Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F363BA19/0E7F1DF6962A11EC8671E6E05A40D577/DB8EC176096C11F09BE9C74F762E951A.roa
File: DB8EC176096C11F09BE9C74F762E951A.roa (raw, json)
Hash identifier: h4MBmDcNBPMthnUh5NstKgwMC04soDtmu4J3XUHziYM=
Subject key identifier: 0E:12:62:DA:F3:36:65:B5:47:E0:7C:B7:1D:50:89:D9:58:0D:A0:EC
Certificate issuer: /CN=F363BA19AF/serialNumber=6AEA24B099C32B22E4E48BB9F26CF578BEF6BFF3
Certificate serial: 0822
Authority key identifier: 6A:EA:24:B0:99:C3:2B:22:E4:E4:8B:B9:F2:6C:F5:78:BE:F6:BF:F3
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/auoksJnDKyLk5Iu58mz1eL72v_M.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F363BA19/0E7F1DF6962A11EC8671E6E05A40D577/DB8EC176096C11F09BE9C74F762E951A.roa
Signing time: Tue 25 Mar 2025 11:32:39 +0000
ROA not before: Tue 25 Mar 2025 11:32:36 +0000
ROA not after: Wed 25 Mar 2026 11:32:36 +0000
asID: 2914
IP address blocks: 102.135.76.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F363BA19/0E7F1DF6962A11EC8671E6E05A40D577/auoksJnDKyLk5Iu58mz1eL72v_M.crl
rsync://rpki.afrinic.net/repository/member_repository/F363BA19/0E7F1DF6962A11EC8671E6E05A40D577/auoksJnDKyLk5Iu58mz1eL72v_M.mft
rsync://rpki.afrinic.net/repository/afrinic/auoksJnDKyLk5Iu58mz1eL72v_M.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:06:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2082 (0x822)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F363BA19AF
Validity
Not Before: Mar 25 11:32:36 2025 GMT
Not After : Mar 25 11:32:36 2026 GMT
Subject: CN=67e29457-2885
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:b7:89:86:58:a8:a9:39:da:b5:77:eb:83:7f:
f4:62:65:6a:31:cc:40:f5:9c:b9:5d:d9:51:a5:8e:
9f:28:64:67:e5:33:6d:85:5a:70:bb:56:b4:15:82:
5c:28:7a:77:1a:81:9f:d4:aa:de:32:97:3a:b8:8e:
6c:d4:7d:4e:02:24:60:38:68:84:fa:3e:58:15:8a:
fe:ff:00:18:00:61:fe:37:1f:0c:42:2b:ad:e5:02:
73:0d:66:f2:8c:86:4b:c1:26:e2:c8:b9:da:ea:25:
bd:03:bf:b2:83:fe:62:07:3c:31:fa:f7:04:44:40:
a0:47:53:d4:4d:bf:47:8a:cf:6d:e6:44:17:e1:6f:
2d:d5:32:be:97:98:ec:89:51:c6:20:3d:99:eb:6a:
d4:26:75:78:25:27:be:b6:03:b2:18:46:67:52:d2:
4b:bb:e2:bd:32:43:69:0f:07:f6:aa:41:81:92:fa:
8b:81:74:0a:f7:67:f5:2e:64:40:43:d8:45:19:b7:
4d:f0:22:a9:e1:b4:01:99:f4:66:ef:a7:43:a7:d7:
7c:96:49:88:ff:92:e7:3d:a7:d6:8b:d3:d6:5b:0c:
e5:02:24:a2:ae:e6:f7:7d:ff:a8:fa:33:aa:29:99:
ff:b1:49:0d:b9:35:f8:cf:f4:b4:a4:8b:ef:93:dd:
94:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:12:62:DA:F3:36:65:B5:47:E0:7C:B7:1D:50:89:D9:58:0D:A0:EC
X509v3 Authority Key Identifier:
