Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3673434/E02DC5CA573B11F0946C0BB1DAE4EC9C/343527EC574311F0A862D5DEDAE4EC9C.roa
File: 343527EC574311F0A862D5DEDAE4EC9C.roa (raw, json)
Hash identifier: x/7F4asAIq7GGBZnvwCpIemwPhh8Px7ZKiwTMxkW1Bs=
Subject key identifier: AF:3B:DD:29:24:D1:4C:FF:5D:AE:9E:45:D3:CB:EB:5C:DD:C6:91:9F
Certificate issuer: /CN=F3673434AF/serialNumber=CC36C4C836F683C69EAEB1FF644F447D7BD9872C
Certificate serial: 02
Authority key identifier: CC:36:C4:C8:36:F6:83:C6:9E:AE:B1:FF:64:4F:44:7D:7B:D9:87:2C
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/zDbEyDb2g8aerrH_ZE9EfXvZhyw.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3673434/E02DC5CA573B11F0946C0BB1DAE4EC9C/343527EC574311F0A862D5DEDAE4EC9C.roa
Signing time: Wed 02 Jul 2025 12:51:00 +0000
ROA not before: Wed 02 Jul 2025 12:50:56 +0000
ROA not after: Thu 01 Jul 2027 12:50:56 +0000
asID: 329558
IP address blocks: 102.205.164.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3673434/E02DC5CA573B11F0946C0BB1DAE4EC9C/zDbEyDb2g8aerrH_ZE9EfXvZhyw.crl
rsync://rpki.afrinic.net/repository/member_repository/F3673434/E02DC5CA573B11F0946C0BB1DAE4EC9C/zDbEyDb2g8aerrH_ZE9EfXvZhyw.mft
rsync://rpki.afrinic.net/repository/afrinic/zDbEyDb2g8aerrH_ZE9EfXvZhyw.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 03 Aug 2025 00:07:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3673434AF, serialNumber=CC36C4C836F683C69EAEB1FF644F447D7BD9872C
Validity
Not Before: Jul 2 12:50:56 2025 GMT
Not After : Jul 1 12:50:56 2027 GMT
Subject: CN=68652b34-1588
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:62:ed:af:73:4d:51:8e:2d:1a:c3:8e:cd:c3:
5e:22:0d:6d:02:ec:65:2e:55:d0:d3:f8:f2:be:72:
fc:2f:8a:c6:29:f9:b9:6a:da:ea:ca:1b:5d:56:33:
9a:5c:53:f0:3f:72:2b:e2:02:38:ae:0d:f8:95:e4:
e6:23:2c:60:20:55:7f:8c:10:56:57:93:9c:d8:3c:
00:44:d9:f6:16:cc:30:31:ef:48:b7:fb:79:06:39:
cd:86:30:1a:1e:c5:87:a5:4f:98:22:17:f6:05:7a:
6a:94:85:3c:b5:a2:57:e9:7d:2d:5a:b1:25:09:8b:
a0:8f:ca:d4:6b:e9:00:34:b5:43:6e:44:60:d9:12:
d0:da:3c:95:57:4b:3a:b7:ef:7e:e9:1b:62:0d:74:
79:31:18:71:95:e2:38:b4:7f:32:dc:f6:63:bc:e8:
a4:bb:ff:4d:90:7f:2a:c9:91:2e:f9:2a:dd:1f:60:
8c:1d:24:f6:1b:2f:af:b5:fa:a8:f7:f5:f3:b1:02:
64:23:36:36:29:fb:69:2f:cc:8c:bb:3d:f6:3c:84:
06:d1:30:0f:83:db:b4:11:43:1b:7f:4b:27:ec:d6:
c8:d1:cd:ad:de:fb:1d:41:2c:5f:5b:e8:3c:50:5d:
56:4b:9a:7d:14:f8:9f:8b:55:a4:07:d4:6b:b6:12:
03:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:3B:DD:29:24:D1:4C:FF:5D:AE:9E:45:D3:CB:EB:5C:DD:C6:91:9F
X509v3 Authority Key Identifier:
keyid:CC:36:C4:C8:36:F6:83:C6:9E:AE:B1:FF:64:4F:44:7D:7B:D9:87:2C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3673434/E02DC5CA573B11F0946C0BB1DAE4EC9C/zDbEyDb2g8aerrH_ZE9EfXvZhyw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/zDbEyDb2g8aerrH_ZE9EfXvZhyw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3673434/E02DC5CA573B11F0946C0BB1DAE4EC9C/343527EC574311F0A862D5DEDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.205.164.0/22
Signature Algorithm: sha256WithRSAEncryption
0d:45:74:d4:dd:31:1b:14:e0:f6:09:65:cb:43:e0:cd:8e:b4:
ac:8b:71:1f:3e:c1:f7:ea:86:56:b1:1a:48:b1:49:9b:80:22:
bf:96:da:46:e5:f7:a5:6d:8d:31:ca:d1:6b:3a:e6:83:24:b8:
a0:87:c6:6e:5b:b0:9a:99:c7:9a:6e:3a:dd:0d:48:bf:ca:e5:
a9:b6:9b:8f:9b:e0:76:f3:24:e4:b2:4e:a5:e9:66:fb:6c:b7:
74:aa:13:7e:09:7f:8b:40:ac:bd:c6:e0:16:3e:31:79:72:44:
b3:f9:ff:ea:2d:3d:e9:57:c9:b5:c5:ea:60:a3:5c:f3:f1:a8:
6a:8b:bf:4b:e1:1a:cc:eb:33:c9:78:21:09:34:48:4e:ba:f5:
63:d1:fd:44:9d:af:87:36:ac:7e:da:18:ef:9c:b1:d3:57:7e:
41:02:39:32:8e:e1:72:2e:dc:6d:52:e7:cc:bb:e1:d2:88:6f:
56:5b:de:89:b9:6a:8a:50:1b:28:14:b4:51:a2:57:e4:32:e1:
af:7c:8e:13:dc:62:f7:d1:3a:26:1e:23:fd:dc:41:64:1d:d2:
af:2f:3b:6c:41:ca:46:28:e7:75:48:f5:de:d5:c7:ec:3a:6f:
bc:3a:0e:b9:aa:9c:6b:52:56:16:2c:bb:6f:a1:e6:a1:22:f2:
86:67:92:8e
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY3
MzQzNEFGMTEwLwYDVQQFEyhDQzM2QzRDODM2RjY4M0M2OUVBRUIxRkY2NDRGNDQ3
RDdCRDk4NzJDMB4XDTI1MDcwMjEyNTA1NloXDTI3MDcwMTEyNTA1NlowGDEWMBQG
A1UEAxMNNjg2NTJiMzQtMTU4ODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANFi7a9zTVGOLRrDjs3DXiINbQLsZS5V0NP48r5y/C+Kxin5uWra6sobXVYz
mlxT8D9yK+ICOK4N+JXk5iMsYCBVf4wQVleTnNg8AETZ9hbMMDHvSLf7eQY5zYYw
Gh7Fh6VPmCIX9gV6apSFPLWiV+l9LVqxJQmLoI/K1GvpADS1Q25EYNkS0No8lVdL
OrfvfukbYg10eTEYcZXiOLR/Mtz2Y7zopLv/TZB/KsmRLvkq3R9gjB0k9hsvr7X6
qPf187ECZCM2Nin7aS/MjLs99jyEBtEwD4PbtBFDG39LJ+zWyNHNrd77HUEsX1vo
PFBdVkuafRT4n4tVpAfUa7YSAykCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBSvO90p
JNFM/12unkXTy+tc3caRnzAfBgNVHSMEGDAWgBTMNsTINvaDxp6usf9kT0R9e9mH
LDAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NzM0MzQvRTAyREM1Q0E1NzNCMTFGMDk0NkMwQkIxREFFNEVDOUMvekRiRXlE
YjJnOGFlcnJIX1pFOUVmWHZaaHl3LmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvekRiRXlEYjJnOGFlcnJIX1pFOUVmWHZaaHl3LmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2NzM0MzQvRTAyREM1Q0E1NzNCMTFGMDk0NkMwQkIxREFF
NEVDOUMvMzQzNTI3RUM1NzQzMTFGMEE4NjJENURFREFFNEVDOUMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAmbNpDANBgkqhkiG9w0BAQsF
AAOCAQEADUV01N0xGxTg9glly0PgzY60rItxHz7B9+qGVrEaSLFJm4Aiv5baRuX3
pW2NMcrRazrmgyS4oIfGbluwmpnHmm463Q1Iv8rlqbabj5vgdvMk5LJOpelm+2y3
dKoTfgl/i0CsvcbgFj4xeXJEs/n/6i096VfJtcXqYKNc8/Goaou/S+EazOszyXgh
CTRITrr1Y9H9RJ2vhzasftoY75yx01d+QQI5Mo7hci7cbVLnzLvh0ohvVlveiblq
ilAbKBS0UaJX5DLhr3yOE9xi99E6Jh4j/dxBZB3Sry87bEHKRijndUj13tXH7Dpv
vDoOuaqca1JWFiy7b6HmoSLyhmeSjg==
-----END CERTIFICATE-----
Generated at Fri Aug 1 18:09:30 2025 by rpki-client