Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/C7D81AC6D0AE11EE9B0E5473775412E6.roa
File: C7D81AC6D0AE11EE9B0E5473775412E6.roa (raw, json)
Hash identifier: QortHdMR8dZcfOpn/X/+eg4TyRCyoXittfJep+XTxAw=
Subject key identifier: 59:BB:9A:1E:80:CF:12:4C:97:76:B8:5A:60:21:08:FB:89:39:F9:B5
Certificate issuer: /CN=F36C58D6AF/serialNumber=48A2F2C4AA4AEA39BE46BFE5F99C92629BBED8FC
Certificate serial: 0F79
Authority key identifier: 48:A2:F2:C4:AA:4A:EA:39:BE:46:BF:E5:F9:9C:92:62:9B:BE:D8:FC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/C7D81AC6D0AE11EE9B0E5473775412E6.roa
Signing time: Wed 21 Feb 2024 11:45:59 +0000
ROA not before: Wed 21 Feb 2024 11:45:56 +0000
ROA not after: Sat 21 Feb 2026 11:45:56 +0000
asID: 61317
IP address blocks: 102.165.8.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.crl
rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.mft
rsync://rpki.afrinic.net/repository/afrinic/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 18 Feb 2025 00:06:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3961 (0xf79)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36C58D6AF
Validity
Not Before: Feb 21 11:45:56 2024 GMT
Not After : Feb 21 11:45:56 2026 GMT
Subject: CN=65d5e277-cff8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:fa:a5:c9:7b:c2:15:1e:2d:18:ae:2d:b0:5c:
18:ec:56:4d:b3:27:16:5b:74:09:00:df:ae:16:4f:
b6:30:42:08:00:b4:19:2d:f4:42:af:76:00:96:ce:
ad:7a:4e:de:23:79:41:05:84:4c:11:2a:90:1d:4e:
ff:29:b4:00:84:b0:1d:71:e5:fe:e9:e1:6a:10:e0:
0c:fc:99:48:7e:d5:42:4e:f5:72:77:23:5a:ee:64:
b4:ba:97:b1:4d:fc:85:36:d0:0b:8a:28:7c:9b:31:
d3:02:52:d9:46:b6:08:2c:de:fb:55:96:d7:38:2d:
fd:0c:7a:66:4f:4b:6e:61:f4:4b:c3:46:8d:de:a6:
c4:63:63:06:a6:57:6b:10:e2:3e:0e:31:63:5e:6f:
2b:b3:5b:b3:38:c8:f1:ed:49:73:62:dd:0c:26:f9:
2a:47:bf:dc:03:52:cd:24:c4:ec:fb:ec:f8:ca:17:
72:cb:f6:f3:fa:97:e6:7c:84:30:48:ab:c7:3b:a7:
08:09:0f:13:d9:bb:18:5b:c9:9b:14:1c:7a:44:23:
f5:90:cf:0c:b3:ed:3f:d3:0b:61:37:af:10:9e:8a:
c9:52:17:62:d2:3c:5a:5e:3f:24:38:e5:c7:40:44:
8b:02:39:dd:54:62:5b:df:93:ee:3f:50:39:1d:66:
52:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:BB:9A:1E:80:CF:12:4C:97:76:B8:5A:60:21:08:FB:89:39:F9:B5
X509v3 Authority Key Identifier:
keyid:48:A2:F2:C4:AA:4A:EA:39:BE:46:BF:E5:F9:9C:92:62:9B:BE:D8:FC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/C7D81AC6D0AE11EE9B0E5473775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.165.8.0/24
Signature Algorithm: sha256WithRSAEncryption
