Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36A0B3B/EC692812DFA311EFA7A90C4E762E951A/8500AAA4DFA511EFA4A0995A762E951A.roa
File: 8500AAA4DFA511EFA4A0995A762E951A.roa (raw, json)
Hash identifier: vzRjRuX2GZhGU/X4T8gnBdvjxS1YirPqGZKLuKJg1+Q=
Subject key identifier: 87:0A:C6:FB:95:68:6A:B1:D0:99:86:AC:44:DC:AE:AA:B4:E8:40:D8
Certificate issuer: /CN=F36A0B3BAF/serialNumber=3A7EA6123BB28B99B2ADCD2A59FB63898EE6A265
Certificate serial: 02
Authority key identifier: 3A:7E:A6:12:3B:B2:8B:99:B2:AD:CD:2A:59:FB:63:89:8E:E6:A2:65
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/On6mEjuyi5myrc0qWftjiY7momU.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36A0B3B/EC692812DFA311EFA7A90C4E762E951A/8500AAA4DFA511EFA4A0995A762E951A.roa
Signing time: Fri 31 Jan 2025 07:32:27 +0000
ROA not before: Fri 31 Jan 2025 07:32:23 +0000
ROA not after: Tue 31 Dec 2030 07:32:23 +0000
asID: 37328
IP address blocks: 196.43.215.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36A0B3B/EC692812DFA311EFA7A90C4E762E951A/On6mEjuyi5myrc0qWftjiY7momU.crl
rsync://rpki.afrinic.net/repository/member_repository/F36A0B3B/EC692812DFA311EFA7A90C4E762E951A/On6mEjuyi5myrc0qWftjiY7momU.mft
rsync://rpki.afrinic.net/repository/afrinic/On6mEjuyi5myrc0qWftjiY7momU.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 05 Apr 2025 03:24:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36A0B3BAF
Validity
Not Before: Jan 31 07:32:23 2025 GMT
Not After : Dec 31 07:32:23 2030 GMT
Subject: CN=679c7c8a-41b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:8e:22:1b:cc:cd:da:a6:cf:62:9a:95:33:b7:
25:1e:96:4f:30:1b:36:d8:c7:d7:50:22:bc:af:d4:
23:ed:3d:4e:89:a6:77:b8:0b:0f:99:02:3d:2b:d8:
e7:7b:33:f8:d9:8e:26:81:ab:20:51:b6:13:62:7a:
ac:d2:1f:89:c9:ad:69:f7:66:bd:91:7f:8a:bf:8b:
98:75:f2:3f:c0:0e:e0:82:f7:05:f5:65:90:e7:1d:
19:96:cd:59:16:ae:33:d9:5b:2d:09:ae:5f:4f:ad:
83:c4:08:32:98:e0:d5:c4:1e:b1:b2:67:ae:f5:8b:
87:20:ca:43:ce:fd:0d:f6:27:6f:b4:94:b7:a5:d9:
8e:7b:ac:4a:64:cb:82:2f:df:1a:45:ea:49:04:c6:
e9:d8:48:6b:61:30:7d:2a:41:18:b7:2d:cc:3c:f5:
e9:03:6b:4f:bb:6e:60:5b:e8:88:d8:55:4d:36:e8:
3f:f5:b7:05:91:61:43:e8:31:70:de:53:26:7f:c8:
71:50:67:2d:13:f3:8d:2e:77:0b:cf:af:70:c0:57:
5f:68:45:f8:c8:ca:06:3d:ed:d2:d5:bb:8d:36:94:
d8:9f:c3:76:83:77:c1:34:cf:5f:d7:9a:76:12:0c:
13:7c:e6:66:16:92:8e:b5:08:b4:07:66:37:0d:f6:
b6:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:0A:C6:FB:95:68:6A:B1:D0:99:86:AC:44:DC:AE:AA:B4:E8:40:D8
X509v3 Authority Key Identifier:
keyid:3A:7E:A6:12:3B:B2:8B:99:B2:AD:CD:2A:59:FB:63:89:8E:E6:A2:65
