Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36C6E82/1F291064836D11EC8C0D5DD55A40D577/DE984A9CDD5F11EF97FAAB81762E951A.roa
File: DE984A9CDD5F11EF97FAAB81762E951A.roa (raw, json)
Hash identifier: fUANEwPxt+FMRtzoia+WBkgjHhKhDNEr9B25Cto/vac=
Subject key identifier: 32:3B:58:F7:36:58:12:21:F8:D5:9A:71:35:2F:15:7D:CC:0E:CC:3E
Certificate issuer: /CN=F36C6E82AF/serialNumber=BE9E6AB26887E04D556E850C54A5E7F1324DBD9E
Certificate serial: 046C
Authority key identifier: BE:9E:6A:B2:68:87:E0:4D:55:6E:85:0C:54:A5:E7:F1:32:4D:BD:9E
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/vp5qsmiH4E1VboUMVKXn8TJNvZ4.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36C6E82/1F291064836D11EC8C0D5DD55A40D577/DE984A9CDD5F11EF97FAAB81762E951A.roa
Signing time: Tue 28 Jan 2025 10:08:50 +0000
ROA not before: Wed 29 Jan 2025 10:08:46 +0000
ROA not after: Sat 30 Jan 2027 10:08:46 +0000
asID: 37580
IP address blocks: 197.215.216.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36C6E82/1F291064836D11EC8C0D5DD55A40D577/vp5qsmiH4E1VboUMVKXn8TJNvZ4.crl
rsync://rpki.afrinic.net/repository/member_repository/F36C6E82/1F291064836D11EC8C0D5DD55A40D577/vp5qsmiH4E1VboUMVKXn8TJNvZ4.mft
rsync://rpki.afrinic.net/repository/afrinic/vp5qsmiH4E1VboUMVKXn8TJNvZ4.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1132 (0x46c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36C6E82AF
Validity
Not Before: Jan 29 10:08:46 2025 GMT
Not After : Jan 30 10:08:46 2027 GMT
Subject: CN=6798acb2-a3ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:5d:f5:67:7d:b1:a1:2f:e3:a6:1e:1e:0e:c6:
ca:a5:92:d7:bc:9e:65:ea:de:4b:20:2e:33:8b:3d:
e2:15:19:3f:07:6e:d2:dc:07:87:80:15:a0:ab:4d:
e2:dd:47:72:6b:c2:b1:fc:3e:56:6d:52:28:96:b5:
ec:5b:84:08:aa:ae:d2:c1:d9:f5:12:ae:74:ad:23:
a9:5a:22:8a:b9:1b:90:c8:77:93:c0:1c:d5:f2:76:
b9:19:96:b3:05:39:b8:13:42:e3:35:a8:24:ae:b1:
d1:33:cc:52:84:8c:64:24:2b:10:cb:52:60:2e:d0:
5b:ab:d9:1f:85:9a:eb:9d:f7:5f:b0:e8:63:ce:28:
9d:7e:f0:98:1e:a3:40:05:01:6e:f2:a8:b4:77:c9:
10:6b:02:11:51:e2:92:e3:e0:b3:01:0e:4c:01:54:
9a:1f:0e:bf:31:98:74:2b:fc:e5:18:15:20:32:24:
62:7d:16:f2:f6:eb:52:5d:70:d7:b5:b7:3c:6b:ba:
1a:bc:63:90:e3:ae:ce:fc:3b:6e:9e:a0:bd:af:08:
9b:a8:0f:a5:05:87:7a:9c:c6:aa:1d:df:cd:77:14:
c6:94:a0:52:6c:32:6e:74:98:2a:a1:52:2b:e4:60:
cc:5e:01:72:c5:f8:71:b3:6a:39:32:b0:a5:e3:e5:
cc:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:3B:58:F7:36:58:12:21:F8:D5:9A:71:35:2F:15:7D:CC:0E:CC:3E
X509v3 Authority Key Identifier:
keyid:BE:9E:6A:B2:68:87:E0:4D:55:6E:85:0C:54:A5:E7:F1:32:4D:BD:9E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36C6E82/1F291064836D11EC8C0D5DD55A40D577/vp5qsmiH4E1VboUMVKXn8TJNvZ4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/vp5qsmiH4E1VboUMVKXn8TJNvZ4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36C6E82/1F291064836D11EC8C0D5DD55A40D577/DE984A9CDD5F11EF97FAAB81762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
