Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3634F1B/A133C32A299511F0B2F717B2DAE4EC9C/A16D1040299E11F0A0371BECDAE4EC9C.roa
File: A16D1040299E11F0A0371BECDAE4EC9C.roa (raw, json)
Hash identifier: ZIN6qTu+myOk/8/Xm5JH6ilbBdHCnz+M7KKnKepnBtM=
Subject key identifier: 38:1B:FF:B0:4E:EC:F2:75:81:C6:86:2A:57:A5:4F:0F:2E:06:BB:D9
Certificate issuer: /CN=F3634F1BAF/serialNumber=49B4D619095D9432AF6460853E147BEF5D1C48B0
Certificate serial: 11
Authority key identifier: 49:B4:D6:19:09:5D:94:32:AF:64:60:85:3E:14:7B:EF:5D:1C:48:B0
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/SbTWGQldlDKvZGCFPhR7710cSLA.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3634F1B/A133C32A299511F0B2F717B2DAE4EC9C/A16D1040299E11F0A0371BECDAE4EC9C.roa
Signing time: Mon 05 May 2025 10:49:34 +0000
ROA not before: Mon 05 May 2025 10:49:30 +0000
ROA not after: Wed 06 May 2026 10:49:30 +0000
asID: 328939
IP address blocks: 102.206.131.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3634F1B/A133C32A299511F0B2F717B2DAE4EC9C/SbTWGQldlDKvZGCFPhR7710cSLA.crl
rsync://rpki.afrinic.net/repository/member_repository/F3634F1B/A133C32A299511F0B2F717B2DAE4EC9C/SbTWGQldlDKvZGCFPhR7710cSLA.mft
rsync://rpki.afrinic.net/repository/afrinic/SbTWGQldlDKvZGCFPhR7710cSLA.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 11 May 2025 05:19:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17 (0x11)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3634F1BAF, serialNumber=49B4D619095D9432AF6460853E147BEF5D1C48B0
Validity
Not Before: May 5 10:49:30 2025 GMT
Not After : May 6 10:49:30 2026 GMT
Subject: CN=681897be-5e59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:1a:53:29:14:c7:5d:c2:1f:09:11:f1:c5:49:
09:1f:3f:fa:ec:b8:94:55:b9:e9:ed:9e:b8:dc:3d:
96:c1:80:1f:d2:4f:96:3b:c1:69:17:8f:6e:e9:4d:
47:c9:20:85:9c:96:42:66:cc:08:e2:a6:d3:71:41:
f5:4b:34:cd:dd:18:fe:73:bb:f1:d1:2d:5c:18:a4:
e8:5b:b2:50:ec:16:66:b4:f7:a8:ee:4c:1e:42:5c:
4f:9d:15:6c:b2:8d:50:fd:02:a8:f8:90:e9:0d:84:
d8:c6:6e:13:05:27:50:8c:73:7f:27:38:39:f9:b4:
1d:04:09:9c:0f:80:84:5c:28:9a:a3:dc:45:9b:6f:
51:21:18:48:71:9d:dd:a4:88:b4:f0:c7:dc:f9:f4:
a1:fa:2a:2a:ff:28:26:a8:3f:b7:6b:10:42:65:e8:
9b:b3:63:15:b9:e3:d4:8e:0f:b6:a7:10:8c:df:bf:
db:b7:bc:89:79:b4:29:20:85:f3:a2:ba:a1:c4:b5:
aa:6c:93:d9:74:49:c7:64:75:ed:c2:28:c3:30:f0:
f7:56:68:18:39:8d:e5:cf:c9:d6:8c:e6:3f:51:4d:
4d:e9:41:79:f9:f8:bf:21:6f:72:82:d8:9f:a0:b8:
aa:03:40:b9:37:85:a2:51:60:2f:dd:9e:5e:d0:bd:
ff:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:1B:FF:B0:4E:EC:F2:75:81:C6:86:2A:57:A5:4F:0F:2E:06:BB:D9
X509v3 Authority Key Identifier:
keyid:49:B4:D6:19:09:5D:94:32:AF:64:60:85:3E:14:7B:EF:5D:1C:48:B0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3634F1B/A133C32A299511F0B2F717B2DAE4EC9C/SbTWGQldlDKvZGCFPhR7710cSLA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/SbTWGQldlDKvZGCFPhR7710cSLA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3634F1B/A133C32A299511F0B2F717B2DAE4EC9C/A16D1040299E11F0A0371BECDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.206.131.0/24
Signature Algorithm: sha256WithRSAEncryption
20:9b:08:6b:16:3d:8e:5b:ad:48:8f:43:3d:63:db:86:ec:59:
81:bd:48:a8:fc:87:dc:9f:59:07:7f:76:e5:3e:b2:aa:a5:39:
e7:1d:e7:42:70:07:09:5e:91:fb:38:a6:f3:a2:a7:f8:a3:03:
99:aa:a5:2e:14:30:06:4d:ef:41:b6:84:c7:81:ec:ff:db:8e:
ef:9e:d9:11:e2:d3:b2:8f:2d:aa:72:50:b7:bf:67:9e:ba:00:
30:ea:6d:ac:6e:2e:6b:7a:43:cb:0d:1d:4b:14:64:5c:33:93:
8b:77:95:08:08:3e:67:5a:46:e3:84:29:3b:4b:47:eb:cd:68:
9e:98:ae:bd:40:bd:15:35:24:13:5a:53:5c:a5:ca:85:ab:24:
23:15:5d:ec:63:8a:36:23:a6:ef:14:ac:ec:f1:12:a1:f9:72:
e0:7d:94:29:ce:50:f0:66:3a:b4:ed:36:5a:3c:28:01:01:fd:
0b:b9:fb:86:75:ea:0a:4a:9e:5e:3d:cc:d8:a0:47:30:de:40:
df:72:44:9e:20:6c:58:c0:8a:90:12:54:17:26:80:d9:a8:aa:
96:49:fb:06:f2:37:5e:a5:fa:97:71:0f:e9:aa:de:42:97:e8:
69:1b:46:b6:e7:f1:d3:ff:09:b7:af:0d:a6:0f:41:3e:e8:51:
85:8e:c1:88
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBETANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzYz
NEYxQkFGMTEwLwYDVQQFEyg0OUI0RDYxOTA5NUQ5NDMyQUY2NDYwODUzRTE0N0JF
RjVEMUM0OEIwMB4XDTI1MDUwNTEwNDkzMFoXDTI2MDUwNjEwNDkzMFowGDEWMBQG
A1UEAxMNNjgxODk3YmUtNWU1OTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALsaUykUx13CHwkR8cVJCR8/+uy4lFW56e2euNw9lsGAH9JPljvBaRePbulN
R8kghZyWQmbMCOKm03FB9Us0zd0Y/nO78dEtXBik6FuyUOwWZrT3qO5MHkJcT50V
bLKNUP0CqPiQ6Q2E2MZuEwUnUIxzfyc4Ofm0HQQJnA+AhFwomqPcRZtvUSEYSHGd
3aSItPDH3Pn0ofoqKv8oJqg/t2sQQmXom7NjFbnj1I4PtqcQjN+/27e8iXm0KSCF
86K6ocS1qmyT2XRJx2R17cIowzDw91ZoGDmN5c/J1ozmP1FNTelBefn4vyFvcoLY
n6C4qgNAuTeFolFgL92eXtC9/3UCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBQ4G/+w
TuzydYHGhipXpU8PLga72TAfBgNVHSMEGDAWgBRJtNYZCV2UMq9kYIU+FHvvXRxI
sDAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2MzRGMUIvQTEzM0MzMkEyOTk1MTFGMEIyRjcxN0IyREFFNEVDOUMvU2JUV0dR
bGRsREt2WkdDRlBoUjc3MTBjU0xBLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvU2JUV0dRbGRsREt2WkdDRlBoUjc3MTBjU0xBLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2MzRGMUIvQTEzM0MzMkEyOTk1MTFGMEIyRjcxN0IyREFF
NEVDOUMvQTE2RDEwNDAyOTlFMTFGMEEwMzcxQkVDREFFNEVDOUMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAGbOgzANBgkqhkiG9w0BAQsF
AAOCAQEAIJsIaxY9jlutSI9DPWPbhuxZgb1IqPyH3J9ZB3925T6yqqU55x3nQnAH
CV6R+zim86Kn+KMDmaqlLhQwBk3vQbaEx4Hs/9uO757ZEeLTso8tqnJQt79nnroA
MOptrG4ua3pDyw0dSxRkXDOTi3eVCAg+Z1pG44QpO0tH681onpiuvUC9FTUkE1pT
XKXKhaskIxVd7GOKNiOm7xSs7PESofly4H2UKc5Q8GY6tO02WjwoAQH9C7n7hnXq
CkqeXj3M2KBHMN5A33JEniBsWMCKkBJUFyaA2aiqlkn7BvI3XqX6l3EP6areQpfo
aRtGtufx0/8Jt68Npg9BPuhRhY7BiA==
-----END CERTIFICATE-----
Generated at Fri May 9 10:19:50 2025 by rpki-client