Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36CA351/D8E6C5EAC2E611EE8B90697B775412E6/2F1A0898067311F091A5799F762E951A.roa
File: 2F1A0898067311F091A5799F762E951A.roa (raw, json)
Hash identifier: CNCaOGq5e+fSVQ4wKVSRok1jWDlNhofbmJTl2fwntNQ=
Subject key identifier: C6:5D:23:EA:C4:68:C0:07:7E:4B:36:46:DA:3D:83:D0:3A:F6:FB:27
Certificate issuer: /CN=F36CA351AF/serialNumber=58DA3BE331A612AAAE4F6A30637704063AC3DD42
Certificate serial: 0209
Authority key identifier: 58:DA:3B:E3:31:A6:12:AA:AE:4F:6A:30:63:77:04:06:3A:C3:DD:42
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/WNo74zGmEqquT2owY3cEBjrD3UI.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36CA351/D8E6C5EAC2E611EE8B90697B775412E6/2F1A0898067311F091A5799F762E951A.roa
Signing time: Fri 21 Mar 2025 16:40:23 +0000
ROA not before: Fri 21 Mar 2025 16:40:19 +0000
ROA not after: Mon 20 Mar 2028 16:40:19 +0000
asID: 328988
IP address blocks: 102.213.68.0/22 maxlen: 22
102.213.68.0/24 maxlen: 24
102.213.69.0/24 maxlen: 24
102.213.70.0/24 maxlen: 24
102.213.71.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36CA351/D8E6C5EAC2E611EE8B90697B775412E6/WNo74zGmEqquT2owY3cEBjrD3UI.crl
rsync://rpki.afrinic.net/repository/member_repository/F36CA351/D8E6C5EAC2E611EE8B90697B775412E6/WNo74zGmEqquT2owY3cEBjrD3UI.mft
rsync://rpki.afrinic.net/repository/afrinic/WNo74zGmEqquT2owY3cEBjrD3UI.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 12 Apr 2025 02:51:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 521 (0x209)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36CA351AF
Validity
Not Before: Mar 21 16:40:19 2025 GMT
Not After : Mar 20 16:40:19 2028 GMT
Subject: CN=67dd9677-1975
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:bd:dc:fc:d5:c0:e0:24:7a:0d:5d:fe:1a:8f:
d6:77:7f:79:26:60:59:c0:e0:76:f6:4f:44:0f:34:
4f:67:4e:36:7d:0c:50:52:bd:10:8a:64:75:70:e7:
97:bd:c7:f2:4b:0d:1b:c1:5b:73:7a:81:17:a8:1b:
b3:5d:82:0a:d9:dd:d6:72:7b:37:87:eb:4f:8d:1b:
3c:d2:25:e1:d7:1b:47:df:4e:29:d7:1a:34:c9:56:
7d:a2:f0:b5:b5:bf:c4:09:5d:10:96:9a:2b:a5:40:
a0:fb:ae:1b:a5:cf:0a:99:bd:d1:9b:01:39:79:d1:
af:df:2e:4c:e6:e0:99:e4:15:98:be:ef:00:36:88:
b4:1c:06:0d:84:f8:89:ca:8f:ca:05:82:40:b5:b9:
3e:fb:1b:5d:8f:a3:68:d6:31:1f:b3:fa:c8:c9:29:
60:63:b4:f8:4d:37:d5:1f:64:8e:ab:38:05:38:7b:
d7:a0:6b:5d:0f:73:1a:aa:b4:66:0c:2e:58:f2:2c:
be:dd:2c:cb:46:32:4c:07:77:4b:19:95:37:2f:93:
1e:53:1d:8a:0e:db:0c:b0:ef:df:c5:f3:0e:5b:c0:
d8:47:03:d4:b5:02:0e:fe:1b:d1:cb:bf:52:ed:c4:
07:cc:65:a7:50:89:be:91:3e:38:36:91:01:10:f3:
5e:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:5D:23:EA:C4:68:C0:07:7E:4B:36:46:DA:3D:83:D0:3A:F6:FB:27
X509v3 Authority Key Identifier:
keyid:58:DA:3B:E3:31:A6:12:AA:AE:4F:6A:30:63:77:04:06:3A:C3:DD:42
