Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36A1982/2F0CD68E45D211F0B09667D4DAE4EC9C/7832FB8A45D311F0AC0634DDDAE4EC9C.roa
File: 7832FB8A45D311F0AC0634DDDAE4EC9C.roa (raw, json)
Hash identifier: cfPkV/3/J2Pr+p9FB17NDz/hy3nd+JaytMl2veZxtBo=
Subject key identifier: FB:3C:66:DA:D1:75:05:00:3B:F5:33:DB:BE:82:FD:88:94:50:2C:50
Certificate issuer: /CN=F36A1982AF/serialNumber=98DFF156BA5D3B11FAA6CD017A8BF654251DEBC7
Certificate serial: 02
Authority key identifier: 98:DF:F1:56:BA:5D:3B:11:FA:A6:CD:01:7A:8B:F6:54:25:1D:EB:C7
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/mN_xVrpdOxH6ps0Beov2VCUd68c.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36A1982/2F0CD68E45D211F0B09667D4DAE4EC9C/7832FB8A45D311F0AC0634DDDAE4EC9C.roa
Signing time: Tue 10 Jun 2025 08:18:21 +0000
ROA not before: Tue 10 Jun 2025 08:18:16 +0000
ROA not after: Sun 30 Jun 2030 08:18:16 +0000
asID: 329401
IP address blocks: 102.209.192.0/22 maxlen: 24
2c0f:6d40::/32 maxlen: 64
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36A1982/2F0CD68E45D211F0B09667D4DAE4EC9C/mN_xVrpdOxH6ps0Beov2VCUd68c.crl
rsync://rpki.afrinic.net/repository/member_repository/F36A1982/2F0CD68E45D211F0B09667D4DAE4EC9C/mN_xVrpdOxH6ps0Beov2VCUd68c.mft
rsync://rpki.afrinic.net/repository/afrinic/mN_xVrpdOxH6ps0Beov2VCUd68c.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 17 Jun 2025 00:06:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36A1982AF, serialNumber=98DFF156BA5D3B11FAA6CD017A8BF654251DEBC7
Validity
Not Before: Jun 10 08:18:16 2025 GMT
Not After : Jun 30 08:18:16 2030 GMT
Subject: CN=6847ea4d-7aff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:88:3b:a2:0a:2a:8c:8a:32:3c:6f:1d:74:2f:
75:6d:d4:b0:e7:16:81:03:12:0e:c9:5d:da:9a:df:
1a:f9:cd:f3:64:98:cc:8d:81:9b:9e:37:6e:9b:d2:
1c:74:34:3f:01:f7:49:91:ba:1e:e6:a3:a9:a0:6b:
e8:a6:84:5d:d3:16:6d:fa:77:72:3d:c3:aa:35:3d:
bb:c5:86:6c:fa:04:d2:07:36:9d:77:5e:09:03:89:
8b:df:56:e3:0d:63:b8:a4:19:32:67:bb:62:ce:f1:
c2:e5:9f:04:13:ec:6d:cc:c0:f2:37:28:91:cf:ad:
50:6c:f9:bf:0f:49:41:ce:cc:09:80:0f:db:1f:5f:
76:67:d8:99:d7:f6:ab:14:04:1f:b3:ee:cf:c4:e7:
45:18:05:59:80:c2:bd:e1:2c:1b:75:76:35:b6:29:
d8:1a:9d:14:81:29:2c:94:eb:3c:4c:ca:96:11:f6:
c7:f6:fc:b2:6b:e2:9c:2f:08:83:3c:dc:d1:78:ef:
c2:5f:d4:cb:e4:00:55:46:51:37:51:86:e2:15:7c:
f1:98:c2:39:39:45:be:2a:60:85:fd:39:bb:b9:8d:
23:b5:88:29:20:a2:fe:64:e5:82:35:db:29:26:0d:
e7:74:e0:9d:fd:92:5f:43:a2:a2:f0:ea:68:0b:a6:
a2:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:3C:66:DA:D1:75:05:00:3B:F5:33:DB:BE:82:FD:88:94:50:2C:50
X509v3 Authority Key Identifier:
