Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F366372C/5F217C34657F11ED964AEF85F1222468/2BBF1C3A309C11F088CE98B2DAE4EC9C.roa
File: 2BBF1C3A309C11F088CE98B2DAE4EC9C.roa (raw, json)
Hash identifier: d3U7Ue8n5ODoQtIkqxmfs88xiOyVzuOgtMD6Gn4U5Yo=
Subject key identifier: 1A:D3:3A:B6:D3:3E:31:5C:52:11:E6:3B:E0:B3:72:79:E5:03:50:63
Certificate issuer: /CN=F366372CAF/serialNumber=B1A1AA72C9657B40E616BC373E13CF93B229EB3F
Certificate serial: 03B6
Authority key identifier: B1:A1:AA:72:C9:65:7B:40:E6:16:BC:37:3E:13:CF:93:B2:29:EB:3F
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/saGqcslle0DmFrw3PhPPk7Ip6z8.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F366372C/5F217C34657F11ED964AEF85F1222468/2BBF1C3A309C11F088CE98B2DAE4EC9C.roa
Signing time: Wed 14 May 2025 08:19:36 +0000
ROA not before: Wed 14 May 2025 08:19:31 +0000
ROA not after: Fri 15 May 2026 08:19:31 +0000
asID: 328676
IP address blocks: 102.207.204.0/24 maxlen: 24
102.207.205.0/24 maxlen: 24
102.207.206.0/24 maxlen: 24
102.207.207.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F366372C/5F217C34657F11ED964AEF85F1222468/saGqcslle0DmFrw3PhPPk7Ip6z8.crl
rsync://rpki.afrinic.net/repository/member_repository/F366372C/5F217C34657F11ED964AEF85F1222468/saGqcslle0DmFrw3PhPPk7Ip6z8.mft
rsync://rpki.afrinic.net/repository/afrinic/saGqcslle0DmFrw3PhPPk7Ip6z8.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 18 May 2025 00:07:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 950 (0x3b6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F366372CAF, serialNumber=B1A1AA72C9657B40E616BC373E13CF93B229EB3F
Validity
Not Before: May 14 08:19:31 2025 GMT
Not After : May 15 08:19:31 2026 GMT
Subject: CN=68245218-700d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:4b:b2:db:45:90:30:79:a9:05:fa:73:83:9b:
6f:33:3d:7d:cc:06:ad:c7:5d:17:5e:fe:f3:c4:66:
5a:57:7b:8e:53:80:3d:69:92:90:ce:cb:d7:49:55:
4b:84:a2:3a:a3:fa:e5:eb:ac:8b:51:c9:75:9a:67:
74:70:a1:f4:6e:4e:f1:8a:ec:b7:c4:30:3d:10:0a:
6e:10:ad:c2:86:e3:0c:4e:a1:17:f3:12:85:7f:ed:
4d:df:4d:17:6a:31:c2:af:4b:f6:be:c7:1d:84:cb:
4c:80:dd:7d:02:71:f6:71:43:f6:c8:ce:c8:04:47:
ed:86:a1:1c:91:7c:f0:f1:87:f0:f4:14:4f:e2:e0:
95:06:f9:ca:fb:9d:7c:a7:e4:f0:ef:01:64:30:4d:
99:86:08:50:07:0e:7e:c5:4f:54:eb:48:24:4f:78:
32:9f:d8:b3:7d:2c:11:02:be:57:53:e9:7c:56:85:
bb:bc:5f:79:55:ca:b2:99:a7:4e:47:99:00:b0:1e:
f0:71:73:66:55:01:08:cf:78:5e:13:31:bc:0b:9b:
93:04:ad:4a:7a:d3:c4:34:02:2c:81:00:21:31:3b:
0f:1c:cc:a8:bc:67:a0:71:17:28:b1:f2:34:8f:02:
9b:61:ae:77:d4:79:70:43:86:43:66:4d:07:3c:0c:
33:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:D3:3A:B6:D3:3E:31:5C:52:11:E6:3B:E0:B3:72:79:E5:03:50:63
X509v3 Authority Key Identifier:
