Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36576E8/C3808986FC6111ECB17E22ABF1222468/B3EE18F22BD011F08A7C27A2DAE4EC9C.roa
File: B3EE18F22BD011F08A7C27A2DAE4EC9C.roa (raw, json)
Hash identifier: LA8q+uNhXBWE2SjasyXDN1aUvOktsdxT0z0WdJkFsK8=
Subject key identifier: 3A:70:D4:1E:E1:81:B1:9F:00:2B:7C:8C:54:17:98:42:2E:7E:B7:59
Certificate issuer: /CN=F36576E8AF/serialNumber=DBF68C9C5C01D68EBC0C90DEE4C0749DA23A2FD6
Certificate serial: 043D
Authority key identifier: DB:F6:8C:9C:5C:01:D6:8E:BC:0C:90:DE:E4:C0:74:9D:A2:3A:2F:D6
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/2_aMnFwB1o68DJDe5MB0naI6L9Y.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36576E8/C3808986FC6111ECB17E22ABF1222468/B3EE18F22BD011F08A7C27A2DAE4EC9C.roa
Signing time: Thu 08 May 2025 05:53:02 +0000
ROA not before: Thu 08 May 2025 05:52:58 +0000
ROA not after: Tue 08 May 2035 05:52:58 +0000
asID: 327991
IP address blocks: 102.206.216.0/22 maxlen: 22
2c0f:ec48::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36576E8/C3808986FC6111ECB17E22ABF1222468/2_aMnFwB1o68DJDe5MB0naI6L9Y.crl
rsync://rpki.afrinic.net/repository/member_repository/F36576E8/C3808986FC6111ECB17E22ABF1222468/2_aMnFwB1o68DJDe5MB0naI6L9Y.mft
rsync://rpki.afrinic.net/repository/afrinic/2_aMnFwB1o68DJDe5MB0naI6L9Y.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 20 May 2025 00:06:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1085 (0x43d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36576E8AF, serialNumber=DBF68C9C5C01D68EBC0C90DEE4C0749DA23A2FD6
Validity
Not Before: May 8 05:52:58 2025 GMT
Not After : May 8 05:52:58 2035 GMT
Subject: CN=681c46be-620b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:eb:3b:64:10:a5:16:ed:01:a3:58:4d:46:57:
ab:90:0f:b2:96:e1:80:d0:74:6f:39:9a:38:03:59:
39:f6:81:e2:5a:e2:40:fd:b5:fc:7f:12:2b:6d:e5:
88:f3:9b:3f:ea:2a:6e:0e:de:b2:63:f3:d8:27:38:
8c:d2:f9:66:48:95:30:d4:de:11:93:bd:80:a4:fc:
e2:fd:1e:9e:29:c1:18:ef:ef:57:e8:2c:f6:46:22:
7b:64:23:31:4f:a0:25:19:62:a4:95:1a:7a:b7:db:
be:c9:03:4a:9f:46:17:27:d1:a1:36:e3:ce:b7:88:
d3:39:80:40:0a:7d:f7:36:b5:a5:a3:05:de:3d:34:
95:7c:b7:b9:cb:41:8f:0f:8b:03:54:9c:3a:5a:00:
84:9d:63:2d:1a:41:e7:4d:39:5c:a6:71:9f:02:57:
d4:40:e8:87:52:b8:5f:a1:68:c1:e7:ea:46:65:30:
3c:d4:39:55:df:bd:64:89:52:ee:4c:46:24:f6:26:
69:c8:fb:68:01:de:7c:4d:6d:82:2b:6f:55:d7:8d:
7f:60:97:7e:b6:1d:b5:e3:80:56:5d:dd:9f:8b:42:
76:5c:ff:67:58:43:1a:20:1b:17:b9:cc:4e:1d:f8:
ea:0b:40:b7:bf:dd:76:c5:1c:89:60:82:93:bf:fb:
a6:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:70:D4:1E:E1:81:B1:9F:00:2B:7C:8C:54:17:98:42:2E:7E:B7:59
X509v3 Authority Key Identifier:
keyid:DB:F6:8C:9C:5C:01:D6:8E:BC:0C:90:DE:E4:C0:74:9D:A2:3A:2F:D6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36576E8/C3808986FC6111ECB17E22ABF1222468/2_aMnFwB1o68DJDe5MB0naI6L9Y.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/2_aMnFwB1o68DJDe5MB0naI6L9Y.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36576E8/C3808986FC6111ECB17E22ABF1222468/B3EE18F22BD011F08A7C27A2DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.206.216.0/22
IPv6:
2c0f:ec48::/32
Signature Algorithm: sha256WithRSAEncryption
1d:2f:92:a0:35:c4:b1:5b:31:03:d2:ad:47:f8:3b:3f:5d:3f:
b7:5f:c9:8c:a1:5e:e2:5c:7d:d4:be:07:a8:a0:8c:42:ae:66:
3e:1c:41:51:7a:e3:d5:0f:39:54:90:d5:9a:54:bf:9c:53:59:
7a:11:d3:b2:48:d4:d9:20:a9:2c:10:c7:fe:5c:33:91:ad:97:
6b:b5:50:9a:02:56:d1:ef:35:24:65:94:b5:55:b5:c9:01:30:
e0:49:ef:ab:ff:2e:28:5c:4c:8a:f2:32:ae:57:dd:0c:62:cd:
9c:7e:5e:a8:a9:7e:d0:6c:1d:f6:80:53:02:6c:ca:25:18:12:
cd:aa:53:09:3d:70:62:27:3d:ca:6e:c1:f6:2b:ab:f1:80:7a:
68:27:0c:3d:0d:7e:b1:8d:22:6d:ee:5d:45:e4:0a:a8:86:6f:
e3:c6:8b:01:96:84:b3:50:69:4c:8c:34:1a:07:f7:2f:5e:ee:
01:fa:21:9a:1f:57:57:89:66:ec:5f:a8:30:22:51:d3:16:36:
54:5c:80:6f:f7:c0:bf:b2:81:32:5d:e0:f9:ae:7d:34:ab:ec:
23:8a:68:84:7c:44:70:2c:a4:b3:4f:c4:f1:ad:7b:d7:77:79:
13:08:2b:e2:61:54:21:ad:65:47:a9:ee:b5:e4:af:0c:e0:6f:
2f:46:5d:bf
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgICBD0wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
NTc2RThBRjExMC8GA1UEBRMoREJGNjhDOUM1QzAxRDY4RUJDMEM5MERFRTRDMDc0
OURBMjNBMkZENjAeFw0yNTA1MDgwNTUyNThaFw0zNTA1MDgwNTUyNThaMBgxFjAU
BgNVBAMTDTY4MWM0NmJlLTYyMGIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDI6ztkEKUW7QGjWE1GV6uQD7KW4YDQdG85mjgDWTn2geJa4kD9tfx/Eitt
5Yjzmz/qKm4O3rJj89gnOIzS+WZIlTDU3hGTvYCk/OL9Hp4pwRjv71foLPZGIntk
IzFPoCUZYqSVGnq3277JA0qfRhcn0aE24863iNM5gEAKffc2taWjBd49NJV8t7nL
QY8PiwNUnDpaAISdYy0aQedNOVymcZ8CV9RA6IdSuF+haMHn6kZlMDzUOVXfvWSJ
Uu5MRiT2JmnI+2gB3nxNbYIrb1XXjX9gl362HbXjgFZd3Z+LQnZc/2dYQxogGxe5
zE4d+OoLQLe/3XbFHIlggpO/+6Z1AgMBAAGjggK0MIICsDAdBgNVHQ4EFgQUOnDU
HuGBsZ8AK3yMVBeYQi5+t1kwHwYDVR0jBBgwFoAU2/aMnFwB1o68DJDe5MB0naI6
L9YwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjU3NkU4L0MzODA4OTg2RkM2MTExRUNCMTdFMjJBQkYxMjIyNDY4LzJfYU1u
RndCMW82OERKRGU1TUIwbmFJNkw5WS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljLzJfYU1uRndCMW82OERKRGU1TUIwbmFJNkw5WS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjU3NkU4L0MzODA4OTg2RkM2MTExRUNCMTdFMjJBQkYx
MjIyNDY4L0IzRUUxOEYyMkJEMDExRjA4QTdDMjdBMkRBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBAJmztgwDQQCAAIwBwMFACwP
7EgwDQYJKoZIhvcNAQELBQADggEBAB0vkqA1xLFbMQPSrUf4Oz9dP7dfyYyhXuJc
fdS+B6igjEKuZj4cQVF649UPOVSQ1ZpUv5xTWXoR07JI1NkgqSwQx/5cM5Gtl2u1
UJoCVtHvNSRllLVVtckBMOBJ76v/LihcTIryMq5X3QxizZx+XqipftBsHfaAUwJs
yiUYEs2qUwk9cGInPcpuwfYrq/GAemgnDD0NfrGNIm3uXUXkCqiGb+PGiwGWhLNQ
aUyMNBoH9y9e7gH6IZofV1eJZuxfqDAiUdMWNlRcgG/3wL+ygTJd4PmufTSr7COK
aIR8RHAspLNPxPGte9d3eRMIK+JhVCGtZUep7rXkrwzgby9GXb8=
-----END CERTIFICATE-----
Generated at Sun May 18 07:46:16 2025 by rpki-client