Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F363BA19/0E7F1DF6962A11EC8671E6E05A40D577/9A8DC738C1BB11EFA0D36583762E951A.roa
File: 9A8DC738C1BB11EFA0D36583762E951A.roa (raw, json)
Hash identifier: B8OshMOyuJpP2CwO4gpeKoDHIogwjBDFWhU75OC+h2Q=
Subject key identifier: A1:6A:7F:A1:5F:C4:88:32:42:00:AA:AE:E8:C0:F8:38:BA:FA:D7:8A
Certificate issuer: /CN=F363BA19AF/serialNumber=6AEA24B099C32B22E4E48BB9F26CF578BEF6BFF3
Certificate serial: 042F
Authority key identifier: 6A:EA:24:B0:99:C3:2B:22:E4:E4:8B:B9:F2:6C:F5:78:BE:F6:BF:F3
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/auoksJnDKyLk5Iu58mz1eL72v_M.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F363BA19/0E7F1DF6962A11EC8671E6E05A40D577/9A8DC738C1BB11EFA0D36583762E951A.roa
Signing time: Tue 24 Dec 2024 05:54:57 +0000
ROA not before: Tue 24 Dec 2024 05:54:53 +0000
ROA not after: Wed 24 Dec 2025 05:54:53 +0000
asID: 329007
IP address blocks: 196.251.120.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F363BA19/0E7F1DF6962A11EC8671E6E05A40D577/auoksJnDKyLk5Iu58mz1eL72v_M.crl
rsync://rpki.afrinic.net/repository/member_repository/F363BA19/0E7F1DF6962A11EC8671E6E05A40D577/auoksJnDKyLk5Iu58mz1eL72v_M.mft
rsync://rpki.afrinic.net/repository/afrinic/auoksJnDKyLk5Iu58mz1eL72v_M.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1071 (0x42f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F363BA19AF
Validity
Not Before: Dec 24 05:54:53 2024 GMT
Not After : Dec 24 05:54:53 2025 GMT
Subject: CN=676a4cb1-72d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:15:d0:8f:d9:30:49:74:43:86:3f:7f:f7:ac:
f8:ec:72:9d:9b:4d:a9:95:d7:ce:a7:c0:3c:82:b1:
44:fe:de:d3:d3:dc:e0:39:65:68:44:0f:5a:ba:d2:
d5:a7:0c:17:2c:50:d6:c9:62:80:74:e5:f9:03:04:
ec:57:64:29:fa:78:79:ab:f7:13:a5:2e:fe:1a:07:
91:6c:13:3f:ae:34:18:c7:1b:13:65:ab:15:17:e4:
12:1a:92:96:da:51:87:d2:52:1d:d1:11:a8:df:a2:
e9:02:95:75:ac:17:4e:9a:58:9b:3c:fa:0e:84:8e:
ea:b3:42:54:86:c1:d0:e2:0b:ad:20:64:7e:cb:69:
3c:96:9a:b8:ef:fa:b8:76:c7:21:47:9d:a9:5a:24:
ab:70:ff:6a:dd:a6:16:69:56:d4:be:ce:c4:a2:e9:
52:4c:a8:2b:36:46:b7:a3:89:f2:7d:92:8b:5e:83:
3b:ed:48:85:91:c5:39:45:7c:9f:5c:c4:72:1f:b6:
09:ef:be:a5:8f:c6:6f:d4:56:34:4a:80:43:88:ad:
fc:12:e4:81:a8:4f:46:49:10:ea:72:f9:b5:ad:0e:
c4:d5:cf:19:c6:94:ee:fa:84:45:76:f0:4b:ca:eb:
8d:e2:85:5c:d0:76:4f:56:bd:77:21:d0:d9:5d:83:
52:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:6A:7F:A1:5F:C4:88:32:42:00:AA:AE:E8:C0:F8:38:BA:FA:D7:8A
X509v3 Authority Key Identifier:
keyid:6A:EA:24:B0:99:C3:2B:22:E4:E4:8B:B9:F2:6C:F5:78:BE:F6:BF:F3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F363BA19/0E7F1DF6962A11EC8671E6E05A40D577/auoksJnDKyLk5Iu58mz1eL72v_M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/auoksJnDKyLk5Iu58mz1eL72v_M.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F363BA19/0E7F1DF6962A11EC8671E6E05A40D577/9A8DC738C1BB11EFA0D36583762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
