Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36BC80A/472EF5B2E75C11EC9D7F90D8F1222468/5673440CFCAC11EF9614E491762E951A.roa
File: 5673440CFCAC11EF9614E491762E951A.roa (raw, json)
Hash identifier: 6r9fkhk67fd1QL6JR1kRn7YKpBT/BIiBUWKwgxbcGDI=
Subject key identifier: EC:B0:24:81:02:2D:88:80:C2:75:26:F3:F1:2C:2B:16:45:24:BA:88
Certificate issuer: /CN=F36BC80AAF/serialNumber=8C8F8CE2AD55B9366BEC6EDF492CD9C1498E0664
Certificate serial: 043A
Authority key identifier: 8C:8F:8C:E2:AD:55:B9:36:6B:EC:6E:DF:49:2C:D9:C1:49:8E:06:64
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/jI-M4q1VuTZr7G7fSSzZwUmOBmQ.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36BC80A/472EF5B2E75C11EC9D7F90D8F1222468/5673440CFCAC11EF9614E491762E951A.roa
Signing time: Sun 09 Mar 2025 06:04:19 +0000
ROA not before: Sun 09 Mar 2025 06:04:15 +0000
ROA not after: Sat 31 Mar 2035 06:04:15 +0000
asID: 33785
IP address blocks: 41.77.139.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36BC80A/472EF5B2E75C11EC9D7F90D8F1222468/jI-M4q1VuTZr7G7fSSzZwUmOBmQ.crl
rsync://rpki.afrinic.net/repository/member_repository/F36BC80A/472EF5B2E75C11EC9D7F90D8F1222468/jI-M4q1VuTZr7G7fSSzZwUmOBmQ.mft
rsync://rpki.afrinic.net/repository/afrinic/jI-M4q1VuTZr7G7fSSzZwUmOBmQ.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1082 (0x43a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36BC80AAF
Validity
Not Before: Mar 9 06:04:15 2025 GMT
Not After : Mar 31 06:04:15 2035 GMT
Subject: CN=67cd2f63-1d7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:28:51:c7:c9:a4:4c:af:a6:7b:ad:87:56:7a:
91:3d:eb:ff:fb:3f:04:b3:10:ab:d5:6b:7c:67:40:
58:e6:3b:a9:e1:f8:1e:b6:f6:4f:66:67:8f:a4:52:
eb:7d:b5:ca:4f:f7:3e:10:b7:01:50:69:c4:48:6f:
e1:8e:01:ab:5d:f0:48:54:17:11:64:9c:f3:4f:34:
ad:b7:c4:a6:67:70:a7:d5:0e:05:3e:45:6b:ed:38:
cf:fa:9e:78:c8:2f:7d:ca:eb:d4:8c:57:1f:a4:0b:
7c:98:88:74:4c:aa:82:08:0e:48:68:3e:05:67:a6:
e4:c2:82:84:f6:35:ed:8c:a1:95:b8:0c:23:d6:05:
7f:b9:71:ea:8f:ed:e5:72:26:2e:c1:9d:e4:7f:fc:
1f:7d:c8:cf:58:bb:d5:04:e5:29:68:2f:c6:ca:6f:
ef:3b:a9:da:dd:b0:0d:18:8c:bb:56:2e:df:18:c0:
de:42:f9:d1:88:c2:f3:4e:2f:d7:d0:2e:d0:a7:d5:
63:35:ed:3b:f6:bd:72:b1:91:8c:db:25:87:de:87:
7c:22:05:49:33:30:5d:a6:c5:77:9f:61:57:fb:25:
19:2c:5a:ef:bd:d7:7f:03:30:5b:f0:62:2e:a2:65:
bc:4b:d1:15:c8:65:27:77:95:f7:38:e5:60:18:34:
70:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:B0:24:81:02:2D:88:80:C2:75:26:F3:F1:2C:2B:16:45:24:BA:88
X509v3 Authority Key Identifier:
keyid:8C:8F:8C:E2:AD:55:B9:36:6B:EC:6E:DF:49:2C:D9:C1:49:8E:06:64
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36BC80A/472EF5B2E75C11EC9D7F90D8F1222468/jI-M4q1VuTZr7G7fSSzZwUmOBmQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/jI-M4q1VuTZr7G7fSSzZwUmOBmQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36BC80A/472EF5B2E75C11EC9D7F90D8F1222468/5673440CFCAC11EF9614E491762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
