Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36952BD/BEBBAF78C8FA11EDA63284F9F1222468/2FE9EF56EADD11EFAC74BFAC762E951A.roa
File: 2FE9EF56EADD11EFAC74BFAC762E951A.roa (raw, json)
Hash identifier: HLKkizSsB2c+O77nDgoWRtkYlhtLSST5s6FWSRZ6u9E=
Subject key identifier: 2B:A9:C2:4A:FB:F9:CE:51:DF:76:F7:92:5B:A1:0F:1B:79:AA:9D:26
Certificate issuer: /CN=F36952BDAF/serialNumber=F3E24E5A9B76FE4D25D3175C3A5F7C29C6FB0488
Certificate serial: 02D6
Authority key identifier: F3:E2:4E:5A:9B:76:FE:4D:25:D3:17:5C:3A:5F:7C:29:C6:FB:04:88
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/8-JOWpt2_k0l0xdcOl98Kcb7BIg.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36952BD/BEBBAF78C8FA11EDA63284F9F1222468/2FE9EF56EADD11EFAC74BFAC762E951A.roa
Signing time: Fri 14 Feb 2025 14:08:38 +0000
ROA not before: Fri 14 Feb 2025 14:08:34 +0000
ROA not after: Sat 14 Feb 2026 14:08:34 +0000
asID: 329211
IP address blocks: 102.212.236.0/22 maxlen: 22
102.212.236.0/24 maxlen: 24
102.212.237.0/24 maxlen: 24
102.212.238.0/24 maxlen: 24
102.212.239.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36952BD/BEBBAF78C8FA11EDA63284F9F1222468/8-JOWpt2_k0l0xdcOl98Kcb7BIg.crl
rsync://rpki.afrinic.net/repository/member_repository/F36952BD/BEBBAF78C8FA11EDA63284F9F1222468/8-JOWpt2_k0l0xdcOl98Kcb7BIg.mft
rsync://rpki.afrinic.net/repository/afrinic/8-JOWpt2_k0l0xdcOl98Kcb7BIg.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 15 Mar 2025 00:05:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 726 (0x2d6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36952BDAF
Validity
Not Before: Feb 14 14:08:34 2025 GMT
Not After : Feb 14 14:08:34 2026 GMT
Subject: CN=67af4e66-1563
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:11:7d:df:39:51:c6:a9:6c:cd:4d:50:85:1c:
05:d1:be:5c:bf:e2:9e:ad:11:0d:c8:4c:95:e3:fd:
33:28:94:7e:33:89:da:99:3f:5f:14:08:53:e9:ee:
0c:b1:79:a0:85:85:87:f5:6f:05:45:27:54:ad:f8:
7f:b3:3e:b3:60:f1:24:0d:2e:8f:64:93:db:98:a6:
75:86:fb:8d:9d:75:e1:a9:ef:1d:0f:ba:af:86:20:
1d:24:a7:b5:42:0f:e2:0d:34:d8:22:95:bf:97:98:
08:0b:7e:ce:fa:f2:ac:51:cb:e4:57:30:ee:25:0f:
66:4a:af:1f:7e:0b:4b:ee:05:1e:9a:aa:17:7a:0c:
ac:31:c8:ef:36:43:0a:0f:3a:9c:3b:86:15:45:30:
6c:28:0f:a0:02:08:5b:11:01:ec:7d:1e:2d:b9:d2:
84:94:f9:6c:55:8a:ee:ff:e3:89:e0:b7:c3:34:fa:
21:88:42:e9:90:fc:29:ac:a5:5d:2d:25:27:a3:a3:
07:e0:79:9a:73:1e:15:3e:c4:10:e8:1f:ab:32:38:
3b:19:00:c3:c6:2e:2b:d9:4b:44:f4:8f:ec:20:bc:
3e:d9:ab:a9:e2:f3:19:df:a5:54:b4:eb:45:3a:a1:
2c:b5:ef:57:12:49:bc:ea:21:0b:2f:c2:8a:e8:ee:
95:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:A9:C2:4A:FB:F9:CE:51:DF:76:F7:92:5B:A1:0F:1B:79:AA:9D:26
X509v3 Authority Key Identifier:
keyid:F3:E2:4E:5A:9B:76:FE:4D:25:D3:17:5C:3A:5F:7C:29:C6:FB:04:88
