Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/4C28B8A2330111F09BCCEDB8DAE4EC9C.roa
File: 4C28B8A2330111F09BCCEDB8DAE4EC9C.roa (raw, json)
Hash identifier: JQ/VG7ThSJjKTUtVBlCq9Iq0NgDSAExjKmPU/iurIYo=
Subject key identifier: 66:C8:90:26:91:A6:B8:6F:16:66:F3:E7:6C:02:5C:77:E5:DB:9C:A5
Certificate issuer: /CN=F36C58D6AF/serialNumber=48A2F2C4AA4AEA39BE46BFE5F99C92629BBED8FC
Certificate serial: 14B3
Authority key identifier: 48:A2:F2:C4:AA:4A:EA:39:BE:46:BF:E5:F9:9C:92:62:9B:BE:D8:FC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/4C28B8A2330111F09BCCEDB8DAE4EC9C.roa
Signing time: Sat 17 May 2025 09:28:32 +0000
ROA not before: Sat 17 May 2025 09:28:27 +0000
ROA not after: Wed 17 May 2028 09:28:27 +0000
asID: 211192
IP address blocks: 102.129.136.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.crl
rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.mft
rsync://rpki.afrinic.net/repository/afrinic/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 17 Jun 2025 00:06:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5299 (0x14b3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36C58D6AF, serialNumber=48A2F2C4AA4AEA39BE46BFE5F99C92629BBED8FC
Validity
Not Before: May 17 09:28:27 2025 GMT
Not After : May 17 09:28:27 2028 GMT
Subject: CN=682856c0-1557
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:6d:41:f5:a8:f9:34:df:1c:33:c6:be:95:de:
1d:ae:e6:f9:43:e9:f2:53:52:aa:a1:d9:43:0b:5b:
13:8b:25:1e:e5:af:25:a6:f5:67:b6:7a:84:2d:b7:
9c:12:40:08:15:eb:e7:b9:0a:f1:a4:ff:4c:34:56:
dc:32:47:98:f1:c5:17:0e:9a:b7:0a:82:11:19:73:
35:0b:e6:11:5b:7e:61:0e:33:c5:3c:04:c4:3a:c3:
01:dc:7b:54:5e:97:c4:e8:21:bb:70:25:08:3d:ac:
6b:2f:3d:56:89:a4:39:16:c7:60:1f:67:01:3d:a7:
36:74:d9:8a:89:27:01:e9:b9:9c:0e:ae:cc:9c:2d:
6f:fc:82:d9:86:2b:cf:af:56:ba:32:1c:c3:75:6d:
6f:04:5f:22:a9:60:2c:33:02:1c:8f:d0:fb:ea:17:
15:59:e7:4d:e0:7e:91:a8:db:cb:56:92:6b:36:7e:
c3:c7:e0:f2:29:67:04:6f:65:bf:5b:f0:af:8f:c8:
fd:29:04:71:c4:7f:74:6b:7f:3d:9e:f3:4b:50:0c:
3f:cc:50:8e:15:13:c6:0c:26:ac:de:58:dc:6d:26:
34:a0:cc:aa:bd:9d:4c:a6:c9:a5:db:54:5a:eb:6e:
7c:bd:9a:78:29:c9:eb:ce:3b:8c:64:d2:93:76:39:
04:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:C8:90:26:91:A6:B8:6F:16:66:F3:E7:6C:02:5C:77:E5:DB:9C:A5
X509v3 Authority Key Identifier:
keyid:48:A2:F2:C4:AA:4A:EA:39:BE:46:BF:E5:F9:9C:92:62:9B:BE:D8:FC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/4C28B8A2330111F09BCCEDB8DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.129.136.0/24
Signature Algorithm: sha256WithRSAEncryption
b3:c7:c9:06:6a:55:35:92:9f:fd:3f:37:66:58:48:c7:5a:36:
f2:a9:d0:eb:71:96:96:41:9d:36:db:bc:ea:10:3f:1d:e4:41:
df:b4:1f:81:18:17:ef:fa:80:24:31:bb:bf:97:2e:6c:fe:64:
88:d2:24:82:cd:80:e2:02:2d:61:cb:01:5d:52:52:1f:e0:04:
69:9e:0d:11:db:00:e5:cb:bf:9a:83:fc:11:72:74:12:ba:91:
a2:69:6c:89:16:e1:17:42:33:97:43:f0:e3:e2:4e:9b:d7:f3:
af:cc:fb:20:4e:51:91:4b:99:1e:d6:70:14:ad:53:bd:c3:7f:
0e:22:d6:26:87:7f:02:45:46:dd:88:90:ba:1f:3b:33:dd:f7:
2d:b1:41:9b:7e:d7:c3:e9:76:53:ee:84:a9:99:b1:32:32:b5:
27:e4:e6:6f:73:c1:ae:1c:73:2d:b6:b3:f8:0f:ed:ef:7c:a7:
52:ec:59:18:94:20:79:ec:32:bc:03:bb:ce:da:7c:5b:f2:ec:
26:9f:73:1a:4e:85:71:7e:16:06:a6:04:79:58:98:bc:eb:90:
fd:37:c0:48:f3:ee:f2:91:36:e6:36:86:7c:7e:76:92:a1:7b:
84:7c:5a:d5:41:43:6b:ce:c4:ec:a0:0a:95:f6:2c:56:9a:dd:
72:c6:ac:5c
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICFLMwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
QzU4RDZBRjExMC8GA1UEBRMoNDhBMkYyQzRBQTRBRUEzOUJFNDZCRkU1Rjk5Qzky
NjI5QkJFRDhGQzAeFw0yNTA1MTcwOTI4MjdaFw0yODA1MTcwOTI4MjdaMBgxFjAU
BgNVBAMTDTY4Mjg1NmMwLTE1NTcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDKbUH1qPk03xwzxr6V3h2u5vlD6fJTUqqh2UMLWxOLJR7lryWm9We2eoQt
t5wSQAgV6+e5CvGk/0w0VtwyR5jxxRcOmrcKghEZczUL5hFbfmEOM8U8BMQ6wwHc
e1Rel8ToIbtwJQg9rGsvPVaJpDkWx2AfZwE9pzZ02YqJJwHpuZwOrsycLW/8gtmG
K8+vVroyHMN1bW8EXyKpYCwzAhyP0PvqFxVZ503gfpGo28tWkms2fsPH4PIpZwRv
Zb9b8K+PyP0pBHHEf3Rrfz2e80tQDD/MUI4VE8YMJqzeWNxtJjSgzKq9nUymyaXb
VFrrbny9mngpyevOO4xk0pN2OQRrAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUZsiQ
JpGmuG8WZvPnbAJcd+XbnKUwHwYDVR0jBBgwFoAUSKLyxKpK6jm+Rr/l+ZySYpu+
2PwwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkM1OEQ2L0Q2OUE0REZFNzMxNjExRTk5MTMzMDM3Q0Y4QUVBMjI4L1NLTHl4
S3BLNmptLVJyX2wtWnlTWXB1LTJQdy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL1NLTHl4S3BLNmptLVJyX2wtWnlTWXB1LTJQdy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkM1OEQ2L0Q2OUE0REZFNzMxNjExRTk5MTMzMDM3Q0Y4
QUVBMjI4LzRDMjhCOEEyMzMwMTExRjA5QkNDRURCOERBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABmgYgwDQYJKoZIhvcNAQEL
BQADggEBALPHyQZqVTWSn/0/N2ZYSMdaNvKp0OtxlpZBnTbbvOoQPx3kQd+0H4EY
F+/6gCQxu7+XLmz+ZIjSJILNgOICLWHLAV1SUh/gBGmeDRHbAOXLv5qD/BFydBK6
kaJpbIkW4RdCM5dD8OPiTpvX86/M+yBOUZFLmR7WcBStU73Dfw4i1iaHfwJFRt2I
kLofOzPd9y2xQZt+18PpdlPuhKmZsTIytSfk5m9zwa4ccy22s/gP7e98p1LsWRiU
IHnsMrwDu87afFvy7CafcxpOhXF+FgamBHlYmLzrkP03wEjz7vKRNuY2hnx+dpKh
e4R8WtVBQ2vOxOygCpX2LFaa3XLGrFw=
-----END CERTIFICATE-----
Generated at Sun Jun 15 05:17:49 2025 by rpki-client