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36CA351/D8E6C5EAC2E611EE8B90697B775412E6/WNo74zGmEqquT2owY3cEBjrD3UI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/WNo74zGmEqquT2owY3cEBjrD3UI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36CA351/D8E6C5EAC2E611EE8B90697B775412E6/2F1A0898067311F091A5799F762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.213.68.0/22
Signature Algorithm: sha256WithRSAEncryption
1c:f6:0f:ce:ef:14:47:0e:43:fc:86:46:c9:32:48:e5:bc:b8:
a5:91:d8:eb:79:bf:32:b1:5c:98:7b:71:82:ff:c1:d4:ce:13:
57:d0:e0:e1:9c:9e:eb:ae:a2:0c:fc:9e:f3:2a:4a:09:90:e6:
d4:59:90:c0:d9:8b:02:56:1d:1b:36:a5:2a:4f:b2:33:b8:a4:
00:48:e2:85:37:68:c0:ba:fd:91:06:72:af:3c:55:ec:9a:85:
c8:bc:68:67:a4:bf:1b:05:48:0f:8b:99:24:a2:b0:92:c3:8f:
dd:fe:95:1e:0c:8d:59:b8:e1:ce:f1:6e:97:67:72:37:2f:22:
06:0c:ca:b8:87:cb:c4:d7:d6:8c:4f:03:3c:51:f0:3f:7c:b2:
e1:cd:94:23:58:06:f3:59:61:7c:d3:a6:0e:74:cc:ee:8e:2b:
5f:57:a1:b7:8d:5d:28:68:13:fc:31:de:89:47:17:63:63:02:
83:70:8f:9b:9b:97:98:59:62:b3:70:dc:db:2f:79:2f:b4:1b:
5b:f9:ab:d9:e8:58:f0:06:df:31:7a:95:c7:52:61:71:fa:fa:
5c:d3:a4:88:9b:89:d1:6f:f4:c3:14:1f:c9:c2:2f:4b:ca:c0:
3e:ba:9d:0a:a5:62:c7:9a:d6:d0:82:13:f6:41:f4:cc:0f:c1:
a3:d1:f3:9b
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICAgkwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
Q0EzNTFBRjExMC8GA1UEBRMoNThEQTNCRTMzMUE2MTJBQUFFNEY2QTMwNjM3NzA0
MDYzQUMzREQ0MjAeFw0yNTAzMjExNjQwMTlaFw0yODAzMjAxNjQwMTlaMBgxFjAU
BgNVBAMTDTY3ZGQ5Njc3LTE5NzUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC3vdz81cDgJHoNXf4aj9Z3f3kmYFnA4Hb2T0QPNE9nTjZ9DFBSvRCKZHVw
55e9x/JLDRvBW3N6gReoG7NdggrZ3dZyezeH60+NGzzSJeHXG0ffTinXGjTJVn2i
8LW1v8QJXRCWmiulQKD7rhulzwqZvdGbATl50a/fLkzm4JnkFZi+7wA2iLQcBg2E
+InKj8oFgkC1uT77G12Po2jWMR+z+sjJKWBjtPhNN9UfZI6rOAU4e9ega10Pcxqq
tGYMLljyLL7dLMtGMkwHd0sZlTcvkx5THYoO2wyw79/F8w5bwNhHA9S1Ag7+G9HL
v1LtxAfMZadQib6RPjg2kQEQ8145AgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUxl0j
6sRowAd+SzZG2j2D0Dr2+ycwHwYDVR0jBBgwFoAUWNo74zGmEqquT2owY3cEBjrD
3UIwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkNBMzUxL0Q4RTZDNUVBQzJFNjExRUU4QjkwNjk3Qjc3NTQxMkU2L1dObzc0
ekdtRXFxdVQyb3dZM2NFQmpyRDNVSS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL1dObzc0ekdtRXFxdVQyb3dZM2NFQmpyRDNVSS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkNBMzUxL0Q4RTZDNUVBQzJFNjExRUU4QjkwNjk3Qjc3
NTQxMkU2LzJGMUEwODk4MDY3MzExRjA5MUE1Nzk5Rjc2MkU5NTFBLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJm1UQwDQYJKoZIhvcNAQEL
BQADggEBABz2D87vFEcOQ/yGRskySOW8uKWR2Ot5vzKxXJh7cYL/wdTOE1fQ4OGc
nuuuogz8nvMqSgmQ5tRZkMDZiwJWHRs2pSpPsjO4pABI4oU3aMC6/ZEGcq88Veya
hci8aGekvxsFSA+LmSSisJLDj93+lR4MjVm44c7xbpdncjcvIgYMyriHy8TX1oxP
AzxR8D98suHNlCNYBvNZYXzTpg50zO6OK19XobeNXShoE/wx3olHF2NjAoNwj5ub
l5hZYrNw3NsveS+0G1v5q9noWPAG3zF6lcdSYXH6+lzTpIibidFv9MMUH8nCL0vK
wD66nQqlYsea1tCCE/ZB9MwPwaPR85s=
-----END CERTIFICATE-----
Generated at Fri Apr 11 03:16:16 2025 by rpki-client