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36952BD/BEBBAF78C8FA11EDA63284F9F1222468/8-JOWpt2_k0l0xdcOl98Kcb7BIg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/8-JOWpt2_k0l0xdcOl98Kcb7BIg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36952BD/BEBBAF78C8FA11EDA63284F9F1222468/2FE9EF56EADD11EFAC74BFAC762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.212.236.0/22
Signature Algorithm: sha256WithRSAEncryption
5b:f8:72:62:5b:5a:c5:ad:ee:e1:fc:36:ce:36:63:b8:94:97:
cd:40:dd:9b:bb:6e:cb:fd:5f:46:5c:9a:f8:fa:f8:73:9e:b9:
b7:d1:66:8b:19:a7:d1:d7:d3:e7:a7:5f:9c:05:2f:3f:53:7c:
55:f9:fb:1f:65:38:88:63:30:92:d2:1b:b5:a0:f5:b0:6b:dd:
9f:8d:45:51:08:d2:cc:48:45:e7:2b:c5:e0:c1:99:7e:1b:df:
63:ec:09:bf:4a:d0:b1:2c:29:c9:95:43:81:b1:22:3d:fc:24:
f6:43:29:59:e9:fe:72:75:e1:ed:5d:11:ee:29:e7:26:c9:66:
e3:29:1d:6c:ee:67:67:79:cf:e5:1d:3d:4d:32:e7:5e:1d:90:
70:a9:bd:2e:42:68:2a:cb:4b:34:a0:f8:fa:d8:20:e7:bf:d6:
0a:61:32:52:a3:0b:b7:8f:e2:d1:e3:87:43:ba:84:5c:8f:8a:
ef:9f:5a:73:18:87:0c:1a:4d:51:4f:fa:80:12:85:ed:28:6f:
29:3b:1e:12:d2:bf:ce:48:53:f5:24:0d:30:04:72:d8:7c:08:
e9:d9:79:f9:18:ab:ef:44:04:8c:37:13:c1:cf:1f:ca:1d:49:
75:51:f6:1a:5c:0e:a5:55:23:57:ea:8f:75:04:48:ab:33:c8:
ea:e1:26:b6
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICAtYwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
OTUyQkRBRjExMC8GA1UEBRMoRjNFMjRFNUE5Qjc2RkU0RDI1RDMxNzVDM0E1RjdD
MjlDNkZCMDQ4ODAeFw0yNTAyMTQxNDA4MzRaFw0yNjAyMTQxNDA4MzRaMBgxFjAU
BgNVBAMTDTY3YWY0ZTY2LTE1NjMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDaEX3fOVHGqWzNTVCFHAXRvly/4p6tEQ3ITJXj/TMolH4zidqZP18UCFPp
7gyxeaCFhYf1bwVFJ1St+H+zPrNg8SQNLo9kk9uYpnWG+42ddeGp7x0Puq+GIB0k
p7VCD+INNNgilb+XmAgLfs768qxRy+RXMO4lD2ZKrx9+C0vuBR6aqhd6DKwxyO82
QwoPOpw7hhVFMGwoD6ACCFsRAex9Hi250oSU+WxViu7/44ngt8M0+iGIQumQ/Cms
pV0tJSejowfgeZpzHhU+xBDoH6syODsZAMPGLivZS0T0j+wgvD7Zq6ni8xnfpVS0
60U6oSy171cSSbzqIQsvworo7pVlAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUK6nC
Svv5zlHfdveSW6EPG3mqnSYwHwYDVR0jBBgwFoAU8+JOWpt2/k0l0xdcOl98Kcb7
BIgwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjk1MkJEL0JFQkJBRjc4QzhGQTExRURBNjMyODRGOUYxMjIyNDY4LzgtSk9X
cHQyX2swbDB4ZGNPbDk4S2NiN0JJZy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljLzgtSk9XcHQyX2swbDB4ZGNPbDk4S2NiN0JJZy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjk1MkJEL0JFQkJBRjc4QzhGQTExRURBNjMyODRGOUYx
MjIyNDY4LzJGRTlFRjU2RUFERDExRUZBQzc0QkZBQzc2MkU5NTFBLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJm1OwwDQYJKoZIhvcNAQEL
BQADggEBAFv4cmJbWsWt7uH8Ns42Y7iUl81A3Zu7bsv9X0Zcmvj6+HOeubfRZosZ
p9HX0+enX5wFLz9TfFX5+x9lOIhjMJLSG7Wg9bBr3Z+NRVEI0sxIRecrxeDBmX4b
32PsCb9K0LEsKcmVQ4GxIj38JPZDKVnp/nJ14e1dEe4p5ybJZuMpHWzuZ2d5z+Ud
PU0y514dkHCpvS5CaCrLSzSg+PrYIOe/1gphMlKjC7eP4tHjh0O6hFyPiu+fWnMY
hwwaTVFP+oAShe0obyk7HhLSv85IU/UkDTAEcth8COnZefkYq+9EBIw3E8HPH8od
SXVR9hpcDqVVI1fqj3UESKszyOrhJrY=
-----END CERTIFICATE-----
Generated at Thu Mar 13 07:06:22 2025 by rpki-client