Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3634F1B/A133C32A299511F0B2F717B2DAE4EC9C/5CCD6440299D11F0AD38AFE3DAE4EC9C.roa
File: 5CCD6440299D11F0AD38AFE3DAE4EC9C.roa (raw, json)
Hash identifier: v4mhR83sjeZ2vAC+mHBy4f+8KOxUX5jeOYSaA7j55RU=
Subject key identifier: 22:94:13:38:37:2E:9C:0A:D2:4A:4C:6D:D9:CE:15:D0:F4:94:11:2D
Certificate issuer: /CN=F3634F1BAF/serialNumber=49B4D619095D9432AF6460853E147BEF5D1C48B0
Certificate serial: 0A
Authority key identifier: 49:B4:D6:19:09:5D:94:32:AF:64:60:85:3E:14:7B:EF:5D:1C:48:B0
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/SbTWGQldlDKvZGCFPhR7710cSLA.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3634F1B/A133C32A299511F0B2F717B2DAE4EC9C/5CCD6440299D11F0AD38AFE3DAE4EC9C.roa
Signing time: Mon 05 May 2025 10:40:30 +0000
ROA not before: Mon 05 May 2025 10:40:25 +0000
ROA not after: Wed 06 May 2026 10:40:25 +0000
asID: 328939
IP address blocks: 102.206.128.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3634F1B/A133C32A299511F0B2F717B2DAE4EC9C/SbTWGQldlDKvZGCFPhR7710cSLA.crl
rsync://rpki.afrinic.net/repository/member_repository/F3634F1B/A133C32A299511F0B2F717B2DAE4EC9C/SbTWGQldlDKvZGCFPhR7710cSLA.mft
rsync://rpki.afrinic.net/repository/afrinic/SbTWGQldlDKvZGCFPhR7710cSLA.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 09 May 2025 00:06:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10 (0xa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3634F1BAF, serialNumber=49B4D619095D9432AF6460853E147BEF5D1C48B0
Validity
Not Before: May 5 10:40:25 2025 GMT
Not After : May 6 10:40:25 2026 GMT
Subject: CN=6818959d-c81f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:eb:a2:5f:c0:ec:14:e1:7c:6b:6f:19:31:84:
41:d1:d8:d3:e4:d9:e1:a9:0c:7e:a1:10:b6:4f:36:
3e:18:f3:74:da:6f:00:aa:d2:86:53:b8:12:dd:f3:
fa:42:50:b4:37:83:76:33:9d:89:ef:5c:e5:fc:a4:
83:f5:d1:fc:ad:b5:14:e4:5d:7e:a1:b3:c0:c9:4f:
f6:ad:94:63:43:6a:c6:56:1c:bb:6d:24:63:a8:ce:
e2:eb:f7:ab:2f:84:65:89:b1:2a:63:c0:f4:13:da:
d9:da:49:01:3f:bd:5d:1a:d8:8e:3b:31:4e:bf:86:
a9:c9:97:23:6d:10:63:52:b8:aa:be:cd:7e:80:60:
4c:4e:50:e1:a2:1a:d0:5f:fa:68:c1:41:5e:6e:4c:
a4:4c:df:51:bb:94:63:2d:8d:af:b1:bf:07:f7:ca:
75:fc:a5:24:d5:8a:7f:30:2f:de:1c:6c:ec:05:db:
d2:f3:f7:4f:ce:f3:56:20:90:e8:4b:60:1b:af:20:
9f:c5:e5:a5:2c:31:4b:70:94:02:57:70:1b:8c:f0:
bc:5b:b6:da:d0:d8:09:67:e2:bb:4b:01:77:21:0d:
75:e6:c5:3f:69:d8:10:1b:7a:ab:ca:8b:1f:03:e3:
d8:7a:aa:e9:24:bd:7c:88:54:b4:1a:67:36:7b:74:
97:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:94:13:38:37:2E:9C:0A:D2:4A:4C:6D:D9:CE:15:D0:F4:94:11:2D
X509v3 Authority Key Identifier:
keyid:49:B4:D6:19:09:5D:94:32:AF:64:60:85:3E:14:7B:EF:5D:1C:48:B0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3634F1B/A133C32A299511F0B2F717B2DAE4EC9C/SbTWGQldlDKvZGCFPhR7710cSLA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/SbTWGQldlDKvZGCFPhR7710cSLA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3634F1B/A133C32A299511F0B2F717B2DAE4EC9C/5CCD6440299D11F0AD38AFE3DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.206.128.0/24
Signature Algorithm: sha256WithRSAEncryption
03:cf:eb:1a:50:30:00:88:91:0b:d2:4b:d2:80:c5:b9:85:8d:
08:e4:d8:ba:49:b4:36:fc:7b:ee:84:f9:55:5a:82:6d:f6:6d:
df:3e:df:94:a1:76:54:12:ba:e1:cc:e9:dc:15:70:bb:05:2f:
83:9d:44:3b:60:45:65:46:75:8d:57:85:a0:94:d2:c1:23:fb:
e6:8b:33:f4:49:0a:09:c1:99:c6:a4:16:e5:b3:a6:cf:5c:93:
b2:f6:5f:21:68:45:bd:fc:e8:b8:02:e1:fb:b4:6b:79:96:df:
66:59:dd:8e:76:a0:10:80:6c:b0:65:b3:b5:e1:5e:49:8f:50:
0c:5d:f0:5d:f2:0b:fc:d0:2f:d0:b8:82:98:76:1f:e9:55:db:
c7:7a:73:8a:13:32:45:5d:bc:e2:6e:63:22:27:62:dc:a1:9d:
9d:7a:4e:47:20:67:13:9b:d1:29:44:49:17:b0:8a:c1:19:b9:
47:47:50:5a:8d:76:9a:fa:2e:4e:d8:fa:d2:ca:70:d2:5a:65:
af:4a:61:c5:45:00:27:30:36:c5:a5:8d:22:ce:f0:b6:5c:58:
8f:25:b0:5b:ea:28:e9:a3:b7:b0:ff:5b:6e:a4:80:45:b1:1e:
47:4b:ed:e1:bb:e9:0a:43:72:03:18:a1:68:b6:84:cf:09:39:
fe:a2:16:31
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBCjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzYz
NEYxQkFGMTEwLwYDVQQFEyg0OUI0RDYxOTA5NUQ5NDMyQUY2NDYwODUzRTE0N0JF
RjVEMUM0OEIwMB4XDTI1MDUwNTEwNDAyNVoXDTI2MDUwNjEwNDAyNVowGDEWMBQG
A1UEAxMNNjgxODk1OWQtYzgxZjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMXrol/A7BThfGtvGTGEQdHY0+TZ4akMfqEQtk82PhjzdNpvAKrShlO4Et3z
+kJQtDeDdjOdie9c5fykg/XR/K21FORdfqGzwMlP9q2UY0NqxlYcu20kY6jO4uv3
qy+EZYmxKmPA9BPa2dpJAT+9XRrYjjsxTr+GqcmXI20QY1K4qr7NfoBgTE5Q4aIa
0F/6aMFBXm5MpEzfUbuUYy2Nr7G/B/fKdfylJNWKfzAv3hxs7AXb0vP3T87zViCQ
6EtgG68gn8XlpSwxS3CUAldwG4zwvFu22tDYCWfiu0sBdyENdebFP2nYEBt6q8qL
HwPj2Hqq6SS9fIhUtBpnNnt0lx0CAwEAAaOCAqUwggKhMB0GA1UdDgQWBBQilBM4
Ny6cCtJKTG3ZzhXQ9JQRLTAfBgNVHSMEGDAWgBRJtNYZCV2UMq9kYIU+FHvvXRxI
sDAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2MzRGMUIvQTEzM0MzMkEyOTk1MTFGMEIyRjcxN0IyREFFNEVDOUMvU2JUV0dR
bGRsREt2WkdDRlBoUjc3MTBjU0xBLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvU2JUV0dRbGRsREt2WkdDRlBoUjc3MTBjU0xBLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2MzRGMUIvQTEzM0MzMkEyOTk1MTFGMEIyRjcxN0IyREFF
NEVDOUMvNUNDRDY0NDAyOTlEMTFGMEFEMzhBRkUzREFFNEVDOUMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAGbOgDANBgkqhkiG9w0BAQsF
AAOCAQEAA8/rGlAwAIiRC9JL0oDFuYWNCOTYukm0Nvx77oT5VVqCbfZt3z7flKF2
VBK64czp3BVwuwUvg51EO2BFZUZ1jVeFoJTSwSP75osz9EkKCcGZxqQW5bOmz1yT
svZfIWhFvfzouALh+7RreZbfZlndjnagEIBssGWzteFeSY9QDF3wXfIL/NAv0LiC
mHYf6VXbx3pzihMyRV284m5jIidi3KGdnXpORyBnE5vRKURJF7CKwRm5R0dQWo12
mvouTtj60spw0lplr0phxUUAJzA2xaWNIs7wtlxYjyWwW+oo6aO3sP9bbqSARbEe
R0vt4bvpCkNyAxihaLaEzwk5/qIWMQ==
-----END CERTIFICATE-----
Generated at Wed May 7 21:18:35 2025 by rpki-client