Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F369BFA8/FBBFE27EB22111EF8BDA705C762E951A/9D0722C8B24511EF879E88B5762E951A.roa
File: 9D0722C8B24511EF879E88B5762E951A.roa (raw, json)
Hash identifier: re1+1WPfPmFof+DoUwQFqcaVy7veeKE2VogjJwa7xs8=
Subject key identifier: 01:33:7F:53:8B:35:AE:9E:05:78:49:BF:F7:53:82:8C:0F:62:EC:0B
Certificate issuer: /CN=F369BFA8AF/serialNumber=CD74665CB1CFC85969A6A5ABA472C3EA2AD255CE
Certificate serial: 02
Authority key identifier: CD:74:66:5C:B1:CF:C8:59:69:A6:A5:AB:A4:72:C3:EA:2A:D2:55:CE
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/zXRmXLHPyFlppqWrpHLD6irSVc4.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F369BFA8/FBBFE27EB22111EF8BDA705C762E951A/9D0722C8B24511EF879E88B5762E951A.roa
Signing time: Wed 04 Dec 2024 13:42:33 +0000
ROA not before: Thu 05 Dec 2024 13:42:29 +0000
ROA not after: Thu 04 Dec 2025 13:42:29 +0000
asID: 328777
IP address blocks: 102.221.92.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F369BFA8/FBBFE27EB22111EF8BDA705C762E951A/zXRmXLHPyFlppqWrpHLD6irSVc4.crl
rsync://rpki.afrinic.net/repository/member_repository/F369BFA8/FBBFE27EB22111EF8BDA705C762E951A/zXRmXLHPyFlppqWrpHLD6irSVc4.mft
rsync://rpki.afrinic.net/repository/afrinic/zXRmXLHPyFlppqWrpHLD6irSVc4.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 03:21:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F369BFA8AF
Validity
Not Before: Dec 5 13:42:29 2024 GMT
Not After : Dec 4 13:42:29 2025 GMT
Subject: CN=67505c49-a7ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:b6:0f:ca:7a:72:70:1b:c0:fd:cf:05:f0:12:
df:01:f8:a2:27:1d:b3:ab:02:f9:cc:cd:31:f1:c7:
c8:73:d2:ed:5d:9c:92:7d:3e:c3:a8:57:e0:5a:a7:
dd:07:12:67:93:e9:97:90:12:66:e4:ea:46:90:f4:
0b:dc:d1:6c:0f:ec:0f:38:cb:1b:b2:3d:6a:d2:ad:
44:54:45:a3:d2:3a:bb:e2:a5:fa:0b:5c:53:18:35:
94:12:98:0f:6b:a2:05:f5:0e:df:e7:15:87:31:fa:
2d:d3:00:67:b3:13:d5:c4:2f:dc:0a:87:45:fd:d7:
81:83:60:b1:ea:1b:14:e1:a0:81:a1:c7:49:e1:82:
af:f6:28:fd:59:2e:7e:38:c4:81:0c:19:ba:fb:e9:
70:7c:dc:be:02:64:31:ac:dc:d8:fe:43:2c:96:5e:
a8:da:1c:08:c8:5a:be:2c:2b:ef:4a:06:eb:9e:62:
a4:7f:74:fe:ea:fb:19:89:36:af:cf:64:24:32:bf:
92:f2:ee:72:ea:94:62:df:03:c6:e7:bd:04:ce:0b:
56:d4:f7:b9:00:cd:91:38:c1:ac:9b:f9:37:03:50:
01:a2:92:b3:51:5a:3e:ac:54:62:70:b2:bf:9b:41:
3b:38:2c:6c:ff:62:e1:46:8c:cb:2d:d2:ab:00:57:
56:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:33:7F:53:8B:35:AE:9E:05:78:49:BF:F7:53:82:8C:0F:62:EC:0B
X509v3 Authority Key Identifier:
keyid:CD:74:66:5C:B1:CF:C8:59:69:A6:A5:AB:A4:72:C3:EA:2A:D2:55:CE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F369BFA8/FBBFE27EB22111EF8BDA705C762E951A/zXRmXLHPyFlppqWrpHLD6irSVc4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/zXRmXLHPyFlppqWrpHLD6irSVc4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F369BFA8/FBBFE27EB22111EF8BDA705C762E951A/9D0722C8B24511EF879E88B5762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.221.92.0/22
