Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36CAD03/90CF9CCA1F4211EEB18184614AD9E6FC/1FACC63EDD6A11EFB9FD6F4B762E951A.roa
File: 1FACC63EDD6A11EFB9FD6F4B762E951A.roa (raw, json)
Hash identifier: dF+TudNzn5JdoAREd/OnWJP6k5lbPTgpi/h8Pngj+g0=
Subject key identifier: F4:4B:9E:7E:51:8C:D6:38:1F:46:35:7F:34:BD:27:55:66:9A:9F:46
Certificate issuer: /CN=F36CAD03AF/serialNumber=7F3738A2B28B6FAC0EE168DACDA1020991F65EFF
Certificate serial: 024F
Authority key identifier: 7F:37:38:A2:B2:8B:6F:AC:0E:E1:68:DA:CD:A1:02:09:91:F6:5E:FF
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/fzc4orKLb6wO4WjazaECCZH2Xv8.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36CAD03/90CF9CCA1F4211EEB18184614AD9E6FC/1FACC63EDD6A11EFB9FD6F4B762E951A.roa
Signing time: Tue 28 Jan 2025 11:22:14 +0000
ROA not before: Tue 28 Jan 2025 11:22:10 +0000
ROA not after: Wed 28 Jan 2026 11:22:10 +0000
asID: 328987
IP address blocks: 102.217.64.0/22 maxlen: 22
102.217.64.0/24 maxlen: 24
102.217.65.0/24 maxlen: 24
102.217.66.0/24 maxlen: 24
102.217.67.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36CAD03/90CF9CCA1F4211EEB18184614AD9E6FC/fzc4orKLb6wO4WjazaECCZH2Xv8.crl
rsync://rpki.afrinic.net/repository/member_repository/F36CAD03/90CF9CCA1F4211EEB18184614AD9E6FC/fzc4orKLb6wO4WjazaECCZH2Xv8.mft
rsync://rpki.afrinic.net/repository/afrinic/fzc4orKLb6wO4WjazaECCZH2Xv8.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 21 Feb 2025 02:38:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 591 (0x24f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36CAD03AF
Validity
Not Before: Jan 28 11:22:10 2025 GMT
Not After : Jan 28 11:22:10 2026 GMT
Subject: CN=6798bde6-7c0f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:8e:fd:11:c1:5a:b9:8f:d5:ce:20:b4:17:09:
06:12:d6:1c:6b:16:a2:93:02:fa:ce:2f:10:98:61:
ea:53:99:9e:91:ce:4b:be:0f:7e:57:95:b9:f7:6b:
8c:c1:9f:b1:56:a3:4f:e2:6e:d8:1c:2c:30:48:fe:
42:80:03:e2:70:07:57:e1:81:ff:4a:c3:7c:74:47:
68:0d:34:36:dd:ea:fe:d6:75:0d:66:73:27:11:1e:
8a:54:ae:57:a8:f5:d1:b6:21:01:27:58:2e:d2:85:
2c:17:68:66:2a:c8:26:a2:bc:8a:6b:75:f2:70:f0:
45:a2:0b:8b:4b:33:c8:6f:99:06:de:45:be:3f:6b:
68:87:1d:6c:e6:8d:fb:b0:52:7c:a3:ff:2f:a8:3a:
e8:b5:05:6d:90:d7:7d:69:46:bc:08:97:bf:0a:70:
a8:3d:be:b0:51:ad:58:79:e6:58:f0:7c:05:9b:29:
b5:c9:e5:ba:ea:af:ff:b7:e4:02:92:22:6c:a9:6a:
91:2f:2f:75:ab:4f:06:d7:03:ae:cb:4d:99:19:b4:
40:ba:45:ef:dc:58:dc:7a:c9:91:8a:9e:1d:fd:87:
11:c9:79:1a:68:ed:30:28:fd:ac:3d:06:a8:bb:77:
d3:e0:e8:2c:82:c1:0a:d7:85:1c:cd:3b:67:06:ec:
b0:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:4B:9E:7E:51:8C:D6:38:1F:46:35:7F:34:BD:27:55:66:9A:9F:46
X509v3 Authority Key Identifier:
keyid:7F:37:38:A2:B2:8B:6F:AC:0E:E1:68:DA:CD:A1:02:09:91:F6:5E:FF
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36CAD03/90CF9CCA1F4211EEB18184614AD9E6FC/fzc4orKLb6wO4WjazaECCZH2Xv8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/fzc4orKLb6wO4WjazaECCZH2Xv8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36CAD03/90CF9CCA1F4211EEB18184614AD9E6FC/1FACC63EDD6A11EFB9FD6F4B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.217.64.0/22
Signature Algorithm: sha256WithRSAEncryption
91:1b:28:d0:49:00:2f:db:d5:ac:9c:2b:cd:9a:b2:06:2c:7d:
0d:7a:f8:e2:7f:56:98:7b:77:7a:48:f2:53:1f:44:69:50:bc:
02:5d:8c:0d:f1:1c:3e:71:a2:42:9c:aa:e5:55:73:f8:ac:55:
cb:35:c1:6d:cd:35:cb:02:4a:ee:ed:0f:ad:f6:f6:a7:99:c9:
ec:a2:b7:91:5e:07:6a:90:7e:57:38:07:46:9a:86:94:6f:86:
e3:7b:ba:23:2a:00:ff:b9:43:c4:c5:18:81:31:22:c8:ff:36:
06:6c:9d:07:dd:e4:30:8c:0d:42:04:1e:ba:5d:14:e8:be:33:
ae:51:2e:2c:d8:ad:78:dc:57:af:c7:fa:21:6e:ee:9e:6b:f0:
a5:19:70:52:b8:fe:1e:ec:03:34:e0:8f:44:43:23:7a:c6:ad:
74:6a:3c:cb:32:72:ff:44:8e:17:e5:7a:a6:b6:bf:95:50:9b:
a2:cb:f7:49:25:8b:3d:04:23:cd:af:c1:82:9e:02:38:61:6b:
7a:e8:bb:9b:0e:53:23:29:8d:c8:84:6d:69:ad:2b:31:ad:22:
be:6b:42:ad:53:5a:21:d4:d1:52:18:7f:1c:5a:0a:14:6a