Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36CA351/D8E6C5EAC2E611EE8B90697B775412E6/6A831B68067311F0A5B3819F762E951A.roa
File: 6A831B68067311F0A5B3819F762E951A.roa (raw, json)
Hash identifier: dHewD/xYlqQhiWTpdXFrkxy+Gj1C9QIhRZsurBV3l/c=
Subject key identifier: FE:78:D6:C3:D4:BE:CF:F9:6D:0E:E6:4D:4E:28:C3:22:9B:37:40:25
Certificate issuer: /CN=F36CA351AF/serialNumber=58DA3BE331A612AAAE4F6A30637704063AC3DD42
Certificate serial: 020B
Authority key identifier: 58:DA:3B:E3:31:A6:12:AA:AE:4F:6A:30:63:77:04:06:3A:C3:DD:42
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/WNo74zGmEqquT2owY3cEBjrD3UI.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36CA351/D8E6C5EAC2E611EE8B90697B775412E6/6A831B68067311F0A5B3819F762E951A.roa
Signing time: Fri 21 Mar 2025 16:42:03 +0000
ROA not before: Fri 21 Mar 2025 16:41:59 +0000
ROA not after: Mon 20 Mar 2028 16:41:59 +0000
asID: 328988
IP address blocks: 102.208.96.0/22 maxlen: 22
102.208.96.0/24 maxlen: 24
102.208.97.0/24 maxlen: 24
102.208.98.0/24 maxlen: 24
102.208.99.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36CA351/D8E6C5EAC2E611EE8B90697B775412E6/WNo74zGmEqquT2owY3cEBjrD3UI.crl
rsync://rpki.afrinic.net/repository/member_repository/F36CA351/D8E6C5EAC2E611EE8B90697B775412E6/WNo74zGmEqquT2owY3cEBjrD3UI.mft
rsync://rpki.afrinic.net/repository/afrinic/WNo74zGmEqquT2owY3cEBjrD3UI.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 09 Apr 2025 17:49:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 523 (0x20b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36CA351AF
Validity
Not Before: Mar 21 16:41:59 2025 GMT
Not After : Mar 20 16:41:59 2028 GMT
Subject: CN=67dd96db-cc18
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:fe:77:aa:ae:16:2c:bf:3b:57:db:28:f1:9e:
a9:11:08:3c:9c:8d:c5:01:a5:ea:e7:ca:7c:0b:e6:
a8:85:26:ca:02:4b:06:37:6a:ce:4c:f5:e3:4d:1f:
b7:ba:c4:6c:50:4c:ec:ea:c1:06:ee:c3:63:f3:88:
cf:31:35:91:b6:58:df:6d:53:21:64:20:43:ec:0c:
ea:b0:a3:b8:0a:fb:f8:5c:81:8c:a1:ad:cd:49:1f:
bc:fb:88:ff:42:f4:9b:b6:63:12:3f:33:bb:65:24:
53:d8:d2:a6:ea:f4:78:73:6e:59:5a:e7:fe:22:f8:
ea:0e:40:c8:38:2e:c9:5f:3b:9c:9c:c8:28:b9:51:
10:3c:7b:ba:b8:1d:09:fa:e0:bd:fb:e7:37:91:e4:
eb:eb:aa:cb:bd:37:ec:30:27:81:65:b9:10:f0:15:
ec:4e:bd:9d:41:75:18:f6:f5:65:04:4b:f6:37:46:
b9:fc:24:59:c8:a7:15:c1:53:63:d7:a2:77:11:00:
41:c5:f6:d3:d6:79:89:ee:f6:ae:b2:f3:86:b3:12:
fa:01:18:9e:75:b6:77:fc:ad:5a:de:90:32:a7:b0:
4b:e0:04:01:04:99:82:dc:6a:00:02:b8:7b:35:68:
bc:e4:59:98:5e:b5:01:a3:f7:08:35:d1:c4:5c:dd:
83:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:78:D6:C3:D4:BE:CF:F9:6D:0E:E6:4D:4E:28:C3:22:9B:37:40:25
X509v3 Authority Key Identifier:
keyid:58:DA:3B:E3:31:A6:12:AA:AE:4F:6A:30:63:77:04:06:3A:C3:DD:42
