Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36BF59B/4AAAA214C75111EEA02EB392775412E6/66D5AF2C51AE11F08F751A99DAE4EC9C.roa
File: 66D5AF2C51AE11F08F751A99DAE4EC9C.roa (raw, json)
Hash identifier: nT2f6tl1EooU2wswJAzugLC00lKKbmy3HMjdl58P/F8=
Subject key identifier: 5F:DE:40:79:D5:5E:FA:91:D4:0F:87:1D:FC:FA:AE:55:8C:F5:B0:A7
Certificate issuer: /CN=F36BF59BAF/serialNumber=E036AE08FE03416F58887A9D195DBFD86A25603C
Certificate serial: 021D
Authority key identifier: E0:36:AE:08:FE:03:41:6F:58:88:7A:9D:19:5D:BF:D8:6A:25:60:3C
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/4DauCP4DQW9YiHqdGV2_2GolYDw.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36BF59B/4AAAA214C75111EEA02EB392775412E6/66D5AF2C51AE11F08F751A99DAE4EC9C.roa
Signing time: Wed 25 Jun 2025 10:23:14 +0000
ROA not before: Wed 25 Jun 2025 10:23:10 +0000
ROA not after: Mon 01 Jun 2026 10:23:10 +0000
asID: 37739
IP address blocks: 102.209.240.0/24 maxlen: 24
102.209.241.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36BF59B/4AAAA214C75111EEA02EB392775412E6/4DauCP4DQW9YiHqdGV2_2GolYDw.crl
rsync://rpki.afrinic.net/repository/member_repository/F36BF59B/4AAAA214C75111EEA02EB392775412E6/4DauCP4DQW9YiHqdGV2_2GolYDw.mft
rsync://rpki.afrinic.net/repository/afrinic/4DauCP4DQW9YiHqdGV2_2GolYDw.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 01 Jul 2025 04:23:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 541 (0x21d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36BF59BAF, serialNumber=E036AE08FE03416F58887A9D195DBFD86A25603C
Validity
Not Before: Jun 25 10:23:10 2025 GMT
Not After : Jun 1 10:23:10 2026 GMT
Subject: CN=685bce12-bf74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:4b:22:6d:d5:77:40:be:d2:d2:04:ea:c7:50:
8b:9f:ae:e8:7a:ba:7f:9b:65:c6:e5:18:f6:a5:31:
47:f6:3f:fa:fa:85:e3:79:71:b8:e4:3d:11:b4:85:
16:47:4c:65:30:4c:08:8e:f6:6f:f8:ed:7b:2a:7d:
3c:fc:94:31:2c:e2:e4:8f:18:53:49:dd:14:9f:a4:
1b:7d:70:dc:a4:09:c6:27:f6:5f:47:cc:35:c8:fd:
0d:54:37:85:e7:ac:f1:60:69:28:d6:a8:45:50:e4:
12:2a:33:2a:8a:a1:2b:2f:22:7d:18:da:d2:ff:a2:
58:79:89:d7:d0:b9:6c:35:f9:9b:66:a1:e4:0d:86:
59:ef:f9:3b:4f:16:17:46:93:6c:da:4c:04:71:b4:
0f:45:1a:94:4e:cf:e6:67:51:a1:88:6f:24:b6:33:
e7:88:4f:ec:98:28:5d:fc:61:8d:f4:6c:f0:53:0d:
bf:3b:33:e7:bf:d8:40:0d:a8:19:bd:59:19:e4:7e:
58:9f:dc:db:56:06:82:06:59:50:0d:da:82:b8:2a:
13:11:ef:a0:3e:19:55:91:68:02:18:34:1a:9e:22:
2c:d2:33:eb:b1:5d:85:69:60:92:60:79:9f:99:93:
06:f1:ea:a3:bb:a0:bb:b1:d2:cf:8d:27:90:c5:68:
03:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:DE:40:79:D5:5E:FA:91:D4:0F:87:1D:FC:FA:AE:55:8C:F5:B0:A7
X509v3 Authority Key Identifier:
keyid:E0:36:AE:08:FE:03:41:6F:58:88:7A:9D:19:5D:BF:D8:6A:25:60:3C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36BF59B/4AAAA214C75111EEA02EB392775412E6/4DauCP4DQW9YiHqdGV2_2GolYDw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/4DauCP4DQW9YiHqdGV2_2GolYDw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36BF59B/4AAAA214C75111EEA02EB392775412E6/66D5AF2C51AE11F08F751A99DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.209.240.0/23
Signature Algorithm: sha256WithRSAEncryption
0d:39:b5:39:4a:45:d0:9f:f8:47:c7:9a:0a:8b:d8:24:6f:cf:
49:8d:c4:06:30:d0:cf:a5:29:83:a1:85:3d:11:f9:1a:18:79:
d9:0a:a5:e3:dc:11:4f:08:93:a4:32:2c:3d:46:34:53:05:c4:
05:cf:10:2e:a5:de:06:6a:8d:36:86:08:02:ad:71:0d:97:77:
6b:e3:ef:34:58:d1:62:3f:39:00:f9:aa:ea:b5:64:4a:e3:6c:
25:1f:25:74:cd:6f:27:ac:dc:5a:38:c1:65:ed:c2:1a:90:66:
33:cd:be:0c:89:cf:c0:db:49:4b:e9:9a:e9:bd:8d:83:38:df:
d5:a7:4e:2c:bf:36:d7:5e:95:c5:87:26:2c:88:6e:9b:d9:8d:
bd:da:d2:05:e5:38:97:e2:11:66:3e:e0:8a:ba:cb:12:e1:21:
be:af:08:d2:55:59:fa:30:ef:a2:78:03:b5:83:8f:b4:fe:02:
36:40:c5:64:32:69:84:97:f7:84:9c:d1:12:28:54:ea:6f:5a:
42:cc:5f:5d:1d:e8:1a:e6:60:ed:d7:ab:34:3c:15:c1:a6:4d:
73:90:17:ae:1f:e9:ad:0c:65:12:72:83:f4:ee:7d:e0:4c:f9:
db:fb:75:06:be:87:b0:bb:1d:c4:dc:e3:01:84:95:4e:4f:10:
81:03:89:69
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICAh0wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
QkY1OUJBRjExMC8GA1UEBRMoRTAzNkFFMDhGRTAzNDE2RjU4ODg3QTlEMTk1REJG
RDg2QTI1NjAzQzAeFw0yNTA2MjUxMDIzMTBaFw0yNjA2MDExMDIzMTBaMBgxFjAU
BgNVBAMTDTY4NWJjZTEyLWJmNzQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQChSyJt1XdAvtLSBOrHUIufruh6un+bZcblGPalMUf2P/r6heN5cbjkPRG0
hRZHTGUwTAiO9m/47XsqfTz8lDEs4uSPGFNJ3RSfpBt9cNykCcYn9l9HzDXI/Q1U
N4XnrPFgaSjWqEVQ5BIqMyqKoSsvIn0Y2tL/olh5idfQuWw1+ZtmoeQNhlnv+TtP
FhdGk2zaTARxtA9FGpROz+ZnUaGIbyS2M+eIT+yYKF38YY30bPBTDb87M+e/2EAN
qBm9WRnkflif3NtWBoIGWVAN2oK4KhMR76A+GVWRaAIYNBqeIizSM+uxXYVpYJJg
eZ+Zkwbx6qO7oLux0s+NJ5DFaAPtAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUX95A
edVe+pHUD4cd/PquVYz1sKcwHwYDVR0jBBgwFoAU4DauCP4DQW9YiHqdGV2/2Gol
YDwwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkJGNTlCLzRBQUFBMjE0Qzc1MTExRUVBMDJFQjM5Mjc3NTQxMkU2LzREYXVD
UDREUVc5WWlIcWRHVjJfMkdvbFlEdy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljLzREYXVDUDREUVc5WWlIcWRHVjJfMkdvbFlEdy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkJGNTlCLzRBQUFBMjE0Qzc1MTExRUVBMDJFQjM5Mjc3
NTQxMkU2LzY2RDVBRjJDNTFBRTExRjA4Rjc1MUE5OURBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAFm0fAwDQYJKoZIhvcNAQEL
BQADggEBAA05tTlKRdCf+EfHmgqL2CRvz0mNxAYw0M+lKYOhhT0R+RoYedkKpePc
EU8Ik6QyLD1GNFMFxAXPEC6l3gZqjTaGCAKtcQ2Xd2vj7zRY0WI/OQD5quq1ZErj
bCUfJXTNbyes3Fo4wWXtwhqQZjPNvgyJz8DbSUvpmum9jYM439WnTiy/NtdelcWH
JiyIbpvZjb3a0gXlOJfiEWY+4Iq6yxLhIb6vCNJVWfow76J4A7WDj7T+AjZAxWQy
aYSX94Sc0RIoVOpvWkLMX10d6BrmYO3XqzQ8FcGmTXOQF64f6a0MZRJyg/TufeBM
+dv7dQa+h7C7HcTc4wGElU5PEIEDiWk=
-----END CERTIFICATE-----
Generated at Mon Jun 30 05:27:59 2025 by rpki-client