Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36D3DBF/063FE546361B11F0A5A10E7CDAE4EC9C/B9050D40361C11F093254187DAE4EC9C.roa
File: B9050D40361C11F093254187DAE4EC9C.roa (raw, json)
Hash identifier: ykB61aa7osAic1a6NuVWCNXOxA9WGDqvh0GJYCwmQc8=
Subject key identifier: 6A:0F:C5:5D:A5:AF:F4:72:E2:F3:69:DB:34:FF:70:88:0A:5C:45:41
Certificate issuer: /CN=F36D3DBFAF/serialNumber=1A8C0EB2631F5807443979584E0D4D2FA885A760
Certificate serial: 02
Authority key identifier: 1A:8C:0E:B2:63:1F:58:07:44:39:79:58:4E:0D:4D:2F:A8:85:A7:60
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/GowOsmMfWAdEOXlYTg1NL6iFp2A.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36D3DBF/063FE546361B11F0A5A10E7CDAE4EC9C/B9050D40361C11F093254187DAE4EC9C.roa
Signing time: Wed 21 May 2025 08:22:24 +0000
ROA not before: Wed 21 May 2025 08:22:08 +0000
ROA not after: Mon 31 Dec 2035 08:22:08 +0000
asID: 327829
IP address blocks: 102.223.220.0/22 maxlen: 22
2c0f:1180::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36D3DBF/063FE546361B11F0A5A10E7CDAE4EC9C/GowOsmMfWAdEOXlYTg1NL6iFp2A.crl
rsync://rpki.afrinic.net/repository/member_repository/F36D3DBF/063FE546361B11F0A5A10E7CDAE4EC9C/GowOsmMfWAdEOXlYTg1NL6iFp2A.mft
rsync://rpki.afrinic.net/repository/afrinic/GowOsmMfWAdEOXlYTg1NL6iFp2A.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 19 Jun 2025 00:06:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36D3DBFAF, serialNumber=1A8C0EB2631F5807443979584E0D4D2FA885A760
Validity
Not Before: May 21 08:22:08 2025 GMT
Not After : Dec 31 08:22:08 2035 GMT
Subject: CN=682d8d40-31ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:8c:fc:14:bb:d6:68:9a:1f:14:db:3c:7e:d4:
a7:b6:b7:92:81:eb:22:8a:7a:a2:92:21:de:6c:7a:
db:05:78:54:6c:bc:5b:4f:9b:22:ed:5a:52:1d:0a:
10:13:85:ed:d1:3d:68:13:7b:e1:7c:07:90:02:23:
e5:e3:40:72:1c:0a:aa:7b:4d:b1:55:31:d1:dd:83:
af:66:9d:2f:bc:02:0a:30:11:9b:47:5a:75:d3:5a:
d7:2c:98:8e:fc:0e:13:5f:ff:a2:77:b1:03:86:0b:
b9:5b:3e:ec:b8:83:fd:6b:dd:cb:0c:ed:8b:7a:e1:
ae:13:33:15:3a:ad:56:fa:45:1b:93:8b:1f:1a:13:
21:5a:3c:68:c4:fa:61:42:12:74:c1:af:cc:28:41:
28:c9:fd:b4:2d:8b:b9:9a:c7:41:ef:4d:d8:d2:e7:
41:3c:44:8e:38:da:67:f6:3e:c8:3e:79:83:16:6a:
00:2e:29:20:30:3d:56:18:59:f4:41:08:2e:df:a6:
d8:10:17:94:b0:14:3a:e4:40:fd:3c:97:12:50:3c:
98:1f:d7:a6:1a:85:c5:df:7c:4d:bd:42:f3:28:6e:
7b:bb:48:59:a3:50:67:3c:75:87:e9:82:c6:a1:8a:
09:a5:2f:ce:5d:91:59:9f:bc:2a:43:2c:78:ee:c5:
35:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:0F:C5:5D:A5:AF:F4:72:E2:F3:69:DB:34:FF:70:88:0A:5C:45:41
X509v3 Authority Key Identifier:
keyid:1A:8C:0E:B2:63:1F:58:07:44:39:79:58:4E:0D:4D:2F:A8:85:A7:60