keyid:98:DF:F1:56:BA:5D:3B:11:FA:A6:CD:01:7A:8B:F6:54:25:1D:EB:C7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36A1982/2F0CD68E45D211F0B09667D4DAE4EC9C/mN_xVrpdOxH6ps0Beov2VCUd68c.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/mN_xVrpdOxH6ps0Beov2VCUd68c.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36A1982/2F0CD68E45D211F0B09667D4DAE4EC9C/7832FB8A45D311F0AC0634DDDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.209.192.0/22
IPv6:
2c0f:6d40::/32
Signature Algorithm: sha256WithRSAEncryption
90:bc:90:e9:33:f9:72:33:fe:ec:ce:58:fd:e1:aa:c7:93:ce:
7b:cb:4a:01:65:f6:dd:5d:ce:e3:6d:13:ee:7e:37:c9:84:bb:
08:ec:79:64:99:6c:cb:99:d4:c7:d7:58:9b:e0:8f:ea:39:f6:
37:29:1a:b6:48:27:b4:bc:9d:68:82:82:a0:c6:ea:33:30:bf:
66:72:b6:60:47:1f:51:6d:e0:c8:a4:fe:a5:c1:62:f6:8c:2d:
bc:3c:8e:55:33:11:df:56:b4:e3:ec:e9:df:91:74:7a:23:ee:
e3:c4:97:f0:b1:16:a8:40:68:5d:77:04:18:5e:b5:9b:75:62:
8f:28:c1:26:bf:24:0f:6c:54:1b:3e:21:51:82:4b:77:4d:fa:
58:ab:27:36:2f:40:72:4f:78:5f:03:27:b2:28:99:06:c3:81:
71:ac:8b:88:9b:87:bd:09:ae:91:cb:f4:24:de:ff:ee:19:6e:
07:7d:87:e7:a4:ff:53:41:99:1e:58:9a:f7:2b:3e:37:b6:f1:
63:95:35:5c:c5:2c:06:e8:e7:6e:bb:39:6e:ba:87:eb:29:5a:
30:65:cd:af:19:06:b3:41:26:96:0f:74:65:e2:b0:96:1b:26:
21:9c:8c:5d:c1:bd:ec:c3:8a:77:6d:6b:18:b4:7e:82:44:65:
39:10:7c:44
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZB
MTk4MkFGMTEwLwYDVQQFEyg5OERGRjE1NkJBNUQzQjExRkFBNkNEMDE3QThCRjY1
NDI1MURFQkM3MB4XDTI1MDYxMDA4MTgxNloXDTMwMDYzMDA4MTgxNlowGDEWMBQG
A1UEAxMNNjg0N2VhNGQtN2FmZjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMCIO6IKKoyKMjxvHXQvdW3UsOcWgQMSDsld2prfGvnN82SYzI2Bm543bpvS
HHQ0PwH3SZG6HuajqaBr6KaEXdMWbfp3cj3DqjU9u8WGbPoE0gc2nXdeCQOJi99W
4w1juKQZMme7Ys7xwuWfBBPsbczA8jcokc+tUGz5vw9JQc7MCYAP2x9fdmfYmdf2
qxQEH7Puz8TnRRgFWYDCveEsG3V2NbYp2BqdFIEpLJTrPEzKlhH2x/b8smvinC8I
gzzc0Xjvwl/Uy+QAVUZRN1GG4hV88ZjCOTlFvipghf05u7mNI7WIKSCi/mTlgjXb
KSYN53Tgnf2SX0OiovDqaAumoosCAwEAAaOCArQwggKwMB0GA1UdDgQWBBT7PGba
0XUFADv1M9u+gv2IlFAsUDAfBgNVHSMEGDAWgBSY3/FWul07EfqmzQF6i/ZUJR3r
xzAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2QTE5ODIvMkYwQ0Q2OEU0NUQyMTFGMEIwOTY2N0Q0REFFNEVDOUMvbU5feFZy
cGRPeEg2cHMwQmVvdjJWQ1VkNjhjLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvbU5feFZycGRPeEg2cHMwQmVvdjJWQ1VkNjhjLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2QTE5ODIvMkYwQ0Q2OEU0NUQyMTFGMEIwOTY2N0Q0REFF
NEVDOUMvNzgzMkZCOEE0NUQzMTFGMEFDMDYzNEREREFFNEVDOUMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAmbRwDANBAIAAjAHAwUALA9t
QDANBgkqhkiG9w0BAQsFAAOCAQEAkLyQ6TP5cjP+7M5Y/eGqx5POe8tKAWX23V3O
420T7n43yYS7COx5ZJlsy5nUx9dYm+CP6jn2NykatkgntLydaIKCoMbqMzC/ZnK2
YEcfUW3gyKT+pcFi9owtvDyOVTMR31a04+zp35F0eiPu48SX8LEWqEBoXXcEGF61
m3VijyjBJr8kD2xUGz4hUYJLd036WKsnNi9Ack94XwMnsiiZBsOBcayLiJuHvQmu
kcv0JN7/7hluB32H56T/U0GZHlia9ys+N7bxY5U1XMUsBujnbrs5brqH6ylaMGXN
rxkGs0Emlg90ZeKwlhsmIZyMXcG97MOKd21rGLR+gkRlORB8RA==
-----END CERTIFICATE-----
Generated at Sun Jun 15 22:58:23 2025 by rpki-client