Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3634F1B/A133C32A299511F0B2F717B2DAE4EC9C/61D2FD9229B111F0B5081FE6DAE4EC9C.roa
File: 61D2FD9229B111F0B5081FE6DAE4EC9C.roa (raw, json)
Hash identifier: Brop1ncWpX/uNNO0gkigSNxXGhoMQh9wWM/lUreXu7I=
Subject key identifier: E0:E7:57:77:6B:80:E0:15:03:D5:4D:21:C7:1A:7E:A6:FA:96:74:15
Certificate issuer: /CN=F3634F1BAF/serialNumber=49B4D619095D9432AF6460853E147BEF5D1C48B0
Certificate serial: 15
Authority key identifier: 49:B4:D6:19:09:5D:94:32:AF:64:60:85:3E:14:7B:EF:5D:1C:48:B0
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/SbTWGQldlDKvZGCFPhR7710cSLA.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3634F1B/A133C32A299511F0B2F717B2DAE4EC9C/61D2FD9229B111F0B5081FE6DAE4EC9C.roa
Signing time: Mon 05 May 2025 13:03:48 +0000
ROA not before: Mon 05 May 2025 13:03:43 +0000
ROA not after: Tue 05 May 2026 13:03:43 +0000
asID: 328939
IP address blocks: 102.218.89.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3634F1B/A133C32A299511F0B2F717B2DAE4EC9C/SbTWGQldlDKvZGCFPhR7710cSLA.crl
rsync://rpki.afrinic.net/repository/member_repository/F3634F1B/A133C32A299511F0B2F717B2DAE4EC9C/SbTWGQldlDKvZGCFPhR7710cSLA.mft
rsync://rpki.afrinic.net/repository/afrinic/SbTWGQldlDKvZGCFPhR7710cSLA.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 11 May 2025 05:19:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21 (0x15)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3634F1BAF, serialNumber=49B4D619095D9432AF6460853E147BEF5D1C48B0
Validity
Not Before: May 5 13:03:43 2025 GMT
Not After : May 5 13:03:43 2026 GMT
Subject: CN=6818b734-dc56
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:f9:03:19:f6:d7:db:17:f2:fc:74:c2:e9:4e:
2f:63:6d:f9:cb:1c:79:65:35:cd:87:55:03:ac:f1:
9a:64:b3:f4:b7:e6:4b:e3:5f:55:ee:01:44:92:4e:
c4:8f:90:56:5c:52:0d:b3:b8:7a:1a:b3:67:75:8e:
2c:4b:4a:e2:3b:d3:4f:31:b8:5e:8e:93:c5:ea:66:
b8:95:ce:d0:46:00:d7:e3:71:7e:9f:75:9c:8b:50:
8e:b3:35:ca:41:e7:07:d5:21:5d:96:ed:3a:65:ef:
f0:9d:48:7d:40:ac:04:d5:72:b5:73:4f:a3:f4:e1:
8f:27:53:f4:b3:cf:39:f3:18:2f:e3:cf:96:a9:57:
2c:6f:35:68:b3:5b:c0:b3:7a:4d:54:87:33:4d:22:
4d:04:dd:84:c0:6c:ec:7c:01:19:5f:c0:12:4d:51:
c3:df:d0:e4:aa:cb:99:18:3c:cb:25:ef:56:6f:f9:
54:ba:46:d3:05:ad:dd:59:2b:d3:6b:96:32:d8:96:
7a:07:30:ac:2f:7c:bc:0a:5f:c5:ed:18:da:21:5e:
e8:13:b9:d8:c3:ac:3e:8f:d8:6e:d4:62:16:e0:a7:
a7:23:08:ab:ec:e3:46:4c:9b:36:bb:e4:53:06:71:
a2:02:c4:f6:1f:9d:71:f0:1a:1d:ad:c5:48:5a:9e:
41:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:E7:57:77:6B:80:E0:15:03:D5:4D:21:C7:1A:7E:A6:FA:96:74:15
X509v3 Authority Key Identifier:
keyid:49:B4:D6:19:09:5D:94:32:AF:64:60:85:3E:14:7B:EF:5D:1C:48:B0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3634F1B/A133C32A299511F0B2F717B2DAE4EC9C/SbTWGQldlDKvZGCFPhR7710cSLA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/SbTWGQldlDKvZGCFPhR7710cSLA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3634F1B/A133C32A299511F0B2F717B2DAE4EC9C/61D2FD9229B111F0B5081FE6DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.218.89.0/24
Signature Algorithm: sha256WithRSAEncryption
c6:1f:15:bc:8a:c3:8a:cc:85:a9:9a:cd:56:a4:d0:2d:ce:27:
b1:a6:04:22:84:6a:5a:d7:d4:e5:0a:04:be:66:d1:52:30:f7:
27:ee:fc:8a:c3:04:ff:a9:1f:10:3b:61:07:11:b0:87:3c:d7:
5a:5a:11:2c:fb:f9:d7:96:43:d1:dc:47:7f:41:87:18:33:cb:
9a:dd:6f:39:76:e3:9d:0a:6e:5c:65:07:3e:86:8c:9f:0b:64:
9a:92:85:f1:33:9c:02:37:78:db:f7:fb:28:1c:13:b5:64:29:
ef:fa:86:54:23:a7:91:9e:4c:54:d1:92:81:17:92:55:4e:41:
74:5e:fd:21:cb:f2:18:9c:b8:0e:ad:db:e2:d2:c3:e5:1d:b8:
37:60:17:92:ce:83:63:b1:4d:c2:f6:8b:28:26:be:53:b8:bd:
e6:e1:06:6f:7e:c6:36:2a:cb:95:e1:dd:fb:e6:9c:8b:fe:1a:
2d:d9:17:06:ba:d8:45:e9:68:6e:18:f7:fa:23:04:c6:63:97:
89:4f:ab:36:83:3a:5d:9d:06:a6:1e:40:5e:92:10:25:17:9a:
fc:d2:bf:c5:74:74:04:1f:27:ac:1c:05:ad:e9:c3:81:f5:a6:
82:1f:42:fc:ee:4d:0c:7f:13:9b:9a:a9:8d:e3:03:50:80:57:
64:1d:47:0a
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBFTANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzYz
NEYxQkFGMTEwLwYDVQQFEyg0OUI0RDYxOTA5NUQ5NDMyQUY2NDYwODUzRTE0N0JF
RjVEMUM0OEIwMB4XDTI1MDUwNTEzMDM0M1oXDTI2MDUwNTEzMDM0M1owGDEWMBQG
A1UEAxMNNjgxOGI3MzQtZGM1NjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMv5Axn219sX8vx0wulOL2Nt+csceWU1zYdVA6zxmmSz9LfmS+NfVe4BRJJO
xI+QVlxSDbO4ehqzZ3WOLEtK4jvTTzG4Xo6TxepmuJXO0EYA1+Nxfp91nItQjrM1
ykHnB9UhXZbtOmXv8J1IfUCsBNVytXNPo/ThjydT9LPPOfMYL+PPlqlXLG81aLNb
wLN6TVSHM00iTQTdhMBs7HwBGV/AEk1Rw9/Q5KrLmRg8yyXvVm/5VLpG0wWt3Vkr
02uWMtiWegcwrC98vApfxe0Y2iFe6BO52MOsPo/YbtRiFuCnpyMIq+zjRkybNrvk
UwZxogLE9h+dcfAaHa3FSFqeQV8CAwEAAaOCAqUwggKhMB0GA1UdDgQWBBTg51d3
a4DgFQPVTSHHGn6m+pZ0FTAfBgNVHSMEGDAWgBRJtNYZCV2UMq9kYIU+FHvvXRxI
sDAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2MzRGMUIvQTEzM0MzMkEyOTk1MTFGMEIyRjcxN0IyREFFNEVDOUMvU2JUV0dR
bGRsREt2WkdDRlBoUjc3MTBjU0xBLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvU2JUV0dRbGRsREt2WkdDRlBoUjc3MTBjU0xBLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2MzRGMUIvQTEzM0MzMkEyOTk1MTFGMEIyRjcxN0IyREFF
NEVDOUMvNjFEMkZEOTIyOUIxMTFGMEI1MDgxRkU2REFFNEVDOUMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAGbaWTANBgkqhkiG9w0BAQsF
AAOCAQEAxh8VvIrDisyFqZrNVqTQLc4nsaYEIoRqWtfU5QoEvmbRUjD3J+78isME
/6kfEDthBxGwhzzXWloRLPv515ZD0dxHf0GHGDPLmt1vOXbjnQpuXGUHPoaMnwtk
mpKF8TOcAjd42/f7KBwTtWQp7/qGVCOnkZ5MVNGSgReSVU5BdF79IcvyGJy4Dq3b
4tLD5R24N2AXks6DY7FNwvaLKCa+U7i95uEGb37GNirLleHd++aci/4aLdkXBrrY
Relobhj3+iMExmOXiU+rNoM6XZ0Gph5AXpIQJRea/NK/xXR0BB8nrBwFrenDgfWm
gh9C/O5NDH8Tm5qpjeMDUIBXZB1HCg==
-----END CERTIFICATE-----
Generated at Sat May 10 06:29:57 2025 by rpki-client