91:ea:9a:38:da:7a:4d:95:2d:32:07:f5:ad:87:0c:28:51:46:
b9:16:12:10:05:30:d0:17:1b:bb:02:ad:f3:ac:fb:12:c4:4d:
89:c6:e8:b6:cf:09:50:e1:2e:89:3a:9a:21:cd:01:9d:d4:23:
1e:7e:07:86:d1:52:24:ef:ae:49:4b:f8:b1:58:96:27:4e:40:
f1:c4:4c:4c:87:a0:d8:57:1e:15:d9:af:c9:4d:e2:01:e6:dc:
33:26:f0:2e:7a:59:9c:b6:81:c0:7d:b4:78:d0:2c:3f:d7:e5:
88:2a:d0:66:0b:89:49:85:59:aa:d0:cb:ce:b9:b1:b9:11:0a:
cc:fb:77:f4:80:4a:ad:0c:c4:c3:13:42:af:8c:e9:bb:b5:c1:
3d:ad:8b:cb:a5:3f:c4:65:f8:5c:fc:e2:d1:ee:aa:11:63:4b:
4f:f4:c9:67:5f:b4:9f:ba:90:7c:3c:10:0c:e3:08:d7:d1:4e:
e5:ef:04:a1:c9:42:d4:f3:78:aa:c3:ad:bb:5c:0d:fe:63:da:
f6:3e:ea:e1:a7:ae:fe:24:7c:96:8d:cd:21:2a:57:75:7c:09:
21:a6:c2:30:b4:95:39:e3:64:d8:95:4d:aa:8a:6f:5a:58:b0:
f4:b7:53:af:7a:df:48:a4:9d:2f:78:92:11:82:c3:8d:5d:04:
d8:9b:2f:33
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICD3kwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
QzU4RDZBRjExMC8GA1UEBRMoNDhBMkYyQzRBQTRBRUEzOUJFNDZCRkU1Rjk5Qzky
NjI5QkJFRDhGQzAeFw0yNDAyMjExMTQ1NTZaFw0yNjAyMjExMTQ1NTZaMBgxFjAU
BgNVBAMTDTY1ZDVlMjc3LWNmZjgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCd+qXJe8IVHi0Yri2wXBjsVk2zJxZbdAkA364WT7YwQggAtBkt9EKvdgCW
zq16Tt4jeUEFhEwRKpAdTv8ptACEsB1x5f7p4WoQ4Az8mUh+1UJO9XJ3I1ruZLS6
l7FN/IU20AuKKHybMdMCUtlGtggs3vtVltc4Lf0MemZPS25h9EvDRo3epsRjYwam
V2sQ4j4OMWNebyuzW7M4yPHtSXNi3Qwm+SpHv9wDUs0kxOz77PjKF3LL9vP6l+Z8
hDBIq8c7pwgJDxPZuxhbyZsUHHpEI/WQzwyz7T/TC2E3rxCeislSF2LSPFpePyQ4
5cdARIsCOd1UYlvfk+4/UDkdZlKHAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUWbua
HoDPEkyXdrhaYCEI+4k5+bUwHwYDVR0jBBgwFoAUSKLyxKpK6jm+Rr/l+ZySYpu+
2PwwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkM1OEQ2L0Q2OUE0REZFNzMxNjExRTk5MTMzMDM3Q0Y4QUVBMjI4L1NLTHl4
S3BLNmptLVJyX2wtWnlTWXB1LTJQdy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL1NLTHl4S3BLNmptLVJyX2wtWnlTWXB1LTJQdy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkM1OEQ2L0Q2OUE0REZFNzMxNjExRTk5MTMzMDM3Q0Y4
QUVBMjI4L0M3RDgxQUM2RDBBRTExRUU5QjBFNTQ3Mzc3NTQxMkU2LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABmpQgwDQYJKoZIhvcNAQEL
BQADggEBAJHqmjjaek2VLTIH9a2HDChRRrkWEhAFMNAXG7sCrfOs+xLETYnG6LbP
CVDhLok6miHNAZ3UIx5+B4bRUiTvrklL+LFYlidOQPHETEyHoNhXHhXZr8lN4gHm
3DMm8C56WZy2gcB9tHjQLD/X5Ygq0GYLiUmFWarQy865sbkRCsz7d/SASq0MxMMT
Qq+M6bu1wT2ti8ulP8Rl+Fz84tHuqhFjS0/0yWdftJ+6kHw8EAzjCNfRTuXvBKHJ
QtTzeKrDrbtcDf5j2vY+6uGnrv4kfJaNzSEqV3V8CSGmwjC0lTnjZNiVTaqKb1pY
sPS3U69630iknS94khGCw41dBNibLzM=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:52:13 2025 by rpki-client