Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36B7E77/B6BE040424CB11F0BF5B50A6DAE4EC9C/EC8CEE0424CD11F0A95A70B7DAE4EC9C.roa
File: EC8CEE0424CD11F0A95A70B7DAE4EC9C.roa (raw, json)
Hash identifier: vHw6M4Jn3ZWzx4xczXCaEyluLBv1RtYMY0f4ZJEhTsk=
Subject key identifier: 52:26:C4:DE:38:FB:FE:FB:7D:84:12:E8:4B:A8:F3:57:3A:87:F8:37
Certificate issuer: /CN=F36B7E77AF/serialNumber=6E3D1AA94E2D62AF8112BDFFB049C40FF9BD6D64
Certificate serial: 02
Authority key identifier: 6E:3D:1A:A9:4E:2D:62:AF:81:12:BD:FF:B0:49:C4:0F:F9:BD:6D:64
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/bj0aqU4tYq-BEr3_sEnED_m9bWQ.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36B7E77/B6BE040424CB11F0BF5B50A6DAE4EC9C/EC8CEE0424CD11F0A95A70B7DAE4EC9C.roa
Signing time: Tue 29 Apr 2025 07:45:31 +0000
ROA not before: Tue 29 Apr 2025 07:45:26 +0000
ROA not after: Sun 29 Apr 2035 07:45:26 +0000
asID: 328934
IP address blocks: 102.212.21.0/24 maxlen: 24
102.212.22.0/23 maxlen: 24
102.219.21.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36B7E77/B6BE040424CB11F0BF5B50A6DAE4EC9C/bj0aqU4tYq-BEr3_sEnED_m9bWQ.crl
rsync://rpki.afrinic.net/repository/member_repository/F36B7E77/B6BE040424CB11F0BF5B50A6DAE4EC9C/bj0aqU4tYq-BEr3_sEnED_m9bWQ.mft
rsync://rpki.afrinic.net/repository/afrinic/bj0aqU4tYq-BEr3_sEnED_m9bWQ.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 07 May 2025 00:06:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36B7E77AF, serialNumber=6E3D1AA94E2D62AF8112BDFFB049C40FF9BD6D64
Validity
Not Before: Apr 29 07:45:26 2025 GMT
Not After : Apr 29 07:45:26 2035 GMT
Subject: CN=6810839b-8bef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:a8:5a:10:6d:01:55:f3:70:c5:15:41:99:94:
10:65:47:b9:41:85:c6:e8:92:5d:0b:99:f3:3e:55:
92:63:7a:9a:2b:1a:41:20:f7:81:15:f9:0d:2b:3e:
3c:45:be:c6:93:16:c3:d7:22:d2:56:5c:2a:c9:91:
44:89:ac:b4:d2:d0:e7:30:b4:2c:aa:c3:6f:03:9f:
71:d7:71:ff:0e:b2:fb:c5:c5:a3:26:6d:6e:85:c8:
c1:39:08:60:40:89:cb:ef:b4:26:86:94:41:64:e0:
ff:06:62:ef:b8:ef:cc:2b:8e:49:bd:3f:5c:30:41:
e8:45:0c:e8:37:b3:9a:94:c8:8a:2e:75:ba:9b:44:
d1:8b:d7:3b:52:af:cb:f2:5c:3c:59:94:e7:e1:73:
76:86:68:26:e6:8f:d1:7a:44:9d:8c:20:16:6f:d8:
f9:49:9d:03:69:7b:ea:b7:d6:57:7b:36:fc:3a:80:
11:70:1d:db:22:55:48:80:a8:c4:6f:4f:19:b4:ae:
06:39:59:c3:10:2e:b1:33:f0:0b:07:ae:38:58:b9:
11:59:fb:00:06:6e:b7:42:8c:99:f0:35:4b:d8:85:
6f:19:bc:5d:5a:0e:4d:b5:91:1c:8e:32:89:b7:71:
80:dc:17:28:01:8e:6a:35:3f:eb:de:d6:38:a4:f3:
c1:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:26:C4:DE:38:FB:FE:FB:7D:84:12:E8:4B:A8:F3:57:3A:87:F8:37
X509v3 Authority Key Identifier:
keyid:6E:3D:1A:A9:4E:2D:62:AF:81:12:BD:FF:B0:49:C4:0F:F9:BD:6D:64
