Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F365BE89/099B483ABE8E11EEB195A98E775412E6/3D3FB4EEFD8C11EFBEF68376762E951A.roa
File: 3D3FB4EEFD8C11EFBEF68376762E951A.roa (raw, json)
Hash identifier: WZ+UxNc2jtefkjQfrz80B/fFxtNwMmYTFahRt37o5SQ=
Subject key identifier: 5C:E6:C2:36:C5:EA:10:82:43:D7:69:8F:3E:DB:46:97:52:A9:ED:00
Certificate issuer: /CN=F365BE89AF/serialNumber=C3B4A3DDB2DACFC5388EEEC7359D214664496A01
Certificate serial: 01D6
Authority key identifier: C3:B4:A3:DD:B2:DA:CF:C5:38:8E:EE:C7:35:9D:21:46:64:49:6A:01
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/w7Sj3bLaz8U4ju7HNZ0hRmRJagE.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F365BE89/099B483ABE8E11EEB195A98E775412E6/3D3FB4EEFD8C11EFBEF68376762E951A.roa
Signing time: Mon 10 Mar 2025 08:47:04 +0000
ROA not before: Mon 10 Mar 2025 08:47:00 +0000
ROA not after: Sat 10 Mar 2035 08:47:00 +0000
asID: 329007
IP address blocks: 102.216.252.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F365BE89/099B483ABE8E11EEB195A98E775412E6/w7Sj3bLaz8U4ju7HNZ0hRmRJagE.crl
rsync://rpki.afrinic.net/repository/member_repository/F365BE89/099B483ABE8E11EEB195A98E775412E6/w7Sj3bLaz8U4ju7HNZ0hRmRJagE.mft
rsync://rpki.afrinic.net/repository/afrinic/w7Sj3bLaz8U4ju7HNZ0hRmRJagE.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 05 Apr 2025 02:53:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 470 (0x1d6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F365BE89AF
Validity
Not Before: Mar 10 08:47:00 2025 GMT
Not After : Mar 10 08:47:00 2035 GMT
Subject: CN=67cea708-21f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:22:1e:06:6a:30:c7:8f:66:83:48:da:7b:82:
34:81:b3:61:8c:c2:69:57:cc:9d:72:9e:75:c6:27:
71:a6:7d:13:1a:52:28:10:04:20:fe:07:0e:dc:31:
b4:ce:c9:15:ea:35:55:22:85:aa:96:69:b6:c4:e9:
78:8a:4c:16:59:fd:55:b6:fd:22:76:2b:e8:74:7e:
1b:5b:f9:d5:89:99:86:1c:3c:12:52:42:18:08:3f:
49:05:88:0a:51:3d:8d:d4:d5:79:8d:50:73:2a:7a:
de:c6:6c:7c:41:77:62:81:40:8c:49:ed:0e:ab:7c:
af:14:dd:e6:53:3d:15:98:de:db:0a:e6:ec:f1:c2:
f2:62:c3:fc:96:ca:a2:44:af:e0:b1:25:b2:fa:93:
cd:2a:f4:55:77:69:bf:29:01:a3:5c:24:02:5a:1f:
76:3d:23:f3:34:4e:98:51:6f:b8:b4:9b:0f:b9:e3:
b0:b8:8a:07:c9:57:95:eb:2e:92:d5:29:6d:c2:7c:
2d:22:5f:75:96:75:cd:8f:11:9b:bf:b1:b6:56:b3:
89:15:d4:76:0f:53:f3:b8:03:8f:3b:e3:ab:69:f5:
9d:25:63:83:56:3a:70:63:ff:cd:cd:6d:54:81:88:
e8:e0:16:45:04:09:c4:c1:f7:a6:d9:97:ef:65:9c:
cf:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:E6:C2:36:C5:EA:10:82:43:D7:69:8F:3E:DB:46:97:52:A9:ED:00
X509v3 Authority Key Identifier:
keyid:C3:B4:A3:DD:B2:DA:CF:C5:38:8E:EE:C7:35:9D:21:46:64:49:6A:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F365BE89/099B483ABE8E11EEB195A98E775412E6/w7Sj3bLaz8U4ju7HNZ0hRmRJagE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/w7Sj3bLaz8U4ju7HNZ0hRmRJagE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F365BE89/099B483ABE8E11EEB195A98E775412E6/3D3FB4EEFD8C11EFBEF68376762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.216.252.0/22
Signature Algorithm: sha256WithRSAEncryption
0c:e4:bf:83:8a:c2:23:78:a8:20:ca:70:4b:7b:dd:db:ab:9d:
23:52:e0:1d:58:35:db:9a:e0:90:e7:92:39:97:be:2d:c7:0d:
89:f0:b6:10:80:ee:18:5e:75:3a:a4:22:a6:b9:0f:72:b3:b8:
18:92:f6:97:d4:50:3a:ee:2d:c7:92:fa:6d:b0:13:0c:bc:36:
35:19:c3:af:70:e3:8f:60:03:20:4e:49:20:45:eb:ee:ef:70:
72:78:ef:31:84:21:4c:9a:10:4b:5e:17:d6:dc:21:68:d0:78:
ed:30:ae:b1:ce:fb:de:22:1e:3d:27:01:a5:44:67:59:df:ad:
07:9d:12:82:b2:35:8d:8f:e6:65:75:96:8d:1e:4a:62:00:a6:
69:7a:e1:fe:57:fa:d2:6e:1a:10:90:3d:db:8e:fa:66:ca:e4:
e2:93:ab:d9:74:d0:16:f1:28:80:d5:f4:75:66:48:10:34:8e:
38:bf:30:0d:50:01:7e:95:47:21:60:92:9f:e7:61:72:dd:55:
18:b8:d3:80:e3:64:2f:70:62:6e:cd:b1:fe:72:1d:48:1f:ee:
90:90:a8:c8:0f:21:b7:61:19:4b:37:b4:e5:1a:c6:1e:55:cb:
3a:11:03:7d:aa:c1:76:dd:b5:5a:11:d8:41:ad:9f:97:89:7a:
77:b6:9d:4b
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICAdYwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
NUJFODlBRjExMC8GA1UEBRMoQzNCNEEzRERCMkRBQ0ZDNTM4OEVFRUM3MzU5RDIx
NDY2NDQ5NkEwMTAeFw0yNTAzMTAwODQ3MDBaFw0zNTAzMTAwODQ3MDBaMBgxFjAU
BgNVBAMTDTY3Y2VhNzA4LTIxZjkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC3Ih4GajDHj2aDSNp7gjSBs2GMwmlXzJ1ynnXGJ3GmfRMaUigQBCD+Bw7c
MbTOyRXqNVUihaqWabbE6XiKTBZZ/VW2/SJ2K+h0fhtb+dWJmYYcPBJSQhgIP0kF
iApRPY3U1XmNUHMqet7GbHxBd2KBQIxJ7Q6rfK8U3eZTPRWY3tsK5uzxwvJiw/yW
yqJEr+CxJbL6k80q9FV3ab8pAaNcJAJaH3Y9I/M0TphRb7i0mw+547C4igfJV5Xr
LpLVKW3CfC0iX3WWdc2PEZu/sbZWs4kV1HYPU/O4A48746tp9Z0lY4NWOnBj/83N
bVSBiOjgFkUECcTB96bZl+9lnM93AgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUXObC
NsXqEIJD12mPPttGl1Kp7QAwHwYDVR0jBBgwFoAUw7Sj3bLaz8U4ju7HNZ0hRmRJ
agEwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjVCRTg5LzA5OUI0ODNBQkU4RTExRUVCMTk1QTk4RTc3NTQxMkU2L3c3U2oz
YkxhejhVNGp1N0hOWjBoUm1SSmFnRS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL3c3U2ozYkxhejhVNGp1N0hOWjBoUm1SSmFnRS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjVCRTg5LzA5OUI0ODNBQkU4RTExRUVCMTk1QTk4RTc3
NTQxMkU2LzNEM0ZCNEVFRkQ4QzExRUZCRUY2ODM3Njc2MkU5NTFBLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJm2PwwDQYJKoZIhvcNAQEL
BQADggEBAAzkv4OKwiN4qCDKcEt73durnSNS4B1YNdua4JDnkjmXvi3HDYnwthCA
7hhedTqkIqa5D3KzuBiS9pfUUDruLceS+m2wEwy8NjUZw69w449gAyBOSSBF6+7v
cHJ47zGEIUyaEEteF9bcIWjQeO0wrrHO+94iHj0nAaVEZ1nfrQedEoKyNY2P5mV1
lo0eSmIApml64f5X+tJuGhCQPduO+mbK5OKTq9l00BbxKIDV9HVmSBA0jji/MA1Q
AX6VRyFgkp/nYXLdVRi404DjZC9wYm7Nsf5yHUgf7pCQqMgPIbdhGUs3tOUaxh5V
yzoRA32qwXbdtVoR2EGtn5eJene2nUs=
-----END CERTIFICATE-----
Generated at Fri Apr 4 01:52:23 2025 by rpki-client