Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F365958D/9CFE89C8EF0E11EFB212E46B762E951A/97ED3ED0F37211EFB23FFA43762E951A.roa
File: 97ED3ED0F37211EFB23FFA43762E951A.roa (raw, json)
Hash identifier: FgbPNGuclB/D94qa7xSHa4fIjOIEEHBK2ubtWZfrs/8=
Subject key identifier: 8B:20:62:B6:1B:93:2A:C3:5A:81:72:48:93:A9:58:3B:34:81:C2:CE
Certificate issuer: /CN=F365958DAF/serialNumber=178DDEF8BB3CFE4FBE013B923BC8AE22D645B302
Certificate serial: 1D
Authority key identifier: 17:8D:DE:F8:BB:3C:FE:4F:BE:01:3B:92:3B:C8:AE:22:D6:45:B3:02
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/F43e-Ls8_k--ATuSO8iuItZFswI.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F365958D/9CFE89C8EF0E11EFB212E46B762E951A/97ED3ED0F37211EFB23FFA43762E951A.roa
Signing time: Tue 25 Feb 2025 12:18:17 +0000
ROA not before: Tue 25 Feb 2025 12:18:14 +0000
ROA not after: Sat 25 Mar 2028 12:18:14 +0000
asID: 37284
IP address blocks: 102.209.32.0/22 maxlen: 22
102.209.32.0/24 maxlen: 24
102.209.33.0/24 maxlen: 24
102.209.34.0/24 maxlen: 24
102.209.35.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F365958D/9CFE89C8EF0E11EFB212E46B762E951A/F43e-Ls8_k--ATuSO8iuItZFswI.crl
rsync://rpki.afrinic.net/repository/member_repository/F365958D/9CFE89C8EF0E11EFB212E46B762E951A/F43e-Ls8_k--ATuSO8iuItZFswI.mft
rsync://rpki.afrinic.net/repository/afrinic/F43e-Ls8_k--ATuSO8iuItZFswI.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 29 (0x1d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F365958DAF
Validity
Not Before: Feb 25 12:18:14 2025 GMT
Not After : Mar 25 12:18:14 2028 GMT
Subject: CN=67bdb509-46a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:5f:58:f3:1e:03:8f:e6:e8:e4:83:02:a3:e9:
bb:8d:01:e0:a0:14:8a:33:eb:02:92:a9:d2:b8:2e:
87:d2:6a:8e:ea:90:b2:34:a0:85:8b:de:f1:22:92:
7d:52:9d:c8:55:f5:6f:12:f7:42:45:c5:2f:d4:b4:
09:9c:4c:47:d8:9b:87:7e:bf:8c:2b:e9:34:45:0d:
b6:c3:8d:e8:b5:dd:bf:fc:4b:e9:43:b9:5e:e0:7c:
17:f0:85:f2:3e:ba:c7:a5:10:72:fe:79:15:a4:69:
a3:61:59:1e:a8:71:f9:af:32:df:62:46:04:f3:71:
26:34:5d:51:a3:a4:1f:8b:1c:03:f2:e1:cd:18:41:
65:f0:a7:20:c0:86:85:97:89:ed:5c:54:26:70:b0:
2e:1f:b4:9d:f2:72:45:ef:06:cb:f3:26:9d:f5:b3:
50:42:0d:89:f5:2d:7b:54:b4:d8:11:ef:af:4c:10:
3f:b5:17:38:2a:77:1b:eb:5f:03:03:a9:c8:cb:00:
bd:05:35:ba:93:21:3b:b0:21:62:ca:70:3b:9d:35:
b2:cc:41:ef:b6:5f:4d:9c:6a:f4:04:2c:94:78:c5:
49:f6:d9:8c:09:bc:0d:cd:c5:28:54:a0:5c:48:5a:
48:e3:6d:53:cf:1a:db:47:c8:f7:d2:30:74:6e:98:
bd:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:20:62:B6:1B:93:2A:C3:5A:81:72:48:93:A9:58:3B:34:81:C2:CE
X509v3 Authority Key Identifier:
keyid:17:8D:DE:F8:BB:3C:FE:4F:BE:01:3B:92:3B:C8:AE:22:D6:45:B3:02
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F365958D/9CFE89C8EF0E11EFB212E46B762E951A/F43e-Ls8_k--ATuSO8iuItZFswI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/F43e-Ls8_k--ATuSO8iuItZFswI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F365958D/9CFE89C8EF0E11EFB212E46B762E951A/97ED3ED0F37211EFB23FFA43762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.209.32.0/22
Signature Algorithm: sha256WithRSAEncryption
7d:1f:d1:5f:82:0e:e3:fe:93:08:d8:9e:3c:12:bf:2e:fe:8d:
25:3e:a4:67:cd:e8:c0:6b:10:18:43:23:8e:ca:3a:c0:08:62:
81:9f:45:04:67:56:d3:e9:95:51:2b:be:14:0a:ec:4c:68:a0:
9a:e6:34:54:58:ec:24:34:ff:23:28:18:ce:14:54:2f:8a:a0:
06:4d:88:00:08:85:3d:91:18:24:47:ad:d7:6b:86:ef:a4:cb:
d0:d7:d1:b5:38:c0:16:26:a0:46:a0:6c:5b:a4:07:fc:ea:7f:
b0:ba:25:d4:a2:33:87:eb:8a:6d:d1:a0:4a:0c:f3:77:18:eb:
2c:10:22:4f:fb:b4:82:f4:d0:21:80:78:22:5d:84:db:d3:a4:
10:39:e1:ea:12:02:a9:91:b0:3a:5f:bd:3f:ab:2c:e5:2c:96:
ca:75:5a:01:9e:d0:6d:44:d7:61:5e:6e:fc:af:6f:c4:3a:60:
24:95:be:04:25:65:ff:5c:08:a4:95:c8:34:6d:a1:cc:96:ea:
e6:af:18:b1:6c:c5:4f:af:36:83:00:f0:eb:60:56:d2:03:b3:
98:89:d8:20:d9:c6:8d:30:1a:76:9f:dc:f1:df:fe:16:f0:b5:
8f:4e:1d:3b:d1:75:6f:88:21:7b:dc:0c:ec:9b:cf:43:b7:5a:
4d:ba:61:24
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBHTANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY1
OTU4REFGMTEwLwYDVQQFEygxNzhEREVGOEJCM0NGRTRGQkUwMTNCOTIzQkM4QUUy
MkQ2NDVCMzAyMB4XDTI1MDIyNTEyMTgxNFoXDTI4MDMyNTEyMTgxNFowGDEWMBQG
A1UEAxMNNjdiZGI1MDktNDZhOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM5fWPMeA4/m6OSDAqPpu40B4KAUijPrApKp0rguh9JqjuqQsjSghYve8SKS
fVKdyFX1bxL3QkXFL9S0CZxMR9ibh36/jCvpNEUNtsON6LXdv/xL6UO5XuB8F/CF
8j66x6UQcv55FaRpo2FZHqhx+a8y32JGBPNxJjRdUaOkH4scA/LhzRhBZfCnIMCG
hZeJ7VxUJnCwLh+0nfJyRe8Gy/MmnfWzUEINifUte1S02BHvr0wQP7UXOCp3G+tf
AwOpyMsAvQU1upMhO7AhYspwO501ssxB77ZfTZxq9AQslHjFSfbZjAm8Dc3FKFSg
XEhaSONtU88a20fI99IwdG6YvdcCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBSLIGK2
G5Mqw1qBckiTqVg7NIHCzjAfBgNVHSMEGDAWgBQXjd74uzz+T74BO5I7yK4i1kWz
AjAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NTk1OEQvOUNGRTg5QzhFRjBFMTFFRkIyMTJFNDZCNzYyRTk1MUEvRjQzZS1M
czhfay0tQVR1U084aXVJdFpGc3dJLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvRjQzZS1Mczhfay0tQVR1U084aXVJdFpGc3dJLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2NTk1OEQvOUNGRTg5QzhFRjBFMTFFRkIyMTJFNDZCNzYy
RTk1MUEvOTdFRDNFRDBGMzcyMTFFRkIyM0ZGQTQzNzYyRTk1MUEucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAmbRIDANBgkqhkiG9w0BAQsF
AAOCAQEAfR/RX4IO4/6TCNiePBK/Lv6NJT6kZ83owGsQGEMjjso6wAhigZ9FBGdW
0+mVUSu+FArsTGigmuY0VFjsJDT/IygYzhRUL4qgBk2IAAiFPZEYJEet12uG76TL
0NfRtTjAFiagRqBsW6QH/Op/sLol1KIzh+uKbdGgSgzzdxjrLBAiT/u0gvTQIYB4
Il2E29OkEDnh6hICqZGwOl+9P6ss5SyWynVaAZ7QbUTXYV5u/K9vxDpgJJW+BCVl
/1wIpJXING2hzJbq5q8YsWzFT682gwDw62BW0gOzmInYINnGjTAadp/c8d/+FvC1
j04dO9F1b4ghe9wM7JvPQ7daTbphJA==
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:54:53 2025 by rpki-client