Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36DA3E9/3CBCB97259C011EC9B4364725A40D577/1CD7BB0E57E911F0A6BADE9CDAE4EC9C.roa
File: 1CD7BB0E57E911F0A6BADE9CDAE4EC9C.roa (raw, json)
Hash identifier: Sj7TZUSFcSFR6KPg+Yr4aXPk5+fIKq2uGveYUra7Jr0=
Subject key identifier: 2B:78:6B:FB:A5:F9:74:39:6B:44:4D:27:E7:91:69:D6:8E:29:B1:05
Certificate issuer: /CN=F36DA3E9AF/serialNumber=3D2C034F851F3715B2BA4C9C95E5285DAF2EE923
Certificate serial: 056B
Authority key identifier: 3D:2C:03:4F:85:1F:37:15:B2:BA:4C:9C:95:E5:28:5D:AF:2E:E9:23
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/PSwDT4UfNxWyukycleUoXa8u6SM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36DA3E9/3CBCB97259C011EC9B4364725A40D577/1CD7BB0E57E911F0A6BADE9CDAE4EC9C.roa
Signing time: Thu 03 Jul 2025 08:38:37 +0000
ROA not before: Thu 03 Jul 2025 08:38:32 +0000
ROA not after: Tue 03 Jul 2035 08:38:32 +0000
asID: 15399
IP address blocks: 102.206.16.0/22 maxlen: 22
102.207.28.0/22 maxlen: 22
102.208.152.0/22 maxlen: 22
102.209.36.0/22 maxlen: 22
102.209.92.0/22 maxlen: 22
102.209.132.0/22 maxlen: 22
102.210.84.0/22 maxlen: 22
102.210.180.0/22 maxlen: 22
102.211.32.0/22 maxlen: 22
102.211.88.0/22 maxlen: 22
102.211.248.0/22 maxlen: 22
102.212.112.0/22 maxlen: 22
102.212.116.0/22 maxlen: 22
102.213.36.0/22 maxlen: 22
102.214.48.0/22 maxlen: 22
102.215.28.0/22 maxlen: 22
102.215.148.0/22 maxlen: 22
102.215.160.0/22 maxlen: 22
102.216.60.0/22 maxlen: 22
102.216.244.0/22 maxlen: 22
102.217.80.0/22 maxlen: 22
102.218.28.0/22 maxlen: 22
102.219.120.0/22 maxlen: 22
102.219.216.0/22 maxlen: 22
102.221.20.0/22 maxlen: 22
102.222.84.0/22 maxlen: 22
2c0f:e958::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36DA3E9/3CBCB97259C011EC9B4364725A40D577/PSwDT4UfNxWyukycleUoXa8u6SM.crl
rsync://rpki.afrinic.net/repository/member_repository/F36DA3E9/3CBCB97259C011EC9B4364725A40D577/PSwDT4UfNxWyukycleUoXa8u6SM.mft
rsync://rpki.afrinic.net/repository/afrinic/PSwDT4UfNxWyukycleUoXa8u6SM.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 03 Aug 2025 00:07:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1387 (0x56b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36DA3E9AF, serialNumber=3D2C034F851F3715B2BA4C9C95E5285DAF2EE923
Validity
Not Before: Jul 3 08:38:32 2025 GMT
Not After : Jul 3 08:38:32 2035 GMT