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36CA351/D8E6C5EAC2E611EE8B90697B775412E6/WNo74zGmEqquT2owY3cEBjrD3UI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/WNo74zGmEqquT2owY3cEBjrD3UI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36CA351/D8E6C5EAC2E611EE8B90697B775412E6/6A831B68067311F0A5B3819F762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.208.96.0/22
Signature Algorithm: sha256WithRSAEncryption
9c:59:1e:9c:80:be:ae:5c:36:37:95:7f:2a:43:52:ec:b7:95:
80:69:55:d5:b2:68:90:33:58:08:c1:78:6a:bc:41:ed:8c:63:
0d:4d:9e:bb:ac:8b:23:71:de:c7:f6:43:0c:2b:23:3c:c8:59:
89:2c:f1:8e:5f:f5:62:93:93:47:51:f9:2f:30:7a:4b:60:63:
68:a7:6c:ac:8b:6e:8a:ae:42:9f:3e:b0:55:9d:15:61:a3:ae:
b3:25:42:a1:0d:4a:3e:88:90:fc:4e:7f:81:6c:f9:da:8e:0e:
08:ab:10:f6:ba:8b:63:6b:06:8a:a5:6b:3d:66:cb:cd:a4:6c:
d5:cd:6f:fa:f0:57:d6:9e:1a:d6:6e:bc:43:63:ae:e9:52:39:
3c:5e:d0:58:2e:20:4e:bb:e7:09:11:11:0d:82:47:03:a3:ec:
67:f3:ad:cb:ab:31:99:e0:01:14:f3:76:dd:67:d4:7d:66:b1:
5c:aa:09:24:61:0e:5e:cf:31:9a:fa:b8:28:6f:c7:dd:60:db:
e4:15:28:62:43:0c:c2:27:22:14:1e:28:5c:ff:e6:85:7e:25:
1d:78:df:1d:be:7f:4b:b3:67:03:12:b9:0f:f7:7f:a5:65:f6:
fa:24:a2:3b:d9:95:88:db:8d:d2:b4:d5:81:ec:ff:15:45:9d:
41:98:54:55
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICAgswDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
Q0EzNTFBRjExMC8GA1UEBRMoNThEQTNCRTMzMUE2MTJBQUFFNEY2QTMwNjM3NzA0
MDYzQUMzREQ0MjAeFw0yNTAzMjExNjQxNTlaFw0yODAzMjAxNjQxNTlaMBgxFjAU
BgNVBAMTDTY3ZGQ5NmRiLWNjMTgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQD0/neqrhYsvztX2yjxnqkRCDycjcUBpernynwL5qiFJsoCSwY3as5M9eNN
H7e6xGxQTOzqwQbuw2PziM8xNZG2WN9tUyFkIEPsDOqwo7gK+/hcgYyhrc1JH7z7
iP9C9Ju2YxI/M7tlJFPY0qbq9Hhzblla5/4i+OoOQMg4LslfO5ycyCi5URA8e7q4
HQn64L375zeR5Ovrqsu9N+wwJ4FluRDwFexOvZ1BdRj29WUES/Y3Rrn8JFnIpxXB
U2PXoncRAEHF9tPWeYnu9q6y84azEvoBGJ51tnf8rVrekDKnsEvgBAEEmYLcagAC
uHs1aLzkWZhetQGj9wg10cRc3YPBAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQU/njW
w9S+z/ltDuZNTijDIps3QCUwHwYDVR0jBBgwFoAUWNo74zGmEqquT2owY3cEBjrD
3UIwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkNBMzUxL0Q4RTZDNUVBQzJFNjExRUU4QjkwNjk3Qjc3NTQxMkU2L1dObzc0
ekdtRXFxdVQyb3dZM2NFQmpyRDNVSS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL1dObzc0ekdtRXFxdVQyb3dZM2NFQmpyRDNVSS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkNBMzUxL0Q4RTZDNUVBQzJFNjExRUU4QjkwNjk3Qjc3
NTQxMkU2LzZBODMxQjY4MDY3MzExRjBBNUIzODE5Rjc2MkU5NTFBLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJm0GAwDQYJKoZIhvcNAQEL
BQADggEBAJxZHpyAvq5cNjeVfypDUuy3lYBpVdWyaJAzWAjBeGq8Qe2MYw1Nnrus
iyNx3sf2QwwrIzzIWYks8Y5f9WKTk0dR+S8wektgY2inbKyLboquQp8+sFWdFWGj
rrMlQqENSj6IkPxOf4Fs+dqODgirEPa6i2NrBoqlaz1my82kbNXNb/rwV9aeGtZu
vENjrulSOTxe0FguIE675wkREQ2CRwOj7GfzrcurMZngARTzdt1n1H1msVyqCSRh
Dl7PMZr6uChvx91g2+QVKGJDDMInIhQeKFz/5oV+JR143x2+f0uzZwMSuQ/3f6Vl
9vokojvZlYjbjdK01YHs/xVFnUGYVFU=
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:06:52 2025 by rpki-client