Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/2B9524A4E78F11EE86C24E7C775412E6.roa
File: 2B9524A4E78F11EE86C24E7C775412E6.roa (raw, json)
Hash identifier: 8ASUQFR4vjBtTPqIzd5ww0IniNjgxXi57qSnOidBYa0=
Subject key identifier: 79:D1:33:FE:6B:26:F8:B3:E1:81:77:0B:DE:4F:23:DE:71:B4:89:2A
Certificate issuer: /CN=F36C58D6AF/serialNumber=48A2F2C4AA4AEA39BE46BFE5F99C92629BBED8FC
Certificate serial: 0FEB
Authority key identifier: 48:A2:F2:C4:AA:4A:EA:39:BE:46:BF:E5:F9:9C:92:62:9B:BE:D8:FC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/2B9524A4E78F11EE86C24E7C775412E6.roa
Signing time: Thu 21 Mar 2024 14:27:39 +0000
ROA not before: Thu 21 Mar 2024 14:27:36 +0000
ROA not after: Sat 21 Mar 2026 14:27:36 +0000
asID: 29802
IP address blocks: 102.129.224.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.crl
rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.mft
rsync://rpki.afrinic.net/repository/afrinic/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 18 Feb 2025 00:06:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4075 (0xfeb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36C58D6AF
Validity
Not Before: Mar 21 14:27:36 2024 GMT
Not After : Mar 21 14:27:36 2026 GMT
Subject: CN=65fc43db-c046
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:4a:18:a8:88:61:65:8d:de:7f:ba:32:ec:b6:
bf:1e:45:65:6b:58:37:f0:d2:e8:c7:d9:ec:0f:86:
e5:0a:4d:46:64:9e:ed:5c:05:2a:67:53:d0:a6:a0:
98:ad:da:47:03:9c:95:e1:6d:63:fa:46:6b:32:57:
96:f4:49:33:2b:e0:9d:83:88:09:fd:bc:71:8d:2c:
29:e5:53:95:be:32:6f:c3:92:58:a9:1b:be:47:1f:
df:c3:b8:d8:b7:58:f0:73:80:57:35:4a:3d:3a:b7:
8a:b5:74:97:d6:d0:78:e1:2c:e8:45:4a:74:b0:e9:
ae:09:42:24:c4:e9:77:20:68:dd:80:16:cd:0b:60:
22:b8:23:61:6b:3d:3a:de:03:67:05:00:38:f4:50:
8e:37:56:85:e0:8c:3b:94:94:e8:f1:8b:df:b2:d6:
7c:9b:de:42:6e:46:25:be:1c:de:8a:71:1b:36:b5:
da:25:aa:bf:5c:d2:7f:b2:ee:1a:9e:cb:e9:d1:44:
14:32:fb:27:5f:22:f6:b0:2b:94:a9:f2:1c:5a:f5:
97:91:fb:2c:f3:6d:43:56:26:81:a2:cb:d0:3a:13:
9b:71:0c:91:da:72:30:9c:ff:ea:f6:dd:dc:33:b9:
cd:8a:a2:60:15:a5:ac:a9:49:aa:5e:27:c4:dc:86:
9b:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:D1:33:FE:6B:26:F8:B3:E1:81:77:0B:DE:4F:23:DE:71:B4:89:2A
X509v3 Authority Key Identifier:
keyid:48:A2:F2:C4:AA:4A:EA:39:BE:46:BF:E5:F9:9C:92:62:9B:BE:D8:FC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/2B9524A4E78F11EE86C24E7C775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.129.224.0/24
Signature Algorithm: sha256WithRSAEncryption