41.77.139.0/24
Signature Algorithm: sha256WithRSAEncryption
46:62:bd:f4:6c:64:5c:9e:3e:d4:1e:30:2a:b0:5e:e1:fd:bb:
0c:fc:db:ce:3b:4c:57:19:4a:bc:c2:f1:24:e8:79:c4:6d:bb:
15:df:ed:bf:9c:5c:d9:d5:62:30:2a:95:5f:e9:7f:e3:8e:ab:
7d:9b:43:8a:93:21:31:61:4b:40:ee:85:cc:54:55:9a:18:f3:
fb:e1:46:e0:c2:fe:9e:44:2c:6e:a1:59:b0:10:18:4c:07:4a:
ab:e2:f8:d3:d9:3c:bb:9b:92:1a:df:ab:d4:c8:c7:fd:6c:55:
15:b0:ed:21:8f:4b:b3:77:32:aa:32:aa:12:3e:06:c7:1e:09:
57:38:f8:5b:ee:d0:72:60:fd:36:b2:b4:fc:72:6c:b3:4a:db:
81:02:0e:09:9b:64:9b:06:05:4f:5e:a5:b6:ed:49:e9:77:b4:
ce:50:9a:e8:06:ca:f3:3b:02:55:7d:48:44:fb:6b:89:70:93:
ee:89:77:00:75:46:47:c3:b9:7c:1d:fb:b6:e3:8a:4f:04:da:
8a:3b:34:f4:e2:d7:8f:af:08:19:3b:78:33:fc:1e:cf:e4:08:
37:dc:43:a1:24:be:35:a8:21:c6:91:dc:13:62:bd:12:77:8e:
bf:a4:4e:00:40:c6:3a:e2:91:aa:d7:64:20:2e:08:59:e7:19:
d6:da:5f:60
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICBDowDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
QkM4MEFBRjExMC8GA1UEBRMoOEM4RjhDRTJBRDU1QjkzNjZCRUM2RURGNDkyQ0Q5
QzE0OThFMDY2NDAeFw0yNTAzMDkwNjA0MTVaFw0zNTAzMzEwNjA0MTVaMBgxFjAU
BgNVBAMTDTY3Y2QyZjYzLTFkN2MwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDAKFHHyaRMr6Z7rYdWepE96//7PwSzEKvVa3xnQFjmO6nh+B629k9mZ4+k
Uut9tcpP9z4QtwFQacRIb+GOAatd8EhUFxFknPNPNK23xKZncKfVDgU+RWvtOM/6
nnjIL33K69SMVx+kC3yYiHRMqoIIDkhoPgVnpuTCgoT2Ne2MoZW4DCPWBX+5ceqP
7eVyJi7BneR//B99yM9Yu9UE5SloL8bKb+87qdrdsA0YjLtWLt8YwN5C+dGIwvNO
L9fQLtCn1WM17Tv2vXKxkYzbJYfeh3wiBUkzMF2mxXefYVf7JRksWu+9138DMFvw
Yi6iZbxL0RXIZSd3lfc45WAYNHDBAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQU7LAk
gQItiIDCdSbz8SwrFkUkuogwHwYDVR0jBBgwFoAUjI+M4q1VuTZr7G7fSSzZwUmO
BmQwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkJDODBBLzQ3MkVGNUIyRTc1QzExRUM5RDdGOTBEOEYxMjIyNDY4L2pJLU00
cTFWdVRacjdHN2ZTU3pad1VtT0JtUS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL2pJLU00cTFWdVRacjdHN2ZTU3pad1VtT0JtUS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkJDODBBLzQ3MkVGNUIyRTc1QzExRUM5RDdGOTBEOEYx
MjIyNDY4LzU2NzM0NDBDRkNBQzExRUY5NjE0RTQ5MTc2MkU5NTFBLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAApTYswDQYJKoZIhvcNAQEL
BQADggEBAEZivfRsZFyePtQeMCqwXuH9uwz82847TFcZSrzC8SToecRtuxXf7b+c
XNnVYjAqlV/pf+OOq32bQ4qTITFhS0DuhcxUVZoY8/vhRuDC/p5ELG6hWbAQGEwH
Sqvi+NPZPLubkhrfq9TIx/1sVRWw7SGPS7N3MqoyqhI+BsceCVc4+Fvu0HJg/Tay
tPxybLNK24ECDgmbZJsGBU9epbbtSel3tM5QmugGyvM7AlV9SET7a4lwk+6JdwB1
RkfDuXwd+7bjik8E2oo7NPTi14+vCBk7eDP8Hs/kCDfcQ6EkvjWoIcaR3BNivRJ3
jr+kTgBAxjrikarXZCAuCFnnGdbaX2A=
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:56:35 2025 by rpki-client