Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F363C4A6/82599DF6AD5011EFB697D675762E951A/7DDDEAB0AD5111EFA8CB627A762E951A.roa
File: 7DDDEAB0AD5111EFA8CB627A762E951A.roa (raw, json)
Hash identifier: dvM01EkOXh9FWTfE/7UMNp1k9IOWCI+KkRyoJeJVDAA=
Subject key identifier: AD:A7:D2:EE:7E:51:1D:FD:CA:6D:9D:C8:46:31:F7:27:52:E7:20:FB
Certificate issuer: /CN=F363C4A6AF/serialNumber=F7C60837C80C57C4DBC9BB016008303C94FBA2A9
Certificate serial: 02
Authority key identifier: F7:C6:08:37:C8:0C:57:C4:DB:C9:BB:01:60:08:30:3C:94:FB:A2:A9
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/98YIN8gMV8TbybsBYAgwPJT7oqk.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F363C4A6/82599DF6AD5011EFB697D675762E951A/7DDDEAB0AD5111EFA8CB627A762E951A.roa
Signing time: Thu 28 Nov 2024 06:24:59 +0000
ROA not before: Thu 28 Nov 2024 06:24:55 +0000
ROA not after: Mon 28 Nov 2044 06:24:55 +0000
asID: 328791
IP address blocks: 102.221.74.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F363C4A6/82599DF6AD5011EFB697D675762E951A/98YIN8gMV8TbybsBYAgwPJT7oqk.crl
rsync://rpki.afrinic.net/repository/member_repository/F363C4A6/82599DF6AD5011EFB697D675762E951A/98YIN8gMV8TbybsBYAgwPJT7oqk.mft
rsync://rpki.afrinic.net/repository/afrinic/98YIN8gMV8TbybsBYAgwPJT7oqk.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 03:20:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F363C4A6AF
Validity
Not Before: Nov 28 06:24:55 2024 GMT
Not After : Nov 28 06:24:55 2044 GMT
Subject: CN=67480cbb-550a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:51:a5:f4:43:3b:fa:c1:b9:54:b8:49:e7:e5:
11:1a:da:0a:1f:9b:6e:67:0b:bd:84:3c:db:8a:77:
70:1f:b6:1e:9b:c4:4d:aa:7f:1a:da:ca:5f:7d:a3:
cf:07:71:d2:ee:67:5b:63:68:ac:30:f8:c7:34:0c:
5f:2e:ce:32:fc:98:1e:07:b2:9d:92:75:e4:2a:86:
14:8b:4e:cb:bf:9d:97:e2:ad:59:a7:ae:fe:f4:c6:
58:ce:37:04:64:67:d2:f2:c5:63:35:be:65:f9:26:
38:1d:be:c5:79:fb:1d:06:b4:a4:bc:78:66:50:29:
2e:0f:7e:5a:92:36:a3:fb:3d:c1:58:b8:a4:a8:c0:
cb:49:73:62:ab:53:f6:63:5a:72:73:98:e4:48:82:
5e:be:29:a5:81:04:e2:18:4a:36:6f:74:61:37:b4:
93:6b:6b:aa:94:3f:14:47:b2:95:86:fb:b3:d8:ed:
80:58:9c:97:a1:0e:4d:08:b7:5b:26:f4:d5:8a:86:
a2:18:8d:c3:59:14:54:5a:43:f0:7b:ac:2f:0a:96:
65:49:e3:f8:c5:d0:b1:ee:54:80:57:d2:a8:06:93:
6f:0c:a9:4f:a2:dc:38:2e:d7:55:73:36:1e:f0:c5:
2d:77:f8:41:e6:8f:ec:c4:93:91:d2:cb:68:d3:dc:
75:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:A7:D2:EE:7E:51:1D:FD:CA:6D:9D:C8:46:31:F7:27:52:E7:20:FB
X509v3 Authority Key Identifier:
keyid:F7:C6:08:37:C8:0C:57:C4:DB:C9:BB:01:60:08:30:3C:94:FB:A2:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F363C4A6/82599DF6AD5011EFB697D675762E951A/98YIN8gMV8TbybsBYAgwPJT7oqk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/98YIN8gMV8TbybsBYAgwPJT7oqk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F363C4A6/82599DF6AD5011EFB697D675762E951A/7DDDEAB0AD5111EFA8CB627A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.221.74.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:bf:3e:57:0d:c7:af:a7:2e:c5:88:ef:3e:58:dd:d5:f2:3a:
8b:3b:58:cd:c5:4e:c3:86:1b:b9:29:57:f8:1c:f2:c3:89:88:
91:50:51:25:02:56:ea:10:7d:c0:b9:78:90:76:52:c9:5b:e0:
7f:48:af:73:82:ff:02:7b:ab:77:b9:00:ac:d9:6a:13:f8:bc:
aa:fc:67:b6:ae:4f:de:12:65:34:ae:3c:89:af:a1:9c:73:be:
e1:8e:06:cd:11:7e:63:4a:2b:1c:83:0c:1f:d3:b5:78:d6:75:
97:6f:99:ea:58:ce:56:f5:21:63:6a:22:fb:51:f2:71:73:aa:
a0:ce:e7:13:8d:98:91:4a:ff:7c:a5:fc:d5:3d:c9:a4:2b:ff:
95:dd:fe:0a:a1:23:ed:14:a7:3e:ac:2a:6b:da:8c:1b:95:32:
f9:d5:64:9f:37:12:8c:fa:eb:1d:2b:2a:89:61:05:f2:3f:92:
0e:da:8e:92:01:54:cd:c9:a4:2f:ff:77:20:db:96:70:5f:59:
7b:ef:f6:0f:6e:72:71:7e:71:c6:5e:32:d3:8c:a0:56:d8:32:
8d:2f:12:32:1e:5c:63:4f:16:00:8e:21:4f:57:24:d1:8a:ca:
01:2a:66:d0:0c:ca:25:bf:22:16:f9:0c:fb:f0:0c:a5:6c:fc:
e6:fe:ae:f5
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzYz
QzRBNkFGMTEwLwYDVQQFEyhGN0M2MDgzN0M4MEM1N0M0REJDOUJCMDE2MDA4MzAz
Qzk0RkJBMkE5MB4XDTI0MTEyODA2MjQ1NVoXDTQ0MTEyODA2MjQ1NVowGDEWMBQG
A1UEAxMNNjc0ODBjYmItNTUwYTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALBRpfRDO/rBuVS4SeflERraCh+bbmcLvYQ824p3cB+2HpvETap/GtrKX32j
zwdx0u5nW2NorDD4xzQMXy7OMvyYHgeynZJ15CqGFItOy7+dl+KtWaeu/vTGWM43
BGRn0vLFYzW+ZfkmOB2+xXn7HQa0pLx4ZlApLg9+WpI2o/s9wVi4pKjAy0lzYqtT
9mNacnOY5EiCXr4ppYEE4hhKNm90YTe0k2trqpQ/FEeylYb7s9jtgFicl6EOTQi3
Wyb01YqGohiNw1kUVFpD8HusLwqWZUnj+MXQse5UgFfSqAaTbwypT6LcOC7XVXM2
HvDFLXf4QeaP7MSTkdLLaNPcdTUCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBStp9Lu
flEd/cptnchGMfcnUucg+zAfBgNVHSMEGDAWgBT3xgg3yAxXxNvJuwFgCDA8lPui
qTAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2M0M0QTYvODI1OTlERjZBRDUwMTFFRkI2OTdENjc1NzYyRTk1MUEvOThZSU44
Z01WOFRieWJzQllBZ3dQSlQ3b3FrLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvOThZSU44Z01WOFRieWJzQllBZ3dQSlQ3b3FrLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2M0M0QTYvODI1OTlERjZBRDUwMTFFRkI2OTdENjc1NzYy
RTk1MUEvN0REREVBQjBBRDUxMTFFRkE4Q0I2MjdBNzYyRTk1MUEucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAGbdSjANBgkqhkiG9w0BAQsF
AAOCAQEAL78+Vw3Hr6cuxYjvPljd1fI6iztYzcVOw4YbuSlX+Bzyw4mIkVBRJQJW
6hB9wLl4kHZSyVvgf0ivc4L/Anurd7kArNlqE/i8qvxntq5P3hJlNK48ia+hnHO+
4Y4GzRF+Y0orHIMMH9O1eNZ1l2+Z6ljOVvUhY2oi+1HycXOqoM7nE42YkUr/fKX8
1T3JpCv/ld3+CqEj7RSnPqwqa9qMG5Uy+dVknzcSjPrrHSsqiWEF8j+SDtqOkgFU
zcmkL/93INuWcF9Ze+/2D25ycX5xxl4y04ygVtgyjS8SMh5cY08WAI4hT1ck0YrK
ASpm0AzKJb8iFvkM+/AMpWz85v6u9Q==
-----END CERTIFICATE-----
Generated at Wed Feb 5 15:43:51 2025 by rpki-client