Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36C6D54/F46D1186227411F0A0FDF27EDAE4EC9C/B7FA8442363111F08D988990DAE4EC9C.roa
File: B7FA8442363111F08D988990DAE4EC9C.roa (raw, json)
Hash identifier: esWnkx3mGKCw6RaOuzAhq5U398wuL7xzIVRMGvIJYGA=
Subject key identifier: 76:14:2C:31:05:FE:7C:18:7C:27:66:EA:3D:4D:A9:60:AB:73:70:A6
Certificate issuer: /CN=F36C6D54AF/serialNumber=408958881B94E35681EDC1D1DF0859F77136A0A5
Certificate serial: 3E
Authority key identifier: 40:89:58:88:1B:94:E3:56:81:ED:C1:D1:DF:08:59:F7:71:36:A0:A5
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/QIlYiBuU41aB7cHR3whZ93E2oKU.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36C6D54/F46D1186227411F0A0FDF27EDAE4EC9C/B7FA8442363111F08D988990DAE4EC9C.roa
Signing time: Wed 21 May 2025 10:52:42 +0000
ROA not before: Wed 21 May 2025 10:52:37 +0000
ROA not after: Thu 21 May 2026 10:52:37 +0000
asID: 329489
IP address blocks: 102.207.249.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36C6D54/F46D1186227411F0A0FDF27EDAE4EC9C/QIlYiBuU41aB7cHR3whZ93E2oKU.crl
rsync://rpki.afrinic.net/repository/member_repository/F36C6D54/F46D1186227411F0A0FDF27EDAE4EC9C/QIlYiBuU41aB7cHR3whZ93E2oKU.mft
rsync://rpki.afrinic.net/repository/afrinic/QIlYiBuU41aB7cHR3whZ93E2oKU.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 08 Jun 2025 05:16:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62 (0x3e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36C6D54AF, serialNumber=408958881B94E35681EDC1D1DF0859F77136A0A5
Validity
Not Before: May 21 10:52:37 2025 GMT
Not After : May 21 10:52:37 2026 GMT
Subject: CN=682db07a-b773
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:69:9e:ef:4d:d3:10:c7:62:ae:ce:02:f3:d9:
14:52:d9:7c:3a:91:54:89:5d:05:0f:f7:45:98:b8:
4a:d0:c4:08:1c:94:af:fc:e5:b7:53:6c:40:f8:30:
72:1a:4d:c9:b0:c6:ab:6d:20:55:ba:7d:1f:72:4a:
86:f8:d0:9c:50:05:91:36:9f:6a:56:28:26:66:00:
3e:43:3b:3d:b9:11:11:b3:a6:20:f1:e8:65:74:9c:
7d:5a:03:85:54:0d:07:3a:98:58:e4:62:6c:7c:66:
e9:a1:87:1d:f9:0b:f4:45:4f:15:47:6f:3f:d4:e0:
27:4e:05:17:1d:f4:f2:97:c9:08:d6:e2:d3:54:55:
7e:74:f6:dd:55:be:f9:09:39:16:1c:87:6e:30:ea:
c5:11:ad:88:e1:56:92:74:66:32:91:d4:a0:a2:79:
2b:1e:bd:ee:93:91:64:2e:e3:3d:c5:2a:f5:0b:8e:
82:52:dc:69:18:6b:40:db:61:ac:cb:2c:ec:1f:41:
df:6b:ab:7b:7c:47:cc:fc:a9:3a:cb:79:af:48:31:
d7:7c:28:04:c7:84:f4:bf:28:b7:4b:88:c7:60:b9:
3c:5d:b4:e0:01:bd:28:1a:86:a2:e6:d0:64:42:f1:
4d:ec:21:e5:3e:db:21:b3:59:64:9d:73:3b:8f:6e:
1c:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:14:2C:31:05:FE:7C:18:7C:27:66:EA:3D:4D:A9:60:AB:73:70:A6
X509v3 Authority Key Identifier:
keyid:40:89:58:88:1B:94:E3:56:81:ED:C1:D1:DF:08:59:F7:71:36:A0:A5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36C6D54/F46D1186227411F0A0FDF27EDAE4EC9C/QIlYiBuU41aB7cHR3whZ93E2oKU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/QIlYiBuU41aB7cHR3whZ93E2oKU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36C6D54/F46D1186227411F0A0FDF27EDAE4EC9C/B7FA8442363111F08D988990DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.207.249.0/24
Signature Algorithm: sha256WithRSAEncryption
58:76:93:ca:fa:13:6f:7c:7f:4f:ae:51:c5:3a:fe:f5:c7:bd:
9c:7d:96:5d:6c:4d:ad:2b:56:67:ac:36:8a:be:a3:83:65:22:
77:72:05:d0:e3:75:ca:c4:9b:58:a6:94:4e:e6:92:3b:24:83:
fb:e1:c4:ec:1f:64:03:c5:35:2a:53:82:2e:39:3c:2f:92:a6:
da:9f:80:d8:cd:34:37:dc:ea:7a:aa:a0:3f:2e:82:c2:ba:a9:
ab:b4:6f:ab:b2:79:4e:57:3c:8a:80:1c:2b:3a:01:73:0b:51:
d4:4f:0d:99:40:f5:e8:f9:b0:c2:a7:0b:03:85:54:dd:11:1f:
86:98:e9:6a:da:f2:ec:8f:06:79:7a:5d:75:ed:c0:e7:3d:1c:
07:a0:af:86:91:58:19:c7:d4:64:84:1a:c8:35:67:ad:a3:a9:
ad:aa:31:b5:ed:fe:21:ac:eb:18:92:21:82:aa:05:e9:04:ca:
77:94:77:8d:65:32:8a:67:28:9b:42:19:87:29:58:45:0f:6f:
2e:4d:22:65:ef:07:e4:60:32:72:81:ba:17:b8:f7:5e:c0:05:
73:5a:0d:4d:d9:af:e7:d8:2c:60:9a:e6:5c:1d:42:d1:f1:9e:
a0:1a:e7:84:56:94:7f:81:1e:70:12:63:07:30:50:ba:12:85:
25:68:5b:88
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBPjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZD
NkQ1NEFGMTEwLwYDVQQFEyg0MDg5NTg4ODFCOTRFMzU2ODFFREMxRDFERjA4NTlG
NzcxMzZBMEE1MB4XDTI1MDUyMTEwNTIzN1oXDTI2MDUyMTEwNTIzN1owGDEWMBQG
A1UEAxMNNjgyZGIwN2EtYjc3MzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALlpnu9N0xDHYq7OAvPZFFLZfDqRVIldBQ/3RZi4StDECByUr/zlt1NsQPgw
chpNybDGq20gVbp9H3JKhvjQnFAFkTafalYoJmYAPkM7PbkREbOmIPHoZXScfVoD
hVQNBzqYWORibHxm6aGHHfkL9EVPFUdvP9TgJ04FFx308pfJCNbi01RVfnT23VW+
+Qk5FhyHbjDqxRGtiOFWknRmMpHUoKJ5Kx697pORZC7jPcUq9QuOglLcaRhrQNth
rMss7B9B32ure3xHzPypOst5r0gx13woBMeE9L8ot0uIx2C5PF204AG9KBqGoubQ
ZELxTewh5T7bIbNZZJ1zO49uHH0CAwEAAaOCAqUwggKhMB0GA1UdDgQWBBR2FCwx
Bf58GHwnZuo9Talgq3NwpjAfBgNVHSMEGDAWgBRAiViIG5TjVoHtwdHfCFn3cTag
pTAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2QzZENTQvRjQ2RDExODYyMjc0MTFGMEEwRkRGMjdFREFFNEVDOUMvUUlsWWlC
dVU0MWFCN2NIUjN3aFo5M0Uyb0tVLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvUUlsWWlCdVU0MWFCN2NIUjN3aFo5M0Uyb0tVLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2QzZENTQvRjQ2RDExODYyMjc0MTFGMEEwRkRGMjdFREFF
NEVDOUMvQjdGQTg0NDIzNjMxMTFGMDhEOTg4OTkwREFFNEVDOUMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAGbP+TANBgkqhkiG9w0BAQsF
AAOCAQEAWHaTyvoTb3x/T65RxTr+9ce9nH2WXWxNrStWZ6w2ir6jg2Uid3IF0ON1
ysSbWKaUTuaSOySD++HE7B9kA8U1KlOCLjk8L5Km2p+A2M00N9zqeqqgPy6Cwrqp
q7Rvq7J5Tlc8ioAcKzoBcwtR1E8NmUD16PmwwqcLA4VU3REfhpjpatry7I8GeXpd
de3A5z0cB6CvhpFYGcfUZIQayDVnraOpraoxte3+IazrGJIhgqoF6QTKd5R3jWUy
imcom0IZhylYRQ9vLk0iZe8H5GAycoG6F7j3XsAFc1oNTdmv59gsYJrmXB1C0fGe
oBrnhFaUf4EecBJjBzBQuhKFJWhbiA==
-----END CERTIFICATE-----
Generated at Sat Jun 7 04:29:49 2025 by rpki-client