Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/B6D9489436E711F0BC7D2FD2DAE4EC9C.roa
File: B6D9489436E711F0BC7D2FD2DAE4EC9C.roa (raw, json)
Hash identifier: s4UiQk/9QetGN/MEme1v9o1T4D5wXs/TI0Mj7sqRAr8=
Subject key identifier: 98:D1:1E:9A:02:09:74:AF:A9:26:8E:8B:22:9D:F2:F3:75:BF:1C:C2
Certificate issuer: /CN=F36C58D6AF/serialNumber=48A2F2C4AA4AEA39BE46BFE5F99C92629BBED8FC
Certificate serial: 14BB
Authority key identifier: 48:A2:F2:C4:AA:4A:EA:39:BE:46:BF:E5:F9:9C:92:62:9B:BE:D8:FC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/B6D9489436E711F0BC7D2FD2DAE4EC9C.roa
Signing time: Thu 22 May 2025 08:35:28 +0000
ROA not before: Thu 22 May 2025 08:35:23 +0000
ROA not after: Mon 22 May 2028 08:35:23 +0000
asID: 213734
IP address blocks: 102.129.209.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.crl
rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.mft
rsync://rpki.afrinic.net/repository/afrinic/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 08 Jun 2025 00:06:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5307 (0x14bb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36C58D6AF, serialNumber=48A2F2C4AA4AEA39BE46BFE5F99C92629BBED8FC
Validity
Not Before: May 22 08:35:23 2025 GMT
Not After : May 22 08:35:23 2028 GMT
Subject: CN=682ee1d0-92ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:45:79:73:e4:d8:78:89:ef:42:fc:29:a9:02:
a2:af:7b:f7:ea:b0:76:e3:b8:08:92:ce:16:d3:7f:
a3:90:ed:b9:da:36:a3:7f:6e:b2:16:87:67:6a:7d:
66:2e:1b:b0:2e:44:81:54:85:ce:44:fe:91:f4:5c:
54:c2:ab:c1:25:6f:33:de:cb:8b:65:a2:b7:91:36:
17:53:d2:9c:a1:c8:fe:da:06:b3:98:a3:69:0e:fd:
4f:c4:16:88:ca:94:1f:21:f6:77:7b:7e:30:80:6b:
12:19:a3:eb:0b:53:96:e8:9a:0e:6d:c1:fb:b6:98:
17:e8:8c:96:59:fa:c4:b5:d5:7b:4e:67:3b:bf:0c:
5c:20:91:d9:c3:42:83:9d:93:ac:ee:8b:04:a7:e0:
3b:ef:af:ea:aa:e5:35:40:f6:3d:14:6f:5f:84:7c:
2c:09:9f:be:22:37:5a:3d:cf:0c:bc:ad:73:e9:82:
bd:e6:dc:c8:ae:7d:54:37:87:24:7e:d1:2b:11:70:
67:c1:c1:5c:0c:72:ce:c0:77:bc:99:cc:88:57:d1:
07:1c:b4:c9:92:74:00:40:11:ee:ba:15:b5:03:7c:
c7:c6:f9:10:c5:1e:a3:ca:a0:5a:9a:1a:5c:e8:7f:
5f:de:4b:74:d2:9a:30:ea:45:08:80:af:1e:d8:24:
0b:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:D1:1E:9A:02:09:74:AF:A9:26:8E:8B:22:9D:F2:F3:75:BF:1C:C2
X509v3 Authority Key Identifier:
keyid:48:A2:F2:C4:AA:4A:EA:39:BE:46:BF:E5:F9:9C:92:62:9B:BE:D8:FC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/B6D9489436E711F0BC7D2FD2DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.129.209.0/24
