Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36960E7/1C0AE63EEB7711EB80DE7C1ED8A014CE/37B83E60FFEE11EFABEA6E81762E951A.roa
File: 37B83E60FFEE11EFABEA6E81762E951A.roa (raw, json)
Hash identifier: gsvCvW76OaOtF8689d8WlWC5LaBRhvA+SlkfDprHioM=
Subject key identifier: 84:6F:2A:C9:3C:61:20:E1:2E:C6:67:3F:53:05:82:7C:C4:13:1C:90
Certificate issuer: /CN=F36960E7AF/serialNumber=1F4DB9AC6B63108A19BDCDBEECFF449842C8D6A0
Certificate serial: 058C
Authority key identifier: 1F:4D:B9:AC:6B:63:10:8A:19:BD:CD:BE:EC:FF:44:98:42:C8:D6:A0
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/H025rGtjEIoZvc2-7P9EmELI1qA.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36960E7/1C0AE63EEB7711EB80DE7C1ED8A014CE/37B83E60FFEE11EFABEA6E81762E951A.roa
Signing time: Thu 13 Mar 2025 09:33:28 +0000
ROA not before: Thu 13 Mar 2025 09:33:23 +0000
ROA not after: Sat 24 Mar 2035 09:33:23 +0000
asID: 328840
IP address blocks: 102.208.104.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36960E7/1C0AE63EEB7711EB80DE7C1ED8A014CE/H025rGtjEIoZvc2-7P9EmELI1qA.crl
rsync://rpki.afrinic.net/repository/member_repository/F36960E7/1C0AE63EEB7711EB80DE7C1ED8A014CE/H025rGtjEIoZvc2-7P9EmELI1qA.mft
rsync://rpki.afrinic.net/repository/afrinic/H025rGtjEIoZvc2-7P9EmELI1qA.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 08 Apr 2025 00:06:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1420 (0x58c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36960E7AF
Validity
Not Before: Mar 13 09:33:23 2025 GMT
Not After : Mar 24 09:33:23 2035 GMT
Subject: CN=67d2a667-f439
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:c6:74:5d:fb:71:b3:9d:d1:a8:8e:4b:e5:2e:
1f:29:6e:5d:39:e3:47:e9:b5:0d:f0:07:df:41:59:
2a:51:ee:85:4a:a0:ab:81:e7:7d:73:21:fb:96:93:
a1:ee:ab:90:c9:93:c7:9a:74:79:87:ff:ae:86:ab:
5a:0b:62:86:34:94:80:4d:1d:04:4b:10:77:52:e0:
37:38:00:83:26:24:29:7b:37:e4:1a:81:01:24:d1:
c8:d8:0e:92:f7:e0:3a:67:7f:32:bd:6a:23:c2:23:
76:bd:7a:13:f9:6b:34:ff:89:8e:c0:9f:96:9f:65:
db:1e:76:d7:19:9d:72:ee:6d:fa:23:b3:28:97:78:
c8:ed:3a:02:4a:9b:ed:44:46:e8:fc:de:f2:17:f3:
16:e6:87:06:f3:3f:12:18:4d:f8:2b:6f:5c:87:5c:
13:33:89:95:16:3d:73:b7:21:46:13:06:40:f2:f2:
3f:1d:9e:16:12:b7:79:3c:b6:69:de:1c:12:14:d5:
d6:cf:fc:43:84:53:a0:09:c6:ee:bd:82:30:b3:cb:
e8:2c:06:96:64:34:dc:39:67:8e:ee:5c:c0:e2:8a:
30:2e:cc:1d:92:8b:5a:8b:3b:21:09:1f:7e:72:e9:
aa:52:dd:f1:bb:1d:c6:69:7d:86:bc:75:22:d0:fd:
d4:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:6F:2A:C9:3C:61:20:E1:2E:C6:67:3F:53:05:82:7C:C4:13:1C:90
X509v3 Authority Key Identifier:
keyid:1F:4D:B9:AC:6B:63:10:8A:19:BD:CD:BE:EC:FF:44:98:42:C8:D6:A0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36960E7/1C0AE63EEB7711EB80DE7C1ED8A014CE/H025rGtjEIoZvc2-7P9EmELI1qA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/H025rGtjEIoZvc2-7P9EmELI1qA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36960E7/1C0AE63EEB7711EB80DE7C1ED8A014CE/37B83E60FFEE11EFABEA6E81762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.208.104.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:5b:e0:be:1e:d4:69:a5:dc:b6:92:53:af:68:de:ef:ce:53:
aa:5d:91:65:74:29:ba:ad:79:2d:58:fd:6a:e0:15:b2:e4:5e:
50:77:4e:31:d5:4e:66:09:77:33:65:24:61:c0:8e:9d:5c:2c:
f7:59:b0:02:4b:d3:fd:b3:94:cd:8f:df:f2:b8:f9:2d:d4:b9:
93:b2:b1:3c:3b:03:eb:8e:48:1f:80:b6:01:b7:8e:c2:29:96:
15:53:35:d4:bd:77:bb:d5:e5:a8:ef:10:3b:d6:19:92:32:35:
3e:e4:d0:65:8a:6d:6c:cb:04:eb:f4:1f:df:b0:c1:a3:55:3f:
bf:b4:32:96:35:33:88:2e:0d:0b:ac:c2:ca:b3:e6:55:56:26:
8d:0c:9b:90:73:9e:94:e6:5a:07:fe:cc:f0:ff:dc:8e:26:27:
dc:10:59:02:40:66:57:80:e0:dc:06:67:60:ce:05:e7:05:f8:
f2:5a:27:12:02:cc:d3:a7:2c:88:90:56:a7:69:fd:83:4a:3d:
6e:6c:eb:9e:83:bf:af:ea:21:05:db:50:f3:74:66:18:ff:f2:
82:3a:1a:ff:4d:38:67:65:ed:69:31:95:2c:2f:68:be:2e:0d:
20:58:5e:3d:d4:ea:44:e5:37:49:d7:45:6e:d8:10:af:02:7f:
bc:86:77:66
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICBYwwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
OTYwRTdBRjExMC8GA1UEBRMoMUY0REI5QUM2QjYzMTA4QTE5QkRDREJFRUNGRjQ0
OTg0MkM4RDZBMDAeFw0yNTAzMTMwOTMzMjNaFw0zNTAzMjQwOTMzMjNaMBgxFjAU
BgNVBAMTDTY3ZDJhNjY3LWY0MzkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDMxnRd+3GzndGojkvlLh8pbl0540fptQ3wB99BWSpR7oVKoKuB531zIfuW
k6Huq5DJk8eadHmH/66Gq1oLYoY0lIBNHQRLEHdS4Dc4AIMmJCl7N+QagQEk0cjY
DpL34DpnfzK9aiPCI3a9ehP5azT/iY7An5afZdsedtcZnXLubfojsyiXeMjtOgJK
m+1ERuj83vIX8xbmhwbzPxIYTfgrb1yHXBMziZUWPXO3IUYTBkDy8j8dnhYSt3k8
tmneHBIU1dbP/EOEU6AJxu69gjCzy+gsBpZkNNw5Z47uXMDiijAuzB2Si1qLOyEJ
H35y6apS3fG7HcZpfYa8dSLQ/dRPAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUhG8q
yTxhIOEuxmc/UwWCfMQTHJAwHwYDVR0jBBgwFoAUH025rGtjEIoZvc2+7P9EmELI
1qAwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjk2MEU3LzFDMEFFNjNFRUI3NzExRUI4MERFN0MxRUQ4QTAxNENFL0gwMjVy
R3RqRUlvWnZjMi03UDlFbUVMSTFxQS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0gwMjVyR3RqRUlvWnZjMi03UDlFbUVMSTFxQS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjk2MEU3LzFDMEFFNjNFRUI3NzExRUI4MERFN0MxRUQ4
QTAxNENFLzM3QjgzRTYwRkZFRTExRUZBQkVBNkU4MTc2MkU5NTFBLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABm0GgwDQYJKoZIhvcNAQEL
BQADggEBAH5b4L4e1Gml3LaSU69o3u/OU6pdkWV0KbqteS1Y/WrgFbLkXlB3TjHV
TmYJdzNlJGHAjp1cLPdZsAJL0/2zlM2P3/K4+S3UuZOysTw7A+uOSB+AtgG3jsIp
lhVTNdS9d7vV5ajvEDvWGZIyNT7k0GWKbWzLBOv0H9+wwaNVP7+0MpY1M4guDQus
wsqz5lVWJo0Mm5BznpTmWgf+zPD/3I4mJ9wQWQJAZleA4NwGZ2DOBecF+PJaJxIC
zNOnLIiQVqdp/YNKPW5s656Dv6/qIQXbUPN0Zhj/8oI6Gv9NOGdl7WkxlSwvaL4u
DSBYXj3U6kTlN0nXRW7YEK8Cf7yGd2Y=
-----END CERTIFICATE-----
Generated at Mon Apr 7 16:03:35 2025 by rpki-client