Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36FE19E/AB7E78BE48DF11EDA761B29CF1222468/88A5B71428C311F0BEF0A0B4DAE4EC9C.roa
File: 88A5B71428C311F0BEF0A0B4DAE4EC9C.roa (raw, json)
Hash identifier: ePq4EbCDmWiOxXuBQCEii4Bej/F9RXahE4beV/zVjQ0=
Subject key identifier: A4:59:E2:E7:A7:61:E5:22:B2:68:20:6E:D9:74:73:42:E6:01:73:7F
Certificate issuer: /CN=F36FE19EAF/serialNumber=C78CDC3B5D4B13675CB48AD3B63BE01EC5A807F8
Certificate serial: 03F8
Authority key identifier: C7:8C:DC:3B:5D:4B:13:67:5C:B4:8A:D3:B6:3B:E0:1E:C5:A8:07:F8
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/x4zcO11LE2dctIrTtjvgHsWoB_g.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36FE19E/AB7E78BE48DF11EDA761B29CF1222468/88A5B71428C311F0BEF0A0B4DAE4EC9C.roa
Signing time: Sun 04 May 2025 08:41:13 +0000
ROA not before: Sun 04 May 2025 08:41:08 +0000
ROA not after: Mon 31 Dec 2035 08:41:08 +0000
asID: 328977
IP address blocks: 102.206.164.0/22 maxlen: 24
2c0f:6300::/32 maxlen: 56
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36FE19E/AB7E78BE48DF11EDA761B29CF1222468/x4zcO11LE2dctIrTtjvgHsWoB_g.crl
rsync://rpki.afrinic.net/repository/member_repository/F36FE19E/AB7E78BE48DF11EDA761B29CF1222468/x4zcO11LE2dctIrTtjvgHsWoB_g.mft
rsync://rpki.afrinic.net/repository/afrinic/x4zcO11LE2dctIrTtjvgHsWoB_g.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 12 May 2025 03:14:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1016 (0x3f8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36FE19EAF, serialNumber=C78CDC3B5D4B13675CB48AD3B63BE01EC5A807F8
Validity
Not Before: May 4 08:41:08 2025 GMT
Not After : Dec 31 08:41:08 2035 GMT
Subject: CN=68172829-0529
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:88:63:11:55:00:13:d9:37:85:c5:ff:47:2c:
5f:4f:8c:2d:5c:63:19:29:c3:bd:2b:7c:d7:93:98:
6c:c2:d7:89:86:68:40:d1:7c:a3:8a:4f:27:58:4b:
08:db:ac:05:ab:e2:b3:7a:f3:c7:6d:08:c6:39:1d:
cc:a0:58:24:76:65:7e:d7:88:a9:39:39:d6:6f:bf:
e8:3e:74:cd:a0:6a:5e:19:2f:60:1e:f6:a2:1b:5b:
04:bd:2b:20:8b:12:21:8b:68:9e:e2:aa:a8:12:44:
22:f6:4a:59:0e:97:8a:2f:9f:1a:e3:c2:df:69:3b:
9d:8d:d9:43:e6:cb:38:07:36:4d:0c:6a:f5:94:3f:
f2:34:90:c8:ff:0d:0f:c1:7f:ea:3a:7c:cc:d6:2a:
39:29:5c:9d:0b:0c:5b:c5:19:45:ef:34:1b:e2:87:
c5:ae:d4:52:b1:05:c3:1d:a7:d7:55:5b:3a:bd:f5:
6d:b5:0c:f7:63:d5:42:9d:12:3c:b6:f3:35:60:25:
da:1c:d8:c3:8d:75:e3:9d:78:58:3a:d0:7c:ed:76:
7b:19:f0:0a:da:db:27:3d:2c:ac:e1:b8:f0:6b:a5:
77:b4:ac:62:41:e0:ec:28:50:e8:a4:bb:1d:be:9f:
33:79:f6:18:a0:83:d2:7a:2a:4a:e1:5c:ef:8d:ac:
be:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:59:E2:E7:A7:61:E5:22:B2:68:20:6E:D9:74:73:42:E6:01:73:7F
X509v3 Authority Key Identifier:
keyid:C7:8C:DC:3B:5D:4B:13:67:5C:B4:8A:D3:B6:3B:E0:1E:C5:A8:07:F8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36FE19E/AB7E78BE48DF11EDA761B29CF1222468/x4zcO11LE2dctIrTtjvgHsWoB_g.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/x4zcO11LE2dctIrTtjvgHsWoB_g.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36FE19E/AB7E78BE48DF11EDA761B29CF1222468/88A5B71428C311F0BEF0A0B4DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.206.164.0/22
IPv6:
2c0f:6300::/32
Signature Algorithm: sha256WithRSAEncryption
07:29:9f:23:34:ec:c4:68:45:62:c4:d0:fb:be:9b:c3:68:37:
f9:6f:3d:2e:81:cd:83:88:d3:77:2c:b1:a1:14:7b:94:e6:93:
eb:c2:d7:1e:1e:5c:69:f4:a6:72:8f:a2:5c:f8:18:25:0f:5c:
bc:81:7d:2e:51:18:c5:ec:f0:de:b9:42:f5:26:af:91:77:f8:
02:89:2f:e1:24:f7:50:a3:5b:09:df:a9:1e:7e:f9:a2:c8:32:
ae:dd:03:23:4d:29:aa:4d:99:82:4f:c4:17:5c:f7:3e:76:da:
90:b6:29:df:5d:da:8e:db:7c:81:e0:83:c3:76:8c:97:ec:b0:
06:72:ee:8d:b3:87:31:e8:ec:ad:08:96:fa:c6:e4:05:92:e3:
a2:da:62:57:a0:0d:6a:21:91:75:3b:a4:b8:69:1c:3d:75:24:
c0:78:ed:52:82:b4:e0:0e:4e:68:76:88:bc:73:be:f9:82:96:
2a:78:24:f8:e5:64:e4:83:f4:e1:45:9f:10:e9:47:80:b4:d6:
05:f9:95:10:21:60:f9:8c:d3:a4:53:7a:6b:e6:e4:c6:6b:ed:
98:2a:de:cf:e8:f9:8e:11:e0:6d:10:c0:05:ea:3b:e0:5a:aa:
5e:34:aa:02:dc:05:5d:10:df:1e:fb:10:41:5b:32:00:d0:e7:
a1:1e:d6:3c
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgICA/gwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
RkUxOUVBRjExMC8GA1UEBRMoQzc4Q0RDM0I1RDRCMTM2NzVDQjQ4QUQzQjYzQkUw
MUVDNUE4MDdGODAeFw0yNTA1MDQwODQxMDhaFw0zNTEyMzEwODQxMDhaMBgxFjAU
BgNVBAMTDTY4MTcyODI5LTA1MjkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDQiGMRVQAT2TeFxf9HLF9PjC1cYxkpw70rfNeTmGzC14mGaEDRfKOKTydY
SwjbrAWr4rN688dtCMY5HcygWCR2ZX7XiKk5OdZvv+g+dM2gal4ZL2Ae9qIbWwS9
KyCLEiGLaJ7iqqgSRCL2SlkOl4ovnxrjwt9pO52N2UPmyzgHNk0MavWUP/I0kMj/
DQ/Bf+o6fMzWKjkpXJ0LDFvFGUXvNBvih8Wu1FKxBcMdp9dVWzq99W21DPdj1UKd
Ejy28zVgJdoc2MONdeOdeFg60HztdnsZ8Ara2yc9LKzhuPBrpXe0rGJB4OwoUOik
ux2+nzN59higg9J6KkrhXO+NrL6RAgMBAAGjggK0MIICsDAdBgNVHQ4EFgQUpFni
56dh5SKyaCBu2XRzQuYBc38wHwYDVR0jBBgwFoAUx4zcO11LE2dctIrTtjvgHsWo
B/gwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkZFMTlFL0FCN0U3OEJFNDhERjExRURBNzYxQjI5Q0YxMjIyNDY4L3g0emNP
MTFMRTJkY3RJclR0anZnSHNXb0JfZy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL3g0emNPMTFMRTJkY3RJclR0anZnSHNXb0JfZy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkZFMTlFL0FCN0U3OEJFNDhERjExRURBNzYxQjI5Q0Yx
MjIyNDY4Lzg4QTVCNzE0MjhDMzExRjBCRUYwQTBCNERBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBAJmzqQwDQQCAAIwBwMFACwP
YwAwDQYJKoZIhvcNAQELBQADggEBAAcpnyM07MRoRWLE0Pu+m8NoN/lvPS6BzYOI
03cssaEUe5Tmk+vC1x4eXGn0pnKPolz4GCUPXLyBfS5RGMXs8N65QvUmr5F3+AKJ
L+Ek91CjWwnfqR5++aLIMq7dAyNNKapNmYJPxBdc9z522pC2Kd9d2o7bfIHgg8N2
jJfssAZy7o2zhzHo7K0IlvrG5AWS46LaYlegDWohkXU7pLhpHD11JMB47VKCtOAO
Tmh2iLxzvvmClip4JPjlZOSD9OFFnxDpR4C01gX5lRAhYPmM06RTemvm5MZr7Zgq
3s/o+Y4R4G0QwAXqO+Baql40qgLcBV0Q3x77EEFbMgDQ56Ee1jw=
-----END CERTIFICATE-----
Generated at Sun May 11 04:29:43 2025 by rpki-client