Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36BF59B/4AAAA214C75111EEA02EB392775412E6/168425202C0711F0A51E2489DAE4EC9C.roa
File: 168425202C0711F0A51E2489DAE4EC9C.roa (raw, json)
Hash identifier: wRKCBs4sAUzALlL/A4gz2gHRh/qVVyV/3YwggJDwWX8=
Subject key identifier: 6E:92:C9:F4:02:D8:D3:B0:A6:01:3A:C0:9D:5C:DB:9A:9F:4A:AE:4B
Certificate issuer: /CN=F36BF59BAF/serialNumber=E036AE08FE03416F58887A9D195DBFD86A25603C
Certificate serial: 01E8
Authority key identifier: E0:36:AE:08:FE:03:41:6F:58:88:7A:9D:19:5D:BF:D8:6A:25:60:3C
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/4DauCP4DQW9YiHqdGV2_2GolYDw.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36BF59B/4AAAA214C75111EEA02EB392775412E6/168425202C0711F0A51E2489DAE4EC9C.roa
Signing time: Thu 08 May 2025 12:22:21 +0000
ROA not before: Thu 08 May 2025 12:22:16 +0000
ROA not after: Sun 31 May 2026 12:22:16 +0000
asID: 37739
IP address blocks: 102.209.240.0/22 maxlen: 24
2c0f:2c40::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36BF59B/4AAAA214C75111EEA02EB392775412E6/4DauCP4DQW9YiHqdGV2_2GolYDw.crl
rsync://rpki.afrinic.net/repository/member_repository/F36BF59B/4AAAA214C75111EEA02EB392775412E6/4DauCP4DQW9YiHqdGV2_2GolYDw.mft
rsync://rpki.afrinic.net/repository/afrinic/4DauCP4DQW9YiHqdGV2_2GolYDw.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 12 May 2025 00:07:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 488 (0x1e8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36BF59BAF, serialNumber=E036AE08FE03416F58887A9D195DBFD86A25603C
Validity
Not Before: May 8 12:22:16 2025 GMT
Not After : May 31 12:22:16 2026 GMT
Subject: CN=681ca1fd-c7f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:03:1a:b4:e8:16:43:4f:dd:57:1a:f7:fc:99:
2f:5c:6f:d4:f7:9e:3f:99:49:2e:7b:ea:82:d7:23:
8b:6f:c3:2c:75:cb:bd:df:a6:50:00:86:f3:f2:68:
ce:1c:6a:93:0d:55:55:ee:de:ec:ae:04:36:6f:f7:
5b:f3:19:59:b1:13:27:e3:06:5f:f7:b7:5e:6a:2c:
e4:ff:5b:8f:65:07:8b:a2:aa:e4:10:cd:73:1b:52:
d7:af:c3:d4:6e:d3:49:85:cf:fc:a0:a8:21:3d:30:
29:df:2c:74:01:3e:3c:62:f2:ca:74:71:36:86:9c:
dd:1b:77:bc:7e:58:10:68:d0:bd:18:d0:2e:93:24:
79:34:76:c3:77:4c:47:5a:40:61:78:12:8d:a2:b1:
b6:58:5f:b6:e0:d8:a8:02:da:2e:46:c6:f0:1c:9a:
90:ba:45:5e:2c:ad:56:68:10:fb:1b:9f:2c:4d:1b:
08:b8:49:c0:61:86:c0:12:f8:ac:10:ab:12:55:1c:
9d:12:c1:61:81:24:28:ff:8d:d9:ec:cc:c9:b6:5d:
6c:22:e0:c8:25:59:f8:e8:90:f2:d9:1a:14:86:47:
8b:31:ec:f6:43:08:08:d2:f8:31:b0:69:68:e8:da:
ae:e5:61:b1:2f:e8:3b:93:c8:fc:2f:e7:69:e7:c3:
16:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:92:C9:F4:02:D8:D3:B0:A6:01:3A:C0:9D:5C:DB:9A:9F:4A:AE:4B
X509v3 Authority Key Identifier:
keyid:E0:36:AE:08:FE:03:41:6F:58:88:7A:9D:19:5D:BF:D8:6A:25:60:3C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36BF59B/4AAAA214C75111EEA02EB392775412E6/4DauCP4DQW9YiHqdGV2_2GolYDw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/4DauCP4DQW9YiHqdGV2_2GolYDw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36BF59B/4AAAA214C75111EEA02EB392775412E6/168425202C0711F0A51E2489DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.209.240.0/22
IPv6:
2c0f:2c40::/32
Signature Algorithm: sha256WithRSAEncryption
66:ab:29:fc:70:f2:49:0d:38:7e:31:5f:54:dd:9b:9c:fa:bc:
88:21:c7:da:b5:4b:1d:28:6c:7e:41:af:cf:fe:57:20:12:f2:
6e:ff:7e:ed:ed:55:3d:f8:0a:87:94:d3:ed:10:c9:a3:8f:4d:
76:71:e7:99:ea:44:6b:77:4d:1b:e8:44:c8:3c:1b:49:b1:b2:
82:ac:73:c5:ad:77:d4:c4:e4:72:3b:3a:73:f0:41:36:26:42:
38:c0:a2:0c:4e:95:e9:06:01:84:89:83:ec:1a:12:25:93:ca:
04:78:7e:6e:e9:0d:4c:01:5e:07:4f:25:24:74:f3:44:fc:66:
e6:93:c9:db:63:42:71:17:d6:f7:b3:75:4f:65:e7:c3:14:6f:
99:b5:98:4e:a2:76:af:8c:72:cd:0a:6a:3d:a7:16:a9:9e:a8:
64:5a:09:c9:2c:da:fb:b6:98:18:ba:c9:30:2a:d8:fa:f5:4b:
a1:4b:2d:10:9b:78:1e:90:1a:aa:f0:75:64:14:1e:cd:cc:8e:
b8:3d:e6:6e:af:0c:1d:e1:92:68:95:df:a7:07:3f:fd:f2:d0:
1d:42:38:dd:3f:aa:62:2f:7f:bf:39:30:a3:02:eb:e4:ce:47:
d4:d7:ae:ae:79:c5:15:38:18:4d:a6:c7:4b:42:a4:ad:6f:93:
09:af:67:22
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgICAegwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
QkY1OUJBRjExMC8GA1UEBRMoRTAzNkFFMDhGRTAzNDE2RjU4ODg3QTlEMTk1REJG
RDg2QTI1NjAzQzAeFw0yNTA1MDgxMjIyMTZaFw0yNjA1MzExMjIyMTZaMBgxFjAU
BgNVBAMTDTY4MWNhMWZkLWM3ZjMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC0Axq06BZDT91XGvf8mS9cb9T3nj+ZSS576oLXI4tvwyx1y73fplAAhvPy
aM4capMNVVXu3uyuBDZv91vzGVmxEyfjBl/3t15qLOT/W49lB4uiquQQzXMbUtev
w9Ru00mFz/ygqCE9MCnfLHQBPjxi8sp0cTaGnN0bd7x+WBBo0L0Y0C6TJHk0dsN3
TEdaQGF4Eo2isbZYX7bg2KgC2i5GxvAcmpC6RV4srVZoEPsbnyxNGwi4ScBhhsAS
+KwQqxJVHJ0SwWGBJCj/jdnszMm2XWwi4MglWfjokPLZGhSGR4sx7PZDCAjS+DGw
aWjo2q7lYbEv6DuTyPwv52nnwxbFAgMBAAGjggK0MIICsDAdBgNVHQ4EFgQUbpLJ
9ALY07CmATrAnVzbmp9KrkswHwYDVR0jBBgwFoAU4DauCP4DQW9YiHqdGV2/2Gol
YDwwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkJGNTlCLzRBQUFBMjE0Qzc1MTExRUVBMDJFQjM5Mjc3NTQxMkU2LzREYXVD
UDREUVc5WWlIcWRHVjJfMkdvbFlEdy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljLzREYXVDUDREUVc5WWlIcWRHVjJfMkdvbFlEdy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkJGNTlCLzRBQUFBMjE0Qzc1MTExRUVBMDJFQjM5Mjc3
NTQxMkU2LzE2ODQyNTIwMkMwNzExRjBBNTFFMjQ4OURBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBAJm0fAwDQQCAAIwBwMFACwP
LEAwDQYJKoZIhvcNAQELBQADggEBAGarKfxw8kkNOH4xX1Tdm5z6vIghx9q1Sx0o
bH5Br8/+VyAS8m7/fu3tVT34CoeU0+0QyaOPTXZx55nqRGt3TRvoRMg8G0mxsoKs
c8Wtd9TE5HI7OnPwQTYmQjjAogxOlekGAYSJg+waEiWTygR4fm7pDUwBXgdPJSR0
80T8ZuaTydtjQnEX1vezdU9l58MUb5m1mE6idq+Mcs0Kaj2nFqmeqGRaCcks2vu2
mBi6yTAq2Pr1S6FLLRCbeB6QGqrwdWQUHs3Mjrg95m6vDB3hkmiV36cHP/3y0B1C
ON0/qmIvf785MKMC6+TOR9TXrq55xRU4GE2mx0tCpK1vkwmvZyI=
-----END CERTIFICATE-----
Generated at Sat May 10 18:19:49 2025 by rpki-client