Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F366E8F3/B743560E032E11F0BCF79465762E951A/FA23C6E0033111F0913B507A762E951A.roa
File: FA23C6E0033111F0913B507A762E951A.roa (raw, json)
Hash identifier: UU+VLCaW1bzLKfQrboq/hHsg8DwvgOdl3KUVSjPJbis=
Subject key identifier: 17:09:E6:03:CD:31:5D:C9:60:55:CD:F9:A6:22:C4:AC:51:DB:2C:F6
Certificate issuer: /CN=F366E8F3AF/serialNumber=65068E4FC4D327F7B3F2E159AAD9126182257547
Certificate serial: 02
Authority key identifier: 65:06:8E:4F:C4:D3:27:F7:B3:F2:E1:59:AA:D9:12:61:82:25:75:47
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/ZQaOT8TTJ_ez8uFZqtkSYYIldUc.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F366E8F3/B743560E032E11F0BCF79465762E951A/FA23C6E0033111F0913B507A762E951A.roa
Signing time: Mon 17 Mar 2025 13:16:03 +0000
ROA not before: Tue 18 Mar 2025 13:15:59 +0000
ROA not after: Wed 31 Mar 2027 13:15:59 +0000
asID: 329522
IP address blocks: 41.74.144.0/23 maxlen: 23
41.74.146.0/23 maxlen: 23
41.74.148.0/24 maxlen: 24
41.74.149.0/24 maxlen: 24
41.74.156.0/23 maxlen: 23
41.74.158.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F366E8F3/B743560E032E11F0BCF79465762E951A/ZQaOT8TTJ_ez8uFZqtkSYYIldUc.crl
rsync://rpki.afrinic.net/repository/member_repository/F366E8F3/B743560E032E11F0BCF79465762E951A/ZQaOT8TTJ_ez8uFZqtkSYYIldUc.mft
rsync://rpki.afrinic.net/repository/afrinic/ZQaOT8TTJ_ez8uFZqtkSYYIldUc.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 12 Apr 2025 00:06:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F366E8F3AF
Validity
Not Before: Mar 18 13:15:59 2025 GMT
Not After : Mar 31 13:15:59 2027 GMT
Subject: CN=67d82093-02a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:44:cd:6c:4c:d1:ea:15:1d:d1:03:b2:4e:a0:
96:3c:5e:fd:fe:27:f7:d4:ef:aa:d1:ba:47:b8:a4:
1f:89:a5:a4:0d:ed:e8:08:49:47:bc:c5:f1:e3:e7:
d5:9d:89:98:9a:19:7d:fe:fb:96:11:95:e6:47:e9:
c9:c8:fd:c2:04:41:a1:00:35:94:e9:4a:78:6b:45:
2d:98:ad:5c:65:fa:79:3c:81:f2:90:78:e7:d0:5e:
67:ba:6b:19:07:86:be:c1:1e:cc:01:59:5e:8b:0d:
4a:98:fe:35:01:6c:40:fd:4c:b7:b6:c0:77:59:87:
92:d8:84:80:f3:76:49:6d:aa:7e:2d:3b:0b:89:84:
97:00:ce:9a:9b:82:5e:6c:ef:c2:8b:c1:f1:07:d7:
b9:25:2f:e1:6b:a5:72:65:74:f0:27:61:17:e5:a0:
97:1f:db:d2:85:85:5e:10:c2:a6:51:1e:d1:62:08:
1f:ac:e8:5e:b9:65:53:a0:c5:38:3b:57:21:0c:27:
9a:64:6c:d2:1a:41:16:d8:67:ca:fd:55:7e:10:bd:
61:8b:18:ad:98:7f:74:6b:9e:9f:c6:f0:8b:86:4b:
8a:0e:b3:3c:43:21:ee:09:4b:45:92:7b:66:0d:f0:
36:52:ec:08:69:cc:de:96:58:08:72:73:40:80:26:
77:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:09:E6:03:CD:31:5D:C9:60:55:CD:F9:A6:22:C4:AC:51:DB:2C:F6
X509v3 Authority Key Identifier:
keyid:65:06:8E:4F:C4:D3:27:F7:B3:F2:E1:59:AA:D9:12:61:82:25:75:47
