Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36848BC/C0FEE47C26D011F09019149EDAE4EC9C/09A34FAA26D211F0B6739EA6DAE4EC9C.roa
File: 09A34FAA26D211F0B6739EA6DAE4EC9C.roa (raw, json)
Hash identifier: ODLXD+AAWaNDLl7uFGo30OyjOAfDKyZb34POXL/jqq0=
Subject key identifier: E4:B8:EC:98:4B:E2:56:A4:BB:2A:8C:DE:C1:2A:1D:75:EC:D8:0B:19
Certificate issuer: /CN=F36848BCAF/serialNumber=F72445BFF5EA83351F2E660D4D812D8F3481ECF3
Certificate serial: 02
Authority key identifier: F7:24:45:BF:F5:EA:83:35:1F:2E:66:0D:4D:81:2D:8F:34:81:EC:F3
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/9yRFv_XqgzUfLmYNTYEtjzSB7PM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36848BC/C0FEE47C26D011F09019149EDAE4EC9C/09A34FAA26D211F0B6739EA6DAE4EC9C.roa
Signing time: Thu 01 May 2025 21:20:00 +0000
ROA not before: Thu 01 May 2025 21:19:55 +0000
ROA not after: Thu 30 Apr 2026 21:19:55 +0000
asID: 328761
IP address blocks: 102.221.112.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36848BC/C0FEE47C26D011F09019149EDAE4EC9C/9yRFv_XqgzUfLmYNTYEtjzSB7PM.crl
rsync://rpki.afrinic.net/repository/member_repository/F36848BC/C0FEE47C26D011F09019149EDAE4EC9C/9yRFv_XqgzUfLmYNTYEtjzSB7PM.mft
rsync://rpki.afrinic.net/repository/afrinic/9yRFv_XqgzUfLmYNTYEtjzSB7PM.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 14 May 2025 05:18:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36848BCAF, serialNumber=F72445BFF5EA83351F2E660D4D812D8F3481ECF3
Validity
Not Before: May 1 21:19:55 2025 GMT
Not After : Apr 30 21:19:55 2026 GMT
Subject: CN=6813e580-82d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:a0:ba:0c:c5:25:c2:a4:59:58:30:a6:ce:f8:
4a:4b:34:00:33:2d:dd:ca:20:db:38:b9:c2:9d:5c:
e1:75:e9:95:0f:74:b1:75:80:09:aa:cd:23:2d:93:
0b:d4:e8:1e:6d:e9:25:cd:71:47:ea:74:bf:6e:e9:
a4:7f:6d:0d:68:21:55:a4:05:ea:96:a1:85:d5:d9:
af:fc:a1:5a:62:5f:00:78:44:34:d2:e3:ef:ae:1b:
09:51:4c:ec:7e:75:e7:20:d7:44:71:b3:ba:ba:f8:
a3:d8:84:16:04:d6:fe:85:99:5c:4b:05:db:1f:92:
9f:2a:9d:7e:4e:d8:d1:a2:ad:62:af:60:08:c7:b0:
02:64:6f:ee:ad:11:5b:10:ab:ed:51:f3:aa:0e:73:
7c:5a:51:6e:65:44:9b:84:ec:82:26:a9:12:69:76:
08:96:97:10:3b:9e:f8:b1:48:67:ec:aa:62:33:6e:
d1:e5:1a:ed:5f:3c:c8:40:35:99:06:da:30:8a:ad:
53:a3:86:da:b0:7f:f2:8e:31:5d:90:d1:7f:09:d8:
d6:84:69:5b:0c:13:77:28:16:6d:23:f7:24:94:ae:
9c:70:ed:c6:c5:25:e3:2f:ad:bd:fa:66:42:3c:09:
d1:ef:7b:28:b4:8e:8c:47:fa:55:05:f7:61:4c:f9:
b2:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:B8:EC:98:4B:E2:56:A4:BB:2A:8C:DE:C1:2A:1D:75:EC:D8:0B:19
X509v3 Authority Key Identifier:
keyid:F7:24:45:BF:F5:EA:83:35:1F:2E:66:0D:4D:81:2D:8F:34:81:EC:F3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36848BC/C0FEE47C26D011F09019149EDAE4EC9C/9yRFv_XqgzUfLmYNTYEtjzSB7PM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/9yRFv_XqgzUfLmYNTYEtjzSB7PM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36848BC/C0FEE47C26D011F09019149EDAE4EC9C/09A34FAA26D211F0B6739EA6DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.221.112.0/23
Signature Algorithm: sha256WithRSAEncryption
be:10:4f:6e:d4:69:35:e2:7b:2d:aa:d7:73:4a:39:a6:a9:7f:
80:91:d9:90:78:ff:17:c5:8b:54:62:0e:77:fc:55:97:a6:6c:
da:e4:48:8a:cf:6d:2c:1e:05:bb:33:37:23:9a:cf:c5:cf:11:
7b:9b:7b:63:94:59:ed:e9:84:03:39:ec:43:26:4d:3c:cf:ed:
7b:c7:08:bf:61:4f:73:5e:e5:e6:b4:3c:d0:80:bf:91:77:30:
55:fd:ae:3e:d7:97:cf:3c:61:05:b0:97:fd:10:23:9d:b5:6f:
cc:74:c9:91:f9:71:e0:b1:41:8e:52:64:8f:01:fb:42:de:d1:
af:32:7f:ef:47:b7:e6:52:ed:30:51:78:a2:33:59:3b:90:62:
71:0e:3d:a3:96:26:22:84:db:06:53:9a:97:87:b0:f2:81:0a:
48:37:1c:92:c0:d7:e9:ab:34:72:a9:b8:4c:8c:ca:c8:e6:6d:
88:8d:31:7d:fa:74:3d:24:8e:5a:1a:fd:84:43:7b:d6:cc:b0:
b8:4e:61:4f:b7:e0:11:d7:a5:db:40:60:8f:e0:1b:47:25:2e:
bf:49:ce:f3:1b:67:98:03:a0:50:78:9b:92:01:14:f5:98:f1:
3e:52:c2:18:b5:1a:e2:33:d6:db:bb:c5:2a:63:e4:b9:fc:e5:
b1:d4:15:74
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY4
NDhCQ0FGMTEwLwYDVQQFEyhGNzI0NDVCRkY1RUE4MzM1MUYyRTY2MEQ0RDgxMkQ4
RjM0ODFFQ0YzMB4XDTI1MDUwMTIxMTk1NVoXDTI2MDQzMDIxMTk1NVowGDEWMBQG
A1UEAxMNNjgxM2U1ODAtODJkNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOygugzFJcKkWVgwps74Sks0ADMt3cog2zi5wp1c4XXplQ90sXWACarNIy2T
C9ToHm3pJc1xR+p0v27ppH9tDWghVaQF6pahhdXZr/yhWmJfAHhENNLj764bCVFM
7H515yDXRHGzurr4o9iEFgTW/oWZXEsF2x+Snyqdfk7Y0aKtYq9gCMewAmRv7q0R
WxCr7VHzqg5zfFpRbmVEm4TsgiapEml2CJaXEDue+LFIZ+yqYjNu0eUa7V88yEA1
mQbaMIqtU6OG2rB/8o4xXZDRfwnY1oRpWwwTdygWbSP3JJSunHDtxsUl4y+tvfpm
QjwJ0e97KLSOjEf6VQX3YUz5sgsCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBTkuOyY
S+JWpLsqjN7BKh117NgLGTAfBgNVHSMEGDAWgBT3JEW/9eqDNR8uZg1NgS2PNIHs
8zAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2ODQ4QkMvQzBGRUU0N0MyNkQwMTFGMDkwMTkxNDlFREFFNEVDOUMvOXlSRnZf
WHFnelVmTG1ZTlRZRXRqelNCN1BNLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvOXlSRnZfWHFnelVmTG1ZTlRZRXRqelNCN1BNLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2ODQ4QkMvQzBGRUU0N0MyNkQwMTFGMDkwMTkxNDlFREFF
NEVDOUMvMDlBMzRGQUEyNkQyMTFGMEI2NzM5RUE2REFFNEVDOUMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAWbdcDANBgkqhkiG9w0BAQsF
AAOCAQEAvhBPbtRpNeJ7LarXc0o5pql/gJHZkHj/F8WLVGIOd/xVl6Zs2uRIis9t
LB4FuzM3I5rPxc8Re5t7Y5RZ7emEAznsQyZNPM/te8cIv2FPc17l5rQ80IC/kXcw
Vf2uPteXzzxhBbCX/RAjnbVvzHTJkflx4LFBjlJkjwH7Qt7RrzJ/70e35lLtMFF4
ojNZO5BicQ49o5YmIoTbBlOal4ew8oEKSDccksDX6as0cqm4TIzKyOZtiI0xffp0
PSSOWhr9hEN71sywuE5hT7fgEdel20Bgj+AbRyUuv0nO8xtnmAOgUHibkgEU9Zjx
PlLCGLUa4jPW27vFKmPkufzlsdQVdA==
-----END CERTIFICATE-----
Generated at Tue May 13 06:09:17 2025 by rpki-client