Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36A9104/41D036ECF61811ECA84F46AEF1222468/C3B74EC82F1011F09BA573D8DAE4EC9C.roa
File: C3B74EC82F1011F09BA573D8DAE4EC9C.roa (raw, json)
Hash identifier: De1WzwEpPZKq8ILtQhTT9NmJyj6jKrMY4SHBZFBEWUQ=
Subject key identifier: F0:EA:31:FF:11:0D:04:14:C1:A3:A0:7C:45:B1:D3:10:A6:29:52:95
Certificate issuer: /CN=F36A9104AF/serialNumber=18FDC8AF53877802589BEEDEE813F6B626EF82FE
Certificate serial: 044A
Authority key identifier: 18:FD:C8:AF:53:87:78:02:58:9B:EE:DE:E8:13:F6:B6:26:EF:82:FE
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/GP3Ir1OHeAJYm-7e6BP2tibvgv4.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36A9104/41D036ECF61811ECA84F46AEF1222468/C3B74EC82F1011F09BA573D8DAE4EC9C.roa
Signing time: Mon 12 May 2025 09:09:10 +0000
ROA not before: Mon 12 May 2025 09:09:05 +0000
ROA not after: Tue 01 May 2035 09:09:05 +0000
asID: 329039
IP address blocks: 102.206.212.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36A9104/41D036ECF61811ECA84F46AEF1222468/GP3Ir1OHeAJYm-7e6BP2tibvgv4.crl
rsync://rpki.afrinic.net/repository/member_repository/F36A9104/41D036ECF61811ECA84F46AEF1222468/GP3Ir1OHeAJYm-7e6BP2tibvgv4.mft
rsync://rpki.afrinic.net/repository/afrinic/GP3Ir1OHeAJYm-7e6BP2tibvgv4.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 10 Jun 2025 00:06:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1098 (0x44a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36A9104AF, serialNumber=18FDC8AF53877802589BEEDEE813F6B626EF82FE
Validity
Not Before: May 12 09:09:05 2025 GMT
Not After : May 1 09:09:05 2035 GMT
Subject: CN=6821bab6-284b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:c7:11:e7:2e:5d:fd:65:77:0e:59:69:5c:05:
f2:d3:63:3e:61:eb:0f:52:1e:d3:07:82:cb:a3:47:
6e:c0:87:e6:ab:b6:6a:dd:d8:53:9e:d4:9c:36:d4:
d4:19:61:21:2b:34:ee:40:a4:da:19:72:a2:bd:41:
6f:73:ab:3a:49:a9:2e:96:09:27:85:b5:53:76:0a:
bc:2b:37:0e:ac:63:94:eb:fc:a0:9e:ed:cf:78:c8:
6d:fb:ae:c1:4b:6f:99:15:e7:8b:4c:f4:fd:99:e3:
81:8c:c5:da:00:8e:d3:f5:fc:17:20:8f:8f:74:2e:
aa:94:55:13:62:97:ac:b6:f9:53:4d:89:e0:d7:8a:
ed:3b:17:f0:12:60:08:42:84:1b:84:d2:42:f1:d0:
93:c7:d0:e0:9c:22:2e:91:dd:cd:c2:8c:c3:b9:a8:
d3:61:26:b8:6a:8a:24:38:67:26:25:23:40:1a:9a:
b1:58:03:49:b1:36:dc:75:b4:1d:3d:fd:e0:65:ef:
74:f3:fc:bd:83:e2:8e:e3:53:ad:b6:86:ea:2e:8a:
cf:75:7b:c0:f6:dd:f9:89:7a:85:b8:8b:92:fa:5e:
09:60:b4:b5:30:57:68:0b:61:3a:0c:d6:47:ca:b4:
b0:cd:8f:42:25:e0:ca:0c:08:da:6f:d4:36:a3:b7:
f5:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:EA:31:FF:11:0D:04:14:C1:A3:A0:7C:45:B1:D3:10:A6:29:52:95
X509v3 Authority Key Identifier:
keyid:18:FD:C8:AF:53:87:78:02:58:9B:EE:DE:E8:13:F6:B6:26:EF:82:FE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36A9104/41D036ECF61811ECA84F46AEF1222468/GP3Ir1OHeAJYm-7e6BP2tibvgv4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/GP3Ir1OHeAJYm-7e6BP2tibvgv4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36A9104/41D036ECF61811ECA84F46AEF1222468/C3B74EC82F1011F09BA573D8DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.206.212.0/22
Signature Algorithm: sha256WithRSAEncryption
98:63:e8:b6:7c:76:c9:81:4c:7b:9c:95:ff:a0:49:4d:68:97:
c7:27:d7:9e:f6:c1:af:71:a3:ab:f0:81:98:0d:d4:63:a8:2e:
13:f7:bd:f5:0e:51:9b:ca:2e:d8:21:cc:e5:ec:2e:a2:6c:d2:
da:e3:69:2c:89:5c:ee:ca:14:e0:e8:73:dc:19:e2:60:19:e3:
c2:97:f0:a8:5a:ea:ac:1c:6c:67:29:ae:96:de:6f:76:81:83:
e7:34:be:3f:4f:60:19:b7:5a:c4:ff:b3:9b:2c:82:83:87:21:
f7:b4:18:fe:bd:df:5d:f7:da:00:0a:43:a0:ef:90:c6:d0:5a:
45:cd:68:95:a0:f0:08:bd:9b:e1:bc:bc:54:cb:bf:24:9b:41:
5f:ff:35:2f:03:d5:8b:40:d0:aa:33:de:a2:5a:ea:0e:ea:87:
84:21:ee:98:ac:c7:68:bd:10:6a:af:28:85:1b:79:73:87:db:
49:96:1e:e3:97:46:b1:77:f4:24:ad:86:14:70:61:15:d7:f4:
08:67:d4:0f:70:49:bb:b2:6f:40:34:3b:88:fd:b3:9f:33:87:
53:d3:ce:96:32:5c:aa:53:e6:1d:5d:2a:8e:d2:9e:43:67:0f:
49:d9:7c:e7:1f:64:25:18:9e:a5:15:6e:e2:b3:49:39:41:c8:
a2:ce:b7:4f
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICBEowDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
QTkxMDRBRjExMC8GA1UEBRMoMThGREM4QUY1Mzg3NzgwMjU4OUJFRURFRTgxM0Y2
QjYyNkVGODJGRTAeFw0yNTA1MTIwOTA5MDVaFw0zNTA1MDEwOTA5MDVaMBgxFjAU
BgNVBAMTDTY4MjFiYWI2LTI4NGIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDCxxHnLl39ZXcOWWlcBfLTYz5h6w9SHtMHgsujR27Ah+artmrd2FOe1Jw2
1NQZYSErNO5ApNoZcqK9QW9zqzpJqS6WCSeFtVN2CrwrNw6sY5Tr/KCe7c94yG37
rsFLb5kV54tM9P2Z44GMxdoAjtP1/Bcgj490LqqUVRNil6y2+VNNieDXiu07F/AS
YAhChBuE0kLx0JPH0OCcIi6R3c3CjMO5qNNhJrhqiiQ4ZyYlI0AamrFYA0mxNtx1
tB09/eBl73Tz/L2D4o7jU622huouis91e8D23fmJeoW4i5L6XglgtLUwV2gLYToM
1kfKtLDNj0Il4MoMCNpv1Dajt/WLAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQU8Oox
/xENBBTBo6B8RbHTEKYpUpUwHwYDVR0jBBgwFoAUGP3Ir1OHeAJYm+7e6BP2tibv
gv4wDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkE5MTA0LzQxRDAzNkVDRjYxODExRUNBODRGNDZBRUYxMjIyNDY4L0dQM0ly
MU9IZUFKWW0tN2U2QlAydGlidmd2NC5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0dQM0lyMU9IZUFKWW0tN2U2QlAydGlidmd2NC5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkE5MTA0LzQxRDAzNkVDRjYxODExRUNBODRGNDZBRUYx
MjIyNDY4L0MzQjc0RUM4MkYxMDExRjA5QkE1NzNEOERBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJmztQwDQYJKoZIhvcNAQEL
BQADggEBAJhj6LZ8dsmBTHuclf+gSU1ol8cn1572wa9xo6vwgZgN1GOoLhP3vfUO
UZvKLtghzOXsLqJs0trjaSyJXO7KFODoc9wZ4mAZ48KX8Kha6qwcbGcprpbeb3aB
g+c0vj9PYBm3WsT/s5ssgoOHIfe0GP6931332gAKQ6DvkMbQWkXNaJWg8Ai9m+G8
vFTLvySbQV//NS8D1YtA0Koz3qJa6g7qh4Qh7pisx2i9EGqvKIUbeXOH20mWHuOX
RrF39CSthhRwYRXX9Ahn1A9wSbuyb0A0O4j9s58zh1PTzpYyXKpT5h1dKo7SnkNn
D0nZfOcfZCUYnqUVbuKzSTlByKLOt08=
-----END CERTIFICATE-----
Generated at Sun Jun 8 12:52:42 2025 by rpki-client