Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F363DCF2/8827F5DCDCBE11EFB15840BB762E951A/201348D2210D11F0ABE7E991DAE4EC9C.roa
File: 201348D2210D11F0ABE7E991DAE4EC9C.roa (raw, json)
Hash identifier: LUo+fZ8ICythu7NN9JfJV1LkDsZAEGtwMfGmobKx8es=
Subject key identifier: BD:6E:B5:77:14:8F:EE:C8:39:D5:BC:46:4B:E2:15:2D:D2:DE:7A:40
Certificate issuer: /CN=F363DCF2AF/serialNumber=244692DAC62184E4C88357A526AB9C66F94A4C7E
Certificate serial: 5D
Authority key identifier: 24:46:92:DA:C6:21:84:E4:C8:83:57:A5:26:AB:9C:66:F9:4A:4C:7E
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JEaS2sYhhOTIg1elJqucZvlKTH4.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F363DCF2/8827F5DCDCBE11EFB15840BB762E951A/201348D2210D11F0ABE7E991DAE4EC9C.roa
Signing time: Thu 24 Apr 2025 13:07:51 +0000
ROA not before: Thu 24 Apr 2025 13:07:46 +0000
ROA not after: Mon 31 Dec 2035 13:07:46 +0000
asID: 30992
IP address blocks: 196.202.232.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F363DCF2/8827F5DCDCBE11EFB15840BB762E951A/JEaS2sYhhOTIg1elJqucZvlKTH4.crl
rsync://rpki.afrinic.net/repository/member_repository/F363DCF2/8827F5DCDCBE11EFB15840BB762E951A/JEaS2sYhhOTIg1elJqucZvlKTH4.mft
rsync://rpki.afrinic.net/repository/afrinic/JEaS2sYhhOTIg1elJqucZvlKTH4.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 12 May 2025 00:07:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 93 (0x5d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F363DCF2AF, serialNumber=244692DAC62184E4C88357A526AB9C66F94A4C7E
Validity
Not Before: Apr 24 13:07:46 2025 GMT
Not After : Dec 31 13:07:46 2035 GMT
Subject: CN=680a37a7-1c6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:b3:b1:d8:5c:d6:5f:f1:65:ca:c2:da:37:72:
b9:94:ed:b1:dd:dc:e5:3e:f6:19:2f:37:ee:bf:8e:
47:d0:76:7d:c7:1b:bc:b5:8c:89:fc:2a:29:e7:17:
40:3c:14:c9:55:dd:f5:60:b7:d3:df:db:2d:e5:3d:
74:f6:2e:c5:e0:43:be:16:c2:1f:97:f4:46:80:85:
ad:66:2e:61:70:ad:0c:72:7d:8e:64:02:2d:90:c6:
fa:a6:17:3e:ff:a0:c7:8b:a9:28:ed:fe:49:85:fe:
c7:ff:b2:f5:39:b5:c5:d2:a0:cd:53:79:61:e2:d5:
1b:4f:b1:52:fa:14:d2:d7:e3:90:ae:fa:a3:e4:da:
e7:63:f5:f2:c0:89:bb:47:00:63:e0:d7:e9:d9:cf:
82:27:2c:13:d1:65:37:42:36:72:ca:9b:7e:e3:ce:
c7:a3:a9:d7:47:30:b7:c1:b9:61:e0:c6:c7:9a:b3:
d5:de:2c:40:2d:b5:08:ea:39:f1:3e:e9:c6:1a:44:
c6:76:e6:d6:24:52:62:d9:de:59:20:8f:eb:4a:47:
5a:4e:f8:48:a4:93:27:fd:63:94:56:eb:a2:a8:46:
aa:ef:bc:f6:c3:f8:91:30:e8:fe:07:8c:fc:d9:77:
34:a2:dc:94:97:9c:d8:ee:fa:24:a5:fa:d7:54:ee:
eb:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:6E:B5:77:14:8F:EE:C8:39:D5:BC:46:4B:E2:15:2D:D2:DE:7A:40
X509v3 Authority Key Identifier:
keyid:24:46:92:DA:C6:21:84:E4:C8:83:57:A5:26:AB:9C:66:F9:4A:4C:7E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F363DCF2/8827F5DCDCBE11EFB15840BB762E951A/JEaS2sYhhOTIg1elJqucZvlKTH4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JEaS2sYhhOTIg1elJqucZvlKTH4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F363DCF2/8827F5DCDCBE11EFB15840BB762E951A/201348D2210D11F0ABE7E991DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
196.202.232.0/21
Signature Algorithm: sha256WithRSAEncryption
12:a2:43:2a:0a:66:71:4a:0d:62:d1:10:25:b3:09:12:ef:8e:
01:39:78:96:98:9a:b0:f1:6b:fe:7f:0f:f5:7f:09:c6:04:41:
12:9f:11:12:90:7f:da:79:95:e1:fb:bb:81:68:4a:b0:3d:f5:
12:43:fd:75:c6:41:01:b2:7b:40:8b:de:14:40:af:8d:b7:8e:
b6:2c:d4:ea:34:e9:aa:b0:d2:af:b0:ce:4d:aa:fb:01:5b:56:
d5:92:73:3f:31:46:ee:a3:bf:bd:3e:89:69:bc:ca:bf:da:72:
b7:85:a4:c2:08:e3:1f:ea:8f:f6:93:5c:88:eb:a8:06:cd:a3:
b3:61:29:60:5f:f7:85:4f:9e:96:8e:a7:e9:eb:50:99:86:4f:
a6:ec:e5:67:69:c6:d2:09:19:ef:79:db:87:d6:29:fa:e3:66:
5d:72:fb:72:98:63:91:07:ae:cf:dc:0f:cb:93:9c:2a:5d:12:
74:54:16:3a:21:31:d3:21:df:a6:2b:b4:79:f4:3e:bd:b4:61:
c0:0a:32:89:00:50:08:44:eb:6e:b3:f7:25:8b:d8:eb:4e:b9:
4e:1b:d9:f1:8c:55:9b:31:d9:d2:b1:47:59:89:cb:cc:c8:36:
ef:ff:dd:1c:7c:08:c5:ed:ff:bd:d6:9f:a2:75:e1:b9:7b:4d:
6a:ec:aa:7a
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBXTANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzYz
RENGMkFGMTEwLwYDVQQFEygyNDQ2OTJEQUM2MjE4NEU0Qzg4MzU3QTUyNkFCOUM2
NkY5NEE0QzdFMB4XDTI1MDQyNDEzMDc0NloXDTM1MTIzMTEzMDc0NlowGDEWMBQG
A1UEAxMNNjgwYTM3YTctMWM2ZjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK+zsdhc1l/xZcrC2jdyuZTtsd3c5T72GS837r+OR9B2fccbvLWMifwqKecX
QDwUyVXd9WC309/bLeU9dPYuxeBDvhbCH5f0RoCFrWYuYXCtDHJ9jmQCLZDG+qYX
Pv+gx4upKO3+SYX+x/+y9Tm1xdKgzVN5YeLVG0+xUvoU0tfjkK76o+Ta52P18sCJ
u0cAY+DX6dnPgicsE9FlN0I2csqbfuPOx6Op10cwt8G5YeDGx5qz1d4sQC21COo5
8T7pxhpExnbm1iRSYtneWSCP60pHWk74SKSTJ/1jlFbroqhGqu+89sP4kTDo/geM
/Nl3NKLclJec2O76JKX611Tu60sCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBS9brV3
FI/uyDnVvEZL4hUt0t56QDAfBgNVHSMEGDAWgBQkRpLaxiGE5MiDV6Umq5xm+UpM
fjAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2M0RDRjIvODgyN0Y1RENEQ0JFMTFFRkIxNTg0MEJCNzYyRTk1MUEvSkVhUzJz
WWhoT1RJZzFlbEpxdWNadmxLVEg0LmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvSkVhUzJzWWhoT1RJZzFlbEpxdWNadmxLVEg0LmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2M0RDRjIvODgyN0Y1RENEQ0JFMTFFRkIxNTg0MEJCNzYy
RTk1MUEvMjAxMzQ4RDIyMTBEMTFGMEFCRTdFOTkxREFFNEVDOUMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA8TK6DANBgkqhkiG9w0BAQsF
AAOCAQEAEqJDKgpmcUoNYtEQJbMJEu+OATl4lpiasPFr/n8P9X8JxgRBEp8REpB/
2nmV4fu7gWhKsD31EkP9dcZBAbJ7QIveFECvjbeOtizU6jTpqrDSr7DOTar7AVtW
1ZJzPzFG7qO/vT6JabzKv9pyt4WkwgjjH+qP9pNciOuoBs2js2EpYF/3hU+elo6n
6etQmYZPpuzlZ2nG0gkZ73nbh9Yp+uNmXXL7cphjkQeuz9wPy5OcKl0SdFQWOiEx
0yHfpiu0efQ+vbRhwAoyiQBQCETrbrP3JYvY6065ThvZ8YxVmzHZ0rFHWYnLzMg2
7//dHHwIxe3/vdafonXhuXtNauyqeg==
-----END CERTIFICATE-----
Generated at Sat May 10 18:18:44 2025 by rpki-client