Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/9D25ECAEDC8311EFA526E5B4762E951A.roa
File: 9D25ECAEDC8311EFA526E5B4762E951A.roa (raw, json)
Hash identifier: S72WFzt+iEfcaOGHrl2PJt391ETgbfGMU6rnYdMf7K8=
Subject key identifier: 1A:F8:EB:65:48:E1:8B:28:B2:5F:F6:C7:AC:7B:EA:6E:D3:52:CB:5E
Certificate issuer: /CN=F36C58D6AF/serialNumber=48A2F2C4AA4AEA39BE46BFE5F99C92629BBED8FC
Certificate serial: 1394
Authority key identifier: 48:A2:F2:C4:AA:4A:EA:39:BE:46:BF:E5:F9:9C:92:62:9B:BE:D8:FC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/9D25ECAEDC8311EFA526E5B4762E951A.roa
Signing time: Mon 27 Jan 2025 07:52:11 +0000
ROA not before: Mon 27 Jan 2025 07:52:07 +0000
ROA not after: Wed 27 Jan 2027 07:52:07 +0000
asID: 200181
IP address blocks: 102.165.23.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.crl
rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.mft
rsync://rpki.afrinic.net/repository/afrinic/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 08 Apr 2025 00:06:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5012 (0x1394)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36C58D6AF
Validity
Not Before: Jan 27 07:52:07 2025 GMT
Not After : Jan 27 07:52:07 2027 GMT
Subject: CN=67973b2b-da29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:d4:f8:fc:3f:7d:4a:90:7a:99:f6:00:6c:03:
ed:7e:29:db:4b:02:3b:25:dd:6b:f4:7d:42:59:49:
31:2c:64:55:4c:74:51:81:29:f6:6d:d8:a7:79:f2:
0a:82:f7:1c:28:50:bf:e8:e9:ff:3a:71:13:20:f0:
05:e3:5a:cf:7d:a8:91:dc:c2:29:bf:11:ee:0e:43:
60:d6:1e:3d:f7:c0:b5:0b:28:65:42:bb:ce:8f:14:
82:7a:2c:8e:63:43:81:b8:e0:e1:95:59:a8:42:c1:
9a:82:c7:27:db:1b:2c:cf:8d:31:91:ae:fb:58:a8:
76:0f:5a:70:5d:ff:1c:68:d0:f3:77:b9:1f:c8:53:
f8:76:84:d5:48:3c:19:42:0c:d4:99:42:87:a7:01:
b1:82:6e:df:47:69:a9:ae:0f:46:23:7d:46:65:51:
2a:59:d1:91:0b:4a:8e:b2:f5:8e:29:91:3c:74:9e:
1f:c1:49:31:69:0e:a9:e8:4a:2c:5d:40:ad:f8:d0:
4d:b5:2e:88:1f:1e:3b:1a:3e:95:21:0c:66:50:59:
29:0a:16:ba:8b:63:44:d4:36:3f:05:ea:39:a8:1a:
e9:bc:45:0a:49:fc:34:c3:4d:3e:fa:74:e4:33:77:
6d:f5:61:0d:43:eb:b8:eb:8f:29:c3:11:69:13:30:
b9:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:F8:EB:65:48:E1:8B:28:B2:5F:F6:C7:AC:7B:EA:6E:D3:52:CB:5E
X509v3 Authority Key Identifier:
keyid:48:A2:F2:C4:AA:4A:EA:39:BE:46:BF:E5:F9:9C:92:62:9B:BE:D8:FC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/9D25ECAEDC8311EFA526E5B4762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.165.23.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:39:48:69:fb:98:7e:fb:57:70:27:c0:f8:bf:88:0f:9f:e4:
