Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3619CE0/FC275A24AD5F11EF91E30957762E951A/3995E772B22911EF8FFA5C88762E951A.roa
File: 3995E772B22911EF8FFA5C88762E951A.roa (raw, json)
Hash identifier: q5GdnXuThvMc7lFNIre+h57AswQCqM5v2uH6+3ENceQ=
Subject key identifier: 63:71:75:C7:5D:38:CB:B2:07:60:CB:EB:7B:44:82:20:68:71:F3:B8
Certificate issuer: /CN=F3619CE0AF/serialNumber=BF5A65429C307D793B0D705AD95FCFEB4942216A
Certificate serial: 09
Authority key identifier: BF:5A:65:42:9C:30:7D:79:3B:0D:70:5A:D9:5F:CF:EB:49:42:21:6A
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/v1plQpwwfXk7DXBa2V_P60lCIWo.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3619CE0/FC275A24AD5F11EF91E30957762E951A/3995E772B22911EF8FFA5C88762E951A.roa
Signing time: Wed 04 Dec 2024 10:19:20 +0000
ROA not before: Wed 04 Dec 2024 10:19:16 +0000
ROA not after: Sat 04 Dec 2049 10:19:16 +0000
asID: 329399
IP address blocks: 102.209.204.0/22 maxlen: 24
2c0f:6c40::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3619CE0/FC275A24AD5F11EF91E30957762E951A/v1plQpwwfXk7DXBa2V_P60lCIWo.crl
rsync://rpki.afrinic.net/repository/member_repository/F3619CE0/FC275A24AD5F11EF91E30957762E951A/v1plQpwwfXk7DXBa2V_P60lCIWo.mft
rsync://rpki.afrinic.net/repository/afrinic/v1plQpwwfXk7DXBa2V_P60lCIWo.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 03:20:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9 (0x9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3619CE0AF
Validity
Not Before: Dec 4 10:19:16 2024 GMT
Not After : Dec 4 10:19:16 2049 GMT
Subject: CN=67502ca8-351a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:6b:3f:cc:67:e5:bb:62:43:b4:62:ae:24:e9:
32:43:63:3e:a9:0f:a2:56:20:15:e8:3d:ad:a5:0f:
b2:72:32:c7:50:0d:91:97:8b:89:f8:cf:60:2c:a2:
b5:4b:8f:e2:c4:49:21:69:81:d0:b7:90:cb:96:c7:
f6:41:0a:db:e4:6d:44:a3:e1:85:6e:6e:55:e7:dd:
46:6d:2b:25:33:de:fb:c0:fd:9d:76:59:05:ee:73:
38:ed:80:c9:d3:a2:a1:4e:1c:1b:70:57:5c:47:37:
46:0b:f3:87:9a:53:4d:e6:51:f4:ef:0a:28:64:62:
6f:43:9b:7d:f6:f0:1e:df:ac:0b:95:2f:16:31:8d:
87:d1:90:7f:92:39:79:56:85:a1:9d:f7:f2:6e:e5:
b1:50:77:59:b7:4e:c8:59:b5:92:96:fd:29:ff:b5:
c2:ed:a6:77:13:51:a5:23:d5:2b:8b:95:72:65:5a:
25:39:ce:38:d2:df:26:05:f4:fc:f0:c8:3d:a2:2b:
eb:74:2d:27:19:7e:a1:89:7c:16:82:01:86:a2:0b:
57:e5:b5:89:46:29:42:26:44:99:a4:75:ac:f5:b1:
ee:0a:08:6e:ca:de:75:96:f4:c5:23:28:69:0f:5e:
7f:cc:97:30:2c:f3:a9:82:b0:15:c8:1b:e3:bc:41:
59:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:71:75:C7:5D:38:CB:B2:07:60:CB:EB:7B:44:82:20:68:71:F3:B8
X509v3 Authority Key Identifier:
keyid:BF:5A:65:42:9C:30:7D:79:3B:0D:70:5A:D9:5F:CF:EB:49:42:21:6A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3619CE0/FC275A24AD5F11EF91E30957762E951A/v1plQpwwfXk7DXBa2V_P60lCIWo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/v1plQpwwfXk7DXBa2V_P60lCIWo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3619CE0/FC275A24AD5F11EF91E30957762E951A/3995E772B22911EF8FFA5C88762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.209.204.0/22
