Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F367DFA4/08B8D82093AC11EBB1D2A832F8AEA228/02EF1DC60BAA11F09DB9FB71762E951A.roa
File: 02EF1DC60BAA11F09DB9FB71762E951A.roa (raw, json)
Hash identifier: inZXUhfqreSJFiRhNzpeSLsmYXgoI2B/ekZfVg0es18=
Subject key identifier: DF:2D:D2:E6:91:27:37:0B:6E:4B:DE:40:EB:76:F3:9D:C2:28:18:CE
Certificate issuer: /CN=F367DFA4AF/serialNumber=97C90E25212D887CF9E1DE6FDDF551BA812FA139
Certificate serial: 06A3
Authority key identifier: 97:C9:0E:25:21:2D:88:7C:F9:E1:DE:6F:DD:F5:51:BA:81:2F:A1:39
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/l8kOJSEtiHz54d5v3fVRuoEvoTk.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F367DFA4/08B8D82093AC11EBB1D2A832F8AEA228/02EF1DC60BAA11F09DB9FB71762E951A.roa
Signing time: Fri 28 Mar 2025 07:55:27 +0000
ROA not before: Fri 28 Mar 2025 07:55:23 +0000
ROA not after: Wed 30 Apr 2025 07:55:23 +0000
asID: 23470
IP address blocks: 102.177.181.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F367DFA4/08B8D82093AC11EBB1D2A832F8AEA228/l8kOJSEtiHz54d5v3fVRuoEvoTk.crl
rsync://rpki.afrinic.net/repository/member_repository/F367DFA4/08B8D82093AC11EBB1D2A832F8AEA228/l8kOJSEtiHz54d5v3fVRuoEvoTk.mft
rsync://rpki.afrinic.net/repository/afrinic/l8kOJSEtiHz54d5v3fVRuoEvoTk.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 05 Apr 2025 00:06:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1699 (0x6a3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F367DFA4AF
Validity
Not Before: Mar 28 07:55:23 2025 GMT
Not After : Apr 30 07:55:23 2025 GMT
Subject: CN=67e655ef-40c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:68:87:86:6b:b6:f8:a8:89:78:16:2a:f8:a3:
d9:a9:d8:1c:ca:d6:e7:79:c0:f8:6c:d5:de:4b:1b:
cb:71:fe:66:26:b6:20:fa:2a:b5:dc:8f:09:58:a4:
85:df:56:61:9f:63:c8:05:cb:4d:ab:08:5c:61:87:
37:d0:03:09:82:b7:60:ec:e2:35:d9:29:b1:16:1a:
f2:fe:61:b6:1f:72:b0:52:bf:13:68:6e:13:8c:5f:
e1:02:38:5b:62:94:c4:53:f4:28:ff:f0:ce:73:2a:
f5:1d:3d:29:7c:77:cb:7d:07:3d:03:b3:0e:77:98:
45:bf:73:42:d0:d8:0d:67:42:91:36:d7:31:50:29:
d8:c7:c0:fb:97:0c:0d:d5:fb:6a:24:8f:7c:c7:e0:
5c:54:50:28:89:88:b6:f0:72:a4:47:c0:56:fb:ac:
7e:b3:b7:03:ae:a4:10:df:41:ec:41:b5:82:f2:e6:
1a:0f:9f:75:b8:00:0d:2e:b4:0a:82:09:31:eb:35:
f0:ed:2a:f3:44:81:78:c8:65:68:f6:48:05:6d:6f:
9f:57:c0:4f:44:ed:b0:16:95:e6:76:28:88:46:ca:
f7:45:a9:1d:85:34:c5:62:83:b2:15:b3:b5:0f:a4:
4c:dd:77:94:0b:fc:e3:83:c4:c3:ff:fc:d9:a5:b8:
a1:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:2D:D2:E6:91:27:37:0B:6E:4B:DE:40:EB:76:F3:9D:C2:28:18:CE
X509v3 Authority Key Identifier:
keyid:97:C9:0E:25:21:2D:88:7C:F9:E1:DE:6F:DD:F5:51:BA:81:2F:A1:39
