Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36877BB/3887CD041CF711EFAEF87C1E7DDC24C2/F28EE676D5B911EFB1FFC972762E951A.roa
File: F28EE676D5B911EFB1FFC972762E951A.roa (raw, json)
Hash identifier: EzqsSk1Co9k9NgSov+FZr7H05V+t9uoO/FrO5hKwcOM=
Subject key identifier: 42:B2:F3:24:D4:61:4C:2B:E6:74:56:D2:21:CE:F9:2B:CA:E1:E8:B0
Certificate issuer: /CN=F36877BBAF/serialNumber=0DC6A4C82109FF2CB39C1D1A58C38E3033C5A0FE
Certificate serial: 012B
Authority key identifier: 0D:C6:A4:C8:21:09:FF:2C:B3:9C:1D:1A:58:C3:8E:30:33:C5:A0:FE
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/DcakyCEJ_yyznB0aWMOOMDPFoP4.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36877BB/3887CD041CF711EFAEF87C1E7DDC24C2/F28EE676D5B911EFB1FFC972762E951A.roa
Signing time: Sat 18 Jan 2025 16:33:29 +0000
ROA not before: Sat 18 Jan 2025 16:33:25 +0000
ROA not after: Tue 18 Jan 2028 16:33:25 +0000
asID: 328721
IP address blocks: 102.222.56.0/24 maxlen: 24
102.222.57.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36877BB/3887CD041CF711EFAEF87C1E7DDC24C2/DcakyCEJ_yyznB0aWMOOMDPFoP4.crl
rsync://rpki.afrinic.net/repository/member_repository/F36877BB/3887CD041CF711EFAEF87C1E7DDC24C2/DcakyCEJ_yyznB0aWMOOMDPFoP4.mft
rsync://rpki.afrinic.net/repository/afrinic/DcakyCEJ_yyznB0aWMOOMDPFoP4.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 299 (0x12b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36877BBAF
Validity
Not Before: Jan 18 16:33:25 2025 GMT
Not After : Jan 18 16:33:25 2028 GMT
Subject: CN=678bd7d9-fc7b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:2f:85:e4:cd:fa:de:7d:ae:c9:18:8e:c5:5f:
40:19:48:1d:2a:d9:44:bb:67:74:5f:37:2a:d3:30:
9c:1a:b3:be:1c:ac:5d:c3:b2:7c:14:6a:56:39:86:
c7:ca:51:4c:69:9d:57:b3:5d:4e:7a:01:29:21:57:
3a:a9:c5:8e:29:b7:b5:96:4c:f9:cb:90:87:87:ed:
be:3b:a1:b1:63:9a:11:30:3e:ec:9d:92:ed:81:18:
f4:9d:69:1f:fe:5f:f5:ae:71:40:51:4a:53:51:71:
19:04:07:6d:8f:fe:10:20:5f:95:62:7a:f3:39:8a:
98:b6:db:57:3f:3f:71:d9:4a:2e:54:65:f2:dd:5d:
9c:8c:69:7a:4a:99:71:2f:70:f1:5a:0b:d8:de:aa:
e4:e7:2e:32:09:2b:c6:35:bf:32:66:5d:23:7b:46:
5f:02:37:5a:7f:84:87:83:32:76:45:4e:49:1c:52:
d3:46:99:65:fc:96:c7:39:aa:b6:45:21:75:95:55:
09:3a:32:c6:c6:45:99:4d:92:a6:56:e0:e0:2e:cb:
50:16:d3:72:17:77:a9:13:12:a5:0a:cd:fa:f3:65:
1b:b7:6b:d5:b4:74:6c:df:f7:3b:d6:a1:03:2d:3d:
08:b6:b9:01:2a:db:d5:5a:40:fb:96:98:58:af:43:
e8:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:B2:F3:24:D4:61:4C:2B:E6:74:56:D2:21:CE:F9:2B:CA:E1:E8:B0
X509v3 Authority Key Identifier:
keyid:0D:C6:A4:C8:21:09:FF:2C:B3:9C:1D:1A:58:C3:8E:30:33:C5:A0:FE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36877BB/3887CD041CF711EFAEF87C1E7DDC24C2/DcakyCEJ_yyznB0aWMOOMDPFoP4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/DcakyCEJ_yyznB0aWMOOMDPFoP4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36877BB/3887CD041CF711EFAEF87C1E7DDC24C2/F28EE676D5B911EFB1FFC972762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.222.56.0/23
