Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368948B/57871110B09A11EFBA5BE8A0762E951A/9D7D02C6B0A711EF9B899E73762E951A.roa
File: 9D7D02C6B0A711EF9B899E73762E951A.roa (raw, json)
Hash identifier: gzmWJdfm5KwvGrlK+2yatoBtgw05pLriglLBOzFw8Us=
Subject key identifier: B4:CA:7F:A8:1C:1C:7F:DA:25:8E:78:8C:A5:EE:6B:CE:B9:94:9C:83
Certificate issuer: /CN=F368948BAF/serialNumber=C2B72A0EDB6018EBA4ED7CD3035DB132F449C01D
Certificate serial: 04
Authority key identifier: C2:B7:2A:0E:DB:60:18:EB:A4:ED:7C:D3:03:5D:B1:32:F4:49:C0:1D
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/wrcqDttgGOuk7XzTA12xMvRJwB0.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368948B/57871110B09A11EFBA5BE8A0762E951A/9D7D02C6B0A711EF9B899E73762E951A.roa
Signing time: Mon 02 Dec 2024 12:19:02 +0000
ROA not before: Mon 02 Dec 2024 12:18:58 +0000
ROA not after: Tue 02 Dec 2025 12:18:58 +0000
asID: 328490
IP address blocks: 102.68.76.0/22 maxlen: 24
102.211.144.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368948B/57871110B09A11EFBA5BE8A0762E951A/wrcqDttgGOuk7XzTA12xMvRJwB0.crl
rsync://rpki.afrinic.net/repository/member_repository/F368948B/57871110B09A11EFBA5BE8A0762E951A/wrcqDttgGOuk7XzTA12xMvRJwB0.mft
rsync://rpki.afrinic.net/repository/afrinic/wrcqDttgGOuk7XzTA12xMvRJwB0.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 03:21:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4 (0x4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368948BAF
Validity
Not Before: Dec 2 12:18:58 2024 GMT
Not After : Dec 2 12:18:58 2025 GMT
Subject: CN=674da5b6-ddfc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:a0:a4:30:7b:02:dd:4c:6b:8e:86:81:57:62:
ba:ac:9a:89:50:4e:53:92:10:c9:21:77:46:ef:76:
2b:58:89:28:3e:44:18:74:c4:d1:1a:be:93:f0:b2:
58:f3:64:44:f9:17:b7:50:24:b1:41:fd:ba:77:b9:
34:73:0f:8c:65:c5:ae:eb:f2:86:44:ee:4b:d7:3a:
08:9e:88:77:b5:e1:24:00:34:49:0c:2d:4b:60:ae:
8b:00:d7:3f:88:b2:ee:25:88:b9:2d:cb:c5:99:fc:
9e:5a:cc:7e:6e:dc:90:6d:d0:ba:8e:00:d0:57:90:
a2:ad:ce:4d:85:b7:44:c0:46:7c:dd:f3:d5:27:03:
77:a4:95:7a:1e:00:5a:02:f7:aa:80:eb:bc:d7:99:
dc:b3:27:b8:c8:e8:65:ca:6c:af:cb:06:e3:a6:74:
48:4f:f0:60:6d:55:8d:94:a2:9f:2f:f0:6c:19:06:
59:3a:b5:43:0a:03:72:4d:b7:ea:42:a7:95:15:e9:
b8:77:11:c8:5f:82:10:7f:21:d4:ab:9e:68:c5:46:
ff:0d:ea:aa:8d:d9:18:af:3a:0c:c1:ad:30:fe:bb:
df:f9:dd:6b:bd:54:7f:6a:a7:f7:1b:9f:f6:02:62:
71:de:a0:0c:92:60:91:84:97:af:c7:54:e7:89:dd:
9a:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:CA:7F:A8:1C:1C:7F:DA:25:8E:78:8C:A5:EE:6B:CE:B9:94:9C:83
X509v3 Authority Key Identifier:
keyid:C2:B7:2A:0E:DB:60:18:EB:A4:ED:7C:D3:03:5D:B1:32:F4:49:C0:1D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368948B/57871110B09A11EFBA5BE8A0762E951A/wrcqDttgGOuk7XzTA12xMvRJwB0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/wrcqDttgGOuk7XzTA12xMvRJwB0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368948B/57871110B09A11EFBA5BE8A0762E951A/9D7D02C6B0A711EF9B899E73762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.68.76.0/22
102.211.144.0/22
Signature Algorithm: sha256WithRSAEncryption
24:79:cb:07:d6:1d:2f:99:bb:33:5c:af:bf:6c:13:dd:88:c4:
49:ca:6c:ca:24:d2:4d:5e:37:fc:51:4e:68:54:a4:0e:04:56:
f0:49:dc:32:8e:eb:35:31:19:aa:9d:da:85:bf:68:4d:ff:c5:
9c:b0:00:54:06:37:e6:ce:d9:bd:e2:db:51:06:e6:24:eb:7d:
9d:d6:fa:64:f8:9a:d6:fa:c6:7c:a7:e6:6f:8d:0d:ec:a4:9a:
3e:3d:03:34:60:bf:0b:8e:b4:d1:d5:9d:cd:37:04:bc:77:c7:
2d:1d:ba:02:d1:66:88:e4:5f:d7:fb:1f:fb:1a:90:8f:b5:c9:
11:de:f6:1b:04:78:c2:89:87:81:7f:d5:5d:d9:a3:c1:c1:86:
05:7c:04:54:43:e7:64:95:55:1e:88:f4:78:24:0f:ff:b5:a2:
6d:4a:c8:27:34:16:e1:02:77:8e:4b:4d:b2:3d:a2:64:34:ab:
5c:fa:a9:45:9a:d2:b2:4e:4d:a5:71:e4:18:ab:a0:d4:96:85:
e4:e9:8c:fd:8b:54:62:32:ca:d7:70:31:86:dc:e2:23:15:35:
ff:6f:f0:af:87:77:33:12:30:93:f6:96:1a:87:0b:3e:f6:8d:
5b:a9:05:eb:0c:e1:ba:5b:af:19:6b:84:08:56:64:c0:a1:74:
5e:b3:ed:c7
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgIBBDANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY4
OTQ4QkFGMTEwLwYDVQQFEyhDMkI3MkEwRURCNjAxOEVCQTRFRDdDRDMwMzVEQjEz
MkY0NDlDMDFEMB4XDTI0MTIwMjEyMTg1OFoXDTI1MTIwMjEyMTg1OFowGDEWMBQG
A1UEAxMNNjc0ZGE1YjYtZGRmYzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJygpDB7At1Ma46GgVdiuqyaiVBOU5IQySF3Ru92K1iJKD5EGHTE0Rq+k/Cy
WPNkRPkXt1AksUH9une5NHMPjGXFruvyhkTuS9c6CJ6Id7XhJAA0SQwtS2CuiwDX
P4iy7iWIuS3LxZn8nlrMfm7ckG3Quo4A0FeQoq3OTYW3RMBGfN3z1ScDd6SVeh4A
WgL3qoDrvNeZ3LMnuMjoZcpsr8sG46Z0SE/wYG1VjZSiny/wbBkGWTq1QwoDck23
6kKnlRXpuHcRyF+CEH8h1KueaMVG/w3qqo3ZGK86DMGtMP673/nda71Uf2qn9xuf
9gJicd6gDJJgkYSXr8dU54ndmo0CAwEAAaOCAqswggKnMB0GA1UdDgQWBBS0yn+o
HBx/2iWOeIyl7mvOuZScgzAfBgNVHSMEGDAWgBTCtyoO22AY66TtfNMDXbEy9EnA
HTAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2ODk0OEIvNTc4NzExMTBCMDlBMTFFRkJBNUJFOEEwNzYyRTk1MUEvd3JjcUR0
dGdHT3VrN1h6VEExMnhNdlJKd0IwLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvd3JjcUR0dGdHT3VrN1h6VEExMnhNdlJKd0IwLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2ODk0OEIvNTc4NzExMTBCMDlBMTFFRkJBNUJFOEEwNzYy
RTk1MUEvOUQ3RDAyQzZCMEE3MTFFRjlCODk5RTczNzYyRTk1MUEucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAmZETAMEAmbTkDANBgkqhkiG
9w0BAQsFAAOCAQEAJHnLB9YdL5m7M1yvv2wT3YjEScpsyiTSTV43/FFOaFSkDgRW
8EncMo7rNTEZqp3ahb9oTf/FnLAAVAY35s7ZveLbUQbmJOt9ndb6ZPia1vrGfKfm
b40N7KSaPj0DNGC/C4600dWdzTcEvHfHLR26AtFmiORf1/sf+xqQj7XJEd72GwR4
womHgX/VXdmjwcGGBXwEVEPnZJVVHoj0eCQP/7WibUrIJzQW4QJ3jktNsj2iZDSr
XPqpRZrSsk5NpXHkGKug1JaF5OmM/YtUYjLK13AxhtziIxU1/2/wr4d3MxIwk/aW
GocLPvaNW6kF6wzhuluvGWuECFZkwKF0XrPtxw==
-----END CERTIFICATE-----
Generated at Wed Feb 5 15:52:23 2025 by rpki-client