Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/1639E7B4502C11F09586C3C2DAE4EC9C.roa
File: 1639E7B4502C11F09586C3C2DAE4EC9C.roa (raw, json)
Hash identifier: l67oXLk9TgIveaK5oI6rko4fMHS1raBaJm8cPGi/sRs=
Subject key identifier: 29:7E:AE:92:B7:5F:D9:A1:83:7A:F2:22:E1:93:92:39:98:65:B0:D1
Certificate issuer: /CN=F36C58D6AF/serialNumber=48A2F2C4AA4AEA39BE46BFE5F99C92629BBED8FC
Certificate serial: 1517
Authority key identifier: 48:A2:F2:C4:AA:4A:EA:39:BE:46:BF:E5:F9:9C:92:62:9B:BE:D8:FC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/1639E7B4502C11F09586C3C2DAE4EC9C.roa
Signing time: Mon 23 Jun 2025 12:17:53 +0000
ROA not before: Mon 23 Jun 2025 12:17:49 +0000
ROA not after: Wed 23 Jun 2027 12:17:49 +0000
asID: 20001
IP address blocks: 102.129.191.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.crl
rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.mft
rsync://rpki.afrinic.net/repository/afrinic/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 01 Jul 2025 00:06:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5399 (0x1517)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36C58D6AF, serialNumber=48A2F2C4AA4AEA39BE46BFE5F99C92629BBED8FC
Validity
Not Before: Jun 23 12:17:49 2025 GMT
Not After : Jun 23 12:17:49 2027 GMT
Subject: CN=685945f1-92d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:48:49:d9:02:6c:26:cc:ae:8a:d5:fb:7c:13:
0b:74:f4:d4:81:d3:53:30:18:be:18:a6:9d:6f:7c:
5d:ac:14:62:00:7c:9a:10:83:91:16:91:bf:5e:69:
ea:21:4a:4e:2f:75:08:f5:3b:32:98:d7:f9:ff:1b:
61:1b:a1:12:84:84:ab:b4:c2:3c:12:da:3c:d5:47:
16:f6:ae:f1:89:a8:a1:12:3e:6b:c3:d8:71:be:0d:
d3:02:a6:08:28:c1:b0:69:30:99:ec:66:b8:e8:3c:
3b:06:35:af:64:81:6b:93:21:1c:31:83:3b:4d:cf:
ec:2e:35:2f:c3:76:0a:28:9a:76:bf:95:71:99:da:
60:b1:53:6a:27:f6:b2:45:92:68:48:7f:d1:99:4c:
28:48:27:d1:a0:58:60:31:b4:8a:0e:d8:cf:f7:40:
9a:14:fd:df:93:a3:d7:58:09:41:2b:1d:e5:83:73:
8c:ea:f5:e4:03:ec:20:c3:a0:29:5d:ac:9e:22:33:
c6:2d:9e:4d:9f:18:81:a0:e1:db:f8:1b:dc:7f:a5:
98:44:80:e0:a2:73:e1:ee:07:89:6b:7b:6c:8f:00:
15:48:df:3b:8b:cb:d2:60:c5:4a:d9:09:fc:c1:9f:
72:72:09:e5:e4:c3:f5:79:20:ca:ca:55:15:3f:d8:
ce:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:7E:AE:92:B7:5F:D9:A1:83:7A:F2:22:E1:93:92:39:98:65:B0:D1
X509v3 Authority Key Identifier:
keyid:48:A2:F2:C4:AA:4A:EA:39:BE:46:BF:E5:F9:9C:92:62:9B:BE:D8:FC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/1639E7B4502C11F09586C3C2DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.129.191.0/24
