Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3694A3E/A405B592984311EFB970F4B6762E951A/551A9F322CCD11F09F73B0B5DAE4EC9C.roa
File: 551A9F322CCD11F09F73B0B5DAE4EC9C.roa (raw, json)
Hash identifier: qDJZJ73fwcMimn2oqNCcTPQF5DF0ccPRcwR3NYTQ2dI=
Subject key identifier: BC:F4:07:48:0F:07:1F:DA:23:AE:80:09:95:0E:D0:CD:A2:24:32:7C
Certificate issuer: /CN=F3694A3EAF/serialNumber=0E85676FDD8B2C8BEA794E8950D2734F3F8930C1
Certificate serial: C9
Authority key identifier: 0E:85:67:6F:DD:8B:2C:8B:EA:79:4E:89:50:D2:73:4F:3F:89:30:C1
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/DoVnb92LLIvqeU6JUNJzTz-JMME.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3694A3E/A405B592984311EFB970F4B6762E951A/551A9F322CCD11F09F73B0B5DAE4EC9C.roa
Signing time: Fri 09 May 2025 12:01:26 +0000
ROA not before: Fri 09 May 2025 12:01:21 +0000
ROA not after: Mon 31 Dec 2035 12:01:21 +0000
asID: 329067
IP address blocks: 102.206.108.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3694A3E/A405B592984311EFB970F4B6762E951A/DoVnb92LLIvqeU6JUNJzTz-JMME.crl
rsync://rpki.afrinic.net/repository/member_repository/F3694A3E/A405B592984311EFB970F4B6762E951A/DoVnb92LLIvqeU6JUNJzTz-JMME.mft
rsync://rpki.afrinic.net/repository/afrinic/DoVnb92LLIvqeU6JUNJzTz-JMME.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 13 May 2025 04:59:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 201 (0xc9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3694A3EAF, serialNumber=0E85676FDD8B2C8BEA794E8950D2734F3F8930C1
Validity
Not Before: May 9 12:01:21 2025 GMT
Not After : Dec 31 12:01:21 2035 GMT
Subject: CN=681dee96-80be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:b4:26:a6:1d:5f:2a:d1:5e:3b:64:a2:9a:89:
c6:74:fd:4b:43:52:49:b3:b9:0e:a8:ce:8d:6d:98:
ec:24:2d:88:9b:58:c5:b6:29:df:c8:1d:a6:64:0d:
42:81:f1:ab:5d:08:da:68:26:24:50:5e:87:a7:ef:
67:af:45:f9:87:02:b2:8e:6f:67:66:59:a4:90:c0:
df:ba:a4:41:c3:92:3a:c1:54:08:a7:80:61:4b:1d:
53:11:3b:1a:e4:9b:b5:3a:70:24:5c:c6:14:d9:9c:
c3:33:67:ed:04:b0:95:a9:a3:b8:93:11:90:39:c6:
76:eb:12:68:24:2d:a9:15:ff:89:78:99:2b:c7:52:
58:d7:24:e7:9a:ff:5c:ed:44:af:68:8b:5b:74:ac:
a7:d8:aa:d8:d4:f1:53:e6:66:fc:be:93:96:a9:14:
bb:6f:ac:ee:27:c4:ad:f3:60:ac:55:2a:99:51:a3:
69:7f:02:30:26:19:08:b0:49:47:39:a5:d5:8a:cc:
08:a6:48:57:96:bf:9b:d5:ab:84:fd:c3:64:f9:7e:
4b:82:86:9b:33:b8:0e:20:e8:88:aa:7f:ac:ff:69:
76:55:1e:a3:b7:3b:60:c9:0e:ec:7e:6a:b8:ea:5a:
15:bd:82:99:0c:b5:53:a8:83:ac:7b:2f:f5:7f:ca:
c4:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:F4:07:48:0F:07:1F:DA:23:AE:80:09:95:0E:D0:CD:A2:24:32:7C
X509v3 Authority Key Identifier:
keyid:0E:85:67:6F:DD:8B:2C:8B:EA:79:4E:89:50:D2:73:4F:3F:89:30:C1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3694A3E/A405B592984311EFB970F4B6762E951A/DoVnb92LLIvqeU6JUNJzTz-JMME.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/DoVnb92LLIvqeU6JUNJzTz-JMME.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3694A3E/A405B592984311EFB970F4B6762E951A/551A9F322CCD11F09F73B0B5DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.206.108.0/22
Signature Algorithm: sha256WithRSAEncryption
c4:62:a4:9b:60:dd:de:3c:fa:d1:0f:b3:be:a6:b0:6a:a1:85:
1a:0f:1b:84:00:bf:bf:d7:3f:99:58:b6:3a:ce:46:fa:97:53:
a2:f3:b9:de:92:46:9c:f5:0e:cc:08:fb:1c:ec:2c:b4:f2:71:
f3:7d:2c:8f:60:4b:42:ad:60:cc:d7:8d:36:10:fa:c1:0f:bb:
77:7c:08:11:7d:70:be:1d:4b:0a:b3:c4:13:c9:00:69:ce:84:
8f:58:dd:50:c6:46:82:b8:8e:79:ad:6e:85:b1:f8:d0:50:ee:
56:56:37:51:a9:b2:93:47:ec:e7:ec:6c:a7:af:37:c2:8c:52:
b3:a2:9b:2c:c5:b8:26:e3:20:ca:53:c5:d3:c6:4a:9e:dd:7a:
5c:83:c7:f5:4c:1c:be:63:29:a8:78:b0:6b:b3:01:37:4d:dc:
b6:cb:bc:81:01:5c:47:d6:76:73:e5:37:34:fa:7e:79:72:5f:
22:69:0f:ce:93:cd:1d:60:08:b0:2c:23:93:3f:4d:c8:58:ea:
10:57:d8:f2:a4:95:56:82:df:1d:15:1a:71:43:d7:3d:9e:60:
b9:fb:33:35:9b:f3:1b:e1:a6:2c:0c:75:cc:b0:c2:20:a9:ab:
bb:3e:15:76:9e:1f:e9:bd:b0:23:ce:f0:91:50:ae:6a:40:18:
a8:f6:f5:ea
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICAMkwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
OTRBM0VBRjExMC8GA1UEBRMoMEU4NTY3NkZERDhCMkM4QkVBNzk0RTg5NTBEMjcz
NEYzRjg5MzBDMTAeFw0yNTA1MDkxMjAxMjFaFw0zNTEyMzExMjAxMjFaMBgxFjAU
BgNVBAMTDTY4MWRlZTk2LTgwYmUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDvtCamHV8q0V47ZKKaicZ0/UtDUkmzuQ6ozo1tmOwkLYibWMW2Kd/IHaZk
DUKB8atdCNpoJiRQXoen72evRfmHArKOb2dmWaSQwN+6pEHDkjrBVAingGFLHVMR
Oxrkm7U6cCRcxhTZnMMzZ+0EsJWpo7iTEZA5xnbrEmgkLakV/4l4mSvHUljXJOea
/1ztRK9oi1t0rKfYqtjU8VPmZvy+k5apFLtvrO4nxK3zYKxVKplRo2l/AjAmGQiw
SUc5pdWKzAimSFeWv5vVq4T9w2T5fkuChpszuA4g6Iiqf6z/aXZVHqO3O2DJDux+
arjqWhW9gpkMtVOog6x7L/V/ysQpAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUvPQH
SA8HH9ojroAJlQ7QzaIkMnwwHwYDVR0jBBgwFoAUDoVnb92LLIvqeU6JUNJzTz+J
MMEwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjk0QTNFL0E0MDVCNTkyOTg0MzExRUZCOTcwRjRCNjc2MkU5NTFBL0RvVm5i
OTJMTEl2cWVVNkpVTkp6VHotSk1NRS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0RvVm5iOTJMTEl2cWVVNkpVTkp6VHotSk1NRS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjk0QTNFL0E0MDVCNTkyOTg0MzExRUZCOTcwRjRCNjc2
MkU5NTFBLzU1MUE5RjMyMkNDRDExRjA5RjczQjBCNURBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJmzmwwDQYJKoZIhvcNAQEL
BQADggEBAMRipJtg3d48+tEPs76msGqhhRoPG4QAv7/XP5lYtjrORvqXU6Lzud6S
Rpz1DswI+xzsLLTycfN9LI9gS0KtYMzXjTYQ+sEPu3d8CBF9cL4dSwqzxBPJAGnO
hI9Y3VDGRoK4jnmtboWx+NBQ7lZWN1GpspNH7OfsbKevN8KMUrOimyzFuCbjIMpT
xdPGSp7delyDx/VMHL5jKah4sGuzATdN3LbLvIEBXEfWdnPlNzT6fnlyXyJpD86T
zR1gCLAsI5M/TchY6hBX2PKklVaC3x0VGnFD1z2eYLn7MzWb8xvhpiwMdcywwiCp
q7s+FXaeH+m9sCPO8JFQrmpAGKj29eo=
-----END CERTIFICATE-----
Generated at Mon May 12 05:23:55 2025 by rpki-client