Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F361B835/9F84D4AC24C611F099A06586DAE4EC9C/ED854A8624C811F0B4D15694DAE4EC9C.roa
File: ED854A8624C811F0B4D15694DAE4EC9C.roa (raw, json)
Hash identifier: KyIxaodmc2Nf2dSIBbZZRE5rqK1fV8FCMAMx88jtkk4=
Subject key identifier: 6B:79:B7:B5:0E:31:FF:A9:33:D8:1C:0A:7F:E8:CF:ED:F1:2D:C0:7A
Certificate issuer: /CN=F361B835AF/serialNumber=688C90F523D7ECF90EB7DC981B7071E383493152
Certificate serial: 02
Authority key identifier: 68:8C:90:F5:23:D7:EC:F9:0E:B7:DC:98:1B:70:71:E3:83:49:31:52
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/aIyQ9SPX7PkOt9yYG3Bx44NJMVI.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F361B835/9F84D4AC24C611F099A06586DAE4EC9C/ED854A8624C811F0B4D15694DAE4EC9C.roa
Signing time: Tue 29 Apr 2025 07:09:45 +0000
ROA not before: Tue 29 Apr 2025 07:09:40 +0000
ROA not after: Wed 29 Apr 2026 07:09:40 +0000
asID: 329021
IP address blocks: 102.216.116.0/23 maxlen: 23
102.216.116.0/24 maxlen: 24
102.216.117.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F361B835/9F84D4AC24C611F099A06586DAE4EC9C/aIyQ9SPX7PkOt9yYG3Bx44NJMVI.crl
rsync://rpki.afrinic.net/repository/member_repository/F361B835/9F84D4AC24C611F099A06586DAE4EC9C/aIyQ9SPX7PkOt9yYG3Bx44NJMVI.mft
rsync://rpki.afrinic.net/repository/afrinic/aIyQ9SPX7PkOt9yYG3Bx44NJMVI.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 09 May 2025 00:06:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F361B835AF, serialNumber=688C90F523D7ECF90EB7DC981B7071E383493152
Validity
Not Before: Apr 29 07:09:40 2025 GMT
Not After : Apr 29 07:09:40 2026 GMT
Subject: CN=68107b39-f65e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:2f:e7:e9:7b:c2:25:33:9f:c1:2a:0e:f4:06:
03:d7:4d:97:ab:8a:27:5a:96:1e:af:98:de:61:54:
2d:b8:1f:48:58:ef:19:bc:e3:17:ca:cd:40:4d:56:
c9:9b:9e:34:f2:18:8a:f4:26:00:a1:6c:27:5c:b4:
8e:49:5e:fc:a1:42:7a:09:95:22:90:2a:c9:3f:e6:
a9:0f:17:d0:a3:56:fc:7a:46:a1:a5:0b:a1:cc:81:
9c:55:b3:66:19:cf:f0:57:41:d4:69:f3:0b:6c:a3:
fd:1b:8f:bb:77:2b:ab:7b:31:13:02:78:e3:75:29:
61:ed:15:dc:f5:e1:e6:75:9b:38:c2:e7:e2:f4:cd:
3f:d2:bd:cc:8f:1e:2c:e2:1b:6a:6d:cd:b1:f0:5c:
ba:f0:83:b3:e4:30:72:ce:b5:a3:ef:0d:3c:61:58:
e7:98:11:6e:44:82:6b:a0:47:6b:3c:be:ff:d8:97:
dc:27:40:98:e4:96:cc:1d:b1:9d:bd:ed:d4:e1:ee:
64:82:39:17:9c:93:59:a1:09:9f:53:73:33:56:0f:
39:34:f8:b3:43:05:ba:23:42:89:e5:88:84:df:03:
ea:60:f8:de:36:14:49:d7:8c:93:db:64:4c:60:8a:
21:61:90:a8:11:6e:d2:10:37:f9:db:a4:80:7a:46:
6f:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:79:B7:B5:0E:31:FF:A9:33:D8:1C:0A:7F:E8:CF:ED:F1:2D:C0:7A
X509v3 Authority Key Identifier:
keyid:68:8C:90:F5:23:D7:EC:F9:0E:B7:DC:98:1B:70:71:E3:83:49:31:52