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36A0B3B/EC692812DFA311EFA7A90C4E762E951A/On6mEjuyi5myrc0qWftjiY7momU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/On6mEjuyi5myrc0qWftjiY7momU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36A0B3B/EC692812DFA311EFA7A90C4E762E951A/8500AAA4DFA511EFA4A0995A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
196.43.215.0/24
Signature Algorithm: sha256WithRSAEncryption
60:51:81:9c:f2:ce:72:42:35:21:0b:60:c9:3a:3f:b8:53:a4:
f6:18:b5:a0:00:bc:47:ce:cf:ad:d2:16:90:ce:6a:26:81:c3:
38:b4:04:0f:df:05:45:cc:ba:a3:c6:68:5d:4c:d6:c1:f2:ec:
59:d3:c5:01:2a:33:ec:4a:f1:d5:17:e6:bc:fe:7d:e7:d8:12:
be:98:62:3b:93:55:6f:0d:b3:de:1f:c1:ff:3b:b4:08:84:40:
f1:03:fe:4d:31:f2:ad:f8:ae:fb:52:db:6e:2a:1c:be:fb:d5:
76:5b:cc:2f:ff:41:8d:d1:d7:1e:a7:06:f7:75:8c:98:46:ab:
98:78:09:ab:eb:09:48:b3:d9:26:14:4e:93:11:b6:84:63:fa:
bf:7d:5c:b3:4a:aa:1b:1f:b5:f0:1f:9e:8d:18:c4:97:ce:a6:
8d:ff:8a:fa:1c:9e:01:94:3d:aa:bb:4d:cf:9f:86:78:dd:1b:
67:1c:ab:0d:ff:62:8d:0f:65:81:23:51:82:61:3b:a3:a1:60:
58:16:1d:c6:f0:6a:48:e0:02:7f:c8:f7:7f:fa:82:5e:fb:b5:
5c:86:af:11:b6:95:93:61:94:77:f0:2c:c3:db:87:a2:83:4a:
f4:ed:77:23:ef:23:0e:0e:03:9e:bc:60:be:e0:ab:22:69:91:
13:73:45:0f
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZB
MEIzQkFGMTEwLwYDVQQFEygzQTdFQTYxMjNCQjI4Qjk5QjJBRENEMkE1OUZCNjM4
OThFRTZBMjY1MB4XDTI1MDEzMTA3MzIyM1oXDTMwMTIzMTA3MzIyM1owGDEWMBQG
A1UEAxMNNjc5YzdjOGEtNDFiNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALeOIhvMzdqmz2KalTO3JR6WTzAbNtjH11AivK/UI+09Tommd7gLD5kCPSvY
53sz+NmOJoGrIFG2E2J6rNIficmtafdmvZF/ir+LmHXyP8AO4IL3BfVlkOcdGZbN
WRauM9lbLQmuX0+tg8QIMpjg1cQesbJnrvWLhyDKQ879DfYnb7SUt6XZjnusSmTL
gi/fGkXqSQTG6dhIa2EwfSpBGLctzDz16QNrT7tuYFvoiNhVTTboP/W3BZFhQ+gx
cN5TJn/IcVBnLRPzjS53C8+vcMBXX2hF+MjKBj3t0tW7jTaU2J/DdoN3wTTPX9ea
dhIME3zmZhaSjrUItAdmNw32tnsCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBSHCsb7
lWhqsdCZhqxE3K6qtOhA2DAfBgNVHSMEGDAWgBQ6fqYSO7KLmbKtzSpZ+2OJjuai
ZTAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2QTBCM0IvRUM2OTI4MTJERkEzMTFFRkE3QTkwQzRFNzYyRTk1MUEvT242bUVq
dXlpNW15cmMwcVdmdGppWTdtb21VLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvT242bUVqdXlpNW15cmMwcVdmdGppWTdtb21VLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2QTBCM0IvRUM2OTI4MTJERkEzMTFFRkE3QTkwQzRFNzYy
RTk1MUEvODUwMEFBQTRERkE1MTFFRkE0QTA5OTVBNzYyRTk1MUEucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMQr1zANBgkqhkiG9w0BAQsF
AAOCAQEAYFGBnPLOckI1IQtgyTo/uFOk9hi1oAC8R87PrdIWkM5qJoHDOLQED98F
Rcy6o8ZoXUzWwfLsWdPFASoz7Erx1RfmvP5959gSvphiO5NVbw2z3h/B/zu0CIRA
8QP+TTHyrfiu+1LbbiocvvvVdlvML/9BjdHXHqcG93WMmEarmHgJq+sJSLPZJhRO
kxG2hGP6v31cs0qqGx+18B+ejRjEl86mjf+K+hyeAZQ9qrtNz5+GeN0bZxyrDf9i
jQ9lgSNRgmE7o6FgWBYdxvBqSOACf8j3f/qCXvu1XIavEbaVk2GUd/Asw9uHooNK
9O13I+8jDg4DnrxgvuCrImmRE3NFDw==
-----END CERTIFICATE-----
Generated at Fri Apr 4 02:08:12 2025 by rpki-client