Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F366FE6C/B3374424131B11EBA4121A39F8AEA228/F9C82400D97B11EF9B0C96BA762E951A.roa
File: F9C82400D97B11EF9B0C96BA762E951A.roa (raw, json)
Hash identifier: M9e20X5bFGzfJk5f5uvwTRlfX+u30RyUqYb0LXotErI=
Subject key identifier: 98:25:1D:DC:FB:E4:C7:07:16:2B:32:5A:D9:76:65:2B:94:DD:DC:05
Certificate issuer: /CN=F366FE6CAF/serialNumber=4A1FE76B4DFB0173B6F31B7F36A5A982E08D9C19
Certificate serial: 0673
Authority key identifier: 4A:1F:E7:6B:4D:FB:01:73:B6:F3:1B:7F:36:A5:A9:82:E0:8D:9C:19
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/Sh_na037AXO28xt_NqWpguCNnBk.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F366FE6C/B3374424131B11EBA4121A39F8AEA228/F9C82400D97B11EF9B0C96BA762E951A.roa
Signing time: Thu 23 Jan 2025 11:19:57 +0000
ROA not before: Thu 23 Jan 2025 11:19:40 +0000
ROA not after: Thu 31 Jan 2030 11:19:40 +0000
asID: 328748
IP address blocks: 102.216.159.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F366FE6C/B3374424131B11EBA4121A39F8AEA228/Sh_na037AXO28xt_NqWpguCNnBk.crl
rsync://rpki.afrinic.net/repository/member_repository/F366FE6C/B3374424131B11EBA4121A39F8AEA228/Sh_na037AXO28xt_NqWpguCNnBk.mft
rsync://rpki.afrinic.net/repository/afrinic/Sh_na037AXO28xt_NqWpguCNnBk.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1651 (0x673)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F366FE6CAF
Validity
Not Before: Jan 23 11:19:40 2025 GMT
Not After : Jan 31 11:19:40 2030 GMT
Subject: CN=679225dd-8e98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:3b:02:17:d3:b0:a5:08:30:d8:43:74:0d:e7:
4d:1c:47:49:ff:d3:ba:f5:bf:d3:e1:21:d3:15:70:
a8:3b:0a:a4:62:85:0f:89:d4:09:a1:f7:67:4e:7e:
48:86:f3:4b:57:3c:9d:fa:ec:bd:33:2d:73:d1:e5:
36:73:60:b0:21:f5:25:cd:26:93:25:40:99:e5:6d:
52:2f:05:f9:cf:11:57:56:df:36:6e:f3:08:8f:b5:
3c:28:6e:2e:07:94:10:51:da:a6:f0:d7:5d:73:aa:
a9:f5:44:15:ec:a3:37:42:55:90:fa:14:e5:b0:c1:
96:d6:78:01:54:f2:d7:46:1f:f1:78:f2:af:af:28:
c9:14:08:5c:89:91:b2:04:c3:ca:b9:8c:c2:7b:f9:
99:9c:1e:0f:d4:dc:78:d7:0a:64:f1:9c:c1:4a:ac:
40:3f:1a:59:c8:d1:39:c6:5e:16:5b:e6:72:93:0d:
de:95:9b:bb:30:e0:7a:af:7e:0a:32:41:aa:4e:1b:
d8:9a:f5:61:8d:7b:de:b5:77:be:09:6d:6a:ec:96:
23:38:d5:07:4f:76:ea:ef:d8:7c:a4:51:86:84:98:
05:40:32:aa:61:fb:7c:33:74:59:45:97:8e:ad:73:
8d:09:8b:ed:ef:e3:58:8a:1b:7b:a7:b5:ea:ba:ec:
34:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:25:1D:DC:FB:E4:C7:07:16:2B:32:5A:D9:76:65:2B:94:DD:DC:05
X509v3 Authority Key Identifier:
keyid:4A:1F:E7:6B:4D:FB:01:73:B6:F3:1B:7F:36:A5:A9:82:E0:8D:9C:19
