Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F364789C/72EFAF4C910111EABD3F2473F8AEA228/AE414C1EFDCA11EFB623BE90762E951A.roa
File: AE414C1EFDCA11EFB623BE90762E951A.roa (raw, json)
Hash identifier: Y5HeKaAGek99xysljagPwhZ+CgojdV1z+NsdhuzC9jQ=
Subject key identifier: 79:44:27:AC:C0:6F:5D:80:84:31:88:36:36:1F:86:C1:8B:F9:BD:E8
Certificate issuer: /CN=F364789CAF/serialNumber=D1F7C00EF3EB06E8817CFDC1DB96060407E49C0D
Certificate serial: 0740
Authority key identifier: D1:F7:C0:0E:F3:EB:06:E8:81:7C:FD:C1:DB:96:06:04:07:E4:9C:0D
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/0ffADvPrBuiBfP3B25YGBAfknA0.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F364789C/72EFAF4C910111EABD3F2473F8AEA228/AE414C1EFDCA11EFB623BE90762E951A.roa
Signing time: Mon 10 Mar 2025 16:14:02 +0000
ROA not before: Mon 10 Mar 2025 16:13:57 +0000
ROA not after: Thu 22 Mar 2035 16:13:57 +0000
asID: 328608
IP address blocks: 102.223.199.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F364789C/72EFAF4C910111EABD3F2473F8AEA228/0ffADvPrBuiBfP3B25YGBAfknA0.crl
rsync://rpki.afrinic.net/repository/member_repository/F364789C/72EFAF4C910111EABD3F2473F8AEA228/0ffADvPrBuiBfP3B25YGBAfknA0.mft
rsync://rpki.afrinic.net/repository/afrinic/0ffADvPrBuiBfP3B25YGBAfknA0.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 13 Apr 2025 00:12:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1856 (0x740)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F364789CAF
Validity
Not Before: Mar 10 16:13:57 2025 GMT
Not After : Mar 22 16:13:57 2035 GMT
Subject: CN=67cf0fca-41fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:09:17:96:e6:b9:38:a9:cd:a3:5c:ba:35:35:
33:08:26:f8:ae:50:8f:37:65:93:37:0e:e7:ec:57:
5f:32:f4:21:e6:be:8d:42:29:96:b3:98:7c:03:b3:
33:9e:47:86:47:21:ad:ef:e6:7e:ee:ed:61:33:19:
ce:4d:ca:1b:3d:bd:d6:11:d5:9c:ec:b0:ca:e7:60:
a8:cc:d4:e4:1f:ef:6c:f9:8e:72:a5:f3:13:16:bb:
1b:5a:21:4a:37:36:9b:37:9d:64:aa:d0:b6:4e:96:
e9:8b:bb:32:0b:d8:2a:fa:9e:01:55:22:93:4e:2f:
18:ec:d8:f0:1c:4a:97:70:20:8e:5e:a8:96:35:60:
84:1e:50:60:a6:b7:9d:e5:10:f2:de:e8:46:c4:cd:
40:93:37:03:2a:f5:b7:5e:d5:06:72:7d:9b:76:e6:
ba:40:47:fe:f4:47:36:18:47:c8:ce:df:26:07:98:
c7:7c:c9:07:a5:ec:6c:63:36:a5:4e:2e:f1:40:20:
c9:9a:ec:29:23:85:35:bc:a1:64:69:44:b4:73:c9:
1f:57:21:55:cc:d8:c1:9b:6e:f4:b4:27:5d:f6:7c:
3b:8e:b0:5a:a7:70:3d:8e:ed:dc:da:19:ea:57:0e:
19:76:16:08:10:28:04:8e:f8:49:0b:ae:b1:fb:21:
15:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:44:27:AC:C0:6F:5D:80:84:31:88:36:36:1F:86:C1:8B:F9:BD:E8
X509v3 Authority Key Identifier:
keyid:D1:F7:C0:0E:F3:EB:06:E8:81:7C:FD:C1:DB:96:06:04:07:E4:9C:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F364789C/72EFAF4C910111EABD3F2473F8AEA228/0ffADvPrBuiBfP3B25YGBAfknA0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/0ffADvPrBuiBfP3B25YGBAfknA0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F364789C/72EFAF4C910111EABD3F2473F8AEA228/AE414C1EFDCA11EFB623BE90762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.223.199.0/24
Signature Algorithm: sha256WithRSAEncryption
32:97:55:ce:23:e8:6a:0c:70:1e:5a:85:50:e8:22:e6:14:ef:
88:34:08:b9:32:ff:a1:5f:6f:c6:47:05:52:96:7c:0f:74:6d:
46:fd:91:a3:09:ac:55:d4:ff:51:fc:0f:39:08:f7:d2:2c:a2:
2a:c4:33:6c:6e:ee:9a:7e:90:b8:d2:d1:d7:e5:0b:b7:00:df:
b0:bd:33:f0:7a:7a:f6:46:1b:e8:48:d6:1f:77:98:d0:dd:5c:
83:1d:ff:90:8c:fb:94:f5:ea:8b:65:5d:6b:94:da:d6:a3:46:
91:ea:d1:d7:24:48:bc:5c:b6:5f:3a:6c:4c:3e:ef:f3:25:77:
15:01:00:b8:d1:9c:bd:37:95:00:db:72:45:13:3c:08:bd:19:
a1:c6:31:22:2c:43:7b:40:f3:f4:ef:8b:59:1e:14:49:e8:3c:
3f:a7:6e:e6:7d:d7:ab:2d:a0:2a:58:05:c2:b8:fb:f6:b7:bb:
a5:dd:d1:31:49:5f:ea:ae:20:34:e0:06:be:f2:f5:b2:85:96:
26:b3:3d:95:b4:a8:39:c7:46:92:59:88:17:f3:ea:4a:43:28:
4b:87:43:dc:c9:cf:78:7e:d5:da:54:82:85:c3:cf:f8:ce:35:
3c:56:fa:97:44:0e:60:16:5a:37:4c:67:31:7c:9b:5b:be:33:
b0:55:7b:1d
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICB0AwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
NDc4OUNBRjExMC8GA1UEBRMoRDFGN0MwMEVGM0VCMDZFODgxN0NGREMxREI5NjA2
MDQwN0U0OUMwRDAeFw0yNTAzMTAxNjEzNTdaFw0zNTAzMjIxNjEzNTdaMBgxFjAU
BgNVBAMTDTY3Y2YwZmNhLTQxZmUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDDCReW5rk4qc2jXLo1NTMIJviuUI83ZZM3DufsV18y9CHmvo1CKZazmHwD
szOeR4ZHIa3v5n7u7WEzGc5Nyhs9vdYR1ZzssMrnYKjM1OQf72z5jnKl8xMWuxta
IUo3Nps3nWSq0LZOlumLuzIL2Cr6ngFVIpNOLxjs2PAcSpdwII5eqJY1YIQeUGCm
t53lEPLe6EbEzUCTNwMq9bde1QZyfZt25rpAR/70RzYYR8jO3yYHmMd8yQel7Gxj
NqVOLvFAIMma7CkjhTW8oWRpRLRzyR9XIVXM2MGbbvS0J132fDuOsFqncD2O7dza
GepXDhl2FggQKASO+EkLrrH7IRUDAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUeUQn
rMBvXYCEMYg2Nh+GwYv5vegwHwYDVR0jBBgwFoAU0ffADvPrBuiBfP3B25YGBAfk
nA0wDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjQ3ODlDLzcyRUZBRjRDOTEwMTExRUFCRDNGMjQ3M0Y4QUVBMjI4LzBmZkFE
dlByQnVpQmZQM0IyNVlHQkFma25BMC5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljLzBmZkFEdlByQnVpQmZQM0IyNVlHQkFma25BMC5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjQ3ODlDLzcyRUZBRjRDOTEwMTExRUFCRDNGMjQ3M0Y4
QUVBMjI4L0FFNDE0QzFFRkRDQTExRUZCNjIzQkU5MDc2MkU5NTFBLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABm38cwDQYJKoZIhvcNAQEL
BQADggEBADKXVc4j6GoMcB5ahVDoIuYU74g0CLky/6Ffb8ZHBVKWfA90bUb9kaMJ
rFXU/1H8DzkI99IsoirEM2xu7pp+kLjS0dflC7cA37C9M/B6evZGG+hI1h93mNDd
XIMd/5CM+5T16otlXWuU2tajRpHq0dckSLxctl86bEw+7/MldxUBALjRnL03lQDb
ckUTPAi9GaHGMSIsQ3tA8/Tvi1keFEnoPD+nbuZ916stoCpYBcK4+/a3u6Xd0TFJ
X+quIDTgBr7y9bKFliazPZW0qDnHRpJZiBfz6kpDKEuHQ9zJz3h+1dpUgoXDz/jO
NTxW+pdEDmAWWjdMZzF8m1u+M7BVex0=
-----END CERTIFICATE-----
Generated at Fri Apr 11 23:35:10 2025 by rpki-client