Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36F550D/B7BF2626E13C11EFBF2AD094762E951A/D6E9120A4DC511F0AC59CEAFDAE4EC9C.roa
File: D6E9120A4DC511F0AC59CEAFDAE4EC9C.roa (raw, json)
Hash identifier: fOsEo1LcqDjmwTrC6vczX+q3fF4EVxIT6Dh903EA+p8=
Subject key identifier: BB:2C:36:B1:0D:08:B8:99:FF:46:DE:5C:77:2D:47:07:AA:99:1A:D8
Certificate issuer: /CN=F36F550DAF/serialNumber=3F8CEEC32ADA904693BD400EF72C6A28C7E28748
Certificate serial: 92
Authority key identifier: 3F:8C:EE:C3:2A:DA:90:46:93:BD:40:0E:F7:2C:6A:28:C7:E2:87:48
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/P4zuwyrakEaTvUAO9yxqKMfih0g.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36F550D/B7BF2626E13C11EFBF2AD094762E951A/D6E9120A4DC511F0AC59CEAFDAE4EC9C.roa
Signing time: Fri 20 Jun 2025 11:00:56 +0000
ROA not before: Fri 20 Jun 2025 11:00:51 +0000
ROA not after: Wed 20 Jun 2035 11:00:51 +0000
asID: 329104
IP address blocks: 102.215.8.0/22 maxlen: 24
2c0f:580::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36F550D/B7BF2626E13C11EFBF2AD094762E951A/P4zuwyrakEaTvUAO9yxqKMfih0g.crl
rsync://rpki.afrinic.net/repository/member_repository/F36F550D/B7BF2626E13C11EFBF2AD094762E951A/P4zuwyrakEaTvUAO9yxqKMfih0g.mft
rsync://rpki.afrinic.net/repository/afrinic/P4zuwyrakEaTvUAO9yxqKMfih0g.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Jul 2025 05:13:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 146 (0x92)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36F550DAF, serialNumber=3F8CEEC32ADA904693BD400EF72C6A28C7E28748
Validity
Not Before: Jun 20 11:00:51 2025 GMT
Not After : Jun 20 11:00:51 2035 GMT
Subject: CN=68553f68-21ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:2b:92:76:27:e8:2e:7f:e5:f3:bd:12:e3:98:
6d:20:5e:08:7f:72:5c:2c:32:36:2e:36:83:91:36:
67:66:18:c4:86:aa:ff:c1:30:b3:8d:32:c7:4b:ea:
ee:f1:c5:c6:22:c8:7a:d9:8a:ca:b6:0b:79:05:06:
4a:3e:ca:9b:24:b2:9a:58:06:98:b7:0e:e9:b5:e1:
82:0b:dc:24:56:35:c8:85:f4:59:3b:c0:49:1b:77:
cb:12:39:d6:2f:6c:e3:a6:24:eb:07:8e:fe:55:45:
a9:8c:23:c2:81:3d:41:6e:d0:8e:e1:9f:4a:b1:1f:
d8:ff:ab:2a:ce:3f:70:be:6e:a3:f7:db:63:c9:8c:
04:5d:48:01:00:62:7a:f1:cb:8b:7c:f1:fc:7b:ff:
80:85:51:50:93:0e:42:e4:ea:4b:b1:28:f1:db:43:
76:64:7f:38:1f:40:fd:b7:96:48:13:ac:08:36:0e:
57:62:f2:46:e0:03:05:b4:fd:81:7c:2f:98:d8:51:
ac:ed:16:62:00:1b:24:a8:0f:00:e5:8d:83:f2:14:
ff:d2:cb:f1:61:d9:77:8c:ed:44:12:4d:21:97:0f:
2b:ad:2e:dc:cb:bf:84:4f:6b:e1:b2:41:3a:00:a3:
90:9d:ec:78:c4:5f:56:4f:9f:ad:ca:33:93:fb:31:
d0:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:2C:36:B1:0D:08:B8:99:FF:46:DE:5C:77:2D:47:07:AA:99:1A:D8
X509v3 Authority Key Identifier:
keyid:3F:8C:EE:C3:2A:DA:90:46:93:BD:40:0E:F7:2C:6A:28:C7:E2:87:48
