Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3687CF2/43F7457EEEB211EFB8B6489E762E951A/B7BF3416EEB311EFAEE836A7762E951A.roa
File: B7BF3416EEB311EFAEE836A7762E951A.roa (raw, json)
Hash identifier: IOBN1OIEJtW8pI1SDiCBBmTRMYXP/Wpi1hi6YZHbItU=
Subject key identifier: 9B:75:25:2C:8C:CA:7B:E1:E9:D9:02:0B:64:A6:A2:15:8F:C6:6C:91
Certificate issuer: /CN=F3687CF2AF/serialNumber=A05F84ABF0669EE0D07FC8DA367D816FAFF06704
Certificate serial: 02
Authority key identifier: A0:5F:84:AB:F0:66:9E:E0:D0:7F:C8:DA:36:7D:81:6F:AF:F0:67:04
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/oF-Eq_BmnuDQf8jaNn2Bb6_wZwQ.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3687CF2/43F7457EEEB211EFB8B6489E762E951A/B7BF3416EEB311EFAEE836A7762E951A.roa
Signing time: Wed 19 Feb 2025 11:21:52 +0000
ROA not before: Wed 19 Feb 2025 11:21:48 +0000
ROA not after: Mon 31 Dec 2035 11:21:48 +0000
asID: 37649
IP address blocks: 196.50.8.0/21 maxlen: 24
2c0f:ee80::/32 maxlen: 64
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3687CF2/43F7457EEEB211EFB8B6489E762E951A/oF-Eq_BmnuDQf8jaNn2Bb6_wZwQ.crl
rsync://rpki.afrinic.net/repository/member_repository/F3687CF2/43F7457EEEB211EFB8B6489E762E951A/oF-Eq_BmnuDQf8jaNn2Bb6_wZwQ.mft
rsync://rpki.afrinic.net/repository/afrinic/oF-Eq_BmnuDQf8jaNn2Bb6_wZwQ.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 03:22:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3687CF2AF
Validity
Not Before: Feb 19 11:21:48 2025 GMT
Not After : Dec 31 11:21:48 2035 GMT
Subject: CN=67b5bed0-7d8c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:10:b0:7a:c7:44:da:1f:a0:76:4c:5e:8c:ec:
0c:91:6e:c6:72:4e:62:0a:73:74:a5:c4:17:93:d3:
79:1a:b1:76:16:ed:94:ae:2c:c7:88:09:0a:39:73:
81:b4:f5:04:f8:61:22:83:48:38:2a:e0:cc:fe:bf:
cd:86:bb:1d:be:a8:df:ec:b3:af:42:3a:3c:19:f6:
e6:b8:ca:3b:92:a9:3a:58:d5:34:f1:0c:41:e0:a8:
9c:8f:c8:20:6c:2b:80:df:65:ab:01:ce:b5:08:f3:
1a:30:3d:cc:6e:06:16:7f:8c:b0:c0:88:1d:df:ca:
82:8d:67:06:ba:10:89:13:17:cf:a6:54:44:b0:2e:
9a:0d:08:15:85:69:5e:31:d0:1b:14:77:bd:0f:c2:
fa:23:56:e2:1b:ca:e1:77:da:1e:86:8f:ac:e9:c7:
71:99:78:87:86:53:bb:a3:c2:e9:ea:f7:c9:48:d8:
bf:eb:ee:08:f1:e5:03:52:af:9c:a4:02:1d:4e:7a:
1a:47:af:82:dd:53:f1:c7:57:f1:0b:97:00:53:f6:
65:d9:b2:ad:f6:42:82:df:08:91:2c:40:04:27:0b:
f2:7b:db:cd:16:dd:e3:be:72:df:32:6d:9d:80:37:
b4:4d:47:18:a5:7e:e0:17:fe:79:bf:6d:16:5e:a9:
33:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:75:25:2C:8C:CA:7B:E1:E9:D9:02:0B:64:A6:A2:15:8F:C6:6C:91
X509v3 Authority Key Identifier:
keyid:A0:5F:84:AB:F0:66:9E:E0:D0:7F:C8:DA:36:7D:81:6F:AF:F0:67:04
