Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36BC80A/472EF5B2E75C11EC9D7F90D8F1222468/7510A490FBDA11EFA602538E762E951A.roa
File: 7510A490FBDA11EFA602538E762E951A.roa (raw, json)
Hash identifier: K8eoOxbyDzKOVr27RbOhGjO0ujSDpgusioRxfBEGdeg=
Subject key identifier: 44:B9:DD:13:5A:49:55:D9:0A:E1:92:D6:07:89:5D:7A:AA:FA:1B:42
Certificate issuer: /CN=F36BC80AAF/serialNumber=8C8F8CE2AD55B9366BEC6EDF492CD9C1498E0664
Certificate serial: 042B
Authority key identifier: 8C:8F:8C:E2:AD:55:B9:36:6B:EC:6E:DF:49:2C:D9:C1:49:8E:06:64
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/jI-M4q1VuTZr7G7fSSzZwUmOBmQ.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36BC80A/472EF5B2E75C11EC9D7F90D8F1222468/7510A490FBDA11EFA602538E762E951A.roa
Signing time: Sat 08 Mar 2025 05:01:56 +0000
ROA not before: Sat 08 Mar 2025 05:01:51 +0000
ROA not after: Sat 31 Mar 2035 05:01:51 +0000
asID: 59895
IP address blocks: 41.215.240.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36BC80A/472EF5B2E75C11EC9D7F90D8F1222468/jI-M4q1VuTZr7G7fSSzZwUmOBmQ.crl
rsync://rpki.afrinic.net/repository/member_repository/F36BC80A/472EF5B2E75C11EC9D7F90D8F1222468/jI-M4q1VuTZr7G7fSSzZwUmOBmQ.mft
rsync://rpki.afrinic.net/repository/afrinic/jI-M4q1VuTZr7G7fSSzZwUmOBmQ.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1067 (0x42b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36BC80AAF
Validity
Not Before: Mar 8 05:01:51 2025 GMT
Not After : Mar 31 05:01:51 2035 GMT
Subject: CN=67cbcf44-08a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:3f:72:1f:aa:89:40:74:46:7c:5d:71:ea:d1:
85:f8:77:7b:5c:d2:ba:61:5a:79:3b:d1:17:b1:4b:
be:c6:a3:75:59:c1:34:38:1d:8d:ee:34:1f:ba:61:
3f:11:7f:07:89:2c:fb:8c:d5:54:d6:1f:b8:ab:b8:
ac:9d:bf:f5:eb:c1:26:4e:ed:61:04:4e:ec:f7:b8:
cb:7a:60:94:7a:61:83:ad:0f:77:57:21:f6:62:97:
61:a6:78:a9:e1:e6:18:13:e4:27:f5:ab:74:4e:85:
ef:85:dd:c7:82:58:ce:81:b5:60:29:a0:04:2b:a5:
52:05:68:1c:5a:e9:e2:5b:c3:47:c1:1a:9d:11:ca:
3e:bf:05:e5:71:36:8c:73:98:cb:ad:76:f5:67:06:
0e:45:fc:f7:42:a9:5b:40:3b:e8:a2:6e:9c:18:95:
ef:12:74:8a:59:f9:ab:a6:1f:ef:3e:88:5d:15:ad:
97:38:eb:5f:4d:cc:30:38:90:2c:a0:7f:d0:b0:e8:
f8:3c:22:6b:b4:d9:38:7e:ca:5c:ca:5a:13:0a:3e:
f6:c2:2b:40:08:b5:cd:33:e3:87:ba:b7:df:54:cc:
ff:68:e5:f5:d7:29:71:40:b9:f8:1c:6f:9c:67:9a:
39:3a:df:06:ed:00:d1:90:6c:71:68:83:41:fe:4d:
17:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:B9:DD:13:5A:49:55:D9:0A:E1:92:D6:07:89:5D:7A:AA:FA:1B:42
X509v3 Authority Key Identifier:
keyid:8C:8F:8C:E2:AD:55:B9:36:6B:EC:6E:DF:49:2C:D9:C1:49:8E:06:64
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36BC80A/472EF5B2E75C11EC9D7F90D8F1222468/jI-M4q1VuTZr7G7fSSzZwUmOBmQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/jI-M4q1VuTZr7G7fSSzZwUmOBmQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36BC80A/472EF5B2E75C11EC9D7F90D8F1222468/7510A490FBDA11EFA602538E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
41.215.240.0/24
Signature Algorithm: sha256WithRSAEncryption
c1:df:91:81:9d:ef:79:fb:72:a1:f8:6e:bb:46:b3:92:70:01:
15:3d:a4:38:83:cf:a7:71:e7:de:65:dd:08:26:2b:b2:c2:26:
e8:39:d1:c5:b6:1e:40:e2:64:1b:fb:d0:da:17:21:32:9c:48:
ca:b2:2c:be:5a:9c:06:23:d7:46:38:90:d2:ba:10:db:ab:1b:
7c:57:d9:77:9d:ba:6d:ca:db:95:59:06:4b:17:10:b3:01:7a:
b8:09:4e:73:71:c3:63:47:03:0d:89:70:22:41:cf:19:0c:db:
f2:35:c6:72:ce:48:57:d1:9b:3e:ec:f4:36:bd:ef:a3:e3:db:
ed:72:40:cc:35:61:e4:62:f5:32:27:7f:42:8e:58:e4:23:bf:
7e:78:ac:b1:0c:5a:04:db:37:21:5b:95:37:33:59:7e:c8:a4:
50:6c:1c:bc:f7:f7:8f:43:3e:79:cf:4c:56:0a:56:c8:8f:bd:
d3:29:8f:fd:e4:a0:05:36:db:9b:96:f9:58:95:d3:11:37:a7:
b2:10:d4:da:32:63:d8:08:a8:65:2f:22:01:ff:7e:d4:f7:7a:
8a:7f:2e:97:7f:70:b2:b4:e7:68:54:17:bf:8b:43:ac:9e:71:
e8:75:79:bf:01:c5:0f:4f:0c:12:5f:4f:77:4a:90:c4:25:9e:
45:72:d3:14
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICBCswDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
QkM4MEFBRjExMC8GA1UEBRMoOEM4RjhDRTJBRDU1QjkzNjZCRUM2RURGNDkyQ0Q5
QzE0OThFMDY2NDAeFw0yNTAzMDgwNTAxNTFaFw0zNTAzMzEwNTAxNTFaMBgxFjAU
BgNVBAMTDTY3Y2JjZjQ0LTA4YTIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCvP3IfqolAdEZ8XXHq0YX4d3tc0rphWnk70RexS77Go3VZwTQ4HY3uNB+6
YT8RfweJLPuM1VTWH7iruKydv/XrwSZO7WEETuz3uMt6YJR6YYOtD3dXIfZil2Gm
eKnh5hgT5Cf1q3ROhe+F3ceCWM6BtWApoAQrpVIFaBxa6eJbw0fBGp0Ryj6/BeVx
NoxzmMutdvVnBg5F/PdCqVtAO+iibpwYle8SdIpZ+aumH+8+iF0VrZc4619NzDA4
kCygf9Cw6Pg8Imu02Th+ylzKWhMKPvbCK0AItc0z44e6t99UzP9o5fXXKXFAufgc
b5xnmjk63wbtANGQbHFog0H+TRc/AgMBAAGjggKlMIICoTAdBgNVHQ4EFgQURLnd
E1pJVdkK4ZLWB4ldeqr6G0IwHwYDVR0jBBgwFoAUjI+M4q1VuTZr7G7fSSzZwUmO
BmQwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkJDODBBLzQ3MkVGNUIyRTc1QzExRUM5RDdGOTBEOEYxMjIyNDY4L2pJLU00
cTFWdVRacjdHN2ZTU3pad1VtT0JtUS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL2pJLU00cTFWdVRacjdHN2ZTU3pad1VtT0JtUS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkJDODBBLzQ3MkVGNUIyRTc1QzExRUM5RDdGOTBEOEYx
MjIyNDY4Lzc1MTBBNDkwRkJEQTExRUZBNjAyNTM4RTc2MkU5NTFBLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAp1/AwDQYJKoZIhvcNAQEL
BQADggEBAMHfkYGd73n7cqH4brtGs5JwARU9pDiDz6dx595l3QgmK7LCJug50cW2
HkDiZBv70NoXITKcSMqyLL5anAYj10Y4kNK6ENurG3xX2Xedum3K25VZBksXELMB
ergJTnNxw2NHAw2JcCJBzxkM2/I1xnLOSFfRmz7s9Da976Pj2+1yQMw1YeRi9TIn
f0KOWOQjv354rLEMWgTbNyFblTczWX7IpFBsHLz3949DPnnPTFYKVsiPvdMpj/3k
oAU225uW+ViV0xE3p7IQ1NoyY9gIqGUvIgH/ftT3eop/Lpd/cLK052hUF7+LQ6ye
ceh1eb8BxQ9PDBJfT3dKkMQlnkVy0xQ=
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:56:17 2025 by rpki-client