keyid:B1:A1:AA:72:C9:65:7B:40:E6:16:BC:37:3E:13:CF:93:B2:29:EB:3F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F366372C/5F217C34657F11ED964AEF85F1222468/saGqcslle0DmFrw3PhPPk7Ip6z8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/saGqcslle0DmFrw3PhPPk7Ip6z8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F366372C/5F217C34657F11ED964AEF85F1222468/2BBF1C3A309C11F088CE98B2DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.207.204.0/22
Signature Algorithm: sha256WithRSAEncryption
08:75:53:40:1f:55:6c:76:ef:d4:61:97:4d:d5:6b:b9:69:8c:
0d:ef:22:ec:8e:6e:92:1f:dd:18:fc:24:be:f3:bc:4d:76:62:
7a:d2:ef:5c:f8:d9:4e:f1:ad:cd:26:9c:40:f8:31:8c:3a:78:
51:c6:69:18:83:5d:4f:72:b8:33:a5:38:08:3d:31:37:e6:b4:
c1:ca:9d:2d:e2:33:6a:5e:9f:d4:6f:de:12:28:1d:2e:c9:0a:
e2:02:44:b2:d3:6a:a2:ca:bf:19:89:18:8b:4c:82:2c:ae:11:
df:84:8f:f8:ad:69:18:3f:0c:b8:b6:c7:95:7a:96:c5:0d:1a:
0c:0c:34:e3:37:d6:47:e0:2d:20:8d:5e:e2:6c:c8:8b:cc:03:
f1:a0:f9:a4:f1:d2:56:d6:d2:6b:84:cb:fe:78:78:4a:69:57:
c1:c3:7b:b0:42:22:30:79:71:df:aa:91:01:5b:f5:01:ac:ef:
66:06:f1:45:78:83:39:91:f2:b1:58:19:9c:db:db:94:e6:f0:
7f:18:13:8a:89:8c:1e:59:66:f6:6d:85:f9:96:06:99:72:11:
c8:f2:b4:c8:d2:64:64:a6:58:34:47:1d:11:6c:df:c3:08:b5:
5b:f6:2a:3f:a0:e4:67:ea:5f:e3:62:24:5e:dc:1d:4f:09:1b:
48:12:c6:98
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICA7YwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
NjM3MkNBRjExMC8GA1UEBRMoQjFBMUFBNzJDOTY1N0I0MEU2MTZCQzM3M0UxM0NG
OTNCMjI5RUIzRjAeFw0yNTA1MTQwODE5MzFaFw0yNjA1MTUwODE5MzFaMBgxFjAU
BgNVBAMTDTY4MjQ1MjE4LTcwMGQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDlS7LbRZAweakF+nODm28zPX3MBq3HXRde/vPEZlpXe45TgD1pkpDOy9dJ
VUuEojqj+uXrrItRyXWaZ3RwofRuTvGK7LfEMD0QCm4QrcKG4wxOoRfzEoV/7U3f
TRdqMcKvS/a+xx2Ey0yA3X0CcfZxQ/bIzsgER+2GoRyRfPDxh/D0FE/i4JUG+cr7
nXyn5PDvAWQwTZmGCFAHDn7FT1TrSCRPeDKf2LN9LBECvldT6XxWhbu8X3lVyrKZ
p05HmQCwHvBxc2ZVAQjPeF4TMbwLm5MErUp608Q0AiyBACExOw8czKi8Z6BxFyix
8jSPApthrnfUeXBDhkNmTQc8DDMPAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUGtM6
ttM+MVxSEeY74LNyeeUDUGMwHwYDVR0jBBgwFoAUsaGqcslle0DmFrw3PhPPk7Ip
6z8wDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjYzNzJDLzVGMjE3QzM0NjU3RjExRUQ5NjRBRUY4NUYxMjIyNDY4L3NhR3Fj
c2xsZTBEbUZydzNQaFBQazdJcDZ6OC5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL3NhR3Fjc2xsZTBEbUZydzNQaFBQazdJcDZ6OC5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjYzNzJDLzVGMjE3QzM0NjU3RjExRUQ5NjRBRUY4NUYx
MjIyNDY4LzJCQkYxQzNBMzA5QzExRjA4OENFOThCMkRBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJmz8wwDQYJKoZIhvcNAQEL
BQADggEBAAh1U0AfVWx279Rhl03Va7lpjA3vIuyObpIf3Rj8JL7zvE12YnrS71z4
2U7xrc0mnED4MYw6eFHGaRiDXU9yuDOlOAg9MTfmtMHKnS3iM2pen9Rv3hIoHS7J
CuICRLLTaqLKvxmJGItMgiyuEd+Ej/itaRg/DLi2x5V6lsUNGgwMNOM31kfgLSCN
XuJsyIvMA/Gg+aTx0lbW0muEy/54eEppV8HDe7BCIjB5cd+qkQFb9QGs72YG8UV4
gzmR8rFYGZzb25Tm8H8YE4qJjB5ZZvZthfmWBplyEcjytMjSZGSmWDRHHRFs38MI
tVv2Kj+g5GfqX+NiJF7cHU8JG0gSxpg=
-----END CERTIFICATE-----
Generated at Fri May 16 12:14:34 2025 by rpki-client