Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/76A051A0D7E711EF857EEBB7762E951A.roa
File: 76A051A0D7E711EF857EEBB7762E951A.roa (raw, json)
Hash identifier: NSw3npktfFQuwH3uXW1K0RyHZv9bAqnrbQ1ghdCOcmQ=
Subject key identifier: 6B:37:4E:0D:0F:84:C7:9D:22:D2:91:79:43:9A:FB:59:A3:BC:F1:6C
Certificate issuer: /CN=F36C58D6AF/serialNumber=48A2F2C4AA4AEA39BE46BFE5F99C92629BBED8FC
Certificate serial: 1376
Authority key identifier: 48:A2:F2:C4:AA:4A:EA:39:BE:46:BF:E5:F9:9C:92:62:9B:BE:D8:FC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/76A051A0D7E711EF857EEBB7762E951A.roa
Signing time: Tue 21 Jan 2025 11:04:20 +0000
ROA not before: Tue 21 Jan 2025 11:04:16 +0000
ROA not after: Thu 21 Jan 2027 11:04:16 +0000
asID: 834
IP address blocks: 102.129.209.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.crl
rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.mft
rsync://rpki.afrinic.net/repository/afrinic/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 08 Apr 2025 00:06:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4982 (0x1376)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36C58D6AF
Validity
Not Before: Jan 21 11:04:16 2025 GMT
Not After : Jan 21 11:04:16 2027 GMT
Subject: CN=678f7f34-41b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:ea:11:0a:e0:21:d4:13:b7:fc:9a:7d:72:f0:
e5:69:36:89:85:ac:49:48:b4:2e:ed:65:1e:cf:fd:
a7:4d:26:f8:22:03:c1:38:44:8a:02:1a:4d:13:10:
79:6f:8c:86:24:d2:b3:e2:75:3e:fe:8d:96:98:81:
60:60:c5:b5:0c:1e:6f:2e:33:03:9f:a6:d2:c9:53:
ca:f8:da:3e:ae:ee:ef:7f:66:82:6e:be:3d:37:fa:
56:ea:2b:2d:b8:98:25:b3:53:32:79:2a:c0:be:03:
37:c7:b6:50:c4:8b:af:e6:29:67:71:20:b4:39:2b:
03:e6:6a:d5:19:54:20:2e:e3:59:19:5c:6e:26:cc:
1e:fd:fc:8f:a0:ec:df:e5:b3:4f:ad:90:e4:3c:9e:
6d:3e:a1:6f:2e:18:12:9f:30:56:3a:49:78:b5:3b:
e6:0d:2f:ef:7b:b9:76:94:4d:f6:ab:1c:64:10:d1:
d0:04:a4:a8:55:12:20:4e:e7:2b:7c:a9:8d:f3:3b:
7f:ac:05:cc:aa:cd:c3:0c:cb:f6:12:bf:b9:ca:0a:
46:68:f2:49:b7:2c:b6:93:18:ff:c9:1a:2d:7d:1b:
46:81:8a:99:32:ba:5f:ed:29:bf:54:c6:f5:fd:94:
66:ac:82:3c:d9:5e:a9:30:b0:3f:7e:22:d1:9f:54:
f5:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:37:4E:0D:0F:84:C7:9D:22:D2:91:79:43:9A:FB:59:A3:BC:F1:6C
X509v3 Authority Key Identifier:
keyid:48:A2:F2:C4:AA:4A:EA:39:BE:46:BF:E5:F9:9C:92:62:9B:BE:D8:FC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/76A051A0D7E711EF857EEBB7762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.129.209.0/24
Signature Algorithm: sha256WithRSAEncryption
