Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F367DFA4/08B8D82093AC11EBB1D2A832F8AEA228/88CC23B4E20911EFAA4FEA71762E951A.roa
File: 88CC23B4E20911EFAA4FEA71762E951A.roa (raw, json)
Hash identifier: qKFGTwFhsiiCCXBqchw56kIQ8Z0gTmXSHl71yzG85Xg=
Subject key identifier: D5:31:00:9E:B9:FD:0F:CE:A5:F9:54:58:DC:09:36:71:84:4C:A0:23
Certificate issuer: /CN=F367DFA4AF/serialNumber=97C90E25212D887CF9E1DE6FDDF551BA812FA139
Certificate serial: 0663
Authority key identifier: 97:C9:0E:25:21:2D:88:7C:F9:E1:DE:6F:DD:F5:51:BA:81:2F:A1:39
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/l8kOJSEtiHz54d5v3fVRuoEvoTk.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F367DFA4/08B8D82093AC11EBB1D2A832F8AEA228/88CC23B4E20911EFAA4FEA71762E951A.roa
Signing time: Mon 03 Feb 2025 08:33:25 +0000
ROA not before: Mon 03 Feb 2025 08:33:20 +0000
ROA not after: Thu 14 Aug 2025 08:33:20 +0000
asID: 328608
IP address blocks: 102.177.152.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F367DFA4/08B8D82093AC11EBB1D2A832F8AEA228/l8kOJSEtiHz54d5v3fVRuoEvoTk.crl
rsync://rpki.afrinic.net/repository/member_repository/F367DFA4/08B8D82093AC11EBB1D2A832F8AEA228/l8kOJSEtiHz54d5v3fVRuoEvoTk.mft
rsync://rpki.afrinic.net/repository/afrinic/l8kOJSEtiHz54d5v3fVRuoEvoTk.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 05 Apr 2025 01:37:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1635 (0x663)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F367DFA4AF
Validity
Not Before: Feb 3 08:33:20 2025 GMT
Not After : Aug 14 08:33:20 2025 GMT
Subject: CN=67a07f55-c9b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:09:dc:0f:ef:84:87:a2:4f:d7:9c:3c:7f:49:
ca:6e:40:e0:c5:ba:ed:e0:62:54:b8:07:5b:90:a0:
df:57:d5:a6:38:66:37:eb:58:54:15:cb:ed:29:63:
a6:f2:d8:4d:92:f3:87:ea:54:b2:8d:e2:c5:05:40:
b6:12:17:aa:a1:46:73:04:49:d0:99:29:28:4a:6d:
5c:19:e9:36:2f:b0:66:a8:72:a1:80:11:e1:9d:18:
1a:35:7a:69:62:fa:01:39:5b:22:ac:97:69:41:39:
e2:90:b3:de:5f:31:11:53:0e:41:2e:14:de:18:1b:
f8:d1:1d:1e:81:d9:e2:21:53:55:78:57:5c:96:c7:
da:66:6f:c8:1e:30:63:23:96:3b:37:ff:99:4c:c8:
57:71:ae:96:59:5e:c6:d7:a6:24:ab:a4:b2:06:92:
54:fa:60:99:62:a6:d3:82:15:6a:22:01:ba:66:6e:
ad:22:f8:fa:7b:b0:22:89:d2:5c:a8:1a:e6:c6:9d:
3f:0f:af:6f:4f:33:ab:67:eb:c1:d7:b6:f3:2f:af:
db:41:70:a7:8c:66:f2:3c:6a:1a:0b:68:bb:92:5e:
01:6a:50:d6:7e:e0:4d:b3:9f:53:a6:75:32:e0:62:
00:61:07:04:c8:80:85:c6:81:50:7c:3f:c9:9b:11:
8f:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:31:00:9E:B9:FD:0F:CE:A5:F9:54:58:DC:09:36:71:84:4C:A0:23
X509v3 Authority Key Identifier:
keyid:97:C9:0E:25:21:2D:88:7C:F9:E1:DE:6F:DD:F5:51:BA:81:2F:A1:39
