Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36A854F/5E87C042B73411EDA8D4CCA4F1222468/557725A0B21511EF88D2448C762E951A.roa
File: 557725A0B21511EF88D2448C762E951A.roa (raw, json)
Hash identifier: opZztqXESofrVmYo2p5Jk1wm+34HapZU5YnopzpKiHA=
Subject key identifier: E0:DA:1A:26:BC:0E:67:D7:56:01:E7:EF:E6:54:44:D3:56:25:14:78
Certificate issuer: /CN=F36A854FAF/serialNumber=8BE4035BEBC9C83428B5A27BE85BAC966D76E5CB
Certificate serial: 02A7
Authority key identifier: 8B:E4:03:5B:EB:C9:C8:34:28:B5:A2:7B:E8:5B:AC:96:6D:76:E5:CB
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/i-QDW-vJyDQotaJ76Fuslm125cs.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36A854F/5E87C042B73411EDA8D4CCA4F1222468/557725A0B21511EF88D2448C762E951A.roa
Signing time: Wed 04 Dec 2024 07:56:57 +0000
ROA not before: Wed 04 Dec 2024 07:56:53 +0000
ROA not after: Fri 04 Dec 2026 07:56:53 +0000
asID: 37143
IP address blocks: 41.222.56.0/22 maxlen: 22
41.222.60.0/23 maxlen: 23
41.222.62.0/24 maxlen: 24
41.222.63.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36A854F/5E87C042B73411EDA8D4CCA4F1222468/i-QDW-vJyDQotaJ76Fuslm125cs.crl
rsync://rpki.afrinic.net/repository/member_repository/F36A854F/5E87C042B73411EDA8D4CCA4F1222468/i-QDW-vJyDQotaJ76Fuslm125cs.mft
rsync://rpki.afrinic.net/repository/afrinic/i-QDW-vJyDQotaJ76Fuslm125cs.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 11 Apr 2025 00:06:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 679 (0x2a7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36A854FAF
Validity
Not Before: Dec 4 07:56:53 2024 GMT
Not After : Dec 4 07:56:53 2026 GMT
Subject: CN=67500b49-32e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:6c:5c:b0:45:c7:70:95:6d:4e:2b:fb:f6:99:
e2:2c:46:e6:56:8c:12:e9:08:2c:83:b9:bf:45:36:
59:b7:e8:07:36:36:03:e5:78:a8:80:cd:f0:0f:5e:
03:79:77:7a:bb:5a:47:6d:22:6c:5c:55:58:43:7c:
13:84:84:5d:95:fd:ad:da:84:cb:a4:e9:15:d6:c8:
c8:f7:85:9b:8a:43:cb:28:53:9a:d9:c4:39:2c:4b:
59:42:96:eb:d6:ae:3c:0a:a3:47:64:35:bd:39:97:
4b:6e:b7:f9:9f:fd:e1:60:7b:06:f6:72:5b:1d:60:
fc:19:fe:0f:cc:07:be:d3:e8:aa:34:9e:d5:59:04:
46:0f:63:23:28:db:ea:da:93:72:91:5a:a0:08:01:
74:75:21:c9:5a:11:8f:92:bb:35:fa:86:fe:99:9f:
bb:f5:20:08:f0:a3:56:c2:81:70:b4:76:67:df:81:
a5:23:36:42:56:1b:58:3e:75:49:c3:69:de:9b:fd:
3f:6f:a7:9a:19:72:04:a4:e2:00:b3:f9:8a:83:b9:
d3:96:a5:55:df:c0:a0:e4:04:a3:98:1b:af:a5:a9:
f7:88:ae:a3:61:e4:cf:a7:4e:18:96:73:6d:7a:9c:
aa:dc:cd:04:14:4a:fb:97:7b:79:dc:34:33:7f:80:
3c:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:DA:1A:26:BC:0E:67:D7:56:01:E7:EF:E6:54:44:D3:56:25:14:78
X509v3 Authority Key Identifier:
keyid:8B:E4:03:5B:EB:C9:C8:34:28:B5:A2:7B:E8:5B:AC:96:6D:76:E5:CB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36A854F/5E87C042B73411EDA8D4CCA4F1222468/i-QDW-vJyDQotaJ76Fuslm125cs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/i-QDW-vJyDQotaJ76Fuslm125cs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36A854F/5E87C042B73411EDA8D4CCA4F1222468/557725A0B21511EF88D2448C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
41.222.56.0/21
Signature Algorithm: sha256WithRSAEncryption
8e:eb:a8:91:d2:43:28:c9:7a:fb:62:7e:ab:20:60:95:f0:a6:
7b:4a:b2:c9:39:df:f5:57:d7:5c:04:c7:f9:eb:30:83:45:47:
e7:a8:e8:08:84:b4:91:fc:07:21:cf:57:ba:2d:ec:d0:46:fe:
1f:df:ec:78:5e:e8:c0:8f:80:91:ab:a0:01:6a:cd:9e:43:56:
9d:dc:b8:6b:4a:17:cc:b4:ac:c9:f6:e0:72:cc:8e:7b:c0:ec:
2d:85:50:74:22:12:22:6f:2a:15:6c:68:5d:36:79:3b:58:6e:
51:a2:ac:a3:92:9a:b9:e3:1a:52:26:06:2b:97:36:d1:4b:32:
7c:ff:9d:43:28:6a:f8:ea:a2:8f:3f:f4:65:3d:b9:2b:26:cf:
5c:db:bf:05:0d:9e:25:df:89:83:e9:c9:d8:74:6d:48:04:99:
40:cb:4d:c6:b7:dc:8c:ec:59:f0:0e:7a:e6:c2:1e:20:b6:01:
2a:4e:04:7b:ce:40:0a:79:ea:d7:4f:dd:15:26:3f:5e:82:b7:
45:82:75:34:8e:08:99:1f:c5:a1:8b:10:fb:e3:53:22:2d:00:
4f:c4:ac:53:83:30:0a:90:73:94:78:84:8d:1b:86:60:94:60:
08:c5:dd:5d:5b:d4:68:71:f1:16:c5:26:f6:39:6c:25:c3:3f:
fc:9d:d1:5e
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICAqcwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
QTg1NEZBRjExMC8GA1UEBRMoOEJFNDAzNUJFQkM5QzgzNDI4QjVBMjdCRTg1QkFD
OTY2RDc2RTVDQjAeFw0yNDEyMDQwNzU2NTNaFw0yNjEyMDQwNzU2NTNaMBgxFjAU
BgNVBAMTDTY3NTAwYjQ5LTMyZTUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCjbFywRcdwlW1OK/v2meIsRuZWjBLpCCyDub9FNlm36Ac2NgPleKiAzfAP
XgN5d3q7WkdtImxcVVhDfBOEhF2V/a3ahMuk6RXWyMj3hZuKQ8soU5rZxDksS1lC
luvWrjwKo0dkNb05l0tut/mf/eFgewb2clsdYPwZ/g/MB77T6Ko0ntVZBEYPYyMo
2+rak3KRWqAIAXR1IclaEY+SuzX6hv6Zn7v1IAjwo1bCgXC0dmffgaUjNkJWG1g+
dUnDad6b/T9vp5oZcgSk4gCz+YqDudOWpVXfwKDkBKOYG6+lqfeIrqNh5M+nThiW
c216nKrczQQUSvuXe3ncNDN/gDwvAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQU4Noa
JrwOZ9dWAefv5lRE01YlFHgwHwYDVR0jBBgwFoAUi+QDW+vJyDQotaJ76Fuslm12
5cswDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkE4NTRGLzVFODdDMDQyQjczNDExRURBOEQ0Q0NBNEYxMjIyNDY4L2ktUURX
LXZKeURRb3RhSjc2RnVzbG0xMjVjcy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL2ktUURXLXZKeURRb3RhSjc2RnVzbG0xMjVjcy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkE4NTRGLzVFODdDMDQyQjczNDExRURBOEQ0Q0NBNEYx
MjIyNDY4LzU1NzcyNUEwQjIxNTExRUY4OEQyNDQ4Qzc2MkU5NTFBLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAMp3jgwDQYJKoZIhvcNAQEL
BQADggEBAI7rqJHSQyjJevtifqsgYJXwpntKssk53/VX11wEx/nrMINFR+eo6AiE
tJH8ByHPV7ot7NBG/h/f7Hhe6MCPgJGroAFqzZ5DVp3cuGtKF8y0rMn24HLMjnvA
7C2FUHQiEiJvKhVsaF02eTtYblGirKOSmrnjGlImBiuXNtFLMnz/nUMoavjqoo8/
9GU9uSsmz1zbvwUNniXfiYPpydh0bUgEmUDLTca33IzsWfAOeubCHiC2ASpOBHvO
QAp56tdP3RUmP16Ct0WCdTSOCJkfxaGLEPvjUyItAE/ErFODMAqQc5R4hI0bhmCU
YAjF3V1b1Ghx8RbFJvY5bCXDP/yd0V4=
-----END CERTIFICATE-----
Generated at Wed Apr 9 06:32:30 2025 by rpki-client