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36D3DBF/063FE546361B11F0A5A10E7CDAE4EC9C/GowOsmMfWAdEOXlYTg1NL6iFp2A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/GowOsmMfWAdEOXlYTg1NL6iFp2A.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36D3DBF/063FE546361B11F0A5A10E7CDAE4EC9C/B9050D40361C11F093254187DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.223.220.0/22
IPv6:
2c0f:1180::/32
Signature Algorithm: sha256WithRSAEncryption
45:6c:24:02:67:46:0d:ec:fc:fd:02:ff:c5:db:85:37:b1:9e:
75:8c:c6:02:3d:33:21:da:45:80:d3:a2:71:de:64:20:72:02:
57:81:c7:35:d4:50:7a:9b:89:81:a9:fa:13:9a:7e:e7:b1:ea:
1a:b4:f2:ff:e9:73:e5:c2:47:cc:ac:49:17:19:c6:4c:e9:93:
f8:6b:93:5d:28:61:11:14:40:c4:19:17:f8:3b:0f:f0:b5:74:
88:d0:dc:60:bd:ab:65:14:b8:70:51:2c:16:4b:d3:bf:2e:3a:
d4:af:5c:ab:51:4b:22:85:d2:0d:0f:3b:a0:65:6f:08:fa:98:
b8:96:3c:a4:7c:ef:6b:66:02:6c:3b:55:13:6e:9f:22:72:9b:
d7:7d:c2:64:a6:50:b7:00:da:dc:be:46:34:b6:b8:4b:0a:83:
59:b8:03:f1:8c:40:d1:0b:ef:46:69:59:23:ad:26:e6:07:5e:
4a:36:66:e5:65:d2:56:c1:bb:bf:cb:e2:eb:00:7e:5f:e0:77:
c5:69:15:db:89:3c:2d:6d:20:aa:b2:3f:10:26:49:a4:79:56:
11:ff:ab:5e:65:5a:e6:d5:42:a0:29:6f:69:29:6d:ee:ef:81:
74:0c:50:18:fe:05:11:0d:d7:cb:0b:58:44:ce:40:52:02:b0:
16:37:05:be
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZE
M0RCRkFGMTEwLwYDVQQFEygxQThDMEVCMjYzMUY1ODA3NDQzOTc5NTg0RTBENEQy
RkE4ODVBNzYwMB4XDTI1MDUyMTA4MjIwOFoXDTM1MTIzMTA4MjIwOFowGDEWMBQG
A1UEAxMNNjgyZDhkNDAtMzFlZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJmM/BS71miaHxTbPH7Up7a3koHrIop6opIh3mx62wV4VGy8W0+bIu1aUh0K
EBOF7dE9aBN74XwHkAIj5eNAchwKqntNsVUx0d2Dr2adL7wCCjARm0daddNa1yyY
jvwOE1//onexA4YLuVs+7LiD/Wvdywzti3rhrhMzFTqtVvpFG5OLHxoTIVo8aMT6
YUISdMGvzChBKMn9tC2LuZrHQe9N2NLnQTxEjjjaZ/Y+yD55gxZqAC4pIDA9VhhZ
9EEILt+m2BAXlLAUOuRA/TyXElA8mB/XphqFxd98Tb1C8yhue7tIWaNQZzx1h+mC
xqGKCaUvzl2RWZ+8KkMseO7FNe0CAwEAAaOCArQwggKwMB0GA1UdDgQWBBRqD8Vd
pa/0cuLzads0/3CIClxFQTAfBgNVHSMEGDAWgBQajA6yYx9YB0Q5eVhODU0vqIWn
YDAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2RDNEQkYvMDYzRkU1NDYzNjFCMTFGMEE1QTEwRTdDREFFNEVDOUMvR293T3Nt
TWZXQWRFT1hsWVRnMU5MNmlGcDJBLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvR293T3NtTWZXQWRFT1hsWVRnMU5MNmlGcDJBLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2RDNEQkYvMDYzRkU1NDYzNjFCMTFGMEE1QTEwRTdDREFF
NEVDOUMvQjkwNTBENDAzNjFDMTFGMDkzMjU0MTg3REFFNEVDOUMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAmbf3DANBAIAAjAHAwUALA8R
gDANBgkqhkiG9w0BAQsFAAOCAQEARWwkAmdGDez8/QL/xduFN7GedYzGAj0zIdpF
gNOicd5kIHICV4HHNdRQepuJgan6E5p+57HqGrTy/+lz5cJHzKxJFxnGTOmT+GuT
XShhERRAxBkX+DsP8LV0iNDcYL2rZRS4cFEsFkvTvy461K9cq1FLIoXSDQ87oGVv
CPqYuJY8pHzva2YCbDtVE26fInKb133CZKZQtwDa3L5GNLa4SwqDWbgD8YxA0Qvv
RmlZI60m5gdeSjZm5WXSVsG7v8vi6wB+X+B3xWkV24k8LW0gqrI/ECZJpHlWEf+r
XmVa5tVCoClvaSlt7u+BdAxQGP4FEQ3XywtYRM5AUgKwFjcFvg==
-----END CERTIFICATE-----
Generated at Tue Jun 17 14:31:15 2025 by rpki-client