Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/442E0C2ABEDE11EFA3E5D770762E951A.roa
File: 442E0C2ABEDE11EFA3E5D770762E951A.roa (raw, json)
Hash identifier: vJ6yekeOlSX5ECiGLHX4FNQXx0Sw7c5MtINHqdAPT6I=
Subject key identifier: C4:1C:4B:61:B6:68:F0:4C:51:56:4A:8C:58:21:90:9C:D8:4C:7D:1C
Certificate issuer: /CN=F36C58D6AF/serialNumber=48A2F2C4AA4AEA39BE46BFE5F99C92629BBED8FC
Certificate serial: 132F
Authority key identifier: 48:A2:F2:C4:AA:4A:EA:39:BE:46:BF:E5:F9:9C:92:62:9B:BE:D8:FC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/442E0C2ABEDE11EFA3E5D770762E951A.roa
Signing time: Fri 20 Dec 2024 14:25:31 +0000
ROA not before: Fri 20 Dec 2024 14:25:27 +0000
ROA not after: Sun 20 Dec 2026 14:25:27 +0000
asID: 212384
IP address blocks: 102.129.195.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.crl
rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.mft
rsync://rpki.afrinic.net/repository/afrinic/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4911 (0x132f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36C58D6AF
Validity
Not Before: Dec 20 14:25:27 2024 GMT
Not After : Dec 20 14:25:27 2026 GMT
Subject: CN=67657e5b-1ad2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:8d:ad:35:49:38:3d:da:78:3a:80:97:89:5b:
e9:04:12:87:11:a1:bd:9b:bc:6f:70:2d:d7:94:b1:
ed:75:9f:f5:4b:3f:f3:bf:d2:f4:6a:e8:b9:e4:75:
92:31:4e:46:8e:86:84:6b:26:9e:0e:12:b9:f6:4b:
5b:55:58:57:e4:78:3e:fd:59:d9:e6:bf:3e:89:c5:
b0:4e:06:a5:18:7c:a4:22:c6:26:a5:38:98:4c:bb:
33:b7:49:fa:13:4a:f4:42:2f:09:a8:a8:a7:9e:53:
87:d0:5a:b7:fa:58:75:cd:9a:61:17:26:94:e8:55:
1b:7f:87:1b:10:39:ca:ca:ee:aa:7e:58:57:73:83:
c7:e8:25:6f:fb:aa:e1:48:47:95:1b:0a:02:e7:80:
89:fe:fe:0e:a4:b0:fc:33:1e:06:b2:c8:14:77:3c:
83:4d:a8:94:ff:af:42:8c:c1:56:a7:b3:f4:1e:ef:
81:b0:2f:9c:b1:e1:9e:29:67:0e:59:3f:2a:10:67:
a2:ae:48:2f:a9:cf:7e:d2:63:11:24:af:cb:cb:7d:
6d:16:bd:f2:20:39:c6:0d:df:0f:66:cc:89:b1:a5:
ab:4b:d7:30:5f:be:79:ff:04:b8:f4:a4:66:1b:3e:
fd:40:35:76:4c:f9:e2:68:49:4b:9e:b7:4c:11:07:
91:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:1C:4B:61:B6:68:F0:4C:51:56:4A:8C:58:21:90:9C:D8:4C:7D:1C
X509v3 Authority Key Identifier:
keyid:48:A2:F2:C4:AA:4A:EA:39:BE:46:BF:E5:F9:9C:92:62:9B:BE:D8:FC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/442E0C2ABEDE11EFA3E5D770762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.129.195.0/24
Signature Algorithm: sha256WithRSAEncryption
24:bb:13:92:dd:e3:45:4e:e5:52:b4:26:09:e1:c4:19:5f:eb:
1d:da:71:32:0c:f8:cd:6e:e5:13:79:27:af:3c:08:fa:fd:4b:
24:23:20:35:5a:e7:54:d2:6a:12:6d:50:75:87:16:06:25:2a:
be:35:5f:e3:02:1b:73:60:e1:6c:a9:0c:fa:ae:92:09:2f:c8:
19:33:91:98:e3:45:76:55:b0:4d:f8:2f:a0:9d:a5:1f:8e:48:
7a:6d:50:5c:f6:f6:6e:2e:15:a2:e6:69:b4:19:80:08:5d:76:
e3:7d:09:35:5b:a0:62:3c:4d:e4:7f:f5:f5:f3:2e:52:7d:9e:
47:9e:74:02:d6:71:c0:8a:6c:c4:cc:42:0c:bd:ca:92:89:77:
23:e8:ab:f6:38:d8:bb:b2:47:70:07:bf:bb:83:77:41:ea:8e:
4b:fc:ad:af:d9:b6:f5:11:b2:ba:ae:4c:67:b8:df:34:9e:71:
20:ee:65:5b:6c:12:ed:42:9f:33:30:15:e2:68:0b:86:14:8a:
96:30:fb:fc:a7:d2:a1:2d:b7:26:21:56:a6:53:79:73:97:28:
37:17:c0:11:00:10:2b:72:93:9c:ab:5f:ee:67:8c:93:9c:dc:
8a:01:ed:cd:47:fd:f8:74:10:62:e7:29:c3:ce:aa:ed:15:0f:
a4:d4:2f:62
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICEy8wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
QzU4RDZBRjExMC8GA1UEBRMoNDhBMkYyQzRBQTRBRUEzOUJFNDZCRkU1Rjk5Qzky
NjI5QkJFRDhGQzAeFw0yNDEyMjAxNDI1MjdaFw0yNjEyMjAxNDI1MjdaMBgxFjAU
BgNVBAMTDTY3NjU3ZTViLTFhZDIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC/ja01STg92ng6gJeJW+kEEocRob2bvG9wLdeUse11n/VLP/O/0vRq6Lnk
dZIxTkaOhoRrJp4OErn2S1tVWFfkeD79Wdnmvz6JxbBOBqUYfKQixialOJhMuzO3
SfoTSvRCLwmoqKeeU4fQWrf6WHXNmmEXJpToVRt/hxsQOcrK7qp+WFdzg8foJW/7
quFIR5UbCgLngIn+/g6ksPwzHgayyBR3PINNqJT/r0KMwVans/Qe74GwL5yx4Z4p
Zw5ZPyoQZ6KuSC+pz37SYxEkr8vLfW0WvfIgOcYN3w9mzImxpatL1zBfvnn/BLj0
pGYbPv1ANXZM+eJoSUuet0wRB5HjAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUxBxL
YbZo8ExRVkqMWCGQnNhMfRwwHwYDVR0jBBgwFoAUSKLyxKpK6jm+Rr/l+ZySYpu+
2PwwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkM1OEQ2L0Q2OUE0REZFNzMxNjExRTk5MTMzMDM3Q0Y4QUVBMjI4L1NLTHl4
S3BLNmptLVJyX2wtWnlTWXB1LTJQdy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL1NLTHl4S3BLNmptLVJyX2wtWnlTWXB1LTJQdy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkM1OEQ2L0Q2OUE0REZFNzMxNjExRTk5MTMzMDM3Q0Y4
QUVBMjI4LzQ0MkUwQzJBQkVERTExRUZBM0U1RDc3MDc2MkU5NTFBLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABmgcMwDQYJKoZIhvcNAQEL
BQADggEBACS7E5Ld40VO5VK0JgnhxBlf6x3acTIM+M1u5RN5J688CPr9SyQjIDVa
51TSahJtUHWHFgYlKr41X+MCG3Ng4WypDPqukgkvyBkzkZjjRXZVsE34L6CdpR+O
SHptUFz29m4uFaLmabQZgAhdduN9CTVboGI8TeR/9fXzLlJ9nkeedALWccCKbMTM
Qgy9ypKJdyPoq/Y42LuyR3AHv7uDd0Hqjkv8ra/ZtvURsrquTGe43zSecSDuZVts
Eu1CnzMwFeJoC4YUipYw+/yn0qEttyYhVqZTeXOXKDcXwBEAECtyk5yrX+5njJOc
3IoB7c1H/fh0EGLnKcPOqu0VD6TUL2I=
-----END CERTIFICATE-----
Generated at Fri Apr 4 20:14:39 2025 by rpki-client