197.215.216.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:e4:35:74:d2:67:18:87:eb:90:96:26:91:fc:3f:e0:25:bb:
32:29:ca:b4:d4:c3:69:4e:46:c1:59:35:bd:f6:c1:14:8d:4d:
03:15:0e:15:5f:91:5c:36:8a:e3:cc:96:ce:0e:cc:fc:1c:d5:
ad:43:ec:1b:bc:9e:7e:9f:ea:ca:bc:25:99:79:2f:51:88:2c:
cf:54:c9:9e:59:24:90:bc:a5:17:41:87:3c:a5:f1:09:27:14:
3f:42:93:d4:4c:6e:58:28:6b:f7:1f:bb:5c:7d:4e:0e:88:72:
e3:4e:5f:44:27:ea:98:90:60:5a:b6:5a:ff:aa:ea:e5:60:36:
7f:ea:0f:7d:f9:42:87:fc:52:55:77:ce:78:84:50:c2:ee:d1:
94:71:86:84:c6:38:7f:98:cc:5f:29:66:d9:47:2e:2c:c3:a3:
94:74:3f:b2:21:dd:dc:53:16:b1:06:49:53:02:09:f0:df:0b:
89:84:63:02:b4:02:98:3a:20:21:2d:3c:08:30:c0:76:ab:01:
91:49:c5:ff:00:e6:70:56:51:ae:8c:67:b0:34:69:ae:74:d4:
9e:3a:55:53:c7:6c:89:1b:5d:ec:1d:0a:37:f6:cc:00:87:90:
28:99:0b:07:2c:d2:d7:54:e1:93:dd:bc:6e:4c:3d:2d:cb:d4:
2d:a5:3e:be
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICBGwwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
QzZFODJBRjExMC8GA1UEBRMoQkU5RTZBQjI2ODg3RTA0RDU1NkU4NTBDNTRBNUU3
RjEzMjREQkQ5RTAeFw0yNTAxMjkxMDA4NDZaFw0yNzAxMzAxMDA4NDZaMBgxFjAU
BgNVBAMTDTY3OThhY2IyLWEzYWUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC7XfVnfbGhL+OmHh4Oxsqlkte8nmXq3ksgLjOLPeIVGT8HbtLcB4eAFaCr
TeLdR3JrwrH8PlZtUiiWtexbhAiqrtLB2fUSrnStI6laIoq5G5DId5PAHNXydrkZ
lrMFObgTQuM1qCSusdEzzFKEjGQkKxDLUmAu0Fur2R+Fmuud91+w6GPOKJ1+8Jge
o0AFAW7yqLR3yRBrAhFR4pLj4LMBDkwBVJofDr8xmHQr/OUYFSAyJGJ9FvL261Jd
cNe1tzxruhq8Y5Djrs78O26eoL2vCJuoD6UFh3qcxqod3813FMaUoFJsMm50mCqh
UivkYMxeAXLF+HGzajkysKXj5cyxAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUMjtY
9zZYEiH41ZpxNS8VfcwOzD4wHwYDVR0jBBgwFoAUvp5qsmiH4E1VboUMVKXn8TJN
vZ4wDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkM2RTgyLzFGMjkxMDY0ODM2RDExRUM4QzBENURENTVBNDBENTc3L3ZwNXFz
bWlINEUxVmJvVU1WS1huOFRKTnZaNC5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL3ZwNXFzbWlINEUxVmJvVU1WS1huOFRKTnZaNC5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkM2RTgyLzFGMjkxMDY0ODM2RDExRUM4QzBENURENTVB
NDBENTc3L0RFOTg0QTlDREQ1RjExRUY5N0ZBQUI4MTc2MkU5NTFBLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADF19gwDQYJKoZIhvcNAQEL
BQADggEBAGvkNXTSZxiH65CWJpH8P+AluzIpyrTUw2lORsFZNb32wRSNTQMVDhVf
kVw2iuPMls4OzPwc1a1D7Bu8nn6f6sq8JZl5L1GILM9UyZ5ZJJC8pRdBhzyl8Qkn
FD9Ck9RMblgoa/cfu1x9Tg6IcuNOX0Qn6piQYFq2Wv+q6uVgNn/qD335Qof8UlV3
zniEUMLu0ZRxhoTGOH+YzF8pZtlHLizDo5R0P7Ih3dxTFrEGSVMCCfDfC4mEYwK0
Apg6ICEtPAgwwHarAZFJxf8A5nBWUa6MZ7A0aa501J46VVPHbIkbXewdCjf2zACH
kCiZCwcs0tdU4ZPdvG5MPS3L1C2lPr4=
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:57:54 2025 by rpki-client