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F366FE6C/B3374424131B11EBA4121A39F8AEA228/Sh_na037AXO28xt_NqWpguCNnBk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/Sh_na037AXO28xt_NqWpguCNnBk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F366FE6C/B3374424131B11EBA4121A39F8AEA228/F9C82400D97B11EF9B0C96BA762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.216.159.0/24
Signature Algorithm: sha256WithRSAEncryption
09:d6:3b:a9:55:3f:06:e5:8e:2c:a1:ce:5e:c8:32:02:73:94:
48:6b:4a:3b:64:5d:08:58:37:0c:15:37:b5:b3:ad:3a:ad:84:
20:ea:5b:c0:26:3f:75:d2:3c:09:9d:61:27:f8:eb:63:79:5f:
c2:90:0f:ea:5e:73:de:43:0a:61:e6:52:54:23:00:9b:83:1f:
92:25:84:92:ae:ff:fa:ff:8d:2f:a0:33:eb:f8:4e:e7:41:66:
bb:24:54:1b:5d:8e:16:82:40:bf:26:8b:91:9c:1f:2f:6b:b5:
4a:85:ef:90:3c:2c:fc:ee:a0:c7:8a:c7:9b:89:f3:8d:41:8d:
89:28:e1:ff:59:7b:50:f0:4a:f7:c4:8e:34:22:9b:63:e4:00:
19:20:e0:bb:47:d0:c9:97:e7:94:eb:af:41:64:b9:79:ff:45:
46:7d:15:6f:8d:11:9c:c3:ec:b4:a3:8a:3e:5c:1a:56:52:57:
4a:d4:dd:09:9d:0f:1a:6a:3b:57:7c:2b:eb:91:a4:d4:ac:b5:
c8:1a:7e:55:c0:39:c7:63:88:ad:71:e6:7a:42:f0:03:48:f8:
9a:4c:b0:09:24:20:af:c3:ca:8e:7d:0c:24:6f:41:46:39:49:
65:70:b1:ff:6b:15:f9:3c:94:10:9c:a0:a3:c7:0e:85:e7:33:
39:1a:de:87
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICBnMwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
NkZFNkNBRjExMC8GA1UEBRMoNEExRkU3NkI0REZCMDE3M0I2RjMxQjdGMzZBNUE5
ODJFMDhEOUMxOTAeFw0yNTAxMjMxMTE5NDBaFw0zMDAxMzExMTE5NDBaMBgxFjAU
BgNVBAMTDTY3OTIyNWRkLThlOTgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDGOwIX07ClCDDYQ3QN500cR0n/07r1v9PhIdMVcKg7CqRihQ+J1Amh92dO
fkiG80tXPJ367L0zLXPR5TZzYLAh9SXNJpMlQJnlbVIvBfnPEVdW3zZu8wiPtTwo
bi4HlBBR2qbw111zqqn1RBXsozdCVZD6FOWwwZbWeAFU8tdGH/F48q+vKMkUCFyJ
kbIEw8q5jMJ7+ZmcHg/U3HjXCmTxnMFKrEA/GlnI0TnGXhZb5nKTDd6Vm7sw4Hqv
fgoyQapOG9ia9WGNe961d74JbWrsliM41QdPdurv2HykUYaEmAVAMqph+3wzdFlF
l46tc40Ji+3v41iKG3unteq67DRvAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUmCUd
3PvkxwcWKzJa2XZlK5Td3AUwHwYDVR0jBBgwFoAUSh/na037AXO28xt/NqWpguCN
nBkwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjZGRTZDL0IzMzc0NDI0MTMxQjExRUJBNDEyMUEzOUY4QUVBMjI4L1NoX25h
MDM3QVhPMjh4dF9OcVdwZ3VDTm5Cay5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL1NoX25hMDM3QVhPMjh4dF9OcVdwZ3VDTm5Cay5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjZGRTZDL0IzMzc0NDI0MTMxQjExRUJBNDEyMUEzOUY4
QUVBMjI4L0Y5QzgyNDAwRDk3QjExRUY5QjBDOTZCQTc2MkU5NTFBLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABm2J8wDQYJKoZIhvcNAQEL
BQADggEBAAnWO6lVPwbljiyhzl7IMgJzlEhrSjtkXQhYNwwVN7WzrTqthCDqW8Am
P3XSPAmdYSf462N5X8KQD+pec95DCmHmUlQjAJuDH5IlhJKu//r/jS+gM+v4TudB
ZrskVBtdjhaCQL8mi5GcHy9rtUqF75A8LPzuoMeKx5uJ841BjYko4f9Ze1DwSvfE
jjQim2PkABkg4LtH0MmX55Trr0FkuXn/RUZ9FW+NEZzD7LSjij5cGlZSV0rU3Qmd
DxpqO1d8K+uRpNSstcgaflXAOcdjiK1x5npC8ANI+JpMsAkkIK/Dyo59DCRvQUY5
SWVwsf9rFfk8lBCcoKPHDoXnMzka3oc=
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:51:58 2025 by rpki-client