Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3683A54/5C3677F21F7811EC9A12311AD8A014CE/7EE185A6B21611EFA9BDF294762E951A.roa
File: 7EE185A6B21611EFA9BDF294762E951A.roa (raw, json)
Hash identifier: G6244Azl/uqe8/mj3zsQM21nztQl1zF4+5qvnRVhw/Q=
Subject key identifier: E0:41:79:61:C1:CA:E1:B0:62:C7:66:38:F2:F3:02:00:5E:B5:34:FA
Certificate issuer: /CN=F3683A54AF/serialNumber=91733293FC6350AEDFBA75A916FFF41B515ECF4C
Certificate serial: 04B2
Authority key identifier: 91:73:32:93:FC:63:50:AE:DF:BA:75:A9:16:FF:F4:1B:51:5E:CF:4C
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/kXMyk_xjUK7funWpFv_0G1Fez0w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3683A54/5C3677F21F7811EC9A12311AD8A014CE/7EE185A6B21611EFA9BDF294762E951A.roa
Signing time: Wed 04 Dec 2024 08:05:16 +0000
ROA not before: Wed 04 Dec 2024 08:05:12 +0000
ROA not after: Mon 04 Dec 2034 08:05:12 +0000
asID: 36924
IP address blocks: 102.207.108.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3683A54/5C3677F21F7811EC9A12311AD8A014CE/kXMyk_xjUK7funWpFv_0G1Fez0w.crl
rsync://rpki.afrinic.net/repository/member_repository/F3683A54/5C3677F21F7811EC9A12311AD8A014CE/kXMyk_xjUK7funWpFv_0G1Fez0w.mft
rsync://rpki.afrinic.net/repository/afrinic/kXMyk_xjUK7funWpFv_0G1Fez0w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1202 (0x4b2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3683A54AF
Validity
Not Before: Dec 4 08:05:12 2024 GMT
Not After : Dec 4 08:05:12 2034 GMT
Subject: CN=67500d3c-f877
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:21:65:9b:d1:31:14:a1:e5:0e:af:6d:05:2e:
e8:1d:ef:89:06:9e:d8:95:f7:bb:55:fd:18:dd:47:
86:13:ae:90:20:8f:0c:75:80:5a:00:97:9b:a8:9a:
f1:88:ed:97:86:44:db:1c:84:e8:f9:05:ad:44:aa:
10:77:cc:63:29:02:1a:62:69:2c:65:a9:d1:3f:ba:
8a:c4:3a:7c:e0:16:db:c7:3f:f0:58:52:27:43:56:
44:c9:af:c6:8e:1b:bb:56:fa:5a:c2:64:7d:3b:d4:
3a:77:52:e8:c4:1b:9a:c4:59:19:99:e2:e1:b4:09:
de:4d:b2:10:4c:5a:6e:e7:5c:76:50:ea:39:b6:d9:
9c:55:d6:80:01:27:c7:0c:8f:7f:81:7f:d6:ef:60:
42:29:5d:51:36:87:72:b5:9c:0a:3c:e3:b0:d2:a1:
76:be:b9:ab:67:57:53:11:8d:b2:4a:eb:6c:aa:ef:
51:50:67:35:f7:d9:a3:f8:16:24:8d:2b:4c:a7:9b:
f7:53:8e:f7:9f:0d:ac:0b:c4:ee:8f:a2:c7:ab:25:
9a:ad:a6:34:f6:71:ea:ff:14:f3:46:26:c7:ef:cd:
5a:94:4a:c0:17:c8:a4:bf:61:5e:05:e9:8f:de:c0:
6e:06:57:a1:fa:59:8b:7e:68:26:f7:70:0b:6f:73:
50:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:41:79:61:C1:CA:E1:B0:62:C7:66:38:F2:F3:02:00:5E:B5:34:FA
X509v3 Authority Key Identifier:
keyid:91:73:32:93:FC:63:50:AE:DF:BA:75:A9:16:FF:F4:1B:51:5E:CF:4C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3683A54/5C3677F21F7811EC9A12311AD8A014CE/kXMyk_xjUK7funWpFv_0G1Fez0w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/kXMyk_xjUK7funWpFv_0G1Fez0w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3683A54/5C3677F21F7811EC9A12311AD8A014CE/7EE185A6B21611EFA9BDF294762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.207.108.0/22
