Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36114AA/86D6E57EBE8F11EE832F4491775412E6/0CA88DF8F41B11EF957DCA42762E951A.roa
File: 0CA88DF8F41B11EF957DCA42762E951A.roa (raw, json)
Hash identifier: AROikz2JvvNh8UMiTRM9CoRA6myjtjj7cgzBl88JMUw=
Subject key identifier: 6A:9A:3B:E9:F0:8E:70:3A:0C:E3:84:4E:65:D0:0B:91:42:33:9C:4E
Certificate issuer: /CN=F36114AAAF/serialNumber=CD5232B63C6A832990C86707CB739BDC04DB9A59
Certificate serial: 01BD
Authority key identifier: CD:52:32:B6:3C:6A:83:29:90:C8:67:07:CB:73:9B:DC:04:DB:9A:59
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/zVIytjxqgymQyGcHy3Ob3ATbmlk.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36114AA/86D6E57EBE8F11EE832F4491775412E6/0CA88DF8F41B11EF957DCA42762E951A.roa
Signing time: Wed 26 Feb 2025 08:24:09 +0000
ROA not before: Wed 26 Feb 2025 08:24:05 +0000
ROA not after: Thu 29 Jan 2026 08:24:05 +0000
asID: 21003
IP address blocks: 154.73.30.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36114AA/86D6E57EBE8F11EE832F4491775412E6/zVIytjxqgymQyGcHy3Ob3ATbmlk.crl
rsync://rpki.afrinic.net/repository/member_repository/F36114AA/86D6E57EBE8F11EE832F4491775412E6/zVIytjxqgymQyGcHy3Ob3ATbmlk.mft
rsync://rpki.afrinic.net/repository/afrinic/zVIytjxqgymQyGcHy3Ob3ATbmlk.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 12 Apr 2025 00:06:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 445 (0x1bd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36114AAAF
Validity
Not Before: Feb 26 08:24:05 2025 GMT
Not After : Jan 29 08:24:05 2026 GMT
Subject: CN=67becfa8-0618
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:8b:59:03:49:a4:3d:3a:b8:56:e5:5f:55:a1:
05:f1:83:b2:90:8f:58:10:d0:ca:20:35:d6:f2:31:
da:16:74:43:4f:06:32:4c:ab:03:15:63:86:bb:4b:
f7:8b:62:81:76:73:16:89:e0:e8:ae:51:bf:3a:f7:
a5:1e:b5:b9:b7:28:8a:1a:30:a3:3f:f1:3f:81:46:
6b:6a:c4:6b:53:b9:1d:55:57:8a:ea:fc:62:c6:8d:
94:9f:b4:d3:ec:fa:32:6d:83:96:4c:cd:45:d8:51:
12:65:42:65:04:1b:e9:0f:5b:76:f5:9c:79:d2:f2:
de:22:a5:99:0f:96:81:ef:d0:05:a0:1f:8a:01:a8:
72:5f:63:f1:06:85:a6:17:8e:b7:d6:e5:b3:d4:cd:
39:1a:13:f0:e4:98:0e:83:08:de:d5:b9:8b:b8:62:
22:15:2a:55:93:6b:03:c6:10:4f:6e:55:7b:c9:24:
8e:a0:a2:85:43:d5:1e:6c:fd:5a:10:20:ba:3c:2a:
a4:70:29:a5:59:e8:d3:cd:d8:52:e2:ea:ae:80:00:
cb:95:3e:11:7f:e3:2b:da:1e:ca:1f:5b:5e:f0:03:
31:35:17:38:85:0e:49:b8:9f:00:25:6f:d7:5a:9b:
3f:b9:46:36:2f:94:8c:06:fa:23:3f:d2:2b:3e:6f:
aa:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:9A:3B:E9:F0:8E:70:3A:0C:E3:84:4E:65:D0:0B:91:42:33:9C:4E
X509v3 Authority Key Identifier:
keyid:CD:52:32:B6:3C:6A:83:29:90:C8:67:07:CB:73:9B:DC:04:DB:9A:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36114AA/86D6E57EBE8F11EE832F4491775412E6/zVIytjxqgymQyGcHy3Ob3ATbmlk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/zVIytjxqgymQyGcHy3Ob3ATbmlk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36114AA/86D6E57EBE8F11EE832F4491775412E6/0CA88DF8F41B11EF957DCA42762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.73.30.0/24
Signature Algorithm: sha256WithRSAEncryption
aa:a3:aa:d0:ae:de:5a:64:53:1a:b4:34:de:72:2c:7b:2f:58:
3a:76:e5:a1:67:a2:cb:17:d7:28:64:0e:bd:ee:de:17:4c:42:
da:81:75:59:c1:d3:9e:88:e1:f4:3e:e1:74:52:db:d6:e8:90:
d8:6e:11:f1:81:76:74:4b:c2:91:7f:4f:35:58:78:d6:35:0f:
68:a2:ce:9d:07:d9:f6:aa:4f:a4:4b:22:9f:cd:4a:45:7d:33:
23:7c:d1:5a:c2:27:a7:a1:65:1e:68:cf:e6:8a:0e:0c:4f:32:
ce:64:4d:04:c0:06:4f:ba:91:44:5b:91:2f:6e:25:6c:c1:fa:
f6:1f:0c:af:25:de:5b:77:61:db:ef:70:2c:88:21:9f:74:cf:
5d:f4:27:f8:a5:2b:9e:44:8a:4e:d0:4d:0f:ff:6a:5d:32:15:
d0:39:17:eb:34:92:a4:40:40:62:fe:e7:71:48:02:2a:44:b2:
7b:97:ef:08:20:e5:5c:4e:b5:9d:e1:55:d6:9a:ee:29:d6:58:
da:be:72:6a:2f:8b:90:e3:65:76:7e:11:e9:81:be:38:82:17:
07:2f:ed:10:07:9d:a1:4c:31:6e:cc:95:9a:09:96:0a:31:31:
77:06:7e:bd:ec:b0:cb:75:eb:0f:e3:cd:d2:32:40:eb:11:c0:
e0:38:e9:f4
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICAb0wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
MTE0QUFBRjExMC8GA1UEBRMoQ0Q1MjMyQjYzQzZBODMyOTkwQzg2NzA3Q0I3MzlC
REMwNERCOUE1OTAeFw0yNTAyMjYwODI0MDVaFw0yNjAxMjkwODI0MDVaMBgxFjAU
BgNVBAMTDTY3YmVjZmE4LTA2MTgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDZi1kDSaQ9OrhW5V9VoQXxg7KQj1gQ0MogNdbyMdoWdENPBjJMqwMVY4a7
S/eLYoF2cxaJ4OiuUb8696Uetbm3KIoaMKM/8T+BRmtqxGtTuR1VV4rq/GLGjZSf
tNPs+jJtg5ZMzUXYURJlQmUEG+kPW3b1nHnS8t4ipZkPloHv0AWgH4oBqHJfY/EG
haYXjrfW5bPUzTkaE/DkmA6DCN7VuYu4YiIVKlWTawPGEE9uVXvJJI6gooVD1R5s
/VoQILo8KqRwKaVZ6NPN2FLi6q6AAMuVPhF/4yvaHsofW17wAzE1FziFDkm4nwAl
b9damz+5RjYvlIwG+iM/0is+b6qpAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUapo7
6fCOcDoM44ROZdALkUIznE4wHwYDVR0jBBgwFoAUzVIytjxqgymQyGcHy3Ob3ATb
mlkwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjExNEFBLzg2RDZFNTdFQkU4RjExRUU4MzJGNDQ5MTc3NTQxMkU2L3pWSXl0
anhxZ3ltUXlHY0h5M09iM0FUYm1say5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL3pWSXl0anhxZ3ltUXlHY0h5M09iM0FUYm1say5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjExNEFBLzg2RDZFNTdFQkU4RjExRUU4MzJGNDQ5MTc3
NTQxMkU2LzBDQTg4REY4RjQxQjExRUY5NTdEQ0E0Mjc2MkU5NTFBLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaSR4wDQYJKoZIhvcNAQEL
BQADggEBAKqjqtCu3lpkUxq0NN5yLHsvWDp25aFnossX1yhkDr3u3hdMQtqBdVnB
056I4fQ+4XRS29bokNhuEfGBdnRLwpF/TzVYeNY1D2iizp0H2faqT6RLIp/NSkV9
MyN80VrCJ6ehZR5oz+aKDgxPMs5kTQTABk+6kURbkS9uJWzB+vYfDK8l3lt3Ydvv
cCyIIZ90z130J/ilK55Eik7QTQ//al0yFdA5F+s0kqRAQGL+53FIAipEsnuX7wgg
5VxOtZ3hVdaa7inWWNq+cmovi5DjZXZ+EemBvjiCFwcv7RAHnaFMMW7MlZoJlgox
MXcGfr3ssMt16w/jzdIyQOsRwOA46fQ=
-----END CERTIFICATE-----
Generated at Thu Apr 10 23:50:39 2025 by rpki-client