Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/F22E8768E86011EFAC296882762E951A.roa
File: F22E8768E86011EFAC296882762E951A.roa (raw, json)
Hash identifier: cVKPr5HYeZ5lrkRuCwNVAUvdhl6f4S9zz+b6sQU9pDA=
Subject key identifier: 4A:7B:70:B0:35:43:3F:AE:8E:2E:1E:EC:1C:3F:B8:77:F1:9C:C3:7E
Certificate issuer: /CN=F36C58D6AF/serialNumber=48A2F2C4AA4AEA39BE46BFE5F99C92629BBED8FC
Certificate serial: 13C8
Authority key identifier: 48:A2:F2:C4:AA:4A:EA:39:BE:46:BF:E5:F9:9C:92:62:9B:BE:D8:FC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/F22E8768E86011EFAC296882762E951A.roa
Signing time: Tue 11 Feb 2025 10:14:15 +0000
ROA not before: Tue 11 Feb 2025 10:14:11 +0000
ROA not after: Sat 13 Feb 2027 10:14:11 +0000
asID: 61317
IP address blocks: 102.129.249.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.crl
rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.mft
rsync://rpki.afrinic.net/repository/afrinic/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 08 Apr 2025 00:06:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5064 (0x13c8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36C58D6AF
Validity
Not Before: Feb 11 10:14:11 2025 GMT
Not After : Feb 13 10:14:11 2027 GMT
Subject: CN=67ab22f7-f91c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:e5:73:de:1a:49:a4:55:51:d3:3e:a5:90:67:
f7:35:f2:60:39:c4:40:76:13:a1:3e:dc:c5:d3:e6:
f4:1f:63:71:da:b5:38:af:c7:44:46:be:e4:01:fd:
94:1a:bc:75:99:75:4c:26:f5:14:67:2c:46:83:89:
9a:f1:48:86:13:e8:81:95:0e:11:73:30:d4:29:7c:
19:b2:d7:63:a8:ad:e7:df:d2:8b:5e:ff:0b:0f:72:
f9:23:dd:2f:a9:e2:d3:ef:e5:6f:69:7e:13:1c:b0:
c5:3b:5b:b1:d8:92:bf:d0:ba:2a:e6:ef:71:08:cc:
f4:b5:e1:00:a5:84:49:69:86:ed:30:e9:e2:15:af:
c9:84:35:8e:33:9b:61:e3:a0:50:54:b7:9a:04:b6:
f9:80:53:fa:a4:67:a3:4d:6b:f4:74:f6:f2:65:c6:
81:40:db:95:ed:5c:ab:79:80:56:b6:87:b6:f2:14:
87:6d:77:9f:c2:f6:00:ba:d2:a4:06:15:ce:ee:3e:
3c:5e:c2:bc:52:c4:21:f5:6d:48:5d:9b:e6:62:84:
db:8e:cf:08:5b:c2:29:79:ee:00:37:3e:89:48:62:
07:73:75:96:85:59:4c:a7:15:5d:cc:b6:d2:58:9c:
6c:f1:27:00:5b:49:87:a9:65:68:26:58:8c:58:5f:
18:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:7B:70:B0:35:43:3F:AE:8E:2E:1E:EC:1C:3F:B8:77:F1:9C:C3:7E
X509v3 Authority Key Identifier:
keyid:48:A2:F2:C4:AA:4A:EA:39:BE:46:BF:E5:F9:9C:92:62:9B:BE:D8:FC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/F22E8768E86011EFAC296882762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.129.249.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:65:16:78:59:58:6c:6c:e1:fe:53:46:6e:f8:ba:dd:f8:95:
42:1d:4b:de:8a:da:61:4f:8c:5c:cd:b9:35:55:91:96:81:1c:
74:19:9a:ba:e4:3b:6e:80:5e:72:64:bc:bb:74:ff:f0:e7:78:
e5:81:04:32:a8:a3:8f:3c:0b:41:04:e0:4b:8e:94:13:ad:dd:
db:c3:37:8f:d3:07:99:11:90:7b:d3:11:64:ab:2b:ec:c7:1a:
80:f0:c0:72:72:3b:3e:2f:f5:ad:c8:23:48:68:b6:20:32:a2:
a9:9b:ae:64:e1:15:b2:ef:4f:4e:c8:a2:69:8e:28:d2:75:e1:
58:e1:d2:b9:8b:5d:0a:d3:95:7e:cc:cb:34:98:17:8d:f6:a4:
6e:bc:bb:9f:fc:06:ac:cf:92:37:e9:a2:ee:55:9b:3e:78:4e:
0d:84:0a:97:49:31:de:72:18:73:25:4e:45:a9:28:78:fe:35:
62:3b:3a:61:2c:c8:3b:88:63:97:9f:85:14:29:9f:56:f4:83:
75:10:6a:0a:22:35:d0:57:64:00:43:d1:da:ac:16:2f:37:f7:
55:d9:eb:cf:71:79:40:47:8d:f4:1b:00:f0:8d:0c:bd:42:af:
40:ca:8a:e8:19:66:c7:4c:e2:c0:76:e0:90:ee:f5:48:22:1c:
40:59:dc:3e
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICE8gwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
QzU4RDZBRjExMC8GA1UEBRMoNDhBMkYyQzRBQTRBRUEzOUJFNDZCRkU1Rjk5Qzky
NjI5QkJFRDhGQzAeFw0yNTAyMTExMDE0MTFaFw0yNzAyMTMxMDE0MTFaMBgxFjAU
BgNVBAMTDTY3YWIyMmY3LWY5MWMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDA5XPeGkmkVVHTPqWQZ/c18mA5xEB2E6E+3MXT5vQfY3HatTivx0RGvuQB
/ZQavHWZdUwm9RRnLEaDiZrxSIYT6IGVDhFzMNQpfBmy12Ooreff0ote/wsPcvkj
3S+p4tPv5W9pfhMcsMU7W7HYkr/Quirm73EIzPS14QClhElphu0w6eIVr8mENY4z
m2HjoFBUt5oEtvmAU/qkZ6NNa/R09vJlxoFA25XtXKt5gFa2h7byFIdtd5/C9gC6
0qQGFc7uPjxewrxSxCH1bUhdm+ZihNuOzwhbwil57gA3PolIYgdzdZaFWUynFV3M
ttJYnGzxJwBbSYepZWgmWIxYXxhvAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUSntw
sDVDP66OLh7sHD+4d/Gcw34wHwYDVR0jBBgwFoAUSKLyxKpK6jm+Rr/l+ZySYpu+
2PwwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkM1OEQ2L0Q2OUE0REZFNzMxNjExRTk5MTMzMDM3Q0Y4QUVBMjI4L1NLTHl4
S3BLNmptLVJyX2wtWnlTWXB1LTJQdy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL1NLTHl4S3BLNmptLVJyX2wtWnlTWXB1LTJQdy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkM1OEQ2L0Q2OUE0REZFNzMxNjExRTk5MTMzMDM3Q0Y4
QUVBMjI4L0YyMkU4NzY4RTg2MDExRUZBQzI5Njg4Mjc2MkU5NTFBLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABmgfkwDQYJKoZIhvcNAQEL
BQADggEBABplFnhZWGxs4f5TRm74ut34lUIdS96K2mFPjFzNuTVVkZaBHHQZmrrk
O26AXnJkvLt0//DneOWBBDKoo488C0EE4EuOlBOt3dvDN4/TB5kRkHvTEWSrK+zH
GoDwwHJyOz4v9a3II0hotiAyoqmbrmThFbLvT07IommOKNJ14Vjh0rmLXQrTlX7M
yzSYF432pG68u5/8BqzPkjfpou5Vmz54Tg2ECpdJMd5yGHMlTkWpKHj+NWI7OmEs
yDuIY5efhRQpn1b0g3UQagoiNdBXZABD0dqsFi8391XZ689xeUBHjfQbAPCNDL1C
r0DKiugZZsdM4sB24JDu9UgiHEBZ3D4=
-----END CERTIFICATE-----
Generated at Mon Apr 7 09:19:13 2025 by rpki-client