IPv6:
2c0f:6c40::/32
Signature Algorithm: sha256WithRSAEncryption
97:17:15:01:0a:ce:d9:0f:14:46:95:2e:0b:9f:63:30:44:4f:
78:bb:f1:f2:47:c0:45:40:b2:a7:19:ac:32:4e:5c:a9:07:fb:
d6:66:04:49:53:c3:dd:bf:e2:f5:24:eb:34:f7:91:29:83:94:
df:66:8e:e8:ce:fb:d7:01:47:a3:08:7f:8d:e2:fc:88:93:0d:
e7:7b:61:ba:5b:c3:e1:43:62:11:04:d6:6f:7f:1c:2e:23:55:
0d:3b:c9:94:20:35:89:de:9a:a4:67:65:19:90:d0:3c:2b:98:
91:8a:c5:82:37:11:06:bf:7a:b3:e6:60:09:16:8e:3b:aa:f1:
c4:39:b8:cd:d1:36:f1:9f:51:5d:b7:a1:ad:03:0d:63:a3:b5:
8e:37:84:05:ae:db:0f:20:cd:c3:a3:87:5d:65:5f:62:ba:01:
aa:4d:06:0a:fd:c4:8b:1f:a2:ef:10:fd:49:a7:d0:09:3e:be:
d9:03:d8:e6:d5:36:c0:9e:67:e3:14:0d:ca:05:94:22:da:e7:
9b:35:7d:b1:13:d3:2f:ca:c9:05:43:dc:ed:ff:e6:4d:0e:69:
de:f5:d8:ca:51:c2:99:62:06:9c:c2:b2:67:13:b0:20:75:2a:
68:06:47:d3:4c:3b:7d:af:67:d4:6e:73:67:ef:1a:83:b5:7e:
31:bf:b0:60
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgIBCTANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzYx
OUNFMEFGMTEwLwYDVQQFEyhCRjVBNjU0MjlDMzA3RDc5M0IwRDcwNUFEOTVGQ0ZF
QjQ5NDIyMTZBMB4XDTI0MTIwNDEwMTkxNloXDTQ5MTIwNDEwMTkxNlowGDEWMBQG
A1UEAxMNNjc1MDJjYTgtMzUxYTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAO5rP8xn5btiQ7RiriTpMkNjPqkPolYgFeg9raUPsnIyx1ANkZeLifjPYCyi
tUuP4sRJIWmB0LeQy5bH9kEK2+RtRKPhhW5uVefdRm0rJTPe+8D9nXZZBe5zOO2A
ydOioU4cG3BXXEc3Rgvzh5pTTeZR9O8KKGRib0ObffbwHt+sC5UvFjGNh9GQf5I5
eVaFoZ338m7lsVB3WbdOyFm1kpb9Kf+1wu2mdxNRpSPVK4uVcmVaJTnOONLfJgX0
/PDIPaIr63QtJxl+oYl8FoIBhqILV+W1iUYpQiZEmaR1rPWx7goIbsredZb0xSMo
aQ9ef8yXMCzzqYKwFcgb47xBWQECAwEAAaOCArQwggKwMB0GA1UdDgQWBBRjcXXH
XTjLsgdgy+t7RIIgaHHzuDAfBgNVHSMEGDAWgBS/WmVCnDB9eTsNcFrZX8/rSUIh
ajAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2MTlDRTAvRkMyNzVBMjRBRDVGMTFFRjkxRTMwOTU3NzYyRTk1MUEvdjFwbFFw
d3dmWGs3RFhCYTJWX1A2MGxDSVdvLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvdjFwbFFwd3dmWGs3RFhCYTJWX1A2MGxDSVdvLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2MTlDRTAvRkMyNzVBMjRBRDVGMTFFRjkxRTMwOTU3NzYy
RTk1MUEvMzk5NUU3NzJCMjI5MTFFRjhGRkE1Qzg4NzYyRTk1MUEucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAmbRzDANBAIAAjAHAwUALA9s
QDANBgkqhkiG9w0BAQsFAAOCAQEAlxcVAQrO2Q8URpUuC59jMERPeLvx8kfARUCy
pxmsMk5cqQf71mYESVPD3b/i9STrNPeRKYOU32aO6M771wFHowh/jeL8iJMN53th
ulvD4UNiEQTWb38cLiNVDTvJlCA1id6apGdlGZDQPCuYkYrFgjcRBr96s+ZgCRaO
O6rxxDm4zdE28Z9RXbehrQMNY6O1jjeEBa7bDyDNw6OHXWVfYroBqk0GCv3Eix+i
7xD9SafQCT6+2QPY5tU2wJ5n4xQNygWUItrnmzV9sRPTL8rJBUPc7f/mTQ5p3vXY
ylHCmWIGnMKyZxOwIHUqaAZH00w7fa9n1G5zZ+8ag7V+Mb+wYA==
-----END CERTIFICATE-----
Generated at Wed Feb 5 14:06:34 2025 by rpki-client