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F366E8F3/B743560E032E11F0BCF79465762E951A/ZQaOT8TTJ_ez8uFZqtkSYYIldUc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/ZQaOT8TTJ_ez8uFZqtkSYYIldUc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F366E8F3/B743560E032E11F0BCF79465762E951A/FA23C6E0033111F0913B507A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
41.74.144.0-41.74.149.255
41.74.156.0/22
Signature Algorithm: sha256WithRSAEncryption
99:43:28:54:06:bb:b3:4b:9f:4c:b1:90:c7:cc:60:bb:70:ad:
85:10:a1:ab:08:64:57:10:6b:cd:9b:3c:e8:3a:e5:76:43:4f:
ed:f3:35:09:0c:80:cd:55:b2:ed:af:fd:0a:9c:0b:69:e5:14:
af:2b:9e:83:6f:93:87:ff:51:c9:ee:d7:f0:bb:9f:c8:d5:8c:
64:d0:79:bf:fb:a9:65:94:2f:47:76:96:8c:ad:98:5c:b2:96:
58:51:78:e8:8a:9c:08:f1:42:57:60:f1:ae:af:07:09:bd:71:
9d:46:e2:5f:c0:e8:be:3e:df:d6:a8:39:0c:d4:eb:95:53:de:
c2:21:db:54:3a:4c:a4:ee:3b:ca:16:1e:9f:69:68:1c:bd:8a:
1f:c7:13:32:c5:d2:35:0e:50:2f:ef:a4:c4:2d:96:da:52:a0:
4b:ec:25:27:b4:ea:54:fd:a5:2f:f6:98:89:4f:d4:cd:76:32:
97:b6:9a:b7:b9:95:50:8c:cc:f7:80:63:a3:22:10:4a:45:19:
e1:18:09:42:03:40:96:3b:d2:7b:9a:ca:02:de:a5:bb:f7:b5:
2f:f5:e5:b4:c2:05:6c:a0:c8:39:9d:04:2a:9d:5b:be:ac:77:
25:7a:78:f7:fb:a3:29:52:c9:01:d2:e6:5d:a6:18:f4:fa:0d:
41:99:dc:6c
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY2
RThGM0FGMTEwLwYDVQQFEyg2NTA2OEU0RkM0RDMyN0Y3QjNGMkUxNTlBQUQ5MTI2
MTgyMjU3NTQ3MB4XDTI1MDMxODEzMTU1OVoXDTI3MDMzMTEzMTU1OVowGDEWMBQG
A1UEAxMNNjdkODIwOTMtMDJhNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALxEzWxM0eoVHdEDsk6gljxe/f4n99TvqtG6R7ikH4mlpA3t6AhJR7zF8ePn
1Z2JmJoZff77lhGV5kfpycj9wgRBoQA1lOlKeGtFLZitXGX6eTyB8pB459BeZ7pr
GQeGvsEezAFZXosNSpj+NQFsQP1Mt7bAd1mHktiEgPN2SW2qfi07C4mElwDOmpuC
XmzvwovB8QfXuSUv4WulcmV08CdhF+Wglx/b0oWFXhDCplEe0WIIH6zoXrllU6DF
ODtXIQwnmmRs0hpBFthnyv1VfhC9YYsYrZh/dGuen8bwi4ZLig6zPEMh7glLRZJ7
Zg3wNlLsCGnM3pZYCHJzQIAmd1cCAwEAAaOCArMwggKvMB0GA1UdDgQWBBQXCeYD
zTFdyWBVzfmmIsSsUdss9jAfBgNVHSMEGDAWgBRlBo5PxNMn97Py4Vmq2RJhgiV1
RzAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NkU4RjMvQjc0MzU2MEUwMzJFMTFGMEJDRjc5NDY1NzYyRTk1MUEvWlFhT1Q4
VFRKX2V6OHVGWnF0a1NZWUlsZFVjLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvWlFhT1Q4VFRKX2V6OHVGWnF0a1NZWUlsZFVjLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2NkU4RjMvQjc0MzU2MEUwMzJFMTFGMEJDRjc5NDY1NzYy
RTk1MUEvRkEyM0M2RTAwMzMxMTFGMDkxM0I1MDdBNzYyRTk1MUEucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAtBggrBgEFBQcBBwEB/wQeMBwwGgQCAAEwFDAMAwQEKUqQAwQBKUqUAwQCKUqc
MA0GCSqGSIb3DQEBCwUAA4IBAQCZQyhUBruzS59MsZDHzGC7cK2FEKGrCGRXEGvN
mzzoOuV2Q0/t8zUJDIDNVbLtr/0KnAtp5RSvK56Db5OH/1HJ7tfwu5/I1Yxk0Hm/
+6lllC9HdpaMrZhcspZYUXjoipwI8UJXYPGurwcJvXGdRuJfwOi+Pt/WqDkM1OuV
U97CIdtUOkyk7jvKFh6faWgcvYofxxMyxdI1DlAv76TELZbaUqBL7CUntOpU/aUv
9piJT9TNdjKXtpq3uZVQjMz3gGOjIhBKRRnhGAlCA0CWO9J7msoC3qW797Uv9eW0
wgVsoMg5nQQqnVu+rHclenj3+6MpUskB0uZdphj0+g1Bmdxs
-----END CERTIFICATE-----
Generated at Thu Apr 10 20:25:05 2025 by rpki-client