Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36CA351/D8E6C5EAC2E611EE8B90697B775412E6/A9A8EF80067211F08D1A5B9B762E951A.roa
File: A9A8EF80067211F08D1A5B9B762E951A.roa (raw, json)
Hash identifier: HELpA4r6g8kZx2JMmYGabU/lqfkTf9mY8LkkC8nHg8I=
Subject key identifier: 47:0B:C3:49:CA:E2:8B:F8:96:2E:AA:E5:55:41:FE:8C:F0:31:EC:0E
Certificate issuer: /CN=F36CA351AF/serialNumber=58DA3BE331A612AAAE4F6A30637704063AC3DD42
Certificate serial: 0205
Authority key identifier: 58:DA:3B:E3:31:A6:12:AA:AE:4F:6A:30:63:77:04:06:3A:C3:DD:42
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/WNo74zGmEqquT2owY3cEBjrD3UI.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36CA351/D8E6C5EAC2E611EE8B90697B775412E6/A9A8EF80067211F08D1A5B9B762E951A.roa
Signing time: Fri 21 Mar 2025 16:36:39 +0000
ROA not before: Fri 21 Mar 2025 16:36:35 +0000
ROA not after: Mon 23 Mar 2026 16:36:35 +0000
asID: 19905
IP address blocks: 102.208.96.0/22 maxlen: 22
102.208.96.0/24 maxlen: 24
102.208.97.0/24 maxlen: 24
102.208.98.0/24 maxlen: 24
102.208.99.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36CA351/D8E6C5EAC2E611EE8B90697B775412E6/WNo74zGmEqquT2owY3cEBjrD3UI.crl
rsync://rpki.afrinic.net/repository/member_repository/F36CA351/D8E6C5EAC2E611EE8B90697B775412E6/WNo74zGmEqquT2owY3cEBjrD3UI.mft
rsync://rpki.afrinic.net/repository/afrinic/WNo74zGmEqquT2owY3cEBjrD3UI.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 02:51:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 517 (0x205)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36CA351AF
Validity
Not Before: Mar 21 16:36:35 2025 GMT
Not After : Mar 23 16:36:35 2026 GMT
Subject: CN=67dd9597-e3dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:b6:0a:04:28:fa:a8:22:1f:97:3c:1a:50:9e:
70:fb:27:8b:2a:87:0a:67:8d:e1:21:53:59:00:3f:
49:52:bc:7b:a4:aa:b9:ef:89:ac:ec:c9:92:04:11:
be:e2:08:7b:46:97:74:0d:be:a5:be:37:b5:06:f4:
7a:9e:00:1d:67:cc:45:25:5c:4b:33:80:92:3b:ad:
d0:57:81:5c:20:93:86:ce:2f:5a:ef:d2:fc:a7:32:
f7:52:9b:e7:d6:2f:ce:f5:a4:49:fc:56:2e:96:82:
92:37:1f:6f:5b:8e:15:57:e9:1c:36:10:b0:19:1b:
dd:c6:bd:2c:d7:42:d4:33:43:51:86:a9:b8:0b:be:
b7:a3:c2:e5:13:7c:4a:d0:42:fc:2b:05:d9:cf:80:
a2:0a:af:6a:49:3f:22:97:a9:cb:56:f4:fc:4a:a4:
d0:d0:7e:07:be:6c:83:5a:5f:06:2b:8e:d0:5f:49:
c6:5c:ef:0c:03:54:1d:9f:01:34:0e:25:e8:18:82:
3d:20:88:0c:d2:58:40:e2:39:64:d7:4d:17:33:ba:
01:3b:44:4f:28:b1:9d:76:c2:f5:d1:8e:29:4c:85:
d8:02:4c:4e:60:ee:91:8f:97:36:fb:15:44:fa:52:
a2:e2:7d:a5:d6:d3:ce:96:6d:6f:d8:5e:1b:99:e6:
b0:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:0B:C3:49:CA:E2:8B:F8:96:2E:AA:E5:55:41:FE:8C:F0:31:EC:0E
X509v3 Authority Key Identifier:
keyid:58:DA:3B:E3:31:A6:12:AA:AE:4F:6A:30:63:77:04:06:3A:C3:DD:42
