Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3634F1B/A133C32A299511F0B2F717B2DAE4EC9C/E383333E299D11F0A8FCB4E5DAE4EC9C.roa
File: E383333E299D11F0A8FCB4E5DAE4EC9C.roa (raw, json)
Hash identifier: WNjVtEQEJnEB14WwlXqxjZdHQ29UrTDBkSgpJfcS8fE=
Subject key identifier: 75:5E:10:41:5C:BC:6E:24:A6:D7:D1:1B:F5:5D:7A:77:9E:9F:FF:29
Certificate issuer: /CN=F3634F1BAF/serialNumber=49B4D619095D9432AF6460853E147BEF5D1C48B0
Certificate serial: 0C
Authority key identifier: 49:B4:D6:19:09:5D:94:32:AF:64:60:85:3E:14:7B:EF:5D:1C:48:B0
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/SbTWGQldlDKvZGCFPhR7710cSLA.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3634F1B/A133C32A299511F0B2F717B2DAE4EC9C/E383333E299D11F0A8FCB4E5DAE4EC9C.roa
Signing time: Mon 05 May 2025 10:44:16 +0000
ROA not before: Mon 05 May 2025 10:44:11 +0000
ROA not after: Tue 05 May 2026 10:44:11 +0000
asID: 328939
IP address blocks: 102.206.130.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3634F1B/A133C32A299511F0B2F717B2DAE4EC9C/SbTWGQldlDKvZGCFPhR7710cSLA.crl
rsync://rpki.afrinic.net/repository/member_repository/F3634F1B/A133C32A299511F0B2F717B2DAE4EC9C/SbTWGQldlDKvZGCFPhR7710cSLA.mft
rsync://rpki.afrinic.net/repository/afrinic/SbTWGQldlDKvZGCFPhR7710cSLA.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 10 May 2025 00:07:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 12 (0xc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3634F1BAF, serialNumber=49B4D619095D9432AF6460853E147BEF5D1C48B0
Validity
Not Before: May 5 10:44:11 2025 GMT
Not After : May 5 10:44:11 2026 GMT
Subject: CN=6818967f-7f94
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:67:7d:d3:72:0b:82:f5:07:bf:9c:f9:c7:f6:
90:e5:8d:4a:7d:18:d2:42:53:21:a5:4d:ac:95:2e:
d9:8a:44:01:89:f9:e0:a5:2b:be:55:61:32:ad:d3:
fb:91:c5:1d:ba:1d:81:c8:52:bd:1d:7a:ac:d0:6b:
7b:57:61:4c:bf:a6:71:6c:63:77:de:63:3b:61:5f:
9b:eb:3a:f5:e4:6e:57:57:89:1b:e9:46:32:05:6c:
83:c7:17:8a:4a:42:04:0d:7f:88:06:85:1b:e4:52:
dd:db:dd:1e:e4:63:99:f9:7a:80:34:e4:fc:90:86:
dd:5d:ff:c2:bc:c7:8b:c7:ba:c5:63:a1:40:b2:11:
de:df:a9:40:8f:14:71:c5:4c:50:21:70:bf:77:c5:
80:df:8b:fb:88:9a:64:74:13:92:6f:81:92:9b:8f:
a2:45:c3:d8:fc:37:bb:6f:62:0c:6a:fa:cc:31:d9:
d0:09:33:d9:a3:21:07:0d:4f:79:4f:9f:c4:25:39:
ec:28:0d:79:dd:74:e6:01:71:cf:73:af:d9:8f:aa:
a2:e2:7a:69:3d:d4:b5:f9:49:ab:df:2f:da:de:3d:
5e:a9:a4:3d:02:a9:ee:05:8b:3b:5c:0a:58:36:b6:
ff:dc:07:40:11:83:ad:84:49:26:87:e1:de:f2:4e:
41:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:5E:10:41:5C:BC:6E:24:A6:D7:D1:1B:F5:5D:7A:77:9E:9F:FF:29
X509v3 Authority Key Identifier:
keyid:49:B4:D6:19:09:5D:94:32:AF:64:60:85:3E:14:7B:EF:5D:1C:48:B0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3634F1B/A133C32A299511F0B2F717B2DAE4EC9C/SbTWGQldlDKvZGCFPhR7710cSLA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/SbTWGQldlDKvZGCFPhR7710cSLA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3634F1B/A133C32A299511F0B2F717B2DAE4EC9C/E383333E299D11F0A8FCB4E5DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.206.130.0/24
Signature Algorithm: sha256WithRSAEncryption
66:b8:60:72:02:01:71:a0:e1:70:af:2f:7f:ea:2a:e9:9e:3b:
38:83:72:47:0a:7f:0a:9a:78:f8:2b:15:bc:3e:06:e9:e8:00:
0e:53:35:c2:18:56:f6:5d:6d:7b:ff:6b:b1:10:c8:6e:16:8d:
ad:e5:c5:b9:20:10:cd:15:cc:01:53:7a:1b:3b:77:77:fa:91:
be:7c:4a:a1:4e:e8:44:fd:28:f6:84:f8:b6:19:94:a0:34:c3:
ff:f6:a7:fa:74:9a:a9:0c:4d:36:af:97:77:b3:0c:d0:d6:78:
2d:5a:f1:cf:c7:9f:34:38:50:32:9c:be:ed:37:a0:a3:c5:05:
d4:b8:f4:8d:ae:7f:58:af:97:fa:9e:b7:8b:eb:20:c1:41:92:
11:7f:1f:62:89:3f:5c:35:a6:22:4b:e8:2b:44:b6:00:43:1d:
2f:ee:9b:8f:9a:21:d2:c1:a3:2b:c9:76:14:08:87:ed:e9:db:
05:7e:ad:02:9d:34:1d:76:cc:50:09:63:4d:9d:aa:17:e5:49:
30:fd:60:ba:3b:73:68:41:62:06:e8:cc:8e:6e:a3:da:96:4f:
f7:ee:c7:33:33:13:54:a8:a6:9f:83:0a:75:84:1e:46:55:e9:
50:c2:55:b0:a9:64:cc:ed:c6:13:a1:4d:3b:be:4f:c1:58:ac:
65:4d:6e:80
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBDDANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzYz
NEYxQkFGMTEwLwYDVQQFEyg0OUI0RDYxOTA5NUQ5NDMyQUY2NDYwODUzRTE0N0JF
RjVEMUM0OEIwMB4XDTI1MDUwNTEwNDQxMVoXDTI2MDUwNTEwNDQxMVowGDEWMBQG
A1UEAxMNNjgxODk2N2YtN2Y5NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ1nfdNyC4L1B7+c+cf2kOWNSn0Y0kJTIaVNrJUu2YpEAYn54KUrvlVhMq3T
+5HFHbodgchSvR16rNBre1dhTL+mcWxjd95jO2Ffm+s69eRuV1eJG+lGMgVsg8cX
ikpCBA1/iAaFG+RS3dvdHuRjmfl6gDTk/JCG3V3/wrzHi8e6xWOhQLIR3t+pQI8U
ccVMUCFwv3fFgN+L+4iaZHQTkm+BkpuPokXD2Pw3u29iDGr6zDHZ0Akz2aMhBw1P
eU+fxCU57CgNed105gFxz3Ov2Y+qouJ6aT3UtflJq98v2t49XqmkPQKp7gWLO1wK
WDa2/9wHQBGDrYRJJofh3vJOQYkCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBR1XhBB
XLxuJKbX0Rv1XXp3np//KTAfBgNVHSMEGDAWgBRJtNYZCV2UMq9kYIU+FHvvXRxI
sDAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2MzRGMUIvQTEzM0MzMkEyOTk1MTFGMEIyRjcxN0IyREFFNEVDOUMvU2JUV0dR
bGRsREt2WkdDRlBoUjc3MTBjU0xBLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvU2JUV0dRbGRsREt2WkdDRlBoUjc3MTBjU0xBLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2MzRGMUIvQTEzM0MzMkEyOTk1MTFGMEIyRjcxN0IyREFF
NEVDOUMvRTM4MzMzM0UyOTlEMTFGMEE4RkNCNEU1REFFNEVDOUMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAGbOgjANBgkqhkiG9w0BAQsF
AAOCAQEAZrhgcgIBcaDhcK8vf+oq6Z47OINyRwp/Cpp4+CsVvD4G6egADlM1whhW
9l1te/9rsRDIbhaNreXFuSAQzRXMAVN6Gzt3d/qRvnxKoU7oRP0o9oT4thmUoDTD
//an+nSaqQxNNq+Xd7MM0NZ4LVrxz8efNDhQMpy+7Tego8UF1Lj0ja5/WK+X+p63
i+sgwUGSEX8fYok/XDWmIkvoK0S2AEMdL+6bj5oh0sGjK8l2FAiH7enbBX6tAp00
HXbMUAljTZ2qF+VJMP1gujtzaEFiBujMjm6j2pZP9+7HMzMTVKimn4MKdYQeRlXp
UMJVsKlkzO3GE6FNO75PwVisZU1ugA==
-----END CERTIFICATE-----
Generated at Thu May 8 16:44:52 2025 by rpki-client