Signature Algorithm: sha256WithRSAEncryption
18:8f:cc:14:77:f3:d4:a6:12:49:75:c5:22:32:09:06:46:e5:
62:20:e3:51:c3:6b:9b:11:93:8e:a4:32:fe:37:16:d9:ec:9c:
9a:d9:4e:66:6e:c7:ed:98:92:c9:35:ed:b4:f6:ff:bb:ce:5c:
b0:48:25:9a:b0:e6:e0:2e:09:70:b0:36:0b:31:8a:12:4f:5c:
db:cb:1a:a6:df:86:4f:20:fe:9c:50:f6:48:f2:1f:f9:4e:8d:
f1:d5:20:0f:1b:b1:f5:d4:50:b9:21:7a:a2:8f:e2:bc:9d:cc:
ac:62:13:bf:88:5d:ba:30:c6:46:f8:f0:ba:97:cf:ef:35:03:
ae:a4:b1:be:a0:04:61:5b:f1:5f:2b:30:7b:35:fa:02:34:11:
dc:d2:2d:4c:bb:31:43:78:9b:e2:66:58:01:42:06:c3:79:59:
bb:f0:bd:76:13:77:44:f7:f8:05:34:46:e4:d0:71:eb:f0:cd:
db:db:68:00:36:01:69:7b:a7:bc:37:8c:0c:d2:1d:d6:e6:32:
a8:2f:a9:46:ea:c2:8c:12:40:7d:61:94:03:33:62:ed:1d:e0:
73:18:d2:31:e9:98:fe:6e:a3:d8:15:39:ea:0a:1c:c0:51:15:
5f:b4:6e:c6:70:55:6c:b0:ff:76:eb:76:2d:ae:39:e7:1c:fa:
c7:3f:d4:33
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICBLIwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODNBNTRBRjExMC8GA1UEBRMoOTE3MzMyOTNGQzYzNTBBRURGQkE3NUE5MTZGRkY0
MUI1MTVFQ0Y0QzAeFw0yNDEyMDQwODA1MTJaFw0zNDEyMDQwODA1MTJaMBgxFjAU
BgNVBAMTDTY3NTAwZDNjLWY4NzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCzIWWb0TEUoeUOr20FLugd74kGntiV97tV/RjdR4YTrpAgjwx1gFoAl5uo
mvGI7ZeGRNschOj5Ba1EqhB3zGMpAhpiaSxlqdE/uorEOnzgFtvHP/BYUidDVkTJ
r8aOG7tW+lrCZH071Dp3UujEG5rEWRmZ4uG0Cd5NshBMWm7nXHZQ6jm22ZxV1oAB
J8cMj3+Bf9bvYEIpXVE2h3K1nAo847DSoXa+uatnV1MRjbJK62yq71FQZzX32aP4
FiSNK0ynm/dTjvefDawLxO6PoserJZqtpjT2cer/FPNGJsfvzVqUSsAXyKS/YV4F
6Y/ewG4GV6H6WYt+aCb3cAtvc1A9AgMBAAGjggKlMIICoTAdBgNVHQ4EFgQU4EF5
YcHK4bBix2Y48vMCAF61NPowHwYDVR0jBBgwFoAUkXMyk/xjUK7funWpFv/0G1Fe
z0wwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgzQTU0LzVDMzY3N0YyMUY3ODExRUM5QTEyMzExQUQ4QTAxNENFL2tYTXlr
X3hqVUs3ZnVuV3BGdl8wRzFGZXowdy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL2tYTXlrX3hqVUs3ZnVuV3BGdl8wRzFGZXowdy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgzQTU0LzVDMzY3N0YyMUY3ODExRUM5QTEyMzExQUQ4
QTAxNENFLzdFRTE4NUE2QjIxNjExRUZBOUJERjI5NDc2MkU5NTFBLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJmz2wwDQYJKoZIhvcNAQEL
BQADggEBABiPzBR389SmEkl1xSIyCQZG5WIg41HDa5sRk46kMv43FtnsnJrZTmZu
x+2Yksk17bT2/7vOXLBIJZqw5uAuCXCwNgsxihJPXNvLGqbfhk8g/pxQ9kjyH/lO
jfHVIA8bsfXUULkheqKP4rydzKxiE7+IXbowxkb48LqXz+81A66ksb6gBGFb8V8r
MHs1+gI0EdzSLUy7MUN4m+JmWAFCBsN5WbvwvXYTd0T3+AU0RuTQcevwzdvbaAA2
AWl7p7w3jAzSHdbmMqgvqUbqwowSQH1hlAMzYu0d4HMY0jHpmP5uo9gVOeoKHMBR
FV+0bsZwVWyw/3brdi2uOecc+sc/1DM=
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:55:20 2025 by rpki-client