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36CA351/D8E6C5EAC2E611EE8B90697B775412E6/WNo74zGmEqquT2owY3cEBjrD3UI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/WNo74zGmEqquT2owY3cEBjrD3UI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36CA351/D8E6C5EAC2E611EE8B90697B775412E6/A9A8EF80067211F08D1A5B9B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.208.96.0/22
Signature Algorithm: sha256WithRSAEncryption
32:97:f8:6e:d7:e6:93:49:ef:a9:99:2b:43:a6:91:6e:f6:b0:
bc:7a:ce:42:3f:1c:6d:da:e7:19:9b:21:b9:47:24:12:13:51:
8f:52:be:b7:99:a1:df:08:af:6d:30:77:39:80:15:b7:1a:e8:
94:1c:71:ac:82:ca:11:cd:5d:b2:c2:bb:95:39:b5:7d:e3:46:
e5:4b:e0:f9:e3:e7:d7:ea:e3:d1:fe:8e:2e:c3:8d:a2:c0:98:
91:d2:96:29:50:41:ee:92:a7:a8:2d:a8:95:9a:d8:a8:19:10:
7c:92:68:8b:06:f5:25:f9:ed:c3:6d:c8:96:1b:e9:0b:62:d8:
f6:9c:60:84:45:5c:63:84:91:5a:6c:f2:d9:d9:2d:bc:19:ac:
83:80:79:30:7a:54:25:d4:69:6c:a2:3f:84:37:61:14:34:4c:
42:4f:75:ed:86:d3:a7:b2:8f:dd:03:d6:f3:97:e0:67:f6:d2:
b1:c0:4c:1f:bb:5e:ed:e0:ac:64:60:8b:ac:b6:d3:c3:03:af:
ca:f4:ec:b8:d0:df:41:61:88:4c:70:6c:cf:aa:75:dc:02:06:
ee:bc:1b:38:9c:ab:61:42:be:8f:5a:ff:8e:80:7f:76:9a:93:
5b:23:f3:06:8d:c9:37:6f:be:79:d0:dc:64:9d:c8:a6:9c:0f:
19:6b:1a:72
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICAgUwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
Q0EzNTFBRjExMC8GA1UEBRMoNThEQTNCRTMzMUE2MTJBQUFFNEY2QTMwNjM3NzA0
MDYzQUMzREQ0MjAeFw0yNTAzMjExNjM2MzVaFw0yNjAzMjMxNjM2MzVaMBgxFjAU
BgNVBAMTDTY3ZGQ5NTk3LWUzZGQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDPtgoEKPqoIh+XPBpQnnD7J4sqhwpnjeEhU1kAP0lSvHukqrnviazsyZIE
Eb7iCHtGl3QNvqW+N7UG9HqeAB1nzEUlXEszgJI7rdBXgVwgk4bOL1rv0vynMvdS
m+fWL871pEn8Vi6WgpI3H29bjhVX6Rw2ELAZG93GvSzXQtQzQ1GGqbgLvrejwuUT
fErQQvwrBdnPgKIKr2pJPyKXqctW9PxKpNDQfge+bINaXwYrjtBfScZc7wwDVB2f
ATQOJegYgj0giAzSWEDiOWTXTRczugE7RE8osZ12wvXRjilMhdgCTE5g7pGPlzb7
FUT6UqLifaXW086WbW/YXhuZ5rBjAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQURwvD
Scrii/iWLqrlVUH+jPAx7A4wHwYDVR0jBBgwFoAUWNo74zGmEqquT2owY3cEBjrD
3UIwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkNBMzUxL0Q4RTZDNUVBQzJFNjExRUU4QjkwNjk3Qjc3NTQxMkU2L1dObzc0
ekdtRXFxdVQyb3dZM2NFQmpyRDNVSS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL1dObzc0ekdtRXFxdVQyb3dZM2NFQmpyRDNVSS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkNBMzUxL0Q4RTZDNUVBQzJFNjExRUU4QjkwNjk3Qjc3
NTQxMkU2L0E5QThFRjgwMDY3MjExRjA4RDFBNUI5Qjc2MkU5NTFBLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJm0GAwDQYJKoZIhvcNAQEL
BQADggEBADKX+G7X5pNJ76mZK0OmkW72sLx6zkI/HG3a5xmbIblHJBITUY9SvreZ
od8Ir20wdzmAFbca6JQccayCyhHNXbLCu5U5tX3jRuVL4Pnj59fq49H+ji7DjaLA
mJHSlilQQe6Sp6gtqJWa2KgZEHySaIsG9SX57cNtyJYb6Qti2PacYIRFXGOEkVps
8tnZLbwZrIOAeTB6VCXUaWyiP4Q3YRQ0TEJPde2G06eyj90D1vOX4Gf20rHATB+7
Xu3grGRgi6y208MDr8r07LjQ30FhiExwbM+qddwCBu68Gzicq2FCvo9a/46Af3aa
k1sj8waNyTdvvnnQ3GSdyKacDxlrGnI=
-----END CERTIFICATE-----
Generated at Sat Apr 5 01:52:58 2025 by rpki-client