196.251.120.0/21
Signature Algorithm: sha256WithRSAEncryption
66:a2:3e:cf:47:f0:ab:4a:b6:78:ca:06:45:98:e7:ec:df:79:
39:6d:89:be:b2:b4:2b:16:41:8e:33:7f:bb:c3:53:e3:38:54:
7e:00:28:ee:2b:7c:10:01:d8:6a:ec:72:95:dd:85:b2:b0:b0:
36:1c:59:fa:6a:2a:d2:d7:cc:cb:53:1a:63:c2:2a:cb:49:3a:
72:7e:b2:3e:45:5f:7f:d4:12:5d:14:2b:60:35:44:6f:80:88:
2f:73:89:8f:72:89:33:a9:49:ff:fe:0d:1b:10:a0:fe:02:01:
1b:92:42:82:d0:09:5b:3b:d0:24:df:17:3b:3b:14:73:20:89:
3e:18:c2:9f:40:bb:be:89:bb:f4:c7:d9:2c:9e:41:d1:6d:49:
31:be:b9:b7:33:09:5c:3f:08:e2:8b:45:aa:cc:93:b0:b0:7a:
b0:7b:7e:fc:d3:ea:10:99:16:56:5f:a6:11:32:b7:6f:f9:e1:
5f:0a:db:39:e5:90:de:56:86:cd:1b:ec:8d:21:47:3f:41:37:
8a:06:9e:87:4b:62:90:52:46:61:26:98:f8:82:f5:ad:e2:35:
5f:66:be:ef:a2:76:03:7d:dd:f5:3b:ed:44:fa:b5:89:fd:54:
34:6b:cc:8b:34:db:3d:e9:bb:53:6a:99:20:36:66:91:90:83:
13:ca:8c:17
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICBC8wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
M0JBMTlBRjExMC8GA1UEBRMoNkFFQTI0QjA5OUMzMkIyMkU0RTQ4QkI5RjI2Q0Y1
NzhCRUY2QkZGMzAeFw0yNDEyMjQwNTU0NTNaFw0yNTEyMjQwNTU0NTNaMBgxFjAU
BgNVBAMTDTY3NmE0Y2IxLTcyZDkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC8FdCP2TBJdEOGP3/3rPjscp2bTamV186nwDyCsUT+3tPT3OA5ZWhED1q6
0tWnDBcsUNbJYoB05fkDBOxXZCn6eHmr9xOlLv4aB5FsEz+uNBjHGxNlqxUX5BIa
kpbaUYfSUh3REajfoukClXWsF06aWJs8+g6EjuqzQlSGwdDiC60gZH7LaTyWmrjv
+rh2xyFHnalaJKtw/2rdphZpVtS+zsSi6VJMqCs2RrejifJ9kotegzvtSIWRxTlF
fJ9cxHIftgnvvqWPxm/UVjRKgEOIrfwS5IGoT0ZJEOpy+bWtDsTVzxnGlO76hEV2
8EvK643ihVzQdk9WvXch0Nldg1I3AgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUoWp/
oV/EiDJCAKqu6MD4OLr614owHwYDVR0jBBgwFoAUauoksJnDKyLk5Iu58mz1eL72
v/MwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjNCQTE5LzBFN0YxREY2OTYyQTExRUM4NjcxRTZFMDVBNDBENTc3L2F1b2tz
Sm5ES3lMazVJdTU4bXoxZUw3MnZfTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL2F1b2tzSm5ES3lMazVJdTU4bXoxZUw3MnZfTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjNCQTE5LzBFN0YxREY2OTYyQTExRUM4NjcxRTZFMDVB
NDBENTc3LzlBOERDNzM4QzFCQjExRUZBMEQzNjU4Mzc2MkU5NTFBLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAPE+3gwDQYJKoZIhvcNAQEL
BQADggEBAGaiPs9H8KtKtnjKBkWY5+zfeTltib6ytCsWQY4zf7vDU+M4VH4AKO4r
fBAB2GrscpXdhbKwsDYcWfpqKtLXzMtTGmPCKstJOnJ+sj5FX3/UEl0UK2A1RG+A
iC9ziY9yiTOpSf/+DRsQoP4CARuSQoLQCVs70CTfFzs7FHMgiT4Ywp9Au76Ju/TH
2SyeQdFtSTG+ubczCVw/COKLRarMk7CwerB7fvzT6hCZFlZfphEyt2/54V8K2znl
kN5Whs0b7I0hRz9BN4oGnodLYpBSRmEmmPiC9a3iNV9mvu+idgN93fU77UT6tYn9
VDRrzIs02z3pu1NqmSA2ZpGQgxPKjBc=
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:33:00 2025 by rpki-client