Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36763E5/1D91ED9AF59C11E98BF85D43F8AEA228/4B570182DD7E11EF953B3052762E951A.roa
File: 4B570182DD7E11EF953B3052762E951A.roa (raw, json)
Hash identifier: cnNWOgAP08vu5OxVNv8TRnI6O25BJrmogxuLKnzytb8=
Subject key identifier: D3:60:B1:90:7A:B3:BD:52:35:28:32:AD:C1:69:80:DD:69:87:51:F3
Certificate issuer: /CN=F36763E5AF/serialNumber=3D3839D5EE1D97B49315562831DCA0409331481F
Certificate serial: 07D9
Authority key identifier: 3D:38:39:D5:EE:1D:97:B4:93:15:56:28:31:DC:A0:40:93:31:48:1F
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/PTg51e4dl7STFVYoMdygQJMxSB8.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36763E5/1D91ED9AF59C11E98BF85D43F8AEA228/4B570182DD7E11EF953B3052762E951A.roa
Signing time: Tue 28 Jan 2025 13:46:37 +0000
ROA not before: Wed 05 Feb 2025 13:46:33 +0000
ROA not after: Tue 10 Feb 2026 13:46:33 +0000
asID: 37618
IP address blocks: 154.73.0.0/22 maxlen: 22
154.73.0.0/24 maxlen: 24
154.73.1.0/24 maxlen: 24
154.73.2.0/24 maxlen: 24
154.73.3.0/24 maxlen: 24
2c0f:f6e0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36763E5/1D91ED9AF59C11E98BF85D43F8AEA228/PTg51e4dl7STFVYoMdygQJMxSB8.crl
rsync://rpki.afrinic.net/repository/member_repository/F36763E5/1D91ED9AF59C11E98BF85D43F8AEA228/PTg51e4dl7STFVYoMdygQJMxSB8.mft
rsync://rpki.afrinic.net/repository/afrinic/PTg51e4dl7STFVYoMdygQJMxSB8.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2009 (0x7d9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36763E5AF
Validity
Not Before: Feb 5 13:46:33 2025 GMT
Not After : Feb 10 13:46:33 2026 GMT
Subject: CN=6798dfbd-e84d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:5b:c2:d1:84:02:2e:69:6c:c7:e4:b6:94:5f:
d9:d9:7c:39:5b:c2:83:a7:a1:b8:1b:04:83:2b:47:
32:f1:39:b9:a2:8d:d6:30:b8:2c:e9:14:ae:f0:31:
48:ec:7f:56:b8:ec:d6:58:17:67:ac:c0:6e:f4:23:
41:6d:75:c5:5c:af:82:a0:52:7a:f3:80:04:4a:6f:
f1:ce:4b:2f:0d:25:ee:85:b2:98:5c:81:ce:3f:2e:
3b:61:cd:fc:be:22:71:ae:9b:c7:15:72:2c:c1:c4:
ed:a8:ea:da:14:55:86:33:86:44:3b:0d:70:9d:df:
f4:53:48:85:cf:d7:98:ac:55:50:46:af:50:6a:51:
64:ee:af:b2:ad:28:ee:71:06:e5:12:1a:40:34:b6:
d5:8c:89:e3:24:e9:1b:6b:35:e7:39:7a:69:58:47:
29:6f:12:ac:05:88:4b:d8:b6:86:0d:7f:53:c9:84:
3f:e7:a7:b4:d2:f6:97:d8:85:b1:8f:4d:db:14:74:
7b:2a:80:59:29:55:64:43:23:fb:5e:57:e6:ed:1a:
bb:d8:e4:31:ad:01:c7:ab:ab:b8:09:d0:94:bd:a5:
bb:f6:8b:94:3b:80:b9:fc:27:67:a3:69:69:f1:eb:
51:8e:b2:aa:5e:30:3e:cf:4c:cc:f9:49:eb:2b:e0:
c3:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:60:B1:90:7A:B3:BD:52:35:28:32:AD:C1:69:80:DD:69:87:51:F3
X509v3 Authority Key Identifier:
keyid:3D:38:39:D5:EE:1D:97:B4:93:15:56:28:31:DC:A0:40:93:31:48:1F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36763E5/1D91ED9AF59C11E98BF85D43F8AEA228/PTg51e4dl7STFVYoMdygQJMxSB8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/PTg51e4dl7STFVYoMdygQJMxSB8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36763E5/1D91ED9AF59C11E98BF85D43F8AEA228/4B570182DD7E11EF953B3052762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.73.0.0/22
IPv6:
2c0f:f6e0::/32
Signature Algorithm: sha256WithRSAEncryption
26:03:eb:6f:35:ba:f4:b1:a0:a4:7d:89:95:af:01:0e:a9:2e:
02:51:b5:cb:2d:ba:ba:00:9a:38:5f:b3:39:07:15:56:e0:9d:
17:82:15:2f:d7:8b:8a:93:77:d5:4e:28:0f:18:19:e7:4e:44:
62:53:85:15:57:4a:a3:3b:ec:4c:62:0c:ab:68:75:46:0a:0f:
e6:9d:2c:e4:55:8e:3b:42:cd:c4:c6:89:28:9a:cd:e4:b7:13:
e6:d2:69:d5:2c:12:72:81:b5:13:b7:c0:d0:76:29:6e:c2:89:
da:17:8e:e0:cb:8a:79:3a:38:63:ef:8d:85:3d:72:c3:1d:7a:
1d:21:3e:12:ad:ff:a5:6f:70:e9:92:d9:a1:ca:0c:04:74:fc:
7b:05:44:58:a7:6a:9c:c7:c1:3e:23:c5:ac:4e:46:ea:b3:5d:
88:ee:cc:68:5e:df:f9:e0:7e:04:86:42:3f:19:5f:31:17:df:
b4:8e:a0:31:1c:c8:cc:b4:e2:56:a0:03:45:74:95:bb:0e:55:
36:d5:b9:5c:17:91:09:ad:8f:46:37:c0:bd:d5:fa:50:57:7c:
c3:c2:7a:73:33:eb:3d:fd:86:72:7a:e0:7c:1d:64:68:98:26:
53:fb:33:15:5d:c6:fd:ad:cb:28:3e:d2:67:39:2a:a5:98:e3:
98:ca:02:8e
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgICB9kwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
NzYzRTVBRjExMC8GA1UEBRMoM0QzODM5RDVFRTFEOTdCNDkzMTU1NjI4MzFEQ0Ew
NDA5MzMxNDgxRjAeFw0yNTAyMDUxMzQ2MzNaFw0yNjAyMTAxMzQ2MzNaMBgxFjAU
BgNVBAMTDTY3OThkZmJkLWU4NGQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQChW8LRhAIuaWzH5LaUX9nZfDlbwoOnobgbBIMrRzLxObmijdYwuCzpFK7w
MUjsf1a47NZYF2eswG70I0FtdcVcr4KgUnrzgARKb/HOSy8NJe6Fsphcgc4/Ljth
zfy+InGum8cVcizBxO2o6toUVYYzhkQ7DXCd3/RTSIXP15isVVBGr1BqUWTur7Kt
KO5xBuUSGkA0ttWMieMk6RtrNec5emlYRylvEqwFiEvYtoYNf1PJhD/np7TS9pfY
hbGPTdsUdHsqgFkpVWRDI/teV+btGrvY5DGtAcerq7gJ0JS9pbv2i5Q7gLn8J2ej
aWnx61GOsqpeMD7PTMz5Sesr4MMzAgMBAAGjggK0MIICsDAdBgNVHQ4EFgQU02Cx
kHqzvVI1KDKtwWmA3WmHUfMwHwYDVR0jBBgwFoAUPTg51e4dl7STFVYoMdygQJMx
SB8wDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjc2M0U1LzFEOTFFRDlBRjU5QzExRTk4QkY4NUQ0M0Y4QUVBMjI4L1BUZzUx
ZTRkbDdTVEZWWW9NZHlnUUpNeFNCOC5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL1BUZzUxZTRkbDdTVEZWWW9NZHlnUUpNeFNCOC5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjc2M0U1LzFEOTFFRDlBRjU5QzExRTk4QkY4NUQ0M0Y4
QUVBMjI4LzRCNTcwMTgyREQ3RTExRUY5NTNCMzA1Mjc2MkU5NTFBLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBAKaSQAwDQQCAAIwBwMFACwP
9uAwDQYJKoZIhvcNAQELBQADggEBACYD6281uvSxoKR9iZWvAQ6pLgJRtcsturoA
mjhfszkHFVbgnReCFS/Xi4qTd9VOKA8YGedORGJThRVXSqM77ExiDKtodUYKD+ad
LORVjjtCzcTGiSiazeS3E+bSadUsEnKBtRO3wNB2KW7CidoXjuDLink6OGPvjYU9
csMdeh0hPhKt/6VvcOmS2aHKDAR0/HsFRFinapzHwT4jxaxORuqzXYjuzGhe3/ng
fgSGQj8ZXzEX37SOoDEcyMy04lagA0V0lbsOVTbVuVwXkQmtj0Y3wL3V+lBXfMPC
enMz6z39hnJ64HwdZGiYJlP7MxVdxv2tyyg+0mc5KqWY45jKAo4=
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:55:01 2025 by rpki-client