Signature Algorithm: sha256WithRSAEncryption
8c:9e:98:0e:68:64:47:06:6b:8c:5f:22:45:79:b0:08:9c:33:
74:ae:c8:af:55:ad:a4:1c:f1:01:21:e3:5e:7d:96:b5:54:f3:
ea:0d:e8:86:1b:c5:66:03:14:92:60:6e:78:b0:47:1a:cf:22:
0f:08:f1:ba:7f:5d:4b:29:3b:a6:56:0d:92:ba:bb:2c:c5:7b:
f0:4a:e7:d2:56:41:14:97:23:88:67:47:e8:60:5d:e9:b7:86:
eb:d9:57:28:39:99:35:e5:50:85:14:03:16:9e:26:45:b4:c3:
16:93:9e:78:bb:fc:86:0e:81:b2:24:68:5a:f5:1e:35:8d:b0:
d5:0a:6e:80:9d:4f:b0:e2:4f:b6:c3:0d:d6:03:33:3f:a1:95:
25:b2:bf:88:fc:15:b3:08:7e:d6:5b:7c:25:7f:22:13:78:ac:
cd:8d:06:37:f0:b6:50:82:8a:42:92:2b:53:d9:39:4f:70:db:
b6:fa:5d:2c:63:d9:48:97:b3:a5:4a:03:e5:7f:1f:e2:6e:a5:
47:e8:64:6e:d5:0c:aa:0b:b9:20:6f:8b:c9:03:7c:19:d4:00:
02:e1:33:d0:76:f2:3b:8c:59:30:4a:3e:47:d1:ae:11:2f:2d:
1e:59:bf:c5:f7:f7:75:99:50:a2:95:6b:0b:17:62:98:76:4d:
58:7f:38:6c
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICASswDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODc3QkJBRjExMC8GA1UEBRMoMERDNkE0QzgyMTA5RkYyQ0IzOUMxRDFBNThDMzhF
MzAzM0M1QTBGRTAeFw0yNTAxMTgxNjMzMjVaFw0yODAxMTgxNjMzMjVaMBgxFjAU
BgNVBAMTDTY3OGJkN2Q5LWZjN2IwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDdL4Xkzfrefa7JGI7FX0AZSB0q2US7Z3RfNyrTMJwas74crF3DsnwUalY5
hsfKUUxpnVezXU56ASkhVzqpxY4pt7WWTPnLkIeH7b47obFjmhEwPuydku2BGPSd
aR/+X/WucUBRSlNRcRkEB22P/hAgX5VievM5ipi221c/P3HZSi5UZfLdXZyMaXpK
mXEvcPFaC9jequTnLjIJK8Y1vzJmXSN7Rl8CN1p/hIeDMnZFTkkcUtNGmWX8lsc5
qrZFIXWVVQk6MsbGRZlNkqZW4OAuy1AW03IXd6kTEqUKzfrzZRu3a9W0dGzf9zvW
oQMtPQi2uQEq29VaQPuWmFivQ+hdAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUQrLz
JNRhTCvmdFbSIc75K8rh6LAwHwYDVR0jBBgwFoAUDcakyCEJ/yyznB0aWMOOMDPF
oP4wDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjg3N0JCLzM4ODdDRDA0MUNGNzExRUZBRUY4N0MxRTdEREMyNEMyL0RjYWt5
Q0VKX3l5em5CMGFXTU9PTURQRm9QNC5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0RjYWt5Q0VKX3l5em5CMGFXTU9PTURQRm9QNC5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjg3N0JCLzM4ODdDRDA0MUNGNzExRUZBRUY4N0MxRTdE
REMyNEMyL0YyOEVFNjc2RDVCOTExRUZCMUZGQzk3Mjc2MkU5NTFBLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAFm3jgwDQYJKoZIhvcNAQEL
BQADggEBAIyemA5oZEcGa4xfIkV5sAicM3SuyK9VraQc8QEh4159lrVU8+oN6IYb
xWYDFJJgbniwRxrPIg8I8bp/XUspO6ZWDZK6uyzFe/BK59JWQRSXI4hnR+hgXem3
huvZVyg5mTXlUIUUAxaeJkW0wxaTnni7/IYOgbIkaFr1HjWNsNUKboCdT7DiT7bD
DdYDMz+hlSWyv4j8FbMIftZbfCV/IhN4rM2NBjfwtlCCikKSK1PZOU9w27b6XSxj
2UiXs6VKA+V/H+JupUfoZG7VDKoLuSBvi8kDfBnUAALhM9B28juMWTBKPkfRrhEv
LR5Zv8X393WZUKKVawsXYph2TVh/OGw=
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:53:56 2025 by rpki-client