f5:e8:91:b5:a8:f0:26:ff:d4:d4:f6:ce:9f:19:16:1a:11:df:
f4:47:35:9d:b6:82:2e:82:5c:78:90:e7:74:03:69:36:f9:52:
07:85:b9:c8:6d:68:8c:32:92:63:54:5e:6d:b0:4c:08:d3:65:
ba:bc:75:56:37:20:82:14:65:bc:95:38:b7:e0:a6:ec:40:d0:
2e:23:11:34:b8:6b:56:89:34:3a:3d:fc:8d:6d:a2:0f:cf:38:
99:e0:bb:05:f5:cf:b7:fd:18:c2:43:28:44:89:3e:bc:ec:db:
8a:aa:15:61:ef:f9:b1:79:1f:88:42:19:a7:98:19:3c:a8:ab:
e7:95:82:82:40:4b:99:9e:00:b2:46:b2:0a:50:25:12:9e:ee:
bf:e4:9d:0d:3a:b7:53:3b:f6:df:9e:6f:4e:26:4c:15:59:50:
ad:46:5f:b9:93:dc:97:e9:40:ed:ad:b6:28:9a:52:15:5a:8f:
8e:ca:cd:85:e3:d7:ff:72:fd:64:39:1c:27:7c:71:e6:39:97:
71:82:81:e4:6b:b0:43:b9:c2:bc:80:01:8f:e2:54:23:61:e6:
e7:61:03:cd:f1:60:03:e5:c3:e8:c9:12:f9:7d:8b:02:23:3b:
9d:ad:5e:59
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICE5QwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
QzU4RDZBRjExMC8GA1UEBRMoNDhBMkYyQzRBQTRBRUEzOUJFNDZCRkU1Rjk5Qzky
NjI5QkJFRDhGQzAeFw0yNTAxMjcwNzUyMDdaFw0yNzAxMjcwNzUyMDdaMBgxFjAU
BgNVBAMTDTY3OTczYjJiLWRhMjkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDp1Pj8P31KkHqZ9gBsA+1+KdtLAjsl3Wv0fUJZSTEsZFVMdFGBKfZt2Kd5
8gqC9xwoUL/o6f86cRMg8AXjWs99qJHcwim/Ee4OQ2DWHj33wLULKGVCu86PFIJ6
LI5jQ4G44OGVWahCwZqCxyfbGyzPjTGRrvtYqHYPWnBd/xxo0PN3uR/IU/h2hNVI
PBlCDNSZQoenAbGCbt9HaamuD0YjfUZlUSpZ0ZELSo6y9Y4pkTx0nh/BSTFpDqno
SixdQK340E21LogfHjsaPpUhDGZQWSkKFrqLY0TUNj8F6jmoGum8RQpJ/DTDTT76
dOQzd231YQ1D67jrjynDEWkTMLnNAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUGvjr
ZUjhiyiyX/bHrHvqbtNSy14wHwYDVR0jBBgwFoAUSKLyxKpK6jm+Rr/l+ZySYpu+
2PwwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkM1OEQ2L0Q2OUE0REZFNzMxNjExRTk5MTMzMDM3Q0Y4QUVBMjI4L1NLTHl4
S3BLNmptLVJyX2wtWnlTWXB1LTJQdy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL1NLTHl4S3BLNmptLVJyX2wtWnlTWXB1LTJQdy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkM1OEQ2L0Q2OUE0REZFNzMxNjExRTk5MTMzMDM3Q0Y4
QUVBMjI4LzlEMjVFQ0FFREM4MzExRUZBNTI2RTVCNDc2MkU5NTFBLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABmpRcwDQYJKoZIhvcNAQEL
BQADggEBAD45SGn7mH77V3AnwPi/iA+f5PXokbWo8Cb/1NT2zp8ZFhoR3/RHNZ22
gi6CXHiQ53QDaTb5UgeFuchtaIwykmNUXm2wTAjTZbq8dVY3IIIUZbyVOLfgpuxA
0C4jETS4a1aJNDo9/I1tog/POJnguwX1z7f9GMJDKESJPrzs24qqFWHv+bF5H4hC
GaeYGTyoq+eVgoJAS5meALJGsgpQJRKe7r/knQ06t1M79t+eb04mTBVZUK1GX7mT
3JfpQO2ttiiaUhVaj47KzYXj1/9y/WQ5HCd8ceY5l3GCgeRrsEO5wryAAY/iVCNh
5udhA83xYAPlw+jJEvl9iwIjO52tXlk=
-----END CERTIFICATE-----
Generated at Mon Apr 7 05:23:28 2025 by rpki-client