Signature Algorithm: sha256WithRSAEncryption
44:f4:22:a8:78:ea:31:f9:e7:7a:66:9d:51:a3:ff:e0:bc:ac:
0f:22:de:a5:ff:ac:b0:b5:da:af:11:2d:27:59:de:9d:c8:46:
24:ec:ee:b8:60:0c:6d:53:26:38:85:e8:b6:cd:ec:97:c2:d7:
fd:3c:3d:a5:2e:38:19:7b:b9:6b:6e:89:21:d7:05:3b:ac:1c:
78:ac:e8:23:fb:0d:62:5e:cd:96:01:5f:16:dd:5b:fc:dd:58:
08:52:35:c4:04:e5:d2:6a:d1:84:eb:04:5a:89:ab:24:c7:35:
67:0a:f6:56:b6:2c:73:9c:96:f1:60:0a:de:39:20:57:b9:f5:
ab:49:62:fb:b1:df:ac:0e:ee:88:43:07:ea:0d:e3:da:ea:ce:
79:ff:33:72:96:f8:e2:66:1f:e2:2c:5b:b9:83:a1:fd:c0:23:
b4:94:32:91:f7:40:ce:55:d9:4b:6f:f5:11:8c:d4:cd:a1:e6:
aa:d2:82:0f:ad:cf:be:2a:47:81:f1:dc:d3:9a:08:a3:f4:0d:
cc:c2:23:72:f2:b6:3f:4d:58:4b:20:35:91:ee:4c:d0:47:ca:
2f:01:fd:e9:a1:af:1b:30:d7:eb:0c:a5:62:04:0f:d1:39:eb:
2f:91:7f:a8:2e:bf:7a:cb:2d:6a:fe:fc:f9:88:05:58:77:b1:
03:d3:8d:95
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICFRcwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
QzU4RDZBRjExMC8GA1UEBRMoNDhBMkYyQzRBQTRBRUEzOUJFNDZCRkU1Rjk5Qzky
NjI5QkJFRDhGQzAeFw0yNTA2MjMxMjE3NDlaFw0yNzA2MjMxMjE3NDlaMBgxFjAU
BgNVBAMTDTY4NTk0NWYxLTkyZDAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDISEnZAmwmzK6K1ft8Ewt09NSB01MwGL4Ypp1vfF2sFGIAfJoQg5EWkb9e
aeohSk4vdQj1OzKY1/n/G2EboRKEhKu0wjwS2jzVRxb2rvGJqKESPmvD2HG+DdMC
pggowbBpMJnsZrjoPDsGNa9kgWuTIRwxgztNz+wuNS/Ddgoomna/lXGZ2mCxU2on
9rJFkmhIf9GZTChIJ9GgWGAxtIoO2M/3QJoU/d+To9dYCUErHeWDc4zq9eQD7CDD
oCldrJ4iM8Ytnk2fGIGg4dv4G9x/pZhEgOCic+HuB4lre2yPABVI3zuLy9JgxUrZ
CfzBn3JyCeXkw/V5IMrKVRU/2M4JAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUKX6u
krdf2aGDevIi4ZOSOZhlsNEwHwYDVR0jBBgwFoAUSKLyxKpK6jm+Rr/l+ZySYpu+
2PwwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkM1OEQ2L0Q2OUE0REZFNzMxNjExRTk5MTMzMDM3Q0Y4QUVBMjI4L1NLTHl4
S3BLNmptLVJyX2wtWnlTWXB1LTJQdy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL1NLTHl4S3BLNmptLVJyX2wtWnlTWXB1LTJQdy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkM1OEQ2L0Q2OUE0REZFNzMxNjExRTk5MTMzMDM3Q0Y4
QUVBMjI4LzE2MzlFN0I0NTAyQzExRjA5NTg2QzNDMkRBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABmgb8wDQYJKoZIhvcNAQEL
BQADggEBAET0Iqh46jH553pmnVGj/+C8rA8i3qX/rLC12q8RLSdZ3p3IRiTs7rhg
DG1TJjiF6LbN7JfC1/08PaUuOBl7uWtuiSHXBTusHHis6CP7DWJezZYBXxbdW/zd
WAhSNcQE5dJq0YTrBFqJqyTHNWcK9la2LHOclvFgCt45IFe59atJYvux36wO7ohD
B+oN49rqznn/M3KW+OJmH+IsW7mDof3AI7SUMpH3QM5V2Utv9RGM1M2h5qrSgg+t
z74qR4Hx3NOaCKP0DczCI3Lytj9NWEsgNZHuTNBHyi8B/emhrxsw1+sMpWIED9E5
6y+Rf6guv3rLLWr+/PmIBVh3sQPTjZU=
-----END CERTIFICATE-----
Generated at Sun Jun 29 11:00:31 2025 by rpki-client