Signature Algorithm: sha256WithRSAEncryption
09:ab:7d:e3:5c:7f:8c:8e:70:2e:73:e3:a1:6b:6b:58:25:39:
db:76:ed:17:cf:bb:43:ee:e8:4a:18:40:9c:fc:cc:dc:d6:a8:
19:ac:4f:ae:49:4f:59:66:cc:89:5f:e2:b0:61:0a:92:8e:89:
0d:96:ea:68:28:04:11:53:03:3a:5a:72:cb:85:d5:ad:05:43:
07:f2:9c:76:e3:8c:c6:af:61:09:a4:92:c9:ce:15:06:97:d1:
f1:ee:fc:5e:dd:b0:b5:68:dc:b7:29:0c:68:67:97:6e:a6:e5:
28:0f:db:14:6c:55:0d:2d:31:fa:4b:51:24:0a:d8:8d:b2:8c:
66:fb:09:df:4e:ac:10:6f:18:18:bc:dc:e5:1d:f6:87:f4:d6:
2e:bc:61:b6:11:3c:ca:85:a5:cd:fe:b4:79:dc:39:36:70:2d:
10:84:ce:ae:86:54:c0:a5:9e:9f:99:34:3a:e4:2a:51:61:ce:
8d:6e:de:39:ed:fe:88:a6:7b:55:af:4e:b1:a1:df:93:c3:c4:
3a:ef:6b:aa:a9:1f:4b:81:92:f0:53:ef:44:72:3a:67:0e:ca:
07:82:4b:7f:92:60:57:73:f5:f5:5b:ce:d4:b4:5d:7e:1e:36:
ad:91:9b:34:5f:f5:c5:c7:e3:2a:9c:07:7e:6e:1b:de:73:88:
eb:0d:e3:0b
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY5
QkZBOEFGMTEwLwYDVQQFEyhDRDc0NjY1Q0IxQ0ZDODU5NjlBNkE1QUJBNDcyQzNF
QTJBRDI1NUNFMB4XDTI0MTIwNTEzNDIyOVoXDTI1MTIwNDEzNDIyOVowGDEWMBQG
A1UEAxMNNjc1MDVjNDktYTdlZDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALi2D8p6cnAbwP3PBfAS3wH4oicds6sC+czNMfHHyHPS7V2ckn0+w6hX4Fqn
3QcSZ5Ppl5ASZuTqRpD0C9zRbA/sDzjLG7I9atKtRFRFo9I6u+Kl+gtcUxg1lBKY
D2uiBfUO3+cVhzH6LdMAZ7MT1cQv3AqHRf3XgYNgseobFOGggaHHSeGCr/Yo/Vku
fjjEgQwZuvvpcHzcvgJkMazc2P5DLJZeqNocCMhaviwr70oG655ipH90/ur7GYk2
r89kJDK/kvLucuqUYt8Dxue9BM4LVtT3uQDNkTjBrJv5NwNQAaKSs1FaPqxUYnCy
v5tBOzgsbP9i4UaMyy3SqwBXVkUCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBQBM39T
izWungV4Sb/3U4KMD2LsCzAfBgNVHSMEGDAWgBTNdGZcsc/IWWmmpaukcsPqKtJV
zjAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2OUJGQTgvRkJCRkUyN0VCMjIxMTFFRjhCREE3MDVDNzYyRTk1MUEvelhSbVhM
SFB5RmxwcHFXcnBITEQ2aXJTVmM0LmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvelhSbVhMSFB5RmxwcHFXcnBITEQ2aXJTVmM0LmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2OUJGQTgvRkJCRkUyN0VCMjIxMTFFRjhCREE3MDVDNzYy
RTk1MUEvOUQwNzIyQzhCMjQ1MTFFRjg3OUU4OEI1NzYyRTk1MUEucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAmbdXDANBgkqhkiG9w0BAQsF
AAOCAQEACat941x/jI5wLnPjoWtrWCU523btF8+7Q+7oShhAnPzM3NaoGaxPrklP
WWbMiV/isGEKko6JDZbqaCgEEVMDOlpyy4XVrQVDB/KcduOMxq9hCaSSyc4VBpfR
8e78Xt2wtWjctykMaGeXbqblKA/bFGxVDS0x+ktRJArYjbKMZvsJ306sEG8YGLzc
5R32h/TWLrxhthE8yoWlzf60edw5NnAtEITOroZUwKWen5k0OuQqUWHOjW7eOe3+
iKZ7Va9OsaHfk8PEOu9rqqkfS4GS8FPvRHI6Zw7KB4JLf5JgV3P19VvO1LRdfh42
rZGbNF/1xcfjKpwHfm4b3nOI6w3jCw==
-----END CERTIFICATE-----
Generated at Wed Feb 5 15:02:47 2025 by rpki-client