Subject: CN=6866418d-1786
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:27:67:22:74:3c:de:1f:96:e0:3c:14:36:d7:
d1:b6:03:b9:bd:d4:96:ec:96:3c:07:42:02:c1:62:
7e:55:78:e2:26:fb:84:d9:d8:b4:e7:d7:ca:39:7d:
24:27:15:08:dc:33:bb:11:fe:1c:25:57:5f:ca:b6:
31:5b:ea:a9:ff:1d:f0:b4:eb:5e:53:3b:6f:88:6b:
56:d6:a0:4d:cf:a6:19:ca:86:2b:cd:66:b3:c8:73:
db:b6:d7:95:81:5b:c8:a9:74:91:db:ef:d4:bc:e8:
a3:dc:cb:6c:1b:84:0f:ee:70:be:78:de:4a:08:4d:
11:4a:fc:c0:30:64:1d:62:ea:60:9e:ad:1b:fe:b3:
8a:8e:28:9e:68:b2:05:0a:36:a8:0f:9d:2f:8e:96:
83:e6:e5:ac:55:dd:0c:eb:7f:45:7e:f8:75:ba:89:
e4:f9:19:87:57:e3:09:f8:0d:11:24:73:ac:b0:6c:
d2:fb:9f:1a:0a:b0:13:44:6e:54:63:05:c0:39:37:
8a:22:dc:7c:ec:2c:19:40:20:a9:aa:ae:32:5b:4a:
28:71:3d:13:81:54:a6:0d:01:c7:b5:33:89:fd:3e:
45:1e:d0:d7:0a:c0:2a:ee:f0:db:06:ec:dd:57:e4:
7d:f4:82:19:11:69:c7:c1:9e:24:15:06:38:06:9f:
08:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:78:6B:FB:A5:F9:74:39:6B:44:4D:27:E7:91:69:D6:8E:29:B1:05
X509v3 Authority Key Identifier:
keyid:3D:2C:03:4F:85:1F:37:15:B2:BA:4C:9C:95:E5:28:5D:AF:2E:E9:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36DA3E9/3CBCB97259C011EC9B4364725A40D577/PSwDT4UfNxWyukycleUoXa8u6SM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/PSwDT4UfNxWyukycleUoXa8u6SM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36DA3E9/3CBCB97259C011EC9B4364725A40D577/1CD7BB0E57E911F0A6BADE9CDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.206.16.0/22
102.207.28.0/22
102.208.152.0/22
102.209.36.0/22
102.209.92.0/22
102.209.132.0/22
102.210.84.0/22
102.210.180.0/22
102.211.32.0/22
102.211.88.0/22
102.211.248.0/22
102.212.112.0/21
102.213.36.0/22
102.214.48.0/22
102.215.28.0/22
102.215.148.0/22
102.215.160.0/22
102.216.60.0/22
102.216.244.0/22
102.217.80.0/22
102.218.28.0/22
102.219.120.0/22
102.219.216.0/22
102.221.20.0/22
102.222.84.0/22
IPv6:
2c0f:e958::/32
Signature Algorithm: sha256WithRSAEncryption
19:02:ce:3d:35:e2:78:fd:d1:c2:c6:0e:83:b6:62:e4:c4:ae:
79:2a:a8:be:a2:b8:01:a8:93:f7:0e:b7:ec:f4:6a:e4:a4:fb:
a0:4f:d7:0f:5e:a5:be:66:31:8f:b2:11:97:fa:63:b9:7b:19:
d2:d3:06:00:89:7c:90:d3:33:b7:82:1e:88:3a:db:02:a3:a9:
a0:6e:45:a0:69:88:2e:04:ee:59:3c:83:66:b9:db:76:a0:30:
a8:a5:9b:fe:49:96:9b:cc:6b:23:3e:35:a9:5d:65:b1:03:e3:
a0:4c:de:b1:19:73:b2:7f:e1:ae:7c:02:e1:07:b2:5d:4a:ec:
f4:21:50:d1:9e:27:6f:8e:ff:d5:77:17:54:d6:b0:53:f9:7d:
7d:de:cc:60:d1:15:00:03:d1:46:1f:35:26:ad:38:54:a9:6c:
f0:1a:ac:2f:50:db:6e:ad:43:99:80:93:48:b7:ec:01:d2:94:
3d:76:d6:45:b9:dc:ab:ad:24:70:53:57:f4:98:37:d0:cb:75:
55:1e:64:f1:35:72:a0:81:ed:76:e4:0d:8f:e2:cb:be:1b:d3:
da:bc:46:7e:68:eb:fc:40:fd:1c:5e:32:7c:4b:51:cc:55:42:
d1:14:92:c3:ec:92:83:7e:99:63:f3:f0:7d:3d:7c:44:20:c2:
51:1c:e7:d8
-----BEGIN CERTIFICATE-----
MIIGJzCCBQ+gAwIBAgICBWswDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
REEzRTlBRjExMC8GA1UEBRMoM0QyQzAzNEY4NTFGMzcxNUIyQkE0QzlDOTVFNTI4
NURBRjJFRTkyMzAeFw0yNTA3MDMwODM4MzJaFw0zNTA3MDMwODM4MzJaMBgxFjAU
BgNVBAMTDTY4NjY0MThkLTE3ODYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDUJ2cidDzeH5bgPBQ219G2A7m91JbsljwHQgLBYn5VeOIm+4TZ2LTn18o5
fSQnFQjcM7sR/hwlV1/KtjFb6qn/HfC0615TO2+Ia1bWoE3PphnKhivNZrPIc9u2
15WBW8ipdJHb79S86KPcy2wbhA/ucL543koITRFK/MAwZB1i6mCerRv+s4qOKJ5o
sgUKNqgPnS+OloPm5axV3Qzrf0V++HW6ieT5GYdX4wn4DREkc6ywbNL7nxoKsBNE
blRjBcA5N4oi3HzsLBlAIKmqrjJbSihxPROBVKYNAce1M4n9PkUe0NcKwCru8NsG
7N1X5H30ghkRacfBniQVBjgGnwhJAgMBAAGjggNJMIIDRTAdBgNVHQ4EFgQUK3hr
+6X5dDlrRE0n55Fp1o4psQUwHwYDVR0jBBgwFoAUPSwDT4UfNxWyukycleUoXa8u
6SMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkRBM0U5LzNDQkNCOTcyNTlDMDExRUM5QjQzNjQ3MjVBNDBENTc3L1BTd0RU
NFVmTnhXeXVreWNsZVVvWGE4dTZTTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL1BTd0RUNFVmTnhXeXVreWNsZVVvWGE4dTZTTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkRBM0U5LzNDQkNCOTcyNTlDMDExRUM5QjQzNjQ3MjVB
NDBENTc3LzFDRDdCQjBFNTdFOTExRjBBNkJBREU5Q0RBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwgcIGCCsGAQUFBwEHAQH/BIGyMIGvMIGdBAIAATCBlgMEAmbOEAMEAmbPHAME
AmbQmAMEAmbRJAMEAmbRXAMEAmbRhAMEAmbSVAMEAmbStAMEAmbTIAMEAmbTWAME
AmbT+AMEA2bUcAMEAmbVJAMEAmbWMAMEAmbXHAMEAmbXlAMEAmbXoAMEAmbYPAME
AmbY9AMEAmbZUAMEAmbaHAMEAmbbeAMEAmbb2AMEAmbdFAMEAmbeVDANBAIAAjAH
AwUALA/pWDANBgkqhkiG9w0BAQsFAAOCAQEAGQLOPTXieP3RwsYOg7Zi5MSueSqo
vqK4AaiT9w637PRq5KT7oE/XD16lvmYxj7IRl/pjuXsZ0tMGAIl8kNMzt4IeiDrb
AqOpoG5FoGmILgTuWTyDZrnbdqAwqKWb/kmWm8xrIz41qV1lsQPjoEzesRlzsn/h
rnwC4QeyXUrs9CFQ0Z4nb47/1XcXVNawU/l9fd7MYNEVAAPRRh81Jq04VKls8Bqs
L1Dbbq1DmYCTSLfsAdKUPXbWRbncq60kcFNX9Jg30Mt1VR5k8TVyoIHtduQNj+LL
vhvT2rxGfmjr/ED9HF4yfEtRzFVC0RSSw+ySg36ZY/PwfT18RCDCURzn2A==
-----END CERTIFICATE-----
Generated at Fri Aug 1 18:09:31 2025 by rpki-client