Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368C55F/E7F7D708436F11F0A0CE9AD6DAE4EC9C/3F755F0C437811F09C3F948DDAE4EC9C.roa
File: 3F755F0C437811F09C3F948DDAE4EC9C.roa (raw, json)
Hash identifier: X2EhS8z1wgEQ+6T/04a8A/gg1zUkJce6ytcXDk39BOQ=
Subject key identifier: 8B:6F:A4:94:41:8E:96:FE:7A:EE:A6:E7:F8:AA:C3:5D:7E:1A:8C:19
Certificate issuer: /CN=F368C55FAF/serialNumber=ABFA4286C762A0C08AAF7BA463212C9A6637C04E
Certificate serial: 03
Authority key identifier: AB:FA:42:86:C7:62:A0:C0:8A:AF:7B:A4:63:21:2C:9A:66:37:C0:4E
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/q_pChsdioMCKr3ukYyEsmmY3wE4.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368C55F/E7F7D708436F11F0A0CE9AD6DAE4EC9C/3F755F0C437811F09C3F948DDAE4EC9C.roa
Signing time: Sat 07 Jun 2025 08:20:19 +0000
ROA not before: Sat 07 Jun 2025 08:20:14 +0000
ROA not after: Thu 07 Jun 2035 08:20:14 +0000
asID: 329468
IP address blocks: 102.208.82.0/29 maxlen: 32
2c0f:c0::/32 maxlen: 128
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368C55F/E7F7D708436F11F0A0CE9AD6DAE4EC9C/q_pChsdioMCKr3ukYyEsmmY3wE4.crl
rsync://rpki.afrinic.net/repository/member_repository/F368C55F/E7F7D708436F11F0A0CE9AD6DAE4EC9C/q_pChsdioMCKr3ukYyEsmmY3wE4.mft
rsync://rpki.afrinic.net/repository/afrinic/q_pChsdioMCKr3ukYyEsmmY3wE4.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 02 Jul 2025 05:24:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3 (0x3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368C55FAF, serialNumber=ABFA4286C762A0C08AAF7BA463212C9A6637C04E
Validity
Not Before: Jun 7 08:20:14 2025 GMT
Not After : Jun 7 08:20:14 2035 GMT
Subject: CN=6843f643-90b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:59:01:c5:08:e6:88:9b:a8:8b:1c:d2:7e:a9:
85:20:4d:b3:a9:7a:78:6f:3f:fe:a6:64:12:2c:d0:
23:46:60:29:a9:32:16:0b:44:5e:68:d5:a4:0a:2b:
e5:a6:f5:29:dc:97:1f:4f:a7:a5:71:0c:4c:78:cf:
9d:8a:6a:83:58:c1:be:01:0c:64:b9:1c:27:f5:d5:
43:c1:61:8d:ca:19:5c:5b:e4:09:eb:3a:00:0d:9a:
5f:c7:3a:2e:af:33:b3:39:83:e8:75:30:85:8f:cc:
fc:08:9e:b3:7e:b4:e3:88:37:8c:76:ae:27:7a:23:
73:96:45:fb:42:d3:71:c1:26:e4:19:8a:d2:f7:3c:
8f:8e:dc:88:6d:63:e8:21:f2:ee:c7:cb:fb:c4:58:
67:79:d6:88:b4:df:24:59:cc:99:d3:f5:3b:a4:25:
48:67:d8:fc:af:ec:4d:7b:20:19:56:a4:88:e6:43:
ad:09:92:24:11:b8:b3:f6:0c:1b:55:48:75:d8:d1:
40:6e:7d:8b:b0:fb:39:32:64:bb:3a:a0:b4:6a:91:
32:fd:78:d3:c8:0b:20:05:9e:20:18:29:12:a5:ea:
6d:39:3b:c3:0f:04:59:83:86:5c:49:b7:72:fa:50:
c8:dd:92:92:4f:60:40:f2:1b:7f:bd:62:dc:43:6d:
df:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:6F:A4:94:41:8E:96:FE:7A:EE:A6:E7:F8:AA:C3:5D:7E:1A:8C:19
X509v3 Authority Key Identifier:
keyid:AB:FA:42:86:C7:62:A0:C0:8A:AF:7B:A4:63:21:2C:9A:66:37:C0:4E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368C55F/E7F7D708436F11F0A0CE9AD6DAE4EC9C/q_pChsdioMCKr3ukYyEsmmY3wE4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/q_pChsdioMCKr3ukYyEsmmY3wE4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368C55F/E7F7D708436F11F0A0CE9AD6DAE4EC9C/3F755F0C437811F09C3F948DDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.208.82.0/29
IPv6:
2c0f:c0::/32
Signature Algorithm: sha256WithRSAEncryption
0e:98:a2:48:78:f0:c7:52:5f:26:f4:8b:eb:2b:58:b0:cb:ff:
da:06:b1:99:c3:d7:e8:31:83:82:c1:f2:a1:1c:85:54:86:1b:
ab:0c:05:5f:41:2c:77:51:a3:07:58:80:13:5c:1f:34:48:8b:
1f:e4:55:e0:b5:aa:4c:bd:9c:a6:89:a7:83:69:b8:1c:80:29:
e4:25:51:70:19:e1:34:9a:a4:9d:30:b8:13:ce:d1:46:93:24:
a2:36:17:a4:6a:19:38:55:01:b0:67:b7:1e:79:ab:43:70:ab:
f2:3f:69:1d:36:3c:a6:43:ef:bc:2e:3a:63:35:a2:da:2f:15:
b6:bf:a3:c1:29:61:df:de:f9:ad:b6:e1:38:ae:2c:7c:5a:2d:
1a:81:13:c9:78:0d:0b:4e:d4:29:32:e8:ad:43:ed:5f:81:f0:
ce:e3:45:0c:e2:27:43:ac:2d:7f:c2:64:de:67:8c:d0:33:8e:
88:42:f2:46:0d:1b:73:c1:58:21:f5:5d:2e:01:b2:70:f3:44:
6e:d0:a8:08:77:9e:2e:1e:a8:a8:62:ec:ab:b8:94:83:5a:05:
e7:89:6a:47:ad:b5:46:e4:67:7e:20:03:ad:d4:4d:75:e0:8b:
13:97:51:c4:aa:4a:8b:7d:89:57:0d:f1:9a:f6:be:31:32:38:
bf:1c:cd:68
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgIBAzANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY4
QzU1RkFGMTEwLwYDVQQFEyhBQkZBNDI4NkM3NjJBMEMwOEFBRjdCQTQ2MzIxMkM5
QTY2MzdDMDRFMB4XDTI1MDYwNzA4MjAxNFoXDTM1MDYwNzA4MjAxNFowGDEWMBQG
A1UEAxMNNjg0M2Y2NDMtOTBiODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK5ZAcUI5oibqIsc0n6phSBNs6l6eG8//qZkEizQI0ZgKakyFgtEXmjVpAor
5ab1KdyXH0+npXEMTHjPnYpqg1jBvgEMZLkcJ/XVQ8FhjcoZXFvkCes6AA2aX8c6
Lq8zszmD6HUwhY/M/Aies36044g3jHauJ3ojc5ZF+0LTccEm5BmK0vc8j47ciG1j
6CHy7sfL+8RYZ3nWiLTfJFnMmdP1O6QlSGfY/K/sTXsgGVakiOZDrQmSJBG4s/YM
G1VIddjRQG59i7D7OTJkuzqgtGqRMv1408gLIAWeIBgpEqXqbTk7ww8EWYOGXEm3
cvpQyN2Skk9gQPIbf71i3ENt32ECAwEAAaOCArUwggKxMB0GA1UdDgQWBBSLb6SU
QY6W/nrupuf4qsNdfhqMGTAfBgNVHSMEGDAWgBSr+kKGx2KgwIqve6RjISyaZjfA
TjAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2OEM1NUYvRTdGN0Q3MDg0MzZGMTFGMEEwQ0U5QUQ2REFFNEVDOUMvcV9wQ2hz
ZGlvTUNLcjN1a1l5RXNtbVkzd0U0LmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvcV9wQ2hzZGlvTUNLcjN1a1l5RXNtbVkzd0U0LmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2OEM1NUYvRTdGN0Q3MDg0MzZGMTFGMEEwQ0U5QUQ2REFF
NEVDOUMvM0Y3NTVGMEM0Mzc4MTFGMDlDM0Y5NDhEREFFNEVDOUMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAvBggrBgEFBQcBBwEB/wQgMB4wDQQCAAEwBwMFA2bQUgAwDQQCAAIwBwMFACwP
AMAwDQYJKoZIhvcNAQELBQADggEBAA6Yokh48MdSXyb0i+srWLDL/9oGsZnD1+gx
g4LB8qEchVSGG6sMBV9BLHdRowdYgBNcHzRIix/kVeC1qky9nKaJp4NpuByAKeQl
UXAZ4TSapJ0wuBPO0UaTJKI2F6RqGThVAbBntx55q0Nwq/I/aR02PKZD77wuOmM1
otovFba/o8EpYd/e+a224TiuLHxaLRqBE8l4DQtO1Cky6K1D7V+B8M7jRQziJ0Os
LX/CZN5njNAzjohC8kYNG3PBWCH1XS4BsnDzRG7QqAh3ni4eqKhi7Ku4lINaBeeJ
akettUbkZ34gA63UTXXgixOXUcSqSot9iVcN8Zr2vjEyOL8czWg=
-----END CERTIFICATE-----
Generated at Mon Jun 30 21:55:17 2025 by rpki-client