63:7c:a3:7f:bb:20:d0:44:97:fb:f1:28:e4:97:4c:49:c5:ae:
c8:22:f9:b6:98:09:08:77:6e:e1:e2:a9:42:ca:e1:89:aa:57:
06:26:40:74:98:f2:6c:70:52:9f:81:d0:06:63:34:37:d9:52:
ac:93:a3:47:d7:07:f0:a9:84:f0:ac:8a:37:73:37:7d:57:45:
7f:6b:d0:01:71:d5:c5:cd:e1:bc:d8:be:df:35:50:4a:b9:38:
54:a4:32:65:6c:4a:ba:df:3f:e6:c1:53:e5:b7:a2:b0:8e:0e:
b1:52:5f:35:63:c7:51:fc:24:07:e8:65:81:f2:36:f8:ba:46:
5c:be:be:fc:10:dc:47:ff:d4:b7:67:85:cc:ad:4c:90:77:e4:
2b:52:45:cb:20:b5:e8:fb:60:99:de:81:a8:6e:6b:ac:21:76:
97:82:bf:b8:43:fc:bd:5b:83:f7:4c:b7:14:8b:93:05:22:52:
c2:3b:a3:de:95:7a:2f:ba:a7:66:6d:12:21:51:b4:f3:9b:3e:
eb:a6:54:ee:83:9e:66:a5:8b:dc:f8:00:69:92:88:9f:85:70:
9c:35:cf:0b:e3:7e:55:88:52:b5:b5:f2:cb:4b:12:b2:11:00:
b0:80:91:98:43:49:38:f8:aa:06:1e:2c:1c:27:91:cd:b2:18:
32:74:dc:93
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICD+swDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
QzU4RDZBRjExMC8GA1UEBRMoNDhBMkYyQzRBQTRBRUEzOUJFNDZCRkU1Rjk5Qzky
NjI5QkJFRDhGQzAeFw0yNDAzMjExNDI3MzZaFw0yNjAzMjExNDI3MzZaMBgxFjAU
BgNVBAMTDTY1ZmM0M2RiLWMwNDYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDUShioiGFljd5/ujLstr8eRWVrWDfw0ujH2ewPhuUKTUZknu1cBSpnU9Cm
oJit2kcDnJXhbWP6RmsyV5b0STMr4J2DiAn9vHGNLCnlU5W+Mm/DklipG75HH9/D
uNi3WPBzgFc1Sj06t4q1dJfW0HjhLOhFSnSw6a4JQiTE6XcgaN2AFs0LYCK4I2Fr
PTreA2cFADj0UI43VoXgjDuUlOjxi9+y1nyb3kJuRiW+HN6KcRs2tdolqr9c0n+y
7hqey+nRRBQy+ydfIvawK5Sp8hxa9ZeR+yzzbUNWJoGiy9A6E5txDJHacjCc/+r2
3dwzuc2KomAVpaypSapeJ8TchpsLAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUedEz
/msm+LPhgXcL3k8j3nG0iSowHwYDVR0jBBgwFoAUSKLyxKpK6jm+Rr/l+ZySYpu+
2PwwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkM1OEQ2L0Q2OUE0REZFNzMxNjExRTk5MTMzMDM3Q0Y4QUVBMjI4L1NLTHl4
S3BLNmptLVJyX2wtWnlTWXB1LTJQdy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL1NLTHl4S3BLNmptLVJyX2wtWnlTWXB1LTJQdy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkM1OEQ2L0Q2OUE0REZFNzMxNjExRTk5MTMzMDM3Q0Y4
QUVBMjI4LzJCOTUyNEE0RTc4RjExRUU4NkMyNEU3Qzc3NTQxMkU2LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABmgeAwDQYJKoZIhvcNAQEL
BQADggEBAGN8o3+7INBEl/vxKOSXTEnFrsgi+baYCQh3buHiqULK4YmqVwYmQHSY
8mxwUp+B0AZjNDfZUqyTo0fXB/CphPCsijdzN31XRX9r0AFx1cXN4bzYvt81UEq5
OFSkMmVsSrrfP+bBU+W3orCODrFSXzVjx1H8JAfoZYHyNvi6Rly+vvwQ3Ef/1Ldn
hcytTJB35CtSRcsgtej7YJnegahua6whdpeCv7hD/L1bg/dMtxSLkwUiUsI7o96V
ei+6p2ZtEiFRtPObPuumVO6Dnmali9z4AGmSiJ+FcJw1zwvjflWIUrW18stLErIR
ALCAkZhDSTj4qgYeLBwnkc2yGDJ03JM=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:48:07 2025 by rpki-client