Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3675681/3A811A06B37111EE992D23C5775412E6/3C5DC152150F11F0AFA3C00D6EB8BCC6.roa
File: 3C5DC152150F11F0AFA3C00D6EB8BCC6.roa (raw, json)
Hash identifier: fH15aNCg4OTSLMaHS4OXxFDniAhEu0g0inrw6icGVBw=
Subject key identifier: 51:A5:FC:9A:0F:4D:5B:25:D4:40:39:00:9A:6D:14:58:D4:D6:6C:7A
Certificate issuer: /CN=F3675681AF/serialNumber=B21C666D9BCD98C01959107179483726840320D9
Certificate serial: 01D7
Authority key identifier: B2:1C:66:6D:9B:CD:98:C0:19:59:10:71:79:48:37:26:84:03:20:D9
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/shxmbZvNmMAZWRBxeUg3JoQDINk.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3675681/3A811A06B37111EE992D23C5775412E6/3C5DC152150F11F0AFA3C00D6EB8BCC6.roa
Signing time: Wed 09 Apr 2025 06:52:43 +0000
ROA not before: Wed 09 Apr 2025 06:52:39 +0000
ROA not after: Mon 01 Apr 2030 06:52:39 +0000
asID: 329360
IP address blocks: 102.210.48.0/22 maxlen: 22
2c0f:6940::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3675681/3A811A06B37111EE992D23C5775412E6/shxmbZvNmMAZWRBxeUg3JoQDINk.crl
rsync://rpki.afrinic.net/repository/member_repository/F3675681/3A811A06B37111EE992D23C5775412E6/shxmbZvNmMAZWRBxeUg3JoQDINk.mft
rsync://rpki.afrinic.net/repository/afrinic/shxmbZvNmMAZWRBxeUg3JoQDINk.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 02 May 2025 04:16:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 471 (0x1d7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3675681AF, serialNumber=B21C666D9BCD98C01959107179483726840320D9
Validity
Not Before: Apr 9 06:52:39 2025 GMT
Not After : Apr 1 06:52:39 2030 GMT
Subject: CN=67f6193b-6545
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:fb:d1:7b:52:23:34:34:0d:2b:e4:e5:61:d6:
5b:e0:e6:1e:4c:4e:8c:85:09:71:7e:d7:00:d3:cb:
fd:7e:19:a9:01:6f:bc:8b:e8:69:ea:e2:d4:96:01:
0f:a6:8e:21:47:e0:bc:b9:ce:a8:b1:e0:15:47:cc:
ae:8a:c2:94:84:48:ca:64:f2:ad:5c:5e:f6:99:4b:
17:d7:02:cc:f0:d7:86:3f:6a:14:10:18:2e:c0:66:
ab:ac:a4:e0:62:04:e3:be:5f:3f:97:94:91:82:fd:
e1:da:3d:8e:09:7f:3d:e8:04:49:a8:d0:20:2f:f0:
e2:73:b7:8b:b7:92:e0:75:37:ad:fd:f0:e2:c5:62:
75:7c:39:e4:1a:b2:43:e5:c0:0d:a5:d9:87:ae:54:
7f:1c:f5:97:7e:6f:cb:40:6f:cf:46:ad:44:2f:ad:
8f:76:5d:94:ab:04:bd:d3:7b:9b:22:f0:46:ff:fd:
0d:2a:6a:8e:3c:c9:0b:a2:f8:d6:86:b9:74:e4:bf:
6e:09:17:db:41:0b:a3:1b:e4:b3:81:b8:04:ac:37:
7c:5f:ce:19:d8:2d:3b:5b:0b:a9:3a:61:0b:da:a9:
af:ed:14:b1:c3:ba:c6:29:af:99:c2:89:ce:79:38:
80:79:ac:ea:2c:d6:65:fd:b4:ff:f3:08:08:b5:ef:
b6:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:A5:FC:9A:0F:4D:5B:25:D4:40:39:00:9A:6D:14:58:D4:D6:6C:7A
X509v3 Authority Key Identifier:
keyid:B2:1C:66:6D:9B:CD:98:C0:19:59:10:71:79:48:37:26:84:03:20:D9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3675681/3A811A06B37111EE992D23C5775412E6/shxmbZvNmMAZWRBxeUg3JoQDINk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/shxmbZvNmMAZWRBxeUg3JoQDINk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3675681/3A811A06B37111EE992D23C5775412E6/3C5DC152150F11F0AFA3C00D6EB8BCC6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.210.48.0/22
IPv6:
2c0f:6940::/32
Signature Algorithm: sha256WithRSAEncryption
73:60:a6:5d:14:9f:09:65:bf:aa:5b:1e:db:b3:f6:3c:90:4b:
8c:a8:49:37:09:ed:07:85:8d:89:25:1f:d1:aa:c7:79:7d:6b:
c1:36:f9:f9:c7:b3:88:1f:5e:86:ba:67:d0:2b:33:fc:33:83:
5b:aa:d7:d7:e8:f1:4c:db:62:7b:a8:0d:9f:5a:13:45:69:28:
83:a6:8b:47:6b:8c:ce:ee:00:d1:7c:42:82:86:60:df:a3:a2:
88:9a:c9:ae:cf:46:98:39:88:85:cb:1c:81:43:a4:fa:7e:75:
8f:96:ce:af:ab:86:90:aa:60:0f:3c:c7:12:ea:86:fa:47:fd:
61:a4:ca:41:f0:41:c8:a1:de:65:54:27:d3:ca:7e:05:db:0a:
90:f2:d6:99:75:61:2b:92:24:67:6d:3c:c4:39:f6:29:01:96:
8f:71:1d:ef:f5:da:1c:43:44:f0:ce:cd:a2:a4:12:8e:b5:ad:
d9:f9:a4:61:7d:74:05:44:80:6b:73:63:df:2b:66:ab:0b:12:
52:f4:d2:cc:ff:0c:8b:9e:f2:2d:17:3c:46:b5:56:0b:da:96:
ec:87:c2:62:9a:e9:0f:ef:73:d7:7f:87:df:a0:74:31:04:c6:
06:e4:78:78:f0:a7:93:dd:e8:e3:6c:05:dc:35:96:07:d6:99:
c6:cf:7e:3b
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgICAdcwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
NzU2ODFBRjExMC8GA1UEBRMoQjIxQzY2NkQ5QkNEOThDMDE5NTkxMDcxNzk0ODM3
MjY4NDAzMjBEOTAeFw0yNTA0MDkwNjUyMzlaFw0zMDA0MDEwNjUyMzlaMBgxFjAU
BgNVBAMTDTY3ZjYxOTNiLTY1NDUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC++9F7UiM0NA0r5OVh1lvg5h5MToyFCXF+1wDTy/1+GakBb7yL6Gnq4tSW
AQ+mjiFH4Ly5zqix4BVHzK6KwpSESMpk8q1cXvaZSxfXAszw14Y/ahQQGC7AZqus
pOBiBOO+Xz+XlJGC/eHaPY4Jfz3oBEmo0CAv8OJzt4u3kuB1N6398OLFYnV8OeQa
skPlwA2l2YeuVH8c9Zd+b8tAb89GrUQvrY92XZSrBL3Te5si8Eb//Q0qao48yQui
+NaGuXTkv24JF9tBC6Mb5LOBuASsN3xfzhnYLTtbC6k6YQvaqa/tFLHDusYpr5nC
ic55OIB5rOos1mX9tP/zCAi177anAgMBAAGjggK0MIICsDAdBgNVHQ4EFgQUUaX8
mg9NWyXUQDkAmm0UWNTWbHowHwYDVR0jBBgwFoAUshxmbZvNmMAZWRBxeUg3JoQD
INkwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjc1NjgxLzNBODExQTA2QjM3MTExRUU5OTJEMjNDNTc3NTQxMkU2L3NoeG1i
WnZObU1BWldSQnhlVWczSm9RRElOay5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL3NoeG1iWnZObU1BWldSQnhlVWczSm9RRElOay5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjc1NjgxLzNBODExQTA2QjM3MTExRUU5OTJEMjNDNTc3
NTQxMkU2LzNDNURDMTUyMTUwRjExRjBBRkEzQzAwRDZFQjhCQ0M2LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBAJm0jAwDQQCAAIwBwMFACwP
aUAwDQYJKoZIhvcNAQELBQADggEBAHNgpl0Unwllv6pbHtuz9jyQS4yoSTcJ7QeF
jYklH9Gqx3l9a8E2+fnHs4gfXoa6Z9ArM/wzg1uq19fo8UzbYnuoDZ9aE0VpKIOm
i0drjM7uANF8QoKGYN+jooiaya7PRpg5iIXLHIFDpPp+dY+Wzq+rhpCqYA88xxLq
hvpH/WGkykHwQcih3mVUJ9PKfgXbCpDy1pl1YSuSJGdtPMQ59ikBlo9xHe/12hxD
RPDOzaKkEo61rdn5pGF9dAVEgGtzY98rZqsLElL00sz/DIue8i0XPEa1VgvaluyH
wmKa6Q/vc9d/h9+gdDEExgbkeHjwp5Pd6ONsBdw1lgfWmcbPfjs=
-----END CERTIFICATE-----
Generated at Wed Apr 30 17:26:49 2025 by rpki-client