Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F363BA19/0E7F1DF6962A11EC8671E6E05A40D577/843B1B4A2B1811F095AF0DCFDAE4EC9C.roa
File: 843B1B4A2B1811F095AF0DCFDAE4EC9C.roa (raw, json)
Hash identifier: WZ3qTR34NPknET/0ahRJSbrmN819ZLb/9ycvsZygkIM=
Subject key identifier: 61:D8:E9:4C:C0:7A:BD:DE:DA:48:0F:1D:1F:7C:10:D6:62:0E:F7:89
Certificate issuer: /CN=F363BA19AF/serialNumber=6AEA24B099C32B22E4E48BB9F26CF578BEF6BFF3
Certificate serial: 09E2
Authority key identifier: 6A:EA:24:B0:99:C3:2B:22:E4:E4:8B:B9:F2:6C:F5:78:BE:F6:BF:F3
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/auoksJnDKyLk5Iu58mz1eL72v_M.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F363BA19/0E7F1DF6962A11EC8671E6E05A40D577/843B1B4A2B1811F095AF0DCFDAE4EC9C.roa
Signing time: Wed 07 May 2025 07:54:35 +0000
ROA not before: Wed 07 May 2025 07:54:30 +0000
ROA not after: Thu 01 Jan 2026 07:54:30 +0000
asID: 213659
IP address blocks: 102.135.27.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F363BA19/0E7F1DF6962A11EC8671E6E05A40D577/auoksJnDKyLk5Iu58mz1eL72v_M.crl
rsync://rpki.afrinic.net/repository/member_repository/F363BA19/0E7F1DF6962A11EC8671E6E05A40D577/auoksJnDKyLk5Iu58mz1eL72v_M.mft
rsync://rpki.afrinic.net/repository/afrinic/auoksJnDKyLk5Iu58mz1eL72v_M.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 12 May 2025 00:07:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2530 (0x9e2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F363BA19AF, serialNumber=6AEA24B099C32B22E4E48BB9F26CF578BEF6BFF3
Validity
Not Before: May 7 07:54:30 2025 GMT
Not After : Jan 1 07:54:30 2026 GMT
Subject: CN=681b11bb-7a54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:e9:d9:53:36:11:67:91:e0:95:d3:28:7a:df:
02:d6:77:f5:cb:4a:bc:1f:83:a3:b9:79:ec:e2:c4:
7b:33:9c:69:27:b0:5c:6b:0c:44:d3:74:26:bd:ee:
54:66:bd:2b:39:7b:5c:14:7a:62:b7:e5:a7:25:1b:
2f:a4:48:eb:9c:9d:c4:07:00:70:75:f8:02:0e:02:
e3:26:ef:bf:24:12:8a:b8:2c:58:c2:9c:43:a8:fe:
e2:0b:67:5a:fc:d6:7e:49:a7:39:1e:0b:e0:7e:ca:
28:bb:c7:b5:0d:13:c0:e8:44:ad:9b:59:44:16:e5:
de:9c:ad:28:01:cf:49:b6:d3:fa:6d:99:b9:58:2a:
ca:2d:f5:49:81:1c:eb:03:19:ec:49:ae:e9:cb:ca:
bb:40:d0:ba:d9:09:d6:4c:8f:32:13:73:0b:ee:25:
f9:3f:ce:f0:41:f4:fa:8d:93:76:fb:1d:b1:83:4a:
58:a3:6f:c4:f8:d9:86:9f:37:ba:77:0c:1e:cf:3a:
20:2d:5f:1e:91:d0:47:e3:2c:34:86:27:80:a5:4e:
8e:b0:b2:cd:77:fd:39:78:4e:df:77:6f:ac:71:c7:
3d:6e:4b:c0:44:21:cb:5f:83:ae:e5:ea:f5:f5:83:
6e:93:67:b6:80:4a:fc:e2:72:c2:f8:b2:bb:5e:61:
87:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:D8:E9:4C:C0:7A:BD:DE:DA:48:0F:1D:1F:7C:10:D6:62:0E:F7:89
X509v3 Authority Key Identifier:
keyid:6A:EA:24:B0:99:C3:2B:22:E4:E4:8B:B9:F2:6C:F5:78:BE:F6:BF:F3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F363BA19/0E7F1DF6962A11EC8671E6E05A40D577/auoksJnDKyLk5Iu58mz1eL72v_M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/auoksJnDKyLk5Iu58mz1eL72v_M.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F363BA19/0E7F1DF6962A11EC8671E6E05A40D577/843B1B4A2B1811F095AF0DCFDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.135.27.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:94:d1:11:98:ef:b7:69:a1:6a:62:8a:b2:a1:c3:1d:a4:6c:
1d:89:9f:1b:49:0b:7f:e3:3d:33:c0:cb:e5:47:35:a2:e1:0f:
72:37:c4:a4:66:30:87:4a:27:5d:44:5d:d4:1a:ab:4b:7d:ac:
3e:85:3e:32:64:e5:79:34:14:03:6e:dc:53:5c:c3:9d:64:ee:
3a:a0:71:0c:91:26:60:38:e9:e0:d0:7a:b3:2f:68:42:1e:88:
5d:22:cf:e1:af:49:f5:0b:3e:57:3c:2e:64:2d:0f:55:9a:cc:
b2:6d:5c:bc:10:f8:c9:34:3a:ff:5a:44:a8:55:f9:62:b1:62:
b2:97:46:31:bc:4c:bd:d5:2a:35:74:26:37:01:82:53:69:c5:
3d:29:da:72:10:00:9d:b0:31:60:22:df:0b:58:60:56:2b:bc:
c8:e7:2c:54:f5:db:37:07:d7:1b:81:3f:ee:04:87:34:1f:a2:
db:d6:ee:0b:22:73:f4:b9:33:eb:b7:68:d6:8c:ed:ce:92:13:
19:74:73:93:43:2b:0d:a4:c7:c9:fe:a2:90:49:6e:24:09:9d:
29:59:00:38:25:fb:30:fe:ee:cd:61:42:64:2d:20:88:24:25:
69:a3:5d:74:84:0f:c1:c8:54:66:91:f5:4a:cc:53:85:9d:8e:
6f:b2:49:08
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICCeIwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
M0JBMTlBRjExMC8GA1UEBRMoNkFFQTI0QjA5OUMzMkIyMkU0RTQ4QkI5RjI2Q0Y1
NzhCRUY2QkZGMzAeFw0yNTA1MDcwNzU0MzBaFw0yNjAxMDEwNzU0MzBaMBgxFjAU
BgNVBAMTDTY4MWIxMWJiLTdhNTQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCq6dlTNhFnkeCV0yh63wLWd/XLSrwfg6O5eezixHsznGknsFxrDETTdCa9
7lRmvSs5e1wUemK35aclGy+kSOucncQHAHB1+AIOAuMm778kEoq4LFjCnEOo/uIL
Z1r81n5JpzkeC+B+yii7x7UNE8DoRK2bWUQW5d6crSgBz0m20/ptmblYKsot9UmB
HOsDGexJrunLyrtA0LrZCdZMjzITcwvuJfk/zvBB9PqNk3b7HbGDSlijb8T42Yaf
N7p3DB7POiAtXx6R0EfjLDSGJ4ClTo6wss13/Tl4Tt93b6xxxz1uS8BEIctfg67l
6vX1g26TZ7aASvzicsL4srteYYdzAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUYdjp
TMB6vd7aSA8dH3wQ1mIO94kwHwYDVR0jBBgwFoAUauoksJnDKyLk5Iu58mz1eL72
v/MwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjNCQTE5LzBFN0YxREY2OTYyQTExRUM4NjcxRTZFMDVBNDBENTc3L2F1b2tz
Sm5ES3lMazVJdTU4bXoxZUw3MnZfTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL2F1b2tzSm5ES3lMazVJdTU4bXoxZUw3MnZfTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjNCQTE5LzBFN0YxREY2OTYyQTExRUM4NjcxRTZFMDVB
NDBENTc3Lzg0M0IxQjRBMkIxODExRjA5NUFGMERDRkRBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABmhxswDQYJKoZIhvcNAQEL
BQADggEBAAyU0RGY77dpoWpiirKhwx2kbB2JnxtJC3/jPTPAy+VHNaLhD3I3xKRm
MIdKJ11EXdQaq0t9rD6FPjJk5Xk0FANu3FNcw51k7jqgcQyRJmA46eDQerMvaEIe
iF0iz+GvSfULPlc8LmQtD1WazLJtXLwQ+Mk0Ov9aRKhV+WKxYrKXRjG8TL3VKjV0
JjcBglNpxT0p2nIQAJ2wMWAi3wtYYFYrvMjnLFT12zcH1xuBP+4EhzQfotvW7gsi
c/S5M+u3aNaM7c6SExl0c5NDKw2kx8n+opBJbiQJnSlZADgl+zD+7s1hQmQtIIgk
JWmjXXSED8HIVGaR9UrMU4Wdjm+ySQg=
-----END CERTIFICATE-----
Generated at Sat May 10 20:04:20 2025 by rpki-client