Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F362F418/5B014658F16611EC9FCB21C1F1222468/AD4F0ECEACB511EFB985BD9F762E951A.roa
File: AD4F0ECEACB511EFB985BD9F762E951A.roa (raw, json)
Hash identifier: DI7zLorJEtbZmX73irNyF+UVmxm2nWxf49V0ohMUAg8=
Subject key identifier: EF:8D:80:40:B4:DE:41:15:EB:EA:F0:7D:C8:95:8E:EB:D8:B9:7F:06
Certificate issuer: /CN=F362F418AF/serialNumber=EDF8D8DAB4B2E668954A40BA56DD21C6452839DC
Certificate serial: 039A
Authority key identifier: ED:F8:D8:DA:B4:B2:E6:68:95:4A:40:BA:56:DD:21:C6:45:28:39:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/7fjY2rSy5miVSkC6Vt0hxkUoOdw.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F362F418/5B014658F16611EC9FCB21C1F1222468/AD4F0ECEACB511EFB985BD9F762E951A.roa
Signing time: Wed 27 Nov 2024 11:49:37 +0000
ROA not before: Wed 27 Nov 2024 11:49:33 +0000
ROA not after: Wed 27 Nov 2030 11:49:33 +0000
asID: 328763
IP address blocks: 102.221.0.0/24 maxlen: 24
102.221.1.0/24 maxlen: 24
102.221.2.0/24 maxlen: 24
102.221.3.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F362F418/5B014658F16611EC9FCB21C1F1222468/7fjY2rSy5miVSkC6Vt0hxkUoOdw.crl
rsync://rpki.afrinic.net/repository/member_repository/F362F418/5B014658F16611EC9FCB21C1F1222468/7fjY2rSy5miVSkC6Vt0hxkUoOdw.mft
rsync://rpki.afrinic.net/repository/afrinic/7fjY2rSy5miVSkC6Vt0hxkUoOdw.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 05 Apr 2025 02:04:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 922 (0x39a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F362F418AF
Validity
Not Before: Nov 27 11:49:33 2024 GMT
Not After : Nov 27 11:49:33 2030 GMT
Subject: CN=67470751-7b5f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:b7:f9:59:39:88:31:ce:9f:2e:65:d0:81:6d:
44:7e:e8:a7:22:ea:ea:be:8e:f1:c5:68:8c:22:51:
98:bb:73:6a:a5:5d:3e:06:07:3d:60:cd:6c:54:d5:
ed:b4:1d:8d:a1:ae:75:ae:d7:79:eb:a0:46:4a:0b:
c3:f0:32:e1:73:61:5d:8b:20:71:62:14:32:95:b3:
d7:d6:fb:9a:47:be:cb:f4:4b:cd:e9:d4:18:7b:9f:
9d:61:e3:2b:74:d0:78:ec:07:78:df:27:6b:87:3f:
7c:de:76:81:4e:5a:9f:ad:09:7d:5f:cf:00:37:14:
f0:de:ff:8d:38:08:67:31:8b:fd:bc:97:62:e4:d8:
a5:66:73:74:9a:68:98:ff:0d:6b:e5:2b:b2:67:3b:
a0:96:1e:ce:17:5b:97:fe:4a:46:25:ce:dd:6d:e1:
fd:c5:51:ee:4d:5f:d6:b9:4d:9c:b5:63:f7:97:7f:
3f:4e:d0:fe:36:04:3b:17:57:bb:60:33:63:5d:d2:
ff:cf:b0:2a:d7:4e:4e:74:6d:07:dc:aa:45:c7:be:
34:df:16:f0:12:4f:04:4f:25:7c:93:95:d2:72:d7:
21:5f:70:fa:15:62:48:d1:ae:00:9d:85:c9:a6:20:
2c:23:08:8c:dc:c8:3e:fa:a6:41:d4:2f:6e:f5:8c:
e4:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:8D:80:40:B4:DE:41:15:EB:EA:F0:7D:C8:95:8E:EB:D8:B9:7F:06
X509v3 Authority Key Identifier:
keyid:ED:F8:D8:DA:B4:B2:E6:68:95:4A:40:BA:56:DD:21:C6:45:28:39:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F362F418/5B014658F16611EC9FCB21C1F1222468/7fjY2rSy5miVSkC6Vt0hxkUoOdw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/7fjY2rSy5miVSkC6Vt0hxkUoOdw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F362F418/5B014658F16611EC9FCB21C1F1222468/AD4F0ECEACB511EFB985BD9F762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.221.0.0/22
Signature Algorithm: sha256WithRSAEncryption
79:d5:da:b5:db:8f:b5:87:57:5a:0a:69:c2:2f:97:f8:1e:a8:
93:92:bd:8b:37:53:22:58:f8:c7:4f:fb:a2:8f:6c:44:00:46:
ae:29:f4:cc:26:8a:37:99:dd:c1:a9:f1:03:46:b5:5a:87:e1:
b5:7c:55:ac:66:59:2e:6c:97:9d:40:81:ff:e7:16:8a:15:50:
69:39:a3:d6:74:26:b4:33:89:1a:33:55:89:81:d9:fa:df:58:
dd:60:e7:63:1e:cd:ac:23:3a:97:e0:57:98:9f:57:0b:85:bc:
f0:15:ce:ff:a0:e0:67:19:f7:6b:2c:5d:b4:d3:79:c4:cb:52:
ae:d9:57:22:84:c8:b4:b9:3b:e6:0d:8c:0b:f0:ec:f1:3e:4b:
12:ef:bf:8d:08:f5:eb:54:28:a1:80:b3:b7:e0:15:a8:f1:5f:
b0:8f:89:83:99:c6:f2:27:d9:5f:a3:66:6f:60:c2:e9:ec:bb:
f9:af:c0:68:00:60:52:12:9e:66:ff:77:c3:d2:62:e0:c3:a8:
a2:a9:9b:d4:3f:5f:c1:9d:eb:f8:24:ba:eb:69:2d:23:63:ad:
df:53:5d:89:c1:d9:eb:c7:23:c3:92:7e:b1:eb:42:fd:6a:bc:
24:56:45:cd:0c:82:80:e8:df:f9:cb:50:c7:7e:e9:11:fd:b2:
69:a4:85:a5
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICA5owDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
MkY0MThBRjExMC8GA1UEBRMoRURGOEQ4REFCNEIyRTY2ODk1NEE0MEJBNTZERDIx
QzY0NTI4MzlEQzAeFw0yNDExMjcxMTQ5MzNaFw0zMDExMjcxMTQ5MzNaMBgxFjAU
BgNVBAMTDTY3NDcwNzUxLTdiNWYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDft/lZOYgxzp8uZdCBbUR+6Kci6uq+jvHFaIwiUZi7c2qlXT4GBz1gzWxU
1e20HY2hrnWu13nroEZKC8PwMuFzYV2LIHFiFDKVs9fW+5pHvsv0S83p1Bh7n51h
4yt00HjsB3jfJ2uHP3zedoFOWp+tCX1fzwA3FPDe/404CGcxi/28l2Lk2KVmc3Sa
aJj/DWvlK7JnO6CWHs4XW5f+SkYlzt1t4f3FUe5NX9a5TZy1Y/eXfz9O0P42BDsX
V7tgM2Nd0v/PsCrXTk50bQfcqkXHvjTfFvASTwRPJXyTldJy1yFfcPoVYkjRrgCd
hcmmICwjCIzcyD76pkHUL271jOSdAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQU742A
QLTeQRXr6vB9yJWO69i5fwYwHwYDVR0jBBgwFoAU7fjY2rSy5miVSkC6Vt0hxkUo
OdwwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjJGNDE4LzVCMDE0NjU4RjE2NjExRUM5RkNCMjFDMUYxMjIyNDY4Lzdmalky
clN5NW1pVlNrQzZWdDBoeGtVb09kdy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljLzdmalkyclN5NW1pVlNrQzZWdDBoeGtVb09kdy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjJGNDE4LzVCMDE0NjU4RjE2NjExRUM5RkNCMjFDMUYx
MjIyNDY4L0FENEYwRUNFQUNCNTExRUZCOTg1QkQ5Rjc2MkU5NTFBLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJm3QAwDQYJKoZIhvcNAQEL
BQADggEBAHnV2rXbj7WHV1oKacIvl/geqJOSvYs3UyJY+MdP+6KPbEQARq4p9Mwm
ijeZ3cGp8QNGtVqH4bV8VaxmWS5sl51Agf/nFooVUGk5o9Z0JrQziRozVYmB2frf
WN1g52MezawjOpfgV5ifVwuFvPAVzv+g4GcZ92ssXbTTecTLUq7ZVyKEyLS5O+YN
jAvw7PE+SxLvv40I9etUKKGAs7fgFajxX7CPiYOZxvIn2V+jZm9gwunsu/mvwGgA
YFISnmb/d8PSYuDDqKKpm9Q/X8Gd6/gkuutpLSNjrd9TXYnB2evHI8OSfrHrQv1q
vCRWRc0MgoDo3/nLUMd+6RH9smmkhaU=
-----END CERTIFICATE-----
Generated at Fri Apr 4 01:56:23 2025 by rpki-client