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3687CF2/43F7457EEEB211EFB8B6489E762E951A/oF-Eq_BmnuDQf8jaNn2Bb6_wZwQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/oF-Eq_BmnuDQf8jaNn2Bb6_wZwQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3687CF2/43F7457EEEB211EFB8B6489E762E951A/B7BF3416EEB311EFAEE836A7762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
196.50.8.0/21
IPv6:
2c0f:ee80::/32
Signature Algorithm: sha256WithRSAEncryption
84:96:96:61:61:3d:51:54:7a:df:de:36:49:46:5f:bb:76:d9:
5c:d8:97:9d:c5:e9:92:65:93:45:83:de:08:5b:10:c4:e8:23:
7c:a2:ec:08:c8:47:aa:bc:ba:aa:76:71:94:9c:a9:ad:75:7b:
27:d5:66:3e:6b:34:e2:bb:45:93:79:d9:ab:40:ba:c3:3b:46:
08:6a:c7:f1:88:28:25:3c:b3:9d:03:04:d3:14:b4:b4:38:9e:
90:cf:49:2f:48:48:01:0b:20:05:6b:c4:4b:fe:8f:2d:08:e9:
0d:76:dc:be:20:f7:eb:db:16:26:4b:3f:64:6b:29:93:82:f4:
4d:e3:72:f2:de:c6:8b:66:ce:75:13:cb:c5:18:c6:ac:62:ac:
a3:68:ae:fb:b7:2e:73:0e:95:07:48:d2:dd:1b:32:33:7e:47:
1b:f5:43:4a:8b:f0:0b:92:48:26:51:28:75:95:90:18:01:6d:
c7:04:6b:11:49:81:cd:73:dc:07:91:97:b0:5b:18:e1:c0:80:
72:19:1b:bf:59:48:07:33:d2:37:be:96:96:cf:e6:6d:30:97:
ce:8a:a2:d5:ee:8a:7c:ef:37:51:49:f4:ee:2b:eb:20:8e:aa:
e3:4d:8b:ff:bf:13:d6:45:b9:a3:b6:40:c4:fe:93:a7:4e:41:
88:8c:da:35
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY4
N0NGMkFGMTEwLwYDVQQFEyhBMDVGODRBQkYwNjY5RUUwRDA3RkM4REEzNjdEODE2
RkFGRjA2NzA0MB4XDTI1MDIxOTExMjE0OFoXDTM1MTIzMTExMjE0OFowGDEWMBQG
A1UEAxMNNjdiNWJlZDAtN2Q4YzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALIQsHrHRNofoHZMXozsDJFuxnJOYgpzdKXEF5PTeRqxdhbtlK4sx4gJCjlz
gbT1BPhhIoNIOCrgzP6/zYa7Hb6o3+yzr0I6PBn25rjKO5KpOljVNPEMQeConI/I
IGwrgN9lqwHOtQjzGjA9zG4GFn+MsMCIHd/Kgo1nBroQiRMXz6ZURLAumg0IFYVp
XjHQGxR3vQ/C+iNW4hvK4XfaHoaPrOnHcZl4h4ZTu6PC6er3yUjYv+vuCPHlA1Kv
nKQCHU56Gkevgt1T8cdX8QuXAFP2ZdmyrfZCgt8IkSxABCcL8nvbzRbd475y3zJt
nYA3tE1HGKV+4Bf+eb9tFl6pM30CAwEAAaOCArQwggKwMB0GA1UdDgQWBBSbdSUs
jMp74enZAgtkpqIVj8ZskTAfBgNVHSMEGDAWgBSgX4Sr8Gae4NB/yNo2fYFvr/Bn
BDAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2ODdDRjIvNDNGNzQ1N0VFRUIyMTFFRkI4QjY0ODlFNzYyRTk1MUEvb0YtRXFf
Qm1udURRZjhqYU5uMkJiNl93WndRLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvb0YtRXFfQm1udURRZjhqYU5uMkJiNl93WndRLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2ODdDRjIvNDNGNzQ1N0VFRUIyMTFFRkI4QjY0ODlFNzYy
RTk1MUEvQjdCRjM0MTZFRUIzMTFFRkFFRTgzNkE3NzYyRTk1MUEucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEA8QyCDANBAIAAjAHAwUALA/u
gDANBgkqhkiG9w0BAQsFAAOCAQEAhJaWYWE9UVR63942SUZfu3bZXNiXncXpkmWT
RYPeCFsQxOgjfKLsCMhHqry6qnZxlJyprXV7J9VmPms04rtFk3nZq0C6wztGCGrH
8YgoJTyznQME0xS0tDiekM9JL0hIAQsgBWvES/6PLQjpDXbcviD369sWJks/ZGsp
k4L0TeNy8t7Gi2bOdRPLxRjGrGKso2iu+7cucw6VB0jS3RsyM35HG/VDSovwC5JI
JlEodZWQGAFtxwRrEUmBzXPcB5GXsFsY4cCAchkbv1lIBzPSN76Wls/mbTCXzoqi
1e6KfO83UUn07ivrII6q402L/78T1kW5o7ZAxP6Tp05BiIzaNQ==
-----END CERTIFICATE-----
Generated at Sat Apr 5 03:59:56 2025 by rpki-client