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F361B835/9F84D4AC24C611F099A06586DAE4EC9C/aIyQ9SPX7PkOt9yYG3Bx44NJMVI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/aIyQ9SPX7PkOt9yYG3Bx44NJMVI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F361B835/9F84D4AC24C611F099A06586DAE4EC9C/ED854A8624C811F0B4D15694DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.216.116.0/23
Signature Algorithm: sha256WithRSAEncryption
66:13:85:e0:da:41:d9:0a:02:a0:f2:fc:6a:03:72:e1:8b:75:
17:dc:b5:52:c0:1b:63:c1:e3:58:cf:8e:44:43:6d:01:12:47:
40:41:53:5d:82:53:c2:dc:fa:ca:e1:da:86:50:c2:26:3e:ef:
f4:c3:88:20:b2:cf:5a:dd:03:e3:ee:e1:71:8c:b7:57:06:65:
98:8b:be:d7:df:b6:88:8a:b5:26:46:8c:24:0d:d0:59:ee:80:
0b:40:e6:03:7d:b5:d6:88:9b:36:c5:63:60:8e:39:44:09:5d:
c0:fb:30:f9:63:44:1d:c8:90:28:c3:08:e7:7d:1e:7c:3f:c4:
7a:56:cd:dc:52:4f:8c:8c:2d:2d:29:68:4b:57:e4:5f:6e:df:
9f:5d:d6:f9:84:78:7f:8a:bb:9f:d2:8e:c0:66:9f:5d:3a:a6:
a0:72:78:59:91:81:1d:e8:dc:ea:a0:b1:f0:1f:be:33:d1:1c:
ba:77:d8:92:f7:b8:5d:a6:47:a5:e5:40:95:b9:28:b0:9b:35:
68:83:e4:92:1b:b4:47:c1:8e:05:e3:73:fe:d4:39:30:a1:2b:
da:0e:fa:b1:b9:f8:d9:18:db:35:35:bb:a5:35:93:11:ce:e7:
dc:56:fd:e1:9b:cd:4c:96:02:3b:e5:86:c2:7a:45:1c:66:8b:
7f:15:65:92
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzYx
QjgzNUFGMTEwLwYDVQQFEyg2ODhDOTBGNTIzRDdFQ0Y5MEVCN0RDOTgxQjcwNzFF
MzgzNDkzMTUyMB4XDTI1MDQyOTA3MDk0MFoXDTI2MDQyOTA3MDk0MFowGDEWMBQG
A1UEAxMNNjgxMDdiMzktZjY1ZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPQv5+l7wiUzn8EqDvQGA9dNl6uKJ1qWHq+Y3mFULbgfSFjvGbzjF8rNQE1W
yZueNPIYivQmAKFsJ1y0jkle/KFCegmVIpAqyT/mqQ8X0KNW/HpGoaULocyBnFWz
ZhnP8FdB1GnzC2yj/RuPu3crq3sxEwJ443UpYe0V3PXh5nWbOMLn4vTNP9K9zI8e
LOIbam3NsfBcuvCDs+Qwcs61o+8NPGFY55gRbkSCa6BHazy+/9iX3CdAmOSWzB2x
nb3t1OHuZII5F5yTWaEJn1NzM1YPOTT4s0MFuiNCieWIhN8D6mD43jYUSdeMk9tk
TGCKIWGQqBFu0hA3+dukgHpGb+kCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBRrebe1
DjH/qTPYHAp/6M/t8S3AejAfBgNVHSMEGDAWgBRojJD1I9fs+Q633JgbcHHjg0kx
UjAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2MUI4MzUvOUY4NEQ0QUMyNEM2MTFGMDk5QTA2NTg2REFFNEVDOUMvYUl5UTlT
UFg3UGtPdDl5WUczQng0NE5KTVZJLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvYUl5UTlTUFg3UGtPdDl5WUczQng0NE5KTVZJLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2MUI4MzUvOUY4NEQ0QUMyNEM2MTFGMDk5QTA2NTg2REFF
NEVDOUMvRUQ4NTRBODYyNEM4MTFGMEI0RDE1Njk0REFFNEVDOUMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAWbYdDANBgkqhkiG9w0BAQsF
AAOCAQEAZhOF4NpB2QoCoPL8agNy4Yt1F9y1UsAbY8HjWM+ORENtARJHQEFTXYJT
wtz6yuHahlDCJj7v9MOIILLPWt0D4+7hcYy3VwZlmIu+19+2iIq1JkaMJA3QWe6A
C0DmA3211oibNsVjYI45RAldwPsw+WNEHciQKMMI530efD/EelbN3FJPjIwtLSlo
S1fkX27fn13W+YR4f4q7n9KOwGafXTqmoHJ4WZGBHejc6qCx8B++M9EcunfYkve4
XaZHpeVAlbkosJs1aIPkkhu0R8GOBeNz/tQ5MKEr2g76sbn42RjbNTW7pTWTEc7n
3Fb94ZvNTJYCO+WGwnpFHGaLfxVlkg==
-----END CERTIFICATE-----
Generated at Wed May 7 17:55:17 2025 by rpki-client