Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3634F1B/A133C32A299511F0B2F717B2DAE4EC9C/C5A5AC4229B211F0881C16EFDAE4EC9C.roa
File: C5A5AC4229B211F0881C16EFDAE4EC9C.roa (raw, json)
Hash identifier: 2J30cLTQTWAiY7lgicRA7cWnsPM0f3v7LmXj0giF2nM=
Subject key identifier: F3:34:0E:72:E3:C5:09:C8:BD:9A:34:43:86:18:AA:82:A6:5A:92:77
Certificate issuer: /CN=F3634F1BAF/serialNumber=49B4D619095D9432AF6460853E147BEF5D1C48B0
Certificate serial: 19
Authority key identifier: 49:B4:D6:19:09:5D:94:32:AF:64:60:85:3E:14:7B:EF:5D:1C:48:B0
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/SbTWGQldlDKvZGCFPhR7710cSLA.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3634F1B/A133C32A299511F0B2F717B2DAE4EC9C/C5A5AC4229B211F0881C16EFDAE4EC9C.roa
Signing time: Mon 05 May 2025 13:13:45 +0000
ROA not before: Mon 05 May 2025 13:13:40 +0000
ROA not after: Wed 06 May 2026 13:13:40 +0000
asID: 328939
IP address blocks: 102.218.91.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3634F1B/A133C32A299511F0B2F717B2DAE4EC9C/SbTWGQldlDKvZGCFPhR7710cSLA.crl
rsync://rpki.afrinic.net/repository/member_repository/F3634F1B/A133C32A299511F0B2F717B2DAE4EC9C/SbTWGQldlDKvZGCFPhR7710cSLA.mft
rsync://rpki.afrinic.net/repository/afrinic/SbTWGQldlDKvZGCFPhR7710cSLA.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 08 May 2025 00:06:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 25 (0x19)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3634F1BAF, serialNumber=49B4D619095D9432AF6460853E147BEF5D1C48B0
Validity
Not Before: May 5 13:13:40 2025 GMT
Not After : May 6 13:13:40 2026 GMT
Subject: CN=6818b989-42e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:7d:c2:88:a3:be:1c:06:b7:78:87:51:a5:8b:
8d:bf:ee:13:74:0b:b8:58:2c:f1:59:fe:e8:e4:58:
8f:14:1b:7c:d2:02:3c:85:25:d0:fc:88:04:70:32:
08:07:9a:83:48:93:7a:b9:3b:a6:01:75:02:ea:4f:
17:b1:0e:24:d2:19:4a:fd:9a:d1:03:17:af:0c:3e:
b4:f2:e7:b2:69:01:21:f1:43:e5:6a:d7:20:dc:d5:
33:e7:84:81:83:db:32:36:9f:b6:ee:51:cb:c9:d2:
86:93:12:e3:e1:55:ea:fa:9e:09:c8:b9:b5:e0:a4:
40:cf:a9:7d:c1:f1:56:ed:3b:2f:51:3b:74:6a:49:
f9:9f:51:33:15:c7:25:22:72:d9:7a:67:e4:1b:d4:
7e:07:62:50:bb:14:b8:ee:f3:f7:00:c2:21:89:88:
9f:ee:d2:46:49:b3:fc:b9:e0:3f:fd:4f:bd:d2:26:
7e:7e:eb:c2:14:22:f6:75:30:cc:a4:9a:61:1e:37:
1a:9d:83:27:1e:95:9a:a5:52:79:20:9c:ee:ca:ab:
24:84:dd:11:bc:82:dc:54:8b:d0:2d:02:a0:98:f6:
b7:f0:d3:bb:76:4b:ae:a0:64:f2:fe:bb:91:df:a8:
36:68:b3:c3:40:de:28:9b:eb:97:26:4a:26:e0:5d:
87:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:34:0E:72:E3:C5:09:C8:BD:9A:34:43:86:18:AA:82:A6:5A:92:77
X509v3 Authority Key Identifier:
keyid:49:B4:D6:19:09:5D:94:32:AF:64:60:85:3E:14:7B:EF:5D:1C:48:B0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3634F1B/A133C32A299511F0B2F717B2DAE4EC9C/SbTWGQldlDKvZGCFPhR7710cSLA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/SbTWGQldlDKvZGCFPhR7710cSLA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3634F1B/A133C32A299511F0B2F717B2DAE4EC9C/C5A5AC4229B211F0881C16EFDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.218.91.0/24
Signature Algorithm: sha256WithRSAEncryption
65:c0:b1:7d:1c:7e:09:2f:78:a0:ea:76:1e:d4:e7:85:92:13:
37:0d:d8:cc:41:cd:04:8e:76:6e:d7:96:bb:cf:4c:90:17:ba:
9f:cb:df:7c:b1:c8:7d:74:c6:72:83:80:29:e0:c6:5f:82:6c:
66:e2:fd:ed:e1:4f:b5:fe:f0:56:8c:c3:6a:55:35:e3:2a:0f:
13:64:da:d9:a7:bd:37:93:18:93:fe:5e:15:50:6f:90:a1:41:
47:1d:75:4f:5f:c3:7e:cc:d6:cd:c8:d3:cc:ea:a6:4a:a5:45:
c5:c1:e1:6c:e8:43:99:97:05:d6:4e:9e:f9:fd:89:ed:5e:0f:
b0:33:94:34:be:ec:27:3f:80:ad:e3:67:fc:47:2e:f5:95:ff:
1b:87:ff:4b:f7:30:b6:31:7f:0c:41:dd:ed:8b:e5:cd:03:59:
c9:3b:97:ed:45:36:41:16:25:f6:3f:f3:58:1b:d0:02:b4:fa:
02:8d:0f:fa:f9:52:d2:2d:66:7a:ed:c9:be:48:9f:37:c4:dc:
af:db:d8:19:d8:62:5d:5b:a3:47:5e:41:e6:e3:70:49:50:93:
1a:e4:54:77:d2:af:3e:15:42:7c:28:73:83:ef:d5:40:1e:96:
88:2e:fb:ee:a3:fb:46:8b:e1:57:43:5a:9b:22:c8:26:10:b4:
cf:ba:3c:74
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBGTANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzYz
NEYxQkFGMTEwLwYDVQQFEyg0OUI0RDYxOTA5NUQ5NDMyQUY2NDYwODUzRTE0N0JF
RjVEMUM0OEIwMB4XDTI1MDUwNTEzMTM0MFoXDTI2MDUwNjEzMTM0MFowGDEWMBQG
A1UEAxMNNjgxOGI5ODktNDJlODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK19woijvhwGt3iHUaWLjb/uE3QLuFgs8Vn+6ORYjxQbfNICPIUl0PyIBHAy
CAeag0iTerk7pgF1AupPF7EOJNIZSv2a0QMXrww+tPLnsmkBIfFD5WrXINzVM+eE
gYPbMjaftu5Ry8nShpMS4+FV6vqeCci5teCkQM+pfcHxVu07L1E7dGpJ+Z9RMxXH
JSJy2Xpn5BvUfgdiULsUuO7z9wDCIYmIn+7SRkmz/LngP/1PvdImfn7rwhQi9nUw
zKSaYR43Gp2DJx6VmqVSeSCc7sqrJITdEbyC3FSL0C0CoJj2t/DTu3ZLrqBk8v67
kd+oNmizw0DeKJvrlyZKJuBdhzcCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBTzNA5y
48UJyL2aNEOGGKqCplqSdzAfBgNVHSMEGDAWgBRJtNYZCV2UMq9kYIU+FHvvXRxI
sDAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2MzRGMUIvQTEzM0MzMkEyOTk1MTFGMEIyRjcxN0IyREFFNEVDOUMvU2JUV0dR
bGRsREt2WkdDRlBoUjc3MTBjU0xBLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvU2JUV0dRbGRsREt2WkdDRlBoUjc3MTBjU0xBLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2MzRGMUIvQTEzM0MzMkEyOTk1MTFGMEIyRjcxN0IyREFF
NEVDOUMvQzVBNUFDNDIyOUIyMTFGMDg4MUMxNkVGREFFNEVDOUMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAGbaWzANBgkqhkiG9w0BAQsF
AAOCAQEAZcCxfRx+CS94oOp2HtTnhZITNw3YzEHNBI52bteWu89MkBe6n8vffLHI
fXTGcoOAKeDGX4JsZuL97eFPtf7wVozDalU14yoPE2Ta2ae9N5MYk/5eFVBvkKFB
Rx11T1/DfszWzcjTzOqmSqVFxcHhbOhDmZcF1k6e+f2J7V4PsDOUNL7sJz+AreNn
/Ecu9ZX/G4f/S/cwtjF/DEHd7YvlzQNZyTuX7UU2QRYl9j/zWBvQArT6Ao0P+vlS
0i1meu3JvkifN8Tcr9vYGdhiXVujR15B5uNwSVCTGuRUd9KvPhVCfChzg+/VQB6W
iC777qP7RovhV0NamyLIJhC0z7o8dA==
-----END CERTIFICATE-----
Generated at Tue May 6 16:17:44 2025 by rpki-client