ab:ad:0a:73:4c:b8:f2:b8:db:48:ad:fe:a0:8f:a1:b6:0e:97:
6c:46:65:9b:d0:61:ed:fe:2d:ba:2c:02:aa:16:e9:e5:fe:b2:
a7:06:bb:80:f1:67:ba:7d:a4:3c:51:76:21:da:59:96:18:70:
bf:27:07:00:0c:fd:91:ff:1a:a9:f1:88:79:1e:a0:ca:61:4b:
bd:22:22:4a:90:44:18:20:61:f3:e3:6c:53:d9:ae:b4:ca:ba:
c1:52:64:a1:65:fd:fc:28:a1:96:b8:4c:b8:27:da:fc:60:fd:
32:42:32:33:e7:4d:ff:0e:30:c9:3d:f5:2d:97:50:6a:c5:ee:
05:49:0d:66:80:07:1c:fb:b5:dc:4c:38:d5:72:50:99:0b:2b:
af:08:2e:dc:f1:ee:f9:73:71:92:b1:60:e4:83:e3:47:5e:84:
cc:42:36:d9:bc:63:49:ef:3b:26:7e:2d:44:57:f4:0d:03:c8:
96:99:ec:c0:6e:bd:6b:ef:cf:8b:52:6b:dd:ec:04:d3:88:1c:
17:af:ef:56:d1:d5:63:cf:76:1e:50:0f:8e:22:cf:75:40:e7:
bb:c5:9c:e7:26:c8:c7:77:aa:dd:3e:9c:5f:22:22:7b:13:1a:
66:f3:92:6e:c7:cb:69:a1:ea:0a:a1:ea:8e:54:e8:39:33:56:
6d:61:39:93
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICE3YwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
QzU4RDZBRjExMC8GA1UEBRMoNDhBMkYyQzRBQTRBRUEzOUJFNDZCRkU1Rjk5Qzky
NjI5QkJFRDhGQzAeFw0yNTAxMjExMTA0MTZaFw0yNzAxMjExMTA0MTZaMBgxFjAU
BgNVBAMTDTY3OGY3ZjM0LTQxYjYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDe6hEK4CHUE7f8mn1y8OVpNomFrElItC7tZR7P/adNJvgiA8E4RIoCGk0T
EHlvjIYk0rPidT7+jZaYgWBgxbUMHm8uMwOfptLJU8r42j6u7u9/ZoJuvj03+lbq
Ky24mCWzUzJ5KsC+AzfHtlDEi6/mKWdxILQ5KwPmatUZVCAu41kZXG4mzB79/I+g
7N/ls0+tkOQ8nm0+oW8uGBKfMFY6SXi1O+YNL+97uXaUTfarHGQQ0dAEpKhVEiBO
5yt8qY3zO3+sBcyqzcMMy/YSv7nKCkZo8km3LLaTGP/JGi19G0aBipkyul/tKb9U
xvX9lGasgjzZXqkwsD9+ItGfVPWvAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUazdO
DQ+Ex50i0pF5Q5r7WaO88WwwHwYDVR0jBBgwFoAUSKLyxKpK6jm+Rr/l+ZySYpu+
2PwwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkM1OEQ2L0Q2OUE0REZFNzMxNjExRTk5MTMzMDM3Q0Y4QUVBMjI4L1NLTHl4
S3BLNmptLVJyX2wtWnlTWXB1LTJQdy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL1NLTHl4S3BLNmptLVJyX2wtWnlTWXB1LTJQdy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkM1OEQ2L0Q2OUE0REZFNzMxNjExRTk5MTMzMDM3Q0Y4
QUVBMjI4Lzc2QTA1MUEwRDdFNzExRUY4NTdFRUJCNzc2MkU5NTFBLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABmgdEwDQYJKoZIhvcNAQEL
BQADggEBAKutCnNMuPK420it/qCPobYOl2xGZZvQYe3+LbosAqoW6eX+sqcGu4Dx
Z7p9pDxRdiHaWZYYcL8nBwAM/ZH/GqnxiHkeoMphS70iIkqQRBggYfPjbFPZrrTK
usFSZKFl/fwooZa4TLgn2vxg/TJCMjPnTf8OMMk99S2XUGrF7gVJDWaABxz7tdxM
ONVyUJkLK68ILtzx7vlzcZKxYOSD40dehMxCNtm8Y0nvOyZ+LURX9A0DyJaZ7MBu
vWvvz4tSa93sBNOIHBev71bR1WPPdh5QD44iz3VA57vFnOcmyMd3qt0+nF8iInsT
Gmbzkm7Hy2mh6gqh6o5U6DkzVm1hOZM=
-----END CERTIFICATE-----
Generated at Mon Apr 7 09:19:13 2025 by rpki-client