Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36BD167/B4412F3CDEEC11EFBFCCA28B762E951A/33118CEEDEED11EF9E60BE8F762E951A.roa
File: 33118CEEDEED11EF9E60BE8F762E951A.roa (raw, json)
Hash identifier: K8ENITkMnzBekxQWyxCgmWl9dqPFaSKmVHDk+sLDAyo=
Subject key identifier: 4A:1B:3D:4D:D7:70:07:B7:83:97:37:94:6F:1A:CE:D5:17:86:F8:B0
Certificate issuer: /CN=F36BD167AF/serialNumber=A39B37E60D5C20E96EB5A20F45D22CEEF87FE5BC
Certificate serial: 02
Authority key identifier: A3:9B:37:E6:0D:5C:20:E9:6E:B5:A2:0F:45:D2:2C:EE:F8:7F:E5:BC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/o5s35g1cIOlutaIPRdIs7vh_5bw.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36BD167/B4412F3CDEEC11EFBFCCA28B762E951A/33118CEEDEED11EF9E60BE8F762E951A.roa
Signing time: Thu 30 Jan 2025 09:33:02 +0000
ROA not before: Thu 30 Jan 2025 09:32:58 +0000
ROA not after: Fri 01 Jan 2027 09:32:58 +0000
asID: 44592
IP address blocks: 102.210.60.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36BD167/B4412F3CDEEC11EFBFCCA28B762E951A/o5s35g1cIOlutaIPRdIs7vh_5bw.crl
rsync://rpki.afrinic.net/repository/member_repository/F36BD167/B4412F3CDEEC11EFBFCCA28B762E951A/o5s35g1cIOlutaIPRdIs7vh_5bw.mft
rsync://rpki.afrinic.net/repository/afrinic/o5s35g1cIOlutaIPRdIs7vh_5bw.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 05 Apr 2025 03:23:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36BD167AF
Validity
Not Before: Jan 30 09:32:58 2025 GMT
Not After : Jan 1 09:32:58 2027 GMT
Subject: CN=679b474e-885c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:26:59:8d:e9:0d:b5:23:77:15:ee:b5:7d:38:
f9:6e:e7:13:01:56:5a:c0:93:78:6b:9d:07:eb:6f:
e3:dc:d2:3a:55:d9:1b:40:c0:fb:cd:02:44:cf:29:
25:40:66:d5:24:df:5a:6e:5c:18:a4:76:8c:eb:4e:
51:3e:79:38:58:a6:cd:f6:f6:92:cd:8d:5a:64:28:
0a:db:03:74:d9:f8:d5:1e:16:05:6d:d4:dd:29:9b:
2a:a0:7e:0d:54:3c:a2:62:c3:24:e5:a6:95:b7:5f:
fb:68:bd:c0:cd:03:9b:ff:a9:61:b5:cc:1b:99:bb:
55:fa:14:56:4e:98:d7:e3:be:a9:65:b9:ac:67:d4:
14:54:89:a1:2e:fa:a2:bc:f3:da:c5:bb:ef:7a:c2:
ca:8c:31:f2:58:da:bd:18:fd:79:28:4f:74:d5:90:
48:c7:2a:ae:20:62:7e:af:b6:61:2e:ec:b5:02:56:
e7:ca:1d:04:93:f8:2f:dc:e1:04:b6:1d:90:82:f6:
e0:a2:b1:79:4f:16:b0:29:2b:b4:2a:ef:7e:f1:1f:
e5:57:39:1c:6f:8a:bb:10:e1:46:cf:88:d5:bc:a8:
8d:9a:f3:06:ae:0c:5c:29:6e:42:0e:a5:5e:01:48:
79:49:ea:69:70:e0:90:5d:8d:d8:89:4f:79:2d:25:
ed:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:1B:3D:4D:D7:70:07:B7:83:97:37:94:6F:1A:CE:D5:17:86:F8:B0
X509v3 Authority Key Identifier:
keyid:A3:9B:37:E6:0D:5C:20:E9:6E:B5:A2:0F:45:D2:2C:EE:F8:7F:E5:BC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36BD167/B4412F3CDEEC11EFBFCCA28B762E951A/o5s35g1cIOlutaIPRdIs7vh_5bw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/o5s35g1cIOlutaIPRdIs7vh_5bw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36BD167/B4412F3CDEEC11EFBFCCA28B762E951A/33118CEEDEED11EF9E60BE8F762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.210.60.0/22
