Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3625D4A/03EFFC9EBF3F11EEA6B40954775412E6/12A49B4ABF4011EE82ABE755775412E6.roa
File: 12A49B4ABF4011EE82ABE755775412E6.roa (raw, json)
Hash identifier: A3SsXw/efK2b5GKmG8JZKrlc0wfhdO7VSwE2A7UfoRE=
Subject key identifier: ED:43:8D:AD:74:19:E4:BD:9C:70:41:1B:4E:D2:2C:F3:DA:33:ED:EC
Certificate issuer: /CN=F3625D4AAF/serialNumber=79B0C0726276892AD74C7D130F99F07AE0E67A4A
Certificate serial: 02
Authority key identifier: 79:B0:C0:72:62:76:89:2A:D7:4C:7D:13:0F:99:F0:7A:E0:E6:7A:4A
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/ebDAcmJ2iSrXTH0TD5nweuDmeko.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3625D4A/03EFFC9EBF3F11EEA6B40954775412E6/12A49B4ABF4011EE82ABE755775412E6.roa
Signing time: Tue 30 Jan 2024 07:20:41 +0000
ROA not before: Tue 30 Jan 2024 07:20:37 +0000
ROA not after: Tue 06 Jan 2026 07:20:37 +0000
asID: 328590
IP address blocks: 102.38.48.0/22 maxlen: 22
102.38.48.0/24 maxlen: 24
102.38.49.0/24 maxlen: 24
102.38.50.0/24 maxlen: 24
102.38.51.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3625D4A/03EFFC9EBF3F11EEA6B40954775412E6/ebDAcmJ2iSrXTH0TD5nweuDmeko.crl
rsync://rpki.afrinic.net/repository/member_repository/F3625D4A/03EFFC9EBF3F11EEA6B40954775412E6/ebDAcmJ2iSrXTH0TD5nweuDmeko.mft
rsync://rpki.afrinic.net/repository/afrinic/ebDAcmJ2iSrXTH0TD5nweuDmeko.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:06:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3625D4AAF
Validity
Not Before: Jan 30 07:20:37 2024 GMT
Not After : Jan 6 07:20:37 2026 GMT
Subject: CN=65b8a349-4be7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:cc:1a:bc:03:bd:6a:8c:3e:6f:8d:65:67:2e:
a5:70:08:89:12:5f:3c:e0:b4:22:ed:98:fe:85:b8:
10:6f:59:ba:49:24:5b:48:60:11:75:ef:9e:ab:ad:
00:0e:90:5b:02:9e:c3:9a:02:d7:13:68:a2:f4:ee:
d4:18:ce:c3:a0:3b:b6:9c:d1:12:82:a2:ad:49:22:
0a:0c:c5:9c:6d:ba:84:c1:17:45:53:a0:91:57:8c:
94:04:e0:fc:55:01:4f:e7:5a:c3:23:dd:23:e4:a3:
a6:fc:53:41:c3:48:80:43:ce:47:e0:46:67:f8:8d:
5a:e0:7d:b4:e2:e2:71:7d:36:e2:0b:c2:78:6a:91:
83:77:39:1d:cc:47:63:8b:a4:4a:84:ed:95:1a:d0:
3d:95:e5:18:0c:f7:d8:8f:ef:de:18:4e:db:97:c5:
16:1a:40:ac:20:4b:d5:1f:29:6e:fc:11:49:e1:cc:
bc:cf:f8:b0:2a:fe:a8:fa:50:82:56:44:01:8f:a1:
8a:cf:49:e8:dd:4e:a9:09:74:e5:7e:13:8e:14:5d:
0f:a8:bc:42:9e:42:ac:12:9f:e3:61:70:e3:e4:96:
78:5f:d1:f9:64:67:9f:7f:c9:e9:eb:a9:e2:9c:33:
5f:ac:90:af:f0:e6:84:94:24:13:20:50:61:b8:84:
e8:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:43:8D:AD:74:19:E4:BD:9C:70:41:1B:4E:D2:2C:F3:DA:33:ED:EC
X509v3 Authority Key Identifier:
keyid:79:B0:C0:72:62:76:89:2A:D7:4C:7D:13:0F:99:F0:7A:E0:E6:7A:4A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3625D4A/03EFFC9EBF3F11EEA6B40954775412E6/ebDAcmJ2iSrXTH0TD5nweuDmeko.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/ebDAcmJ2iSrXTH0TD5nweuDmeko.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3625D4A/03EFFC9EBF3F11EEA6B40954775412E6/12A49B4ABF4011EE82ABE755775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.38.48.0/22
Signature Algorithm: sha256WithRSAEncryption
b0:cf:83:0a:59:07:18:8b:7b:b3:28:70:bf:c3:82:9e:c1:c7:
3b:f3:b2:36:82:8d:7e:22:6f:99:80:3d:5a:e4:d0:86:7f:e5:
95:98:48:fd:8f:6f:0f:47:7b:15:82:6a:7c:72:f9:4e:9d:7d:
40:77:c1:2d:fd:49:17:44:1c:de:00:c5:9e:8c:ec:a3:ff:66:
48:24:46:23:c0:9f:91:0a:67:43:53:9e:41:22:9f:24:71:91:
fd:52:5b:1c:b2:23:9e:78:75:84:4b:5e:b6:19:15:e7:eb:5f:
9d:b5:00:17:50:6f:31:8e:25:16:f5:7f:b5:40:7f:cf:46:01:
74:f0:db:2c:3e:46:e5:cb:e8:97:ff:46:3d:33:ca:f2:b0:cc:
08:06:d2:08:53:9f:f3:41:dd:a9:6f:44:a0:5c:73:a7:11:91:
97:bc:17:1e:be:a1:eb:8e:15:6e:8d:37:3b:1b:ce:07:58:76:
d3:b8:01:fc:c6:3e:49:e5:62:b7:29:18:65:81:e4:82:b9:0b:
6f:aa:9b:cd:04:43:d0:f3:95:3d:9d:b8:11:96:de:a2:91:11:
19:e3:ca:cb:fe:0d:56:45:08:a9:0c:ec:43:5f:f2:f3:83:ab:
e8:02:5e:c2:81:cc:d2:87:4f:db:aa:8f:0a:03:80:5c:8e:ed:
d8:7c:0a:07
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzYy
NUQ0QUFGMTEwLwYDVQQFEyg3OUIwQzA3MjYyNzY4OTJBRDc0QzdEMTMwRjk5RjA3
QUUwRTY3QTRBMB4XDTI0MDEzMDA3MjAzN1oXDTI2MDEwNjA3MjAzN1owGDEWMBQG
A1UEAxMNNjViOGEzNDktNGJlNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANvMGrwDvWqMPm+NZWcupXAIiRJfPOC0Iu2Y/oW4EG9ZukkkW0hgEXXvnqut
AA6QWwKew5oC1xNoovTu1BjOw6A7tpzREoKirUkiCgzFnG26hMEXRVOgkVeMlATg
/FUBT+dawyPdI+SjpvxTQcNIgEPOR+BGZ/iNWuB9tOLicX024gvCeGqRg3c5HcxH
Y4ukSoTtlRrQPZXlGAz32I/v3hhO25fFFhpArCBL1R8pbvwRSeHMvM/4sCr+qPpQ
glZEAY+his9J6N1OqQl05X4TjhRdD6i8Qp5CrBKf42Fw4+SWeF/R+WRnn3/J6eup
4pwzX6yQr/DmhJQkEyBQYbiE6F0CAwEAAaOCAqUwggKhMB0GA1UdDgQWBBTtQ42t
dBnkvZxwQRtO0izz2jPt7DAfBgNVHSMEGDAWgBR5sMByYnaJKtdMfRMPmfB64OZ6
SjAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2MjVENEEvMDNFRkZDOUVCRjNGMTFFRUE2QjQwOTU0Nzc1NDEyRTYvZWJEQWNt
SjJpU3JYVEgwVEQ1bndldURtZWtvLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvZWJEQWNtSjJpU3JYVEgwVEQ1bndldURtZWtvLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2MjVENEEvMDNFRkZDOUVCRjNGMTFFRUE2QjQwOTU0Nzc1
NDEyRTYvMTJBNDlCNEFCRjQwMTFFRTgyQUJFNzU1Nzc1NDEyRTYucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAmYmMDANBgkqhkiG9w0BAQsF
AAOCAQEAsM+DClkHGIt7syhwv8OCnsHHO/OyNoKNfiJvmYA9WuTQhn/llZhI/Y9v
D0d7FYJqfHL5Tp19QHfBLf1JF0Qc3gDFnozso/9mSCRGI8CfkQpnQ1OeQSKfJHGR
/VJbHLIjnnh1hEtethkV5+tfnbUAF1BvMY4lFvV/tUB/z0YBdPDbLD5G5cvol/9G
PTPK8rDMCAbSCFOf80HdqW9EoFxzpxGRl7wXHr6h644Vbo03OxvOB1h207gB/MY+
SeVitykYZYHkgrkLb6qbzQRD0POVPZ24EZbeopERGePKy/4NVkUIqQzsQ1/y84Or
6AJewoHM0odP26qPCgOAXI7t2HwKBw==
-----END CERTIFICATE-----
Generated at Sat Apr 5 04:37:43 2025 by rpki-client