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F367DFA4/08B8D82093AC11EBB1D2A832F8AEA228/l8kOJSEtiHz54d5v3fVRuoEvoTk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/l8kOJSEtiHz54d5v3fVRuoEvoTk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F367DFA4/08B8D82093AC11EBB1D2A832F8AEA228/02EF1DC60BAA11F09DB9FB71762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.177.181.0/24
Signature Algorithm: sha256WithRSAEncryption
27:8d:43:a1:88:3f:b8:d5:f4:02:f3:a7:05:b3:b8:35:f5:c8:
cb:22:12:89:8d:84:25:9a:82:b3:cb:4b:f4:de:f4:ef:cf:81:
9b:6f:fa:55:5b:db:36:fc:05:95:16:eb:8e:5a:58:c1:fc:d8:
c5:c4:82:83:4c:df:de:92:56:53:7e:fa:41:11:e1:70:02:00:
b4:fd:e4:b6:5e:90:2d:f0:87:d0:da:d8:15:c5:56:50:60:31:
42:60:2d:87:dd:44:e1:2b:1d:2b:30:33:23:1e:f5:de:9b:61:
ba:d2:ae:e3:06:4a:95:20:a1:80:5a:c4:d3:f3:18:5b:18:41:
dd:78:3b:68:91:48:41:97:51:84:16:c9:a5:25:bc:c5:e8:0f:
76:81:76:3e:cc:87:a6:e4:cb:6b:7a:7c:48:5a:fb:f0:14:8f:
30:88:56:2d:cb:2e:ac:e2:9c:b1:71:9d:96:d4:98:ee:d5:ff:
45:0e:73:85:0c:80:32:c2:9c:47:9b:47:30:d0:cd:b6:1f:e6:
c6:13:23:3b:ef:e9:d5:0f:af:51:91:f1:4f:5a:b1:b2:87:4c:
ba:ab:e3:cf:01:81:62:21:41:07:d9:33:23:6c:60:be:9d:c9:
09:a9:68:f3:89:7c:69:bb:15:59:26:9a:6c:a1:5e:56:2b:5f:
06:98:36:c9
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICBqMwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
N0RGQTRBRjExMC8GA1UEBRMoOTdDOTBFMjUyMTJEODg3Q0Y5RTFERTZGRERGNTUx
QkE4MTJGQTEzOTAeFw0yNTAzMjgwNzU1MjNaFw0yNTA0MzAwNzU1MjNaMBgxFjAU
BgNVBAMTDTY3ZTY1NWVmLTQwYzUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCqaIeGa7b4qIl4Fir4o9mp2BzK1ud5wPhs1d5LG8tx/mYmtiD6KrXcjwlY
pIXfVmGfY8gFy02rCFxhhzfQAwmCt2Ds4jXZKbEWGvL+YbYfcrBSvxNobhOMX+EC
OFtilMRT9Cj/8M5zKvUdPSl8d8t9Bz0Dsw53mEW/c0LQ2A1nQpE21zFQKdjHwPuX
DA3V+2okj3zH4FxUUCiJiLbwcqRHwFb7rH6ztwOupBDfQexBtYLy5hoPn3W4AA0u
tAqCCTHrNfDtKvNEgXjIZWj2SAVtb59XwE9E7bAWleZ2KIhGyvdFqR2FNMVig7IV
s7UPpEzdd5QL/OODxMP//NmluKFZAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQU3y3S
5pEnNwtuS95A63bzncIoGM4wHwYDVR0jBBgwFoAUl8kOJSEtiHz54d5v3fVRuoEv
oTkwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjdERkE0LzA4QjhEODIwOTNBQzExRUJCMUQyQTgzMkY4QUVBMjI4L2w4a09K
U0V0aUh6NTRkNXYzZlZSdW9Fdm9Uay5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL2w4a09KU0V0aUh6NTRkNXYzZlZSdW9Fdm9Uay5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjdERkE0LzA4QjhEODIwOTNBQzExRUJCMUQyQTgzMkY4
QUVBMjI4LzAyRUYxREM2MEJBQTExRjA5REI5RkI3MTc2MkU5NTFBLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABmsbUwDQYJKoZIhvcNAQEL
BQADggEBACeNQ6GIP7jV9ALzpwWzuDX1yMsiEomNhCWagrPLS/Te9O/PgZtv+lVb
2zb8BZUW645aWMH82MXEgoNM396SVlN++kER4XACALT95LZekC3wh9Da2BXFVlBg
MUJgLYfdROErHSswMyMe9d6bYbrSruMGSpUgoYBaxNPzGFsYQd14O2iRSEGXUYQW
yaUlvMXoD3aBdj7Mh6bky2t6fEha+/AUjzCIVi3LLqzinLFxnZbUmO7V/0UOc4UM
gDLCnEebRzDQzbYf5sYTIzvv6dUPr1GR8U9asbKHTLqr488BgWIhQQfZMyNsYL6d
yQmpaPOJfGm7FVkmmmyhXlYrXwaYNsk=
-----END CERTIFICATE-----
Generated at Fri Apr 4 01:16:27 2025 by rpki-client