Signature Algorithm: sha256WithRSAEncryption
55:f9:0f:7f:74:fa:df:67:04:1a:86:98:cf:b8:a4:44:60:2e:
0c:17:27:1d:89:e0:f8:79:72:8a:9a:7f:58:f8:5d:80:98:03:
d1:ad:4d:8b:c5:8e:f8:b8:f0:9c:7d:be:43:62:f1:c8:30:b9:
be:84:23:a8:0b:87:55:6d:4e:d1:d4:51:36:67:c2:56:33:93:
5e:c1:ff:c0:03:d9:41:e9:02:45:a7:2c:81:52:ba:7e:89:20:
c7:63:82:f1:17:fa:f4:42:92:9a:11:f4:f5:58:01:53:1f:00:
dc:4d:a5:84:cb:19:1e:a6:3a:28:dc:d0:8c:3b:11:68:53:d5:
5c:8c:36:d7:a6:e4:3d:09:1b:df:2c:08:08:4d:53:be:5b:d3:
47:21:e2:66:22:59:72:2b:b2:79:b7:54:66:74:63:45:4c:7d:
17:7e:9f:64:7f:bc:53:13:16:44:b5:9d:4d:04:cc:c4:21:b0:
f2:72:a7:b6:44:bf:9b:bb:d6:d7:49:5d:df:cc:82:8c:b3:33:
c2:d6:c1:3b:f2:ed:ee:94:4e:75:61:53:48:8b:01:10:e1:46:
a6:fd:4b:97:52:ac:c1:26:7b:55:a5:a7:fc:d2:fd:d5:2d:76:
82:1b:e9:0e:37:33:72:3c:e7:73:76:dc:c5:ed:db:52:d1:8d:
c2:69:a6:67
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICFLswDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
QzU4RDZBRjExMC8GA1UEBRMoNDhBMkYyQzRBQTRBRUEzOUJFNDZCRkU1Rjk5Qzky
NjI5QkJFRDhGQzAeFw0yNTA1MjIwODM1MjNaFw0yODA1MjIwODM1MjNaMBgxFjAU
BgNVBAMTDTY4MmVlMWQwLTkyYWIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCfRXlz5Nh4ie9C/CmpAqKve/fqsHbjuAiSzhbTf6OQ7bnaNqN/brIWh2dq
fWYuG7AuRIFUhc5E/pH0XFTCq8ElbzPey4tloreRNhdT0pyhyP7aBrOYo2kO/U/E
FojKlB8h9nd7fjCAaxIZo+sLU5bomg5twfu2mBfojJZZ+sS11XtOZzu/DFwgkdnD
QoOdk6zuiwSn4Dvvr+qq5TVA9j0Ub1+EfCwJn74iN1o9zwy8rXPpgr3m3MiufVQ3
hyR+0SsRcGfBwVwMcs7Ad7yZzIhX0QcctMmSdABAEe66FbUDfMfG+RDFHqPKoFqa
Glzof1/eS3TSmjDqRQiArx7YJAt9AgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUmNEe
mgIJdK+pJo6LIp3y83W/HMIwHwYDVR0jBBgwFoAUSKLyxKpK6jm+Rr/l+ZySYpu+
2PwwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkM1OEQ2L0Q2OUE0REZFNzMxNjExRTk5MTMzMDM3Q0Y4QUVBMjI4L1NLTHl4
S3BLNmptLVJyX2wtWnlTWXB1LTJQdy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL1NLTHl4S3BLNmptLVJyX2wtWnlTWXB1LTJQdy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkM1OEQ2L0Q2OUE0REZFNzMxNjExRTk5MTMzMDM3Q0Y4
QUVBMjI4L0I2RDk0ODk0MzZFNzExRjBCQzdEMkZEMkRBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABmgdEwDQYJKoZIhvcNAQEL
BQADggEBAFX5D390+t9nBBqGmM+4pERgLgwXJx2J4Ph5coqaf1j4XYCYA9GtTYvF
jvi48Jx9vkNi8cgwub6EI6gLh1VtTtHUUTZnwlYzk17B/8AD2UHpAkWnLIFSun6J
IMdjgvEX+vRCkpoR9PVYAVMfANxNpYTLGR6mOijc0Iw7EWhT1VyMNtem5D0JG98s
CAhNU75b00ch4mYiWXIrsnm3VGZ0Y0VMfRd+n2R/vFMTFkS1nU0EzMQhsPJyp7ZE
v5u71tdJXd/MgoyzM8LWwTvy7e6UTnVhU0iLARDhRqb9S5dSrMEme1Wlp/zS/dUt
doIb6Q43M3I853N23MXt21LRjcJppmc=
-----END CERTIFICATE-----
Generated at Fri Jun 6 04:56:55 2025 by rpki-client