Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/DA60F7C04B3811F093A73E88DAE4EC9C.roa
File: DA60F7C04B3811F093A73E88DAE4EC9C.roa (raw, json)
Hash identifier: vVsUajzykbkUdzUO944VWJXedqunP9b70Ke83x9suUM=
Subject key identifier: 32:8D:4D:50:47:BE:D3:DB:D1:C5:83:F4:9E:C6:33:DA:25:27:1E:4C
Certificate issuer: /CN=F36C58D6AF/serialNumber=48A2F2C4AA4AEA39BE46BFE5F99C92629BBED8FC
Certificate serial: 14FB
Authority key identifier: 48:A2:F2:C4:AA:4A:EA:39:BE:46:BF:E5:F9:9C:92:62:9B:BE:D8:FC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/DA60F7C04B3811F093A73E88DAE4EC9C.roa
Signing time: Tue 17 Jun 2025 05:06:41 +0000
ROA not before: Tue 17 Jun 2025 05:06:35 +0000
ROA not after: Thu 17 Jun 2027 05:06:35 +0000
asID: 212238
IP address blocks: 102.129.241.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.crl
rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.mft
rsync://rpki.afrinic.net/repository/afrinic/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 01 Jul 2025 00:06:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5371 (0x14fb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36C58D6AF, serialNumber=48A2F2C4AA4AEA39BE46BFE5F99C92629BBED8FC
Validity
Not Before: Jun 17 05:06:35 2025 GMT
Not After : Jun 17 05:06:35 2027 GMT
Subject: CN=6850f7e0-ae88
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:55:1f:de:99:49:b5:af:ad:d2:cd:ef:d9:85:
dd:6c:8d:26:d6:55:78:e4:c9:6f:38:7a:19:ac:6d:
53:ea:b4:93:c4:15:d7:46:09:f7:93:e8:ad:94:c2:
e7:3f:28:f4:c9:3f:ef:9d:1a:e9:70:5a:92:b2:12:
35:e2:4d:89:66:67:f9:85:29:61:c4:b5:66:d2:7a:
ff:cf:44:8a:a9:c5:66:6c:1a:24:7e:20:a5:25:18:
9a:92:f5:83:e7:35:5f:77:b2:a4:09:7c:6d:d8:32:
f3:3c:73:e9:5f:e5:4e:7b:32:50:f6:8f:68:13:07:
ff:2e:a0:15:09:e5:ea:04:90:57:75:d9:57:a6:60:
8d:17:94:d1:55:4e:25:c6:0d:aa:b7:30:5a:a0:ec:
42:95:b1:b6:d8:3d:58:24:c2:da:be:77:ac:3a:23:
1f:06:6f:28:c7:59:72:08:0e:bb:15:2d:51:f1:a8:
af:57:42:17:e8:8e:39:25:a4:d8:f8:e7:d9:eb:e6:
ca:d8:88:c6:b0:54:8f:7a:d0:80:91:91:c7:cc:91:
4c:c7:f0:aa:fd:ba:14:c2:aa:e8:5f:15:3b:c5:7f:
01:58:f4:78:34:eb:65:a3:83:9b:3a:48:06:5f:0f:
6b:cc:40:f6:55:07:8f:be:20:55:4b:da:16:d4:d5:
59:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:8D:4D:50:47:BE:D3:DB:D1:C5:83:F4:9E:C6:33:DA:25:27:1E:4C
X509v3 Authority Key Identifier:
keyid:48:A2:F2:C4:AA:4A:EA:39:BE:46:BF:E5:F9:9C:92:62:9B:BE:D8:FC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/DA60F7C04B3811F093A73E88DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.129.241.0/24
Signature Algorithm: sha256WithRSAEncryption
ce:f7:c7:e6:1d:58:a8:94:75:80:c5:ac:1d:2e:f9:41:2f:10:
96:02:0e:16:0f:96:f4:8a:67:66:35:7e:58:05:85:9b:eb:6f:
9b:51:f9:9f:50:64:87:72:5d:25:af:38:d5:aa:0a:3a:0b:fa:
6d:e4:1b:4d:64:b5:d3:8e:fd:9f:7c:e6:e1:78:32:ce:52:96:
27:c5:82:5d:96:ba:f3:c5:e9:9f:40:93:fa:70:20:45:7b:03:
48:7f:d2:ea:c9:78:3a:07:93:81:99:0f:78:18:c8:77:66:3b:
61:ab:29:45:67:d4:ee:f6:a0:47:7b:a2:cc:3d:0c:c8:94:5c:
90:ec:23:67:30:04:18:d8:ff:46:e4:4d:91:78:23:76:0c:b8:
2c:4a:a8:f7:d5:eb:94:1c:00:5b:60:84:32:47:cc:ad:92:5e:
a7:89:b1:e3:9c:7e:bd:23:51:8c:40:30:bf:5e:58:fe:97:f2:
79:68:08:0b:03:a5:13:aa:6b:27:4f:8b:2d:7b:39:53:21:95:
e5:22:15:58:1e:c9:5e:2d:81:9b:6e:ad:b2:62:bb:ad:8d:af:
42:96:00:eb:f5:7f:33:b9:59:91:fd:9e:27:54:f8:e9:df:44:
ba:50:31:a5:91:05:5c:4d:f6:79:26:67:87:43:42:47:47:e6:
e8:6e:73:1b
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICFPswDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
QzU4RDZBRjExMC8GA1UEBRMoNDhBMkYyQzRBQTRBRUEzOUJFNDZCRkU1Rjk5Qzky
NjI5QkJFRDhGQzAeFw0yNTA2MTcwNTA2MzVaFw0yNzA2MTcwNTA2MzVaMBgxFjAU
BgNVBAMTDTY4NTBmN2UwLWFlODgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC0VR/emUm1r63Sze/Zhd1sjSbWVXjkyW84ehmsbVPqtJPEFddGCfeT6K2U
wuc/KPTJP++dGulwWpKyEjXiTYlmZ/mFKWHEtWbSev/PRIqpxWZsGiR+IKUlGJqS
9YPnNV93sqQJfG3YMvM8c+lf5U57MlD2j2gTB/8uoBUJ5eoEkFd12VemYI0XlNFV
TiXGDaq3MFqg7EKVsbbYPVgkwtq+d6w6Ix8GbyjHWXIIDrsVLVHxqK9XQhfojjkl
pNj459nr5srYiMawVI960ICRkcfMkUzH8Kr9uhTCquhfFTvFfwFY9Hg062Wjg5s6
SAZfD2vMQPZVB4++IFVL2hbU1Vl7AgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUMo1N
UEe+09vRxYP0nsYz2iUnHkwwHwYDVR0jBBgwFoAUSKLyxKpK6jm+Rr/l+ZySYpu+
2PwwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkM1OEQ2L0Q2OUE0REZFNzMxNjExRTk5MTMzMDM3Q0Y4QUVBMjI4L1NLTHl4
S3BLNmptLVJyX2wtWnlTWXB1LTJQdy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL1NLTHl4S3BLNmptLVJyX2wtWnlTWXB1LTJQdy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkM1OEQ2L0Q2OUE0REZFNzMxNjExRTk5MTMzMDM3Q0Y4
QUVBMjI4L0RBNjBGN0MwNEIzODExRjA5M0E3M0U4OERBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABmgfEwDQYJKoZIhvcNAQEL
BQADggEBAM73x+YdWKiUdYDFrB0u+UEvEJYCDhYPlvSKZ2Y1flgFhZvrb5tR+Z9Q
ZIdyXSWvONWqCjoL+m3kG01ktdOO/Z985uF4Ms5SlifFgl2WuvPF6Z9Ak/pwIEV7
A0h/0urJeDoHk4GZD3gYyHdmO2GrKUVn1O72oEd7osw9DMiUXJDsI2cwBBjY/0bk
TZF4I3YMuCxKqPfV65QcAFtghDJHzK2SXqeJseOcfr0jUYxAML9eWP6X8nloCAsD
pROqaydPiy17OVMhleUiFVgeyV4tgZturbJiu62Nr0KWAOv1fzO5WZH9nidU+Onf
RLpQMaWRBVxN9nkmZ4dDQkdH5uhucxs=
-----END CERTIFICATE-----
Generated at Sun Jun 29 12:03:16 2025 by rpki-client