keyid:6A:EA:24:B0:99:C3:2B:22:E4:E4:8B:B9:F2:6C:F5:78:BE:F6:BF:F3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F363BA19/0E7F1DF6962A11EC8671E6E05A40D577/auoksJnDKyLk5Iu58mz1eL72v_M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/auoksJnDKyLk5Iu58mz1eL72v_M.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F363BA19/0E7F1DF6962A11EC8671E6E05A40D577/DB8EC176096C11F09BE9C74F762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.135.76.0/24
Signature Algorithm: sha256WithRSAEncryption
98:2a:43:11:80:32:b3:ec:e9:f7:c1:58:04:75:e4:ef:95:c6:
3c:f9:19:d5:63:9b:75:29:bd:6e:88:e8:f7:b0:a9:80:b7:6d:
2b:8a:d8:4f:4a:0a:55:8e:d3:e1:6b:cb:78:23:0f:67:e3:36:
ba:18:5f:63:a8:3c:8e:49:a5:dd:28:75:4a:1b:81:23:98:3f:
80:e9:16:02:02:e7:28:a2:62:85:a2:1c:01:2f:3e:81:74:27:
bd:c2:19:9b:eb:46:95:0c:32:72:2d:2f:e7:36:0d:c5:93:34:
ff:38:c3:21:b0:3a:e2:41:e5:cd:e5:d5:db:4b:ca:46:03:bf:
8d:29:f9:18:6f:bb:2f:26:7f:1e:1c:f6:ad:be:1b:c5:f3:53:
b6:16:46:ed:bd:0b:79:9a:76:36:b9:37:f9:0e:7e:d1:77:c2:
3d:0d:fd:22:e4:21:0b:b0:bb:20:a1:83:78:ac:bb:fa:c8:df:
ba:46:61:5f:da:3c:97:22:bd:7a:12:2d:97:ba:47:b3:72:dc:
63:45:b3:72:bf:dd:c7:3c:83:fb:19:24:db:b3:4a:c5:83:0e:
75:bd:a4:f7:3f:e6:d0:76:5f:20:f2:60:d2:6b:d2:ec:04:c6:
d2:fc:2e:73:8c:7c:73:cf:5a:29:7c:8f:57:5c:20:a6:c9:3d:
7d:d2:61:aa
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICCCIwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
M0JBMTlBRjExMC8GA1UEBRMoNkFFQTI0QjA5OUMzMkIyMkU0RTQ4QkI5RjI2Q0Y1
NzhCRUY2QkZGMzAeFw0yNTAzMjUxMTMyMzZaFw0yNjAzMjUxMTMyMzZaMBgxFjAU
BgNVBAMTDTY3ZTI5NDU3LTI4ODUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDnt4mGWKipOdq1d+uDf/RiZWoxzED1nLld2VGljp8oZGflM22FWnC7VrQV
glwoencagZ/Uqt4ylzq4jmzUfU4CJGA4aIT6PlgViv7/ABgAYf43HwxCK63lAnMN
ZvKMhkvBJuLIudrqJb0Dv7KD/mIHPDH69wREQKBHU9RNv0eKz23mRBfhby3VMr6X
mOyJUcYgPZnratQmdXglJ762A7IYRmdS0ku74r0yQ2kPB/aqQYGS+ouBdAr3Z/Uu
ZEBD2EUZt03wIqnhtAGZ9Gbvp0On13yWSYj/kuc9p9aL09ZbDOUCJKKu5vd9/6j6
M6opmf+xSQ25NfjP9LSki++T3ZQJAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUDhJi
2vM2ZbVH4Hy3HVCJ2VgNoOwwHwYDVR0jBBgwFoAUauoksJnDKyLk5Iu58mz1eL72
v/MwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjNCQTE5LzBFN0YxREY2OTYyQTExRUM4NjcxRTZFMDVBNDBENTc3L2F1b2tz
Sm5ES3lMazVJdTU4bXoxZUw3MnZfTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL2F1b2tzSm5ES3lMazVJdTU4bXoxZUw3MnZfTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjNCQTE5LzBFN0YxREY2OTYyQTExRUM4NjcxRTZFMDVB
NDBENTc3L0RCOEVDMTc2MDk2QzExRjA5QkU5Qzc0Rjc2MkU5NTFBLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABmh0wwDQYJKoZIhvcNAQEL
BQADggEBAJgqQxGAMrPs6ffBWAR15O+Vxjz5GdVjm3UpvW6I6PewqYC3bSuK2E9K
ClWO0+Fry3gjD2fjNroYX2OoPI5Jpd0odUobgSOYP4DpFgIC5yiiYoWiHAEvPoF0
J73CGZvrRpUMMnItL+c2DcWTNP84wyGwOuJB5c3l1dtLykYDv40p+Rhvuy8mfx4c
9q2+G8XzU7YWRu29C3madja5N/kOftF3wj0N/SLkIQuwuyChg3isu/rI37pGYV/a
PJcivXoSLZe6R7Ny3GNFs3K/3cc8g/sZJNuzSsWDDnW9pPc/5tB2XyDyYNJr0uwE
xtL8LnOMfHPPWil8j1dcIKbJPX3SYao=
-----END CERTIFICATE-----
Generated at Sat Apr 5 06:32:02 2025 by rpki-client