Signature Algorithm: sha256WithRSAEncryption
52:15:0c:bb:5d:3d:ad:1d:a7:58:64:a4:f7:51:b2:b8:ca:45:
25:ad:7f:28:91:dc:3f:21:95:85:32:32:a2:7f:fb:33:7f:09:
c1:50:50:a8:f3:01:07:85:ae:a9:da:b1:9e:ee:3a:fb:7d:f7:
75:d6:cd:e1:2d:41:c0:d4:37:0f:89:0d:57:50:b6:95:ee:f7:
0a:a1:31:7f:15:b0:1a:c2:84:39:be:a8:75:f5:d4:89:fc:1d:
58:bc:0e:b4:c7:6e:bf:14:db:11:8a:88:6f:c8:a5:a8:3a:34:
57:0c:f6:08:86:1a:0b:da:78:b4:b0:a6:5e:13:94:8d:b3:dc:
15:d9:09:88:e5:2b:41:df:0f:b6:4d:a7:65:6b:d2:a5:c2:dc:
f8:a9:2d:06:5a:58:cd:80:13:8a:b1:c3:2f:e9:56:e2:7d:f0:
db:36:48:bd:65:50:0e:20:e2:7f:30:58:17:a3:3c:c6:17:1a:
73:7f:a7:ff:03:80:34:6a:a5:ae:f3:09:a8:4f:c0:5b:66:cc:
31:74:9b:68:20:4c:1f:71:4a:1d:76:92:32:4f:92:de:c2:d8:
ca:b0:fd:74:86:27:12:3a:cf:2d:c1:df:32:11:6c:c3:fe:dd:
60:06:85:c9:64:7a:26:e6:fb:67:c4:93:6f:53:7d:80:07:d4:
fc:94:a9:51
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZC
RDE2N0FGMTEwLwYDVQQFEyhBMzlCMzdFNjBENUMyMEU5NkVCNUEyMEY0NUQyMkNF
RUY4N0ZFNUJDMB4XDTI1MDEzMDA5MzI1OFoXDTI3MDEwMTA5MzI1OFowGDEWMBQG
A1UEAxMNNjc5YjQ3NGUtODg1YzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMImWY3pDbUjdxXutX04+W7nEwFWWsCTeGudB+tv49zSOlXZG0DA+80CRM8p
JUBm1STfWm5cGKR2jOtOUT55OFimzfb2ks2NWmQoCtsDdNn41R4WBW3U3SmbKqB+
DVQ8omLDJOWmlbdf+2i9wM0Dm/+pYbXMG5m7VfoUVk6Y1+O+qWW5rGfUFFSJoS76
orzz2sW773rCyowx8ljavRj9eShPdNWQSMcqriBifq+2YS7stQJW58odBJP4L9zh
BLYdkIL24KKxeU8WsCkrtCrvfvEf5Vc5HG+KuxDhRs+I1byojZrzBq4MXCluQg6l
XgFIeUnqaXDgkF2N2IlPeS0l7fsCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBRKGz1N
13AHt4OXN5RvGs7VF4b4sDAfBgNVHSMEGDAWgBSjmzfmDVwg6W61og9F0izu+H/l
vDAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2QkQxNjcvQjQ0MTJGM0NERUVDMTFFRkJGQ0NBMjhCNzYyRTk1MUEvbzVzMzVn
MWNJT2x1dGFJUFJkSXM3dmhfNWJ3LmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvbzVzMzVnMWNJT2x1dGFJUFJkSXM3dmhfNWJ3LmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2QkQxNjcvQjQ0MTJGM0NERUVDMTFFRkJGQ0NBMjhCNzYy
RTk1MUEvMzMxMThDRUVERUVEMTFFRjlFNjBCRThGNzYyRTk1MUEucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAmbSPDANBgkqhkiG9w0BAQsF
AAOCAQEAUhUMu109rR2nWGSk91GyuMpFJa1/KJHcPyGVhTIyon/7M38JwVBQqPMB
B4Wuqdqxnu46+333ddbN4S1BwNQ3D4kNV1C2le73CqExfxWwGsKEOb6odfXUifwd
WLwOtMduvxTbEYqIb8ilqDo0Vwz2CIYaC9p4tLCmXhOUjbPcFdkJiOUrQd8Ptk2n
ZWvSpcLc+KktBlpYzYATirHDL+lW4n3w2zZIvWVQDiDifzBYF6M8xhcac3+n/wOA
NGqlrvMJqE/AW2bMMXSbaCBMH3FKHXaSMk+S3sLYyrD9dIYnEjrPLcHfMhFsw/7d
YAaFyWR6Jub7Z8STb1N9gAfU/JSpUQ==
-----END CERTIFICATE-----
Generated at Fri Apr 4 02:11:44 2025 by rpki-client