Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36B3234/9E121C0C241011ECB2D06956D8A014CE/85EA30261ACD11F091C663EE6DB8BCC6.roa
File: 85EA30261ACD11F091C663EE6DB8BCC6.roa (raw, json)
Hash identifier: MZnf3Jru5mDM7rqJRbKCC0WwX6Tw2TMEsMEyy/eEk2k=
Subject key identifier: B4:93:DD:E3:A7:EB:C8:4D:A6:43:33:9F:1D:CC:CD:A7:49:DA:69:7B
Certificate issuer: /CN=F36B3234AF/serialNumber=03FE5D726F34E93CE1A95D94518E12237AC3E2C6
Certificate serial: 0599
Authority key identifier: 03:FE:5D:72:6F:34:E9:3C:E1:A9:5D:94:51:8E:12:23:7A:C3:E2:C6
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/A_5dcm806TzhqV2UUY4SI3rD4sY.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36B3234/9E121C0C241011ECB2D06956D8A014CE/85EA30261ACD11F091C663EE6DB8BCC6.roa
Signing time: Wed 16 Apr 2025 14:17:27 +0000
ROA not before: Wed 16 Apr 2025 14:17:22 +0000
ROA not after: Sun 15 Apr 2035 14:17:22 +0000
asID: 5536
IP address blocks: 102.218.130.0/24 maxlen: 32
102.219.22.0/24 maxlen: 32
102.220.125.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36B3234/9E121C0C241011ECB2D06956D8A014CE/A_5dcm806TzhqV2UUY4SI3rD4sY.crl
rsync://rpki.afrinic.net/repository/member_repository/F36B3234/9E121C0C241011ECB2D06956D8A014CE/A_5dcm806TzhqV2UUY4SI3rD4sY.mft
rsync://rpki.afrinic.net/repository/afrinic/A_5dcm806TzhqV2UUY4SI3rD4sY.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 15 May 2025 02:42:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1433 (0x599)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36B3234AF, serialNumber=03FE5D726F34E93CE1A95D94518E12237AC3E2C6
Validity
Not Before: Apr 16 14:17:22 2025 GMT
Not After : Apr 15 14:17:22 2035 GMT
Subject: CN=67ffbbf7-a286
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:07:3c:bf:af:7a:b3:a0:e8:5e:85:6a:b7:19:
16:97:dc:4a:ec:83:1d:15:74:d7:46:3e:58:04:f5:
59:61:fd:94:91:75:3c:03:55:b4:c2:d9:94:7f:23:
b7:7b:29:c8:17:35:44:ff:9f:5c:41:35:74:83:db:
5c:ea:9b:ea:83:52:db:19:90:9c:80:62:a1:30:68:
26:c3:8d:ff:42:75:a4:04:73:68:83:f4:5d:8b:bc:
09:61:2f:83:ab:e1:c8:69:e1:2e:3b:9c:b3:fd:4f:
13:5f:87:ee:10:f3:ae:ce:77:14:6c:0a:de:f5:06:
dd:d9:74:c8:d8:1d:82:2e:47:42:4f:25:21:ad:dc:
68:f8:52:21:1f:ce:30:28:98:2b:ee:e4:ce:6b:58:
7c:6b:01:a6:fc:7f:9f:53:7e:c2:cc:93:ef:ce:b2:
f4:22:75:50:57:7e:2d:8d:bf:e2:84:9f:01:d7:8d:
32:8d:cd:1d:f9:7e:5b:2c:21:d6:4b:6b:6a:59:98:
97:85:95:1a:0c:54:e4:d8:f3:15:3e:f4:d7:e5:57:
8b:43:5f:53:71:89:b3:2d:ca:b7:44:6b:f8:76:15:
4d:da:9d:1e:0c:45:8d:2f:3f:a5:39:4b:88:90:66:
6a:e5:62:48:00:be:45:6e:db:16:09:4d:fd:07:34:
b0:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:93:DD:E3:A7:EB:C8:4D:A6:43:33:9F:1D:CC:CD:A7:49:DA:69:7B
X509v3 Authority Key Identifier:
keyid:03:FE:5D:72:6F:34:E9:3C:E1:A9:5D:94:51:8E:12:23:7A:C3:E2:C6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36B3234/9E121C0C241011ECB2D06956D8A014CE/A_5dcm806TzhqV2UUY4SI3rD4sY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/A_5dcm806TzhqV2UUY4SI3rD4sY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36B3234/9E121C0C241011ECB2D06956D8A014CE/85EA30261ACD11F091C663EE6DB8BCC6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.218.130.0/24
102.219.22.0/24
102.220.125.0/24
Signature Algorithm: sha256WithRSAEncryption
06:8d:a9:ee:07:3d:86:51:42:12:5a:b5:53:cc:5f:db:3d:51:
f6:c3:ed:1f:f3:10:87:eb:74:a5:77:0c:74:b5:cd:e1:d2:8f:
98:eb:60:18:35:a3:08:7c:99:35:28:67:3d:d9:29:86:67:6f:
17:c7:b1:25:c3:67:de:33:bc:ca:cf:2b:be:ae:4f:28:83:6e:
04:4d:9b:cc:a5:9e:8d:fe:05:2d:8a:ab:02:48:1a:b5:4d:bd:
4c:9c:5d:c4:b6:58:2c:37:3a:b3:c4:a9:31:40:61:61:25:29:
b6:ac:4d:04:d1:cf:50:8f:b2:a2:33:d7:ad:f8:49:e3:8f:91:
29:80:f8:47:23:54:7c:1a:5d:ec:be:fd:28:b0:43:f1:f8:bd:
b0:53:2f:2a:75:61:6d:f6:6b:31:8b:a6:24:b0:b4:18:50:8a:
ab:ca:56:6c:f2:b6:65:76:0b:1f:cb:f2:97:8c:97:f2:f2:48:
4a:63:f2:50:fd:55:9f:69:b7:38:79:a5:e9:4e:39:35:58:2f:
37:0a:c8:5c:ac:e4:21:24:54:39:34:47:1c:5e:12:59:e2:87:
44:05:07:73:8a:72:78:91:31:4b:07:eb:e3:86:92:1e:51:16:
bd:b1:b1:6c:45:65:6e:e1:32:20:98:73:e5:a8:9f:b7:5b:a8:
3f:32:b0:33
-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgICBZkwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
QjMyMzRBRjExMC8GA1UEBRMoMDNGRTVENzI2RjM0RTkzQ0UxQTk1RDk0NTE4RTEy
MjM3QUMzRTJDNjAeFw0yNTA0MTYxNDE3MjJaFw0zNTA0MTUxNDE3MjJaMBgxFjAU
BgNVBAMTDTY3ZmZiYmY3LWEyODYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC9Bzy/r3qzoOhehWq3GRaX3Ersgx0VdNdGPlgE9Vlh/ZSRdTwDVbTC2ZR/
I7d7KcgXNUT/n1xBNXSD21zqm+qDUtsZkJyAYqEwaCbDjf9CdaQEc2iD9F2LvAlh
L4Or4chp4S47nLP9TxNfh+4Q867OdxRsCt71Bt3ZdMjYHYIuR0JPJSGt3Gj4UiEf
zjAomCvu5M5rWHxrAab8f59TfsLMk+/OsvQidVBXfi2Nv+KEnwHXjTKNzR35flss
IdZLa2pZmJeFlRoMVOTY8xU+9NflV4tDX1NxibMtyrdEa/h2FU3anR4MRY0vP6U5
S4iQZmrlYkgAvkVu2xYJTf0HNLDRAgMBAAGjggKxMIICrTAdBgNVHQ4EFgQUtJPd
46fryE2mQzOfHczNp0naaXswHwYDVR0jBBgwFoAUA/5dcm806TzhqV2UUY4SI3rD
4sYwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkIzMjM0LzlFMTIxQzBDMjQxMDExRUNCMkQwNjk1NkQ4QTAxNENFL0FfNWRj
bTgwNlR6aHFWMlVVWTRTSTNyRDRzWS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0FfNWRjbTgwNlR6aHFWMlVVWTRTSTNyRDRzWS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkIzMjM0LzlFMTIxQzBDMjQxMDExRUNCMkQwNjk1NkQ4
QTAxNENFLzg1RUEzMDI2MUFDRDExRjA5MUM2NjNFRTZEQjhCQ0M2LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBIDBABm2oIDBABm2xYDBABm3H0w
DQYJKoZIhvcNAQELBQADggEBAAaNqe4HPYZRQhJatVPMX9s9UfbD7R/zEIfrdKV3
DHS1zeHSj5jrYBg1owh8mTUoZz3ZKYZnbxfHsSXDZ94zvMrPK76uTyiDbgRNm8yl
no3+BS2KqwJIGrVNvUycXcS2WCw3OrPEqTFAYWElKbasTQTRz1CPsqIz1634SeOP
kSmA+EcjVHwaXey+/SiwQ/H4vbBTLyp1YW32azGLpiSwtBhQiqvKVmzytmV2Cx/L
8peMl/LySEpj8lD9VZ9ptzh5pelOOTVYLzcKyFys5CEkVDk0RxxeElnih0QFB3OK
cniRMUsH6+OGkh5RFr2xsWxFZW7hMiCYc+Won7dbqD8ysDM=
-----END CERTIFICATE-----
Generated at Wed May 14 03:45:12 2025 by rpki-client