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F367DFA4/08B8D82093AC11EBB1D2A832F8AEA228/l8kOJSEtiHz54d5v3fVRuoEvoTk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/l8kOJSEtiHz54d5v3fVRuoEvoTk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F367DFA4/08B8D82093AC11EBB1D2A832F8AEA228/88CC23B4E20911EFAA4FEA71762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.177.152.0/24
Signature Algorithm: sha256WithRSAEncryption
67:39:0b:72:eb:e5:6a:19:e3:0b:a0:40:3d:29:60:d4:a5:2c:
cf:54:ee:5a:de:24:63:ae:d1:18:a3:11:f0:8b:6f:b7:ff:d3:
e8:37:94:fb:c6:33:65:9b:fb:f2:62:3f:e3:24:cc:b9:1e:bf:
a3:ee:cf:d0:4e:33:fe:89:73:4d:80:0e:9c:8b:55:de:7b:05:
33:7d:d8:5e:67:c7:4e:8f:ca:3d:1b:e1:d6:dd:df:21:da:58:
ae:8b:75:07:16:6a:3d:77:9f:76:04:13:f8:ac:3f:5b:e8:b9:
c3:c1:92:35:8f:ca:49:8c:df:ab:1a:87:cb:bd:31:09:ed:e2:
7f:14:49:0c:15:e0:db:26:d4:63:fe:44:ce:4a:6e:5a:f4:24:
47:df:a0:e3:c6:36:bc:5b:bc:b8:c5:b7:2f:ca:dc:06:f5:b6:
8a:77:51:24:ce:4a:bf:d7:0b:78:27:96:02:17:8f:9f:10:eb:
ce:94:38:6b:60:85:ed:fa:68:be:f2:84:a5:4b:b1:05:a0:9d:
68:19:8e:ec:76:68:de:28:dd:e3:0f:f8:65:e5:d8:4b:d4:4e:
da:05:e6:9b:35:86:6d:40:13:63:97:44:44:c4:19:c8:42:33:
d3:1b:86:81:28:56:73:e6:dd:93:50:36:12:cb:ab:c4:21:9a:
05:27:0d:38
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICBmMwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
N0RGQTRBRjExMC8GA1UEBRMoOTdDOTBFMjUyMTJEODg3Q0Y5RTFERTZGRERGNTUx
QkE4MTJGQTEzOTAeFw0yNTAyMDMwODMzMjBaFw0yNTA4MTQwODMzMjBaMBgxFjAU
BgNVBAMTDTY3YTA3ZjU1LWM5YjYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDACdwP74SHok/XnDx/ScpuQODFuu3gYlS4B1uQoN9X1aY4ZjfrWFQVy+0p
Y6by2E2S84fqVLKN4sUFQLYSF6qhRnMESdCZKShKbVwZ6TYvsGaocqGAEeGdGBo1
emli+gE5WyKsl2lBOeKQs95fMRFTDkEuFN4YG/jRHR6B2eIhU1V4V1yWx9pmb8ge
MGMjljs3/5lMyFdxrpZZXsbXpiSrpLIGklT6YJliptOCFWoiAbpmbq0i+Pp7sCKJ
0lyoGubGnT8Pr29PM6tn68HXtvMvr9tBcKeMZvI8ahoLaLuSXgFqUNZ+4E2zn1Om
dTLgYgBhBwTIgIXGgVB8P8mbEY93AgMBAAGjggKlMIICoTAdBgNVHQ4EFgQU1TEA
nrn9D86l+VRY3Ak2cYRMoCMwHwYDVR0jBBgwFoAUl8kOJSEtiHz54d5v3fVRuoEv
oTkwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjdERkE0LzA4QjhEODIwOTNBQzExRUJCMUQyQTgzMkY4QUVBMjI4L2w4a09K
U0V0aUh6NTRkNXYzZlZSdW9Fdm9Uay5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL2w4a09KU0V0aUh6NTRkNXYzZlZSdW9Fdm9Uay5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjdERkE0LzA4QjhEODIwOTNBQzExRUJCMUQyQTgzMkY4
QUVBMjI4Lzg4Q0MyM0I0RTIwOTExRUZBQTRGRUE3MTc2MkU5NTFBLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABmsZgwDQYJKoZIhvcNAQEL
BQADggEBAGc5C3Lr5WoZ4wugQD0pYNSlLM9U7lreJGOu0RijEfCLb7f/0+g3lPvG
M2Wb+/JiP+MkzLkev6Puz9BOM/6Jc02ADpyLVd57BTN92F5nx06Pyj0b4dbd3yHa
WK6LdQcWaj13n3YEE/isP1voucPBkjWPykmM36sah8u9MQnt4n8USQwV4Nsm1GP+
RM5Kblr0JEffoOPGNrxbvLjFty/K3Ab1top3USTOSr/XC3gnlgIXj58Q686UOGtg
he36aL7yhKVLsQWgnWgZjux2aN4o3eMP+GXl2EvUTtoF5ps1hm1AE2OXRETEGchC
M9MbhoEoVnPm3ZNQNhLLq8QhmgUnDTg=
-----END CERTIFICATE-----
Generated at Fri Apr 4 01:31:08 2025 by rpki-client