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36F550D/B7BF2626E13C11EFBF2AD094762E951A/P4zuwyrakEaTvUAO9yxqKMfih0g.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/P4zuwyrakEaTvUAO9yxqKMfih0g.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36F550D/B7BF2626E13C11EFBF2AD094762E951A/D6E9120A4DC511F0AC59CEAFDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.215.8.0/22
IPv6:
2c0f:580::/32
Signature Algorithm: sha256WithRSAEncryption
13:35:91:3b:63:56:26:7f:9e:2d:7e:21:56:07:ec:ab:ed:0c:
e8:ae:46:13:f1:a0:fe:56:68:e2:ce:49:a3:f2:27:d9:5e:57:
56:ea:d0:c6:5d:97:10:f7:74:dc:0c:b6:57:ae:f8:2a:03:4c:
3c:e6:11:55:4a:11:e0:12:d6:b8:4b:34:11:b5:db:55:c5:a6:
c9:ed:a3:4c:a1:41:be:f5:bb:8d:4d:5a:f3:fd:18:52:b3:71:
f2:33:78:a1:8e:a1:15:b5:c2:b9:71:56:1f:7f:b5:ce:5e:d9:
76:f5:fc:7c:93:c0:98:8a:45:e2:7f:c4:e4:f4:a0:a3:2d:a0:
9c:e6:4c:c1:9b:38:61:18:68:25:ed:06:18:63:8d:f9:da:75:
26:3e:7c:61:9a:5b:77:c6:83:b4:3d:0a:9a:02:ac:95:35:36:
71:cb:20:0d:72:6c:ea:ec:22:64:09:c3:78:97:df:88:2f:d7:
b8:20:d2:af:92:b0:0a:85:4f:1b:db:b7:18:51:77:46:02:84:
2a:8e:87:27:6d:07:f2:72:32:dd:e4:c3:4f:2c:3e:fe:65:85:
48:f9:30:08:87:42:a5:32:47:84:b0:f4:8f:7e:fb:05:98:ec:
25:79:35:5b:34:22:fc:f4:95:b9:fd:09:be:91:ce:a0:65:53:
e6:07:2b:ee
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgICAJIwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
RjU1MERBRjExMC8GA1UEBRMoM0Y4Q0VFQzMyQURBOTA0NjkzQkQ0MDBFRjcyQzZB
MjhDN0UyODc0ODAeFw0yNTA2MjAxMTAwNTFaFw0zNTA2MjAxMTAwNTFaMBgxFjAU
BgNVBAMTDTY4NTUzZjY4LTIxYWMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDFK5J2J+guf+XzvRLjmG0gXgh/clwsMjYuNoORNmdmGMSGqv/BMLONMsdL
6u7xxcYiyHrZisq2C3kFBko+ypsksppYBpi3Dum14YIL3CRWNciF9Fk7wEkbd8sS
OdYvbOOmJOsHjv5VRamMI8KBPUFu0I7hn0qxH9j/qyrOP3C+bqP322PJjARdSAEA
Ynrxy4t88fx7/4CFUVCTDkLk6kuxKPHbQ3ZkfzgfQP23lkgTrAg2Dldi8kbgAwW0
/YF8L5jYUaztFmIAGySoDwDljYPyFP/Sy/Fh2XeM7UQSTSGXDyutLtzLv4RPa+Gy
QToAo5Cd7HjEX1ZPn63KM5P7MdAhAgMBAAGjggK0MIICsDAdBgNVHQ4EFgQUuyw2
sQ0IuJn/Rt5cdy1HB6qZGtgwHwYDVR0jBBgwFoAUP4zuwyrakEaTvUAO9yxqKMfi
h0gwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkY1NTBEL0I3QkYyNjI2RTEzQzExRUZCRjJBRDA5NDc2MkU5NTFBL1A0enV3
eXJha0VhVHZVQU85eXhxS01maWgwZy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL1A0enV3eXJha0VhVHZVQU85eXhxS01maWgwZy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkY1NTBEL0I3QkYyNjI2RTEzQzExRUZCRjJBRDA5NDc2
MkU5NTFBL0Q2RTkxMjBBNERDNTExRjBBQzU5Q0VBRkRBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBAJm1wgwDQQCAAIwBwMFACwP
BYAwDQYJKoZIhvcNAQELBQADggEBABM1kTtjViZ/ni1+IVYH7KvtDOiuRhPxoP5W
aOLOSaPyJ9leV1bq0MZdlxD3dNwMtleu+CoDTDzmEVVKEeAS1rhLNBG121XFpsnt
o0yhQb71u41NWvP9GFKzcfIzeKGOoRW1wrlxVh9/tc5e2Xb1/HyTwJiKReJ/xOT0
oKMtoJzmTMGbOGEYaCXtBhhjjfnadSY+fGGaW3fGg7Q9CpoCrJU1NnHLIA1ybOrs
ImQJw3iX34gv17gg0q+SsAqFTxvbtxhRd0YChCqOhydtB/JyMt3kw08sPv5lhUj5
MAiHQqUyR4Sw9I9++wWY7CV5NVs0Ivz0lbn9Cb6RzqBlU+YHK+4=
-----END CERTIFICATE-----
Generated at Fri Jul 4 21:10:49 2025 by rpki-client