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36B7E77/B6BE040424CB11F0BF5B50A6DAE4EC9C/bj0aqU4tYq-BEr3_sEnED_m9bWQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/bj0aqU4tYq-BEr3_sEnED_m9bWQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36B7E77/B6BE040424CB11F0BF5B50A6DAE4EC9C/EC8CEE0424CD11F0A95A70B7DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.212.21.0-102.212.23.255
102.219.21.0/24
Signature Algorithm: sha256WithRSAEncryption
30:02:67:52:b3:bf:ee:28:75:46:5e:64:24:58:28:a3:7e:ed:
57:fd:4c:77:c5:72:74:97:cc:8c:5c:e5:b2:fd:ac:52:59:0b:
01:15:82:4e:84:da:c8:f0:e2:e1:32:0d:63:53:d2:d5:7a:3b:
81:7a:9a:10:97:93:65:b0:9e:8b:1e:a6:50:b1:cd:86:a3:b3:
07:c3:1c:ef:e8:0b:ca:7d:e4:18:db:c9:38:f4:54:e9:d3:e0:
e1:00:f9:d6:24:69:b2:22:3a:bb:7a:15:4d:ee:82:7f:3e:8b:
75:8c:d3:6b:b1:06:d0:8f:be:ed:32:75:c4:e3:18:9b:1a:5f:
51:58:ca:aa:0c:96:f8:b5:66:89:96:3e:41:04:46:9a:70:f2:
e2:23:4d:d4:21:ec:13:4d:15:e7:7c:53:c1:b8:24:1a:22:24:
b4:b8:b0:1f:e2:ec:3e:d0:8e:e0:6a:a6:cc:c5:7a:ef:4e:35:
e0:e8:90:27:6e:5d:e9:bb:c9:9c:ec:fa:9f:18:31:cb:c6:8c:
d0:44:40:dc:77:87:69:a8:8f:fd:b2:7b:9d:45:f0:46:b9:e7:
b4:6a:87:0a:d3:ea:9f:53:35:8b:8d:d5:e1:0c:9b:a3:44:71:
d6:02:5d:d8:07:fc:b6:d8:2a:91:01:50:32:d4:0b:14:e7:73:
8f:8c:20:75
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZC
N0U3N0FGMTEwLwYDVQQFEyg2RTNEMUFBOTRFMkQ2MkFGODExMkJERkZCMDQ5QzQw
RkY5QkQ2RDY0MB4XDTI1MDQyOTA3NDUyNloXDTM1MDQyOTA3NDUyNlowGDEWMBQG
A1UEAxMNNjgxMDgzOWItOGJlZjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJuoWhBtAVXzcMUVQZmUEGVHuUGFxuiSXQuZ8z5VkmN6misaQSD3gRX5DSs+
PEW+xpMWw9ci0lZcKsmRRImstNLQ5zC0LKrDbwOfcddx/w6y+8XFoyZtboXIwTkI
YECJy++0JoaUQWTg/wZi77jvzCuOSb0/XDBB6EUM6DezmpTIii51uptE0YvXO1Kv
y/JcPFmU5+FzdoZoJuaP0XpEnYwgFm/Y+UmdA2l76rfWV3s2/DqAEXAd2yJVSICo
xG9PGbSuBjlZwxAusTPwCweuOFi5EVn7AAZut0KMmfA1S9iFbxm8XVoOTbWRHI4y
ibdxgNwXKAGOajU/697WOKTzwYECAwEAAaOCArMwggKvMB0GA1UdDgQWBBRSJsTe
OPv++32EEuhLqPNXOof4NzAfBgNVHSMEGDAWgBRuPRqpTi1ir4ESvf+wScQP+b1t
ZDAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2QjdFNzcvQjZCRTA0MDQyNENCMTFGMEJGNUI1MEE2REFFNEVDOUMvYmowYXFV
NHRZcS1CRXIzX3NFbkVEX205YldRLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvYmowYXFVNHRZcS1CRXIzX3NFbkVEX205YldRLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2QjdFNzcvQjZCRTA0MDQyNENCMTFGMEJGNUI1MEE2REFF
NEVDOUMvRUM4Q0VFMDQyNENEMTFGMEE5NUE3MEI3REFFNEVDOUMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAtBggrBgEFBQcBBwEB/wQeMBwwGgQCAAEwFDAMAwQAZtQVAwQDZtQQAwQAZtsV
MA0GCSqGSIb3DQEBCwUAA4IBAQAwAmdSs7/uKHVGXmQkWCijfu1X/Ux3xXJ0l8yM
XOWy/axSWQsBFYJOhNrI8OLhMg1jU9LVejuBepoQl5NlsJ6LHqZQsc2Go7MHwxzv
6AvKfeQY28k49FTp0+DhAPnWJGmyIjq7ehVN7oJ/Pot1jNNrsQbQj77tMnXE4xib
Gl9RWMqqDJb4tWaJlj5BBEaacPLiI03UIewTTRXnfFPBuCQaIiS0uLAf4uw+0I7g
aqbMxXrvTjXg6JAnbl3pu8mc7PqfGDHLxozQREDcd4dpqI/9snudRfBGuee0aocK
0+qfUzWLjdXhDJujRHHWAl3YB/y22CqRAVAy1AsU53OPjCB1
-----END CERTIFICATE-----
Generated at Mon May 5 08:43:40 2025 by rpki-client