Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F362C18C/45883290ABD111EBB1A6715EF8AEA228/1D6B7FA0CCFD11EFBF8BB796762E951A.roa
File: 1D6B7FA0CCFD11EFBF8BB796762E951A.roa (raw, json)
Hash identifier: d0Rz+8diHIGN4O10U8x5EdoQVb2OPGuluExTgAwtQuM=
Subject key identifier: AB:BD:AB:BC:E6:D3:C7:E2:77:2B:D9:DD:5F:94:99:68:A1:7A:80:1B
Certificate issuer: /CN=F362C18CAF/serialNumber=63E0BB6B3433CD5D71A42B0169BDB01E20E4557F
Certificate serial: 059B
Authority key identifier: 63:E0:BB:6B:34:33:CD:5D:71:A4:2B:01:69:BD:B0:1E:20:E4:55:7F
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/Y-C7azQzzV1xpCsBab2wHiDkVX8.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F362C18C/45883290ABD111EBB1A6715EF8AEA228/1D6B7FA0CCFD11EFBF8BB796762E951A.roa
Signing time: Tue 07 Jan 2025 13:41:36 +0000
ROA not before: Tue 07 Jan 2025 13:41:33 +0000
ROA not after: Wed 31 Dec 2025 13:41:33 +0000
asID: 328528
IP address blocks: 102.36.161.0/24 maxlen: 24
102.218.100.0/24 maxlen: 24
102.218.102.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F362C18C/45883290ABD111EBB1A6715EF8AEA228/Y-C7azQzzV1xpCsBab2wHiDkVX8.crl
rsync://rpki.afrinic.net/repository/member_repository/F362C18C/45883290ABD111EBB1A6715EF8AEA228/Y-C7azQzzV1xpCsBab2wHiDkVX8.mft
rsync://rpki.afrinic.net/repository/afrinic/Y-C7azQzzV1xpCsBab2wHiDkVX8.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 21 Feb 2025 01:43:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1435 (0x59b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F362C18CAF
Validity
Not Before: Jan 7 13:41:33 2025 GMT
Not After : Dec 31 13:41:33 2025 GMT
Subject: CN=677d2f10-448f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:72:60:2e:ea:df:9d:b2:b8:96:20:d1:a7:da:
59:82:f3:17:9a:68:82:82:7e:c6:ad:5e:95:7d:0b:
63:7d:1d:7b:53:0d:ea:a3:64:92:b5:e4:1f:0f:1b:
dd:33:84:6e:2f:b1:c8:48:6d:ef:8f:98:fb:b7:e8:
f6:7c:29:ce:80:1a:89:08:c4:15:c6:42:e8:41:4e:
20:b2:54:c9:07:e1:32:d3:ef:61:71:51:2b:63:ae:
77:b1:f1:30:5d:5e:6b:9f:de:2f:19:af:b7:1f:1d:
10:4c:3d:c5:33:a8:48:c0:45:e8:f1:b5:72:74:0a:
2b:b4:d8:f9:5e:36:69:c2:0f:14:82:fb:aa:0d:31:
b1:4f:73:4a:9b:1d:14:21:66:61:7c:95:9c:e9:7e:
0f:43:75:b9:1d:1a:fc:8e:d4:9f:cc:ae:9c:b3:ea:
47:61:8f:76:b1:c7:91:28:05:58:ea:97:25:bf:10:
87:a2:31:76:8b:7e:98:65:ab:77:47:e4:aa:9c:99:
ae:22:77:a8:a4:37:3c:f6:60:97:08:0f:38:de:5a:
67:28:39:ac:60:55:b5:46:72:c1:8a:e4:e6:93:4a:
ae:1c:7a:80:a9:80:a4:5d:c8:47:38:68:42:d7:f6:
f7:74:c6:0b:3c:33:bc:fd:6b:0a:c4:44:52:7b:1f:
91:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:BD:AB:BC:E6:D3:C7:E2:77:2B:D9:DD:5F:94:99:68:A1:7A:80:1B
X509v3 Authority Key Identifier:
keyid:63:E0:BB:6B:34:33:CD:5D:71:A4:2B:01:69:BD:B0:1E:20:E4:55:7F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F362C18C/45883290ABD111EBB1A6715EF8AEA228/Y-C7azQzzV1xpCsBab2wHiDkVX8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/Y-C7azQzzV1xpCsBab2wHiDkVX8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F362C18C/45883290ABD111EBB1A6715EF8AEA228/1D6B7FA0CCFD11EFBF8BB796762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.36.161.0/24
102.218.100.0/24
102.218.102.0/24
Signature Algorithm: sha256WithRSAEncryption
16:aa:d9:94:d7:c0:f3:cd:f1:b2:4c:57:02:8f:8b:eb:01:85:
0a:ed:91:70:a4:97:bc:6c:46:57:e7:56:80:ec:aa:d2:9d:30:
26:3a:f3:9b:52:8f:ba:22:c5:1e:b1:d2:2b:e6:c6:55:1e:6d:
f5:57:18:73:bb:96:0d:d2:ef:d5:da:ae:9c:c7:ce:7b:a7:b4:
37:e1:a3:c6:46:73:21:e5:c6:e0:fe:fe:eb:25:e9:61:8f:80:
ea:71:b0:9c:67:86:2c:45:fd:7f:d2:40:90:e2:d7:09:1f:0f:
8a:22:ab:2f:96:a9:f9:0a:eb:f0:b1:cf:f2:33:9e:07:04:8a:
8f:be:af:56:28:29:e2:9b:22:14:c0:4b:48:b0:e5:10:f1:eb:
bd:21:fd:38:57:21:87:e6:57:76:63:7a:84:aa:1d:a8:1d:48:
07:c8:a9:0a:3c:91:b9:e3:8e:d1:3a:e0:e8:26:35:eb:b5:e3:
eb:a4:bc:f2:59:20:a6:ce:0e:9b:db:f4:80:66:b8:08:a6:c0:
ba:92:41:b8:b2:6e:6c:62:49:c8:13:af:7b:85:71:4b:5b:7d:
df:87:0e:e1:2e:d1:20:fd:f4:be:59:d6:c8:9f:76:f8:ea:2a:
e0:23:87:05:53:1d:c7:84:bb:11:31:0c:54:7f:f8:b6:81:02:
f8:32:6e:41
-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgICBZswDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
MkMxOENBRjExMC8GA1UEBRMoNjNFMEJCNkIzNDMzQ0Q1RDcxQTQyQjAxNjlCREIw
MUUyMEU0NTU3RjAeFw0yNTAxMDcxMzQxMzNaFw0yNTEyMzExMzQxMzNaMBgxFjAU
BgNVBAMTDTY3N2QyZjEwLTQ0OGYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDOcmAu6t+dsriWINGn2lmC8xeaaIKCfsatXpV9C2N9HXtTDeqjZJK15B8P
G90zhG4vschIbe+PmPu36PZ8Kc6AGokIxBXGQuhBTiCyVMkH4TLT72FxUStjrnex
8TBdXmuf3i8Zr7cfHRBMPcUzqEjARejxtXJ0Ciu02PleNmnCDxSC+6oNMbFPc0qb
HRQhZmF8lZzpfg9DdbkdGvyO1J/Mrpyz6kdhj3axx5EoBVjqlyW/EIeiMXaLfphl
q3dH5Kqcma4id6ikNzz2YJcIDzjeWmcoOaxgVbVGcsGK5OaTSq4ceoCpgKRdyEc4
aELX9vd0xgs8M7z9awrERFJ7H5GRAgMBAAGjggKxMIICrTAdBgNVHQ4EFgQUq72r
vObTx+J3K9ndX5SZaKF6gBswHwYDVR0jBBgwFoAUY+C7azQzzV1xpCsBab2wHiDk
VX8wDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjJDMThDLzQ1ODgzMjkwQUJEMTExRUJCMUE2NzE1RUY4QUVBMjI4L1ktQzdh
elF6elYxeHBDc0JhYjJ3SGlEa1ZYOC5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL1ktQzdhelF6elYxeHBDc0JhYjJ3SGlEa1ZYOC5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjJDMThDLzQ1ODgzMjkwQUJEMTExRUJCMUE2NzE1RUY4
QUVBMjI4LzFENkI3RkEwQ0NGRDExRUZCRjhCQjc5Njc2MkU5NTFBLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBIDBABmJKEDBABm2mQDBABm2mYw
DQYJKoZIhvcNAQELBQADggEBABaq2ZTXwPPN8bJMVwKPi+sBhQrtkXCkl7xsRlfn
VoDsqtKdMCY685tSj7oixR6x0ivmxlUebfVXGHO7lg3S79XarpzHznuntDfho8ZG
cyHlxuD+/usl6WGPgOpxsJxnhixF/X/SQJDi1wkfD4oiqy+WqfkK6/Cxz/IzngcE
io++r1YoKeKbIhTAS0iw5RDx670h/ThXIYfmV3ZjeoSqHagdSAfIqQo8kbnjjtE6
4OgmNeu14+ukvPJZIKbODpvb9IBmuAimwLqSQbiybmxiScgTr3uFcUtbfd+HDuEu
0SD99L5Z1sifdvjqKuAjhwVTHceEuxExDFR/+LaBAvgybkE=
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:41:21 2025 by rpki-client