/
rOIJqSciIpIypDaNBjlbMlOXLJW4D4OWvsgGcD8HtvYP9ufA5n32Hvi5kFqTCx/C
mKC/fVMILiVrl40N3Ijg6tN8ht9x6fnAN6WuhUzz5x6/xXe4+2+b7vzb6UQ2VQJm
VLLZ2lsHVx9lvv40DfukDKHgP2Mtd4KemMCmYk1YJTkVIiTx1zEOyLEqRirzdjG/
rn7J+pX3x2F+7ZV8Nbv3aNtu+26hffMJB4BvkIy5/K8QocN1RsU=
-----END CERTIFICATE-----
Generated at Fri Jun 6 05:23:55 2025 by rpki-client