Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F366115B/D6DD2C48D17D11EFAF2085B2762E951A/3836DAF2D17E11EFA51FBCB4762E951A.roa
File: 3836DAF2D17E11EFA51FBCB4762E951A.roa (raw, json)
Hash identifier: vCEMo5pOZDHOCRlcwLTso9WT2in5LSpZZctj1hFvB7Q=
Subject key identifier: E7:77:B8:D9:4D:0B:B0:88:F8:4D:61:A6:C4:5E:CD:9F:53:73:FB:D2
Certificate issuer: /CN=F366115BAF/serialNumber=13658DF7E987A11FF568723C7B71DAD7071E33DF
Certificate serial: 04
Authority key identifier: 13:65:8D:F7:E9:87:A1:1F:F5:68:72:3C:7B:71:DA:D7:07:1E:33:DF
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/E2WN9-mHoR_1aHI8e3Ha1wceM98.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F366115B/D6DD2C48D17D11EFAF2085B2762E951A/3836DAF2D17E11EFA51FBCB4762E951A.roa
Signing time: Mon 13 Jan 2025 07:15:51 +0000
ROA not before: Mon 13 Jan 2025 07:15:48 +0000
ROA not after: Sat 13 Jan 2035 07:15:48 +0000
asID: 328562
IP address blocks: 102.23.144.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F366115B/D6DD2C48D17D11EFAF2085B2762E951A/E2WN9-mHoR_1aHI8e3Ha1wceM98.crl
rsync://rpki.afrinic.net/repository/member_repository/F366115B/D6DD2C48D17D11EFAF2085B2762E951A/E2WN9-mHoR_1aHI8e3Ha1wceM98.mft
rsync://rpki.afrinic.net/repository/afrinic/E2WN9-mHoR_1aHI8e3Ha1wceM98.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 03:22:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4 (0x4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F366115BAF
Validity
Not Before: Jan 13 07:15:48 2025 GMT
Not After : Jan 13 07:15:48 2035 GMT
Subject: CN=6784bda7-3c70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:38:e5:b7:8d:c4:13:22:cb:67:a7:ec:8e:12:
b0:fc:ca:71:17:b3:ac:7e:01:49:72:ac:86:74:72:
07:c2:cc:6a:3a:74:24:54:1c:6a:ac:9d:6a:7f:dd:
43:e7:b8:10:71:04:41:cd:58:3d:0a:2c:bf:e3:a0:
32:da:db:a7:05:14:0b:5c:d6:c0:ff:7a:97:eb:3f:
ac:e8:9a:54:1c:9a:e9:61:6d:33:73:a1:9d:11:97:
91:b3:db:79:56:90:95:08:8c:16:d0:1a:26:3a:12:
7a:ab:1d:11:d8:51:e6:4b:4e:91:78:e5:df:11:38:
d1:17:5f:37:94:ff:64:46:90:1d:68:0b:f3:a8:fc:
cc:de:0d:a4:82:a2:73:da:81:e6:23:1c:87:22:15:
7e:d8:84:70:73:b5:f0:d4:ff:87:ce:fd:52:c7:ab:
85:42:b7:b9:c1:78:28:31:a1:49:a5:90:8b:1b:4f:
06:38:02:dc:55:48:18:be:e0:84:da:bc:49:95:97:
af:c5:99:0d:41:1d:58:98:98:6c:33:a4:e2:dc:2e:
6c:13:d8:3b:bf:66:a2:0f:f8:0f:c9:92:30:00:a4:
24:c5:46:06:bb:14:33:41:2b:70:24:0a:d0:30:06:
72:04:4e:25:44:9e:aa:3e:ee:cb:36:ad:81:e8:2c:
32:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:77:B8:D9:4D:0B:B0:88:F8:4D:61:A6:C4:5E:CD:9F:53:73:FB:D2
X509v3 Authority Key Identifier:
keyid:13:65:8D:F7:E9:87:A1:1F:F5:68:72:3C:7B:71:DA:D7:07:1E:33:DF
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F366115B/D6DD2C48D17D11EFAF2085B2762E951A/E2WN9-mHoR_1aHI8e3Ha1wceM98.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/E2WN9-mHoR_1aHI8e3Ha1wceM98.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F366115B/D6DD2C48D17D11EFAF2085B2762E951A/3836DAF2D17E11EFA51FBCB4762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.23.144.0/21
Signature Algorithm: sha256WithRSAEncryption
4a:50:02:8b:52:bd:76:80:e1:cf:9b:06:ee:d3:59:5a:35:17:
a3:6d:37:0f:28:e8:1f:15:de:b5:be:12:99:e4:ad:ba:c0:6d:
70:24:d7:ce:e9:62:cb:8f:9b:3d:91:19:75:e8:2b:3d:01:e4:
76:73:6c:2c:8e:92:77:48:cc:a7:4e:68:3d:b8:27:ae:9d:c3:
3e:7a:bb:77:3d:0b:ac:f9:52:91:ef:07:95:03:0b:ca:66:2e:
e0:e8:18:f6:8e:a0:f3:89:7b:72:e7:a0:42:89:59:34:05:a7:
18:15:74:36:69:a2:db:13:5c:ef:3e:fe:13:5a:bf:e9:fe:02:
53:82:a9:e2:f0:76:e1:f1:75:c8:ef:0d:cd:f3:5a:8e:47:88:
f6:86:2a:32:0a:6e:c1:28:0e:78:7b:65:a8:a4:32:c6:c6:81:
39:48:8a:f0:1a:16:3b:7d:a1:be:f0:0d:c0:62:fe:83:6c:b7:
38:94:74:75:96:83:08:b6:b5:a0:9a:a2:e3:f4:28:04:5e:57:
76:5b:37:ef:a4:4e:01:b8:5d:2e:44:83:ec:96:28:88:b0:ff:
5a:90:b8:2a:75:32:57:c8:9a:b5:77:a1:c5:0d:c6:9a:14:6f:
b8:e7:e0:81:59:f3:6b:bc:7c:8c:51:a1:d5:61:c1:c5:3a:e4:
bd:e6:45:b6
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBBDANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY2
MTE1QkFGMTEwLwYDVQQFEygxMzY1OERGN0U5ODdBMTFGRjU2ODcyM0M3QjcxREFE
NzA3MUUzM0RGMB4XDTI1MDExMzA3MTU0OFoXDTM1MDExMzA3MTU0OFowGDEWMBQG
A1UEAxMNNjc4NGJkYTctM2M3MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMc45beNxBMiy2en7I4SsPzKcRezrH4BSXKshnRyB8LMajp0JFQcaqydan/d
Q+e4EHEEQc1YPQosv+OgMtrbpwUUC1zWwP96l+s/rOiaVBya6WFtM3OhnRGXkbPb
eVaQlQiMFtAaJjoSeqsdEdhR5ktOkXjl3xE40RdfN5T/ZEaQHWgL86j8zN4NpIKi
c9qB5iMchyIVftiEcHO18NT/h879UserhUK3ucF4KDGhSaWQixtPBjgC3FVIGL7g
hNq8SZWXr8WZDUEdWJiYbDOk4twubBPYO79mog/4D8mSMACkJMVGBrsUM0ErcCQK
0DAGcgROJUSeqj7uyzatgegsMqcCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBTnd7jZ
TQuwiPhNYabEXs2fU3P70jAfBgNVHSMEGDAWgBQTZY336YehH/Vocjx7cdrXBx4z
3zAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NjExNUIvRDZERDJDNDhEMTdEMTFFRkFGMjA4NUIyNzYyRTk1MUEvRTJXTjkt
bUhvUl8xYUhJOGUzSGExd2NlTTk4LmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvRTJXTjktbUhvUl8xYUhJOGUzSGExd2NlTTk4LmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2NjExNUIvRDZERDJDNDhEMTdEMTFFRkFGMjA4NUIyNzYy
RTk1MUEvMzgzNkRBRjJEMTdFMTFFRkE1MUZCQ0I0NzYyRTk1MUEucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA2YXkDANBgkqhkiG9w0BAQsF
AAOCAQEASlACi1K9doDhz5sG7tNZWjUXo203DyjoHxXetb4SmeStusBtcCTXzuli
y4+bPZEZdegrPQHkdnNsLI6Sd0jMp05oPbgnrp3DPnq7dz0LrPlSke8HlQMLymYu
4OgY9o6g84l7cuegQolZNAWnGBV0Nmmi2xNc7z7+E1q/6f4CU4Kp4vB24fF1yO8N
zfNajkeI9oYqMgpuwSgOeHtlqKQyxsaBOUiK8BoWO32hvvANwGL+g2y3OJR0dZaD
CLa1oJqi4/QoBF5Xdls376ROAbhdLkSD7JYoiLD/WpC4KnUyV8iatXehxQ3GmhRv
uOfggVnza7x8jFGh1WHBxTrkveZFtg==
-----END CERTIFICATE-----
Generated at Wed Feb 5 14:53:46 2025 by rpki-client