Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36C6D54/F46D1186227411F0A0FDF27EDAE4EC9C/F58AE73825A211F08305C8C7DAE4EC9C.roa
File: F58AE73825A211F08305C8C7DAE4EC9C.roa (raw, json)
Hash identifier: EvyKqJeuYp8uzWGUaTymPx2TwuzyPSTmNyMpoYUV9hc=
Subject key identifier: 9F:88:BA:81:36:F1:66:49:B1:0D:48:A9:2F:23:F3:DB:7E:A3:17:12
Certificate issuer: /CN=F36C6D54AF/serialNumber=408958881B94E35681EDC1D1DF0859F77136A0A5
Certificate serial: 1D
Authority key identifier: 40:89:58:88:1B:94:E3:56:81:ED:C1:D1:DF:08:59:F7:71:36:A0:A5
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/QIlYiBuU41aB7cHR3whZ93E2oKU.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36C6D54/F46D1186227411F0A0FDF27EDAE4EC9C/F58AE73825A211F08305C8C7DAE4EC9C.roa
Signing time: Wed 30 Apr 2025 09:10:29 +0000
ROA not before: Wed 30 Apr 2025 09:10:24 +0000
ROA not after: Thu 30 Apr 2026 09:10:24 +0000
asID: 329489
IP address blocks: 102.207.249.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36C6D54/F46D1186227411F0A0FDF27EDAE4EC9C/QIlYiBuU41aB7cHR3whZ93E2oKU.crl
rsync://rpki.afrinic.net/repository/member_repository/F36C6D54/F46D1186227411F0A0FDF27EDAE4EC9C/QIlYiBuU41aB7cHR3whZ93E2oKU.mft
rsync://rpki.afrinic.net/repository/afrinic/QIlYiBuU41aB7cHR3whZ93E2oKU.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 04 May 2025 00:06:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 29 (0x1d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36C6D54AF, serialNumber=408958881B94E35681EDC1D1DF0859F77136A0A5
Validity
Not Before: Apr 30 09:10:24 2025 GMT
Not After : Apr 30 09:10:24 2026 GMT
Subject: CN=6811e905-c420
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:44:d3:71:19:e4:13:a9:bd:0f:a9:4c:85:e4:
d7:0c:ec:e8:dd:25:3b:15:52:e4:34:bf:28:f7:01:
cf:10:8a:a0:0a:65:8d:7c:0f:a8:8a:45:70:e3:52:
ed:5a:d9:47:5d:cf:c6:22:a6:c1:87:eb:51:76:35:
42:95:21:53:9c:c6:77:51:1e:03:57:4f:89:5e:67:
90:d9:ae:f2:b1:25:0b:a1:a9:86:aa:e3:66:13:a9:
c9:b7:ba:16:89:52:77:e9:8b:f2:32:e0:5c:1d:cb:
2b:06:59:e7:29:2c:f2:c5:e0:56:67:b1:17:4e:da:
44:5a:d7:94:25:6f:a5:a0:db:96:e8:f0:20:39:6b:
e5:11:90:c3:01:f8:df:20:8f:ef:ed:08:9c:e2:9a:
3c:c2:aa:58:ff:9b:9a:aa:69:de:55:16:f0:f6:9c:
45:45:0c:34:bf:f4:5f:8c:d7:94:64:89:ea:e6:a2:
de:da:2e:85:70:08:0c:0b:20:21:9d:54:70:ab:74:
5c:49:43:6f:06:db:33:a0:21:b3:76:9b:8b:04:01:
4c:58:48:e9:de:cf:7c:2c:86:51:8f:33:b6:51:b8:
cf:94:b7:8b:78:42:a8:15:17:83:5e:86:97:23:27:
95:1c:98:56:5d:b4:a9:8d:cd:c0:17:5e:65:ad:7c:
da:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:88:BA:81:36:F1:66:49:B1:0D:48:A9:2F:23:F3:DB:7E:A3:17:12
X509v3 Authority Key Identifier:
keyid:40:89:58:88:1B:94:E3:56:81:ED:C1:D1:DF:08:59:F7:71:36:A0:A5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36C6D54/F46D1186227411F0A0FDF27EDAE4EC9C/QIlYiBuU41aB7cHR3whZ93E2oKU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/QIlYiBuU41aB7cHR3whZ93E2oKU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36C6D54/F46D1186227411F0A0FDF27EDAE4EC9C/F58AE73825A211F08305C8C7DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.207.249.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:e4:8a:77:75:bb:10:52:f5:56:d2:df:8d:ab:a1:88:d3:6d:
3b:cc:3b:69:91:64:60:64:ea:04:1f:74:b9:3e:b9:35:94:78:
23:27:d6:f2:5f:bc:7b:d8:55:e6:0a:bd:10:3d:7b:96:37:9a:
99:ea:be:94:a2:f4:3f:56:af:c3:4d:87:2c:0e:7e:68:3e:07:
06:e0:85:11:d1:c7:4d:5c:e7:aa:19:45:12:5a:98:ac:97:6d:
c7:a7:04:28:33:7e:d2:55:87:a5:58:18:5e:d2:9c:12:9d:97:
6e:6e:fe:41:5a:fb:9d:6a:dd:a9:68:43:03:6c:ef:9f:24:88:
8a:54:55:d1:28:49:67:bc:5c:1f:35:36:31:c1:c4:51:47:18:
2f:ed:26:9f:40:d2:a8:e3:21:a3:71:51:78:5f:45:b9:6b:11:
8c:11:1c:af:c6:0d:c6:f7:7a:da:74:49:94:b6:ae:4e:41:ff:
c2:84:92:6f:53:ed:f4:1e:1c:95:e9:f5:b4:32:a0:f1:15:99:
d0:d7:72:4b:86:73:ab:f7:de:c3:f8:66:98:40:7c:35:d7:48:
ca:7b:e5:39:9d:c0:2c:46:5f:37:31:56:6e:d3:f7:89:2e:2d:
89:7e:9b:aa:9a:a7:56:99:ac:6e:a9:bd:c0:28:19:67:a4:05:
73:63:06:62
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBHTANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZD
NkQ1NEFGMTEwLwYDVQQFEyg0MDg5NTg4ODFCOTRFMzU2ODFFREMxRDFERjA4NTlG
NzcxMzZBMEE1MB4XDTI1MDQzMDA5MTAyNFoXDTI2MDQzMDA5MTAyNFowGDEWMBQG
A1UEAxMNNjgxMWU5MDUtYzQyMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMtE03EZ5BOpvQ+pTIXk1wzs6N0lOxVS5DS/KPcBzxCKoApljXwPqIpFcONS
7VrZR13PxiKmwYfrUXY1QpUhU5zGd1EeA1dPiV5nkNmu8rElC6GphqrjZhOpybe6
FolSd+mL8jLgXB3LKwZZ5yks8sXgVmexF07aRFrXlCVvpaDblujwIDlr5RGQwwH4
3yCP7+0InOKaPMKqWP+bmqpp3lUW8PacRUUMNL/0X4zXlGSJ6uai3touhXAIDAsg
IZ1UcKt0XElDbwbbM6Ahs3abiwQBTFhI6d7PfCyGUY8ztlG4z5S3i3hCqBUXg16G
lyMnlRyYVl20qY3NwBdeZa182v0CAwEAAaOCAqUwggKhMB0GA1UdDgQWBBSfiLqB
NvFmSbENSKkvI/PbfqMXEjAfBgNVHSMEGDAWgBRAiViIG5TjVoHtwdHfCFn3cTag
pTAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2QzZENTQvRjQ2RDExODYyMjc0MTFGMEEwRkRGMjdFREFFNEVDOUMvUUlsWWlC
dVU0MWFCN2NIUjN3aFo5M0Uyb0tVLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvUUlsWWlCdVU0MWFCN2NIUjN3aFo5M0Uyb0tVLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2QzZENTQvRjQ2RDExODYyMjc0MTFGMEEwRkRGMjdFREFF
NEVDOUMvRjU4QUU3MzgyNUEyMTFGMDgzMDVDOEM3REFFNEVDOUMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAGbP+TANBgkqhkiG9w0BAQsF
AAOCAQEAfeSKd3W7EFL1VtLfjauhiNNtO8w7aZFkYGTqBB90uT65NZR4IyfW8l+8
e9hV5gq9ED17ljeameq+lKL0P1avw02HLA5+aD4HBuCFEdHHTVznqhlFElqYrJdt
x6cEKDN+0lWHpVgYXtKcEp2Xbm7+QVr7nWrdqWhDA2zvnySIilRV0ShJZ7xcHzU2
McHEUUcYL+0mn0DSqOMho3FReF9FuWsRjBEcr8YNxvd62nRJlLauTkH/woSSb1Pt
9B4clen1tDKg8RWZ0NdyS4Zzq/few/hmmEB8NddIynvlOZ3ALEZfNzFWbtP3iS4t
iX6bqpqnVpmsbqm9wCgZZ6QFc2MGYg==
-----END CERTIFICATE-----
Generated at Fri May 2 12:01:42 2025 by rpki-client