Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3633204/13204AC61F8B11EC91E3A235D8A014CE/B904AFAE405211F0AECBAA98DAE4EC9C.roa
File: B904AFAE405211F0AECBAA98DAE4EC9C.roa (raw, json)
Hash identifier: EPkgdYP45sUjC5MQQ8eIhXPc3ynifHxMQiyi4EpsgAM=
Subject key identifier: C9:A1:45:E7:AB:1A:FF:79:DC:08:FC:8B:CF:77:69:C2:5B:17:BA:4B
Certificate issuer: /CN=F3633204AF/serialNumber=41A6ED7580FFE114C922B8AF107327095E0055BA
Certificate serial: 056A
Authority key identifier: 41:A6:ED:75:80:FF:E1:14:C9:22:B8:AF:10:73:27:09:5E:00:55:BA
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/QabtdYD_4RTJIrivEHMnCV4AVbo.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3633204/13204AC61F8B11EC91E3A235D8A014CE/B904AFAE405211F0AECBAA98DAE4EC9C.roa
Signing time: Tue 03 Jun 2025 08:14:09 +0000
ROA not before: Tue 03 Jun 2025 08:14:04 +0000
ROA not after: Sun 03 Jun 2035 08:14:04 +0000
asID: 60171
IP address blocks: 102.206.64.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3633204/13204AC61F8B11EC91E3A235D8A014CE/QabtdYD_4RTJIrivEHMnCV4AVbo.crl
rsync://rpki.afrinic.net/repository/member_repository/F3633204/13204AC61F8B11EC91E3A235D8A014CE/QabtdYD_4RTJIrivEHMnCV4AVbo.mft
rsync://rpki.afrinic.net/repository/afrinic/QabtdYD_4RTJIrivEHMnCV4AVbo.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 19 Jun 2025 00:06:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1386 (0x56a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3633204AF, serialNumber=41A6ED7580FFE114C922B8AF107327095E0055BA
Validity
Not Before: Jun 3 08:14:04 2025 GMT
Not After : Jun 3 08:14:04 2035 GMT
Subject: CN=683eaed1-5098
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:c4:4e:09:ad:73:0b:77:02:67:ef:7f:03:7a:
f6:9e:4b:2a:0e:0d:fc:6b:ef:62:65:9a:4e:a6:d8:
4f:ff:3e:32:8d:3d:64:8a:db:7c:1d:5d:a9:43:4f:
ac:ea:85:13:25:ec:4a:02:43:11:76:94:9b:c0:37:
00:2d:54:90:37:97:63:32:d2:ae:fb:6f:12:0f:70:
92:b5:6e:55:36:fc:e4:7e:48:58:2a:fa:bb:8e:b8:
3f:26:45:88:57:73:f5:f4:81:af:87:5a:ba:c1:24:
ac:bb:c6:8d:93:a0:61:02:2b:b6:62:4c:74:f2:58:
9b:55:98:84:93:32:79:de:f0:10:55:bb:f3:ac:e7:
70:77:c3:21:53:80:22:f0:94:d5:46:0b:ea:5a:31:
06:ca:ae:11:35:ef:a0:c5:19:96:56:bf:6e:3b:ef:
98:98:b8:1c:c1:3a:0b:9b:73:0e:cb:59:80:31:8d:
1d:f9:68:c1:50:2e:7d:8a:84:26:c5:08:64:52:c1:
31:ba:b3:9f:4f:a9:ef:15:28:e6:c4:f5:6a:90:33:
f3:0f:2a:5d:0e:7c:84:04:77:c6:5d:92:17:34:3b:
21:16:b3:57:cd:5d:4b:06:1b:98:b6:6c:36:06:4f:
44:e7:bb:5e:7b:78:3c:a8:a1:4d:39:32:40:a8:76:
36:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:A1:45:E7:AB:1A:FF:79:DC:08:FC:8B:CF:77:69:C2:5B:17:BA:4B
X509v3 Authority Key Identifier:
keyid:41:A6:ED:75:80:FF:E1:14:C9:22:B8:AF:10:73:27:09:5E:00:55:BA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3633204/13204AC61F8B11EC91E3A235D8A014CE/QabtdYD_4RTJIrivEHMnCV4AVbo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/QabtdYD_4RTJIrivEHMnCV4AVbo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3633204/13204AC61F8B11EC91E3A235D8A014CE/B904AFAE405211F0AECBAA98DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.206.64.0/22
Signature Algorithm: sha256WithRSAEncryption
11:57:d3:25:ab:f3:01:7d:63:f8:75:5c:38:8b:72:ad:a0:97:
aa:e3:c6:64:b4:f2:4d:e1:40:de:8a:64:92:cf:0b:8d:5b:07:
2b:3f:1a:94:ec:b9:b3:71:61:cb:3b:8b:80:d1:20:9d:16:eb:
25:32:8b:05:aa:3a:94:3f:ab:00:66:8c:db:01:7f:52:8e:9f:
5c:fc:38:3c:98:fe:72:9b:e7:65:c4:4f:82:00:44:b5:dc:94:
c8:5d:e6:cb:22:28:ae:29:4d:12:51:fa:4c:56:76:e0:56:ec:
e1:d3:4c:0c:55:9f:51:b9:bd:64:eb:19:d8:53:46:ef:fb:ba:
f3:e8:4f:e6:eb:ec:d5:2a:bc:8a:fc:5f:de:2b:dd:45:1c:2d:
77:92:99:31:23:d3:bd:cc:e3:3a:49:ff:67:85:04:10:45:2b:
c5:69:06:cb:bb:35:bc:95:ee:ae:8e:4e:37:06:74:92:b8:32:
0f:b5:4a:96:f0:7a:26:57:1e:c0:4e:84:75:12:84:e4:34:94:
6e:de:3a:54:d7:d0:4b:91:b2:08:58:e3:4f:77:63:ce:ed:d9:
22:53:13:ac:bc:de:73:0f:e2:a7:e2:dc:2b:50:83:55:d0:02:
41:6e:25:4c:75:ec:14:a8:26:be:64:f8:80:0f:33:a8:96:6c:
bf:b6:74:0a
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICBWowDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
MzMyMDRBRjExMC8GA1UEBRMoNDFBNkVENzU4MEZGRTExNEM5MjJCOEFGMTA3MzI3
MDk1RTAwNTVCQTAeFw0yNTA2MDMwODE0MDRaFw0zNTA2MDMwODE0MDRaMBgxFjAU
BgNVBAMTDTY4M2VhZWQxLTUwOTgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC6xE4JrXMLdwJn738DevaeSyoODfxr72Jlmk6m2E//PjKNPWSK23wdXalD
T6zqhRMl7EoCQxF2lJvANwAtVJA3l2My0q77bxIPcJK1blU2/OR+SFgq+ruOuD8m
RYhXc/X0ga+HWrrBJKy7xo2ToGECK7ZiTHTyWJtVmISTMnne8BBVu/Os53B3wyFT
gCLwlNVGC+paMQbKrhE176DFGZZWv24775iYuBzBOgubcw7LWYAxjR35aMFQLn2K
hCbFCGRSwTG6s59Pqe8VKObE9WqQM/MPKl0OfIQEd8Zdkhc0OyEWs1fNXUsGG5i2
bDYGT0Tnu157eDyooU05MkCodjalAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUyaFF
56sa/3ncCPyLz3dpwlsXukswHwYDVR0jBBgwFoAUQabtdYD/4RTJIrivEHMnCV4A
VbowDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjMzMjA0LzEzMjA0QUM2MUY4QjExRUM5MUUzQTIzNUQ4QTAxNENFL1FhYnRk
WURfNFJUSklyaXZFSE1uQ1Y0QVZiby5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL1FhYnRkWURfNFJUSklyaXZFSE1uQ1Y0QVZiby5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjMzMjA0LzEzMjA0QUM2MUY4QjExRUM5MUUzQTIzNUQ4
QTAxNENFL0I5MDRBRkFFNDA1MjExRjBBRUNCQUE5OERBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJmzkAwDQYJKoZIhvcNAQEL
BQADggEBABFX0yWr8wF9Y/h1XDiLcq2gl6rjxmS08k3hQN6KZJLPC41bBys/GpTs
ubNxYcs7i4DRIJ0W6yUyiwWqOpQ/qwBmjNsBf1KOn1z8ODyY/nKb52XET4IARLXc
lMhd5ssiKK4pTRJR+kxWduBW7OHTTAxVn1G5vWTrGdhTRu/7uvPoT+br7NUqvIr8
X94r3UUcLXeSmTEj073M4zpJ/2eFBBBFK8VpBsu7NbyV7q6OTjcGdJK4Mg+1Spbw
eiZXHsBOhHUShOQ0lG7eOlTX0EuRsghY4093Y87t2SJTE6y83nMP4qfi3CtQg1XQ
AkFuJUx17BSoJr5k+IAPM6iWbL+2dAo=
-----END CERTIFICATE-----
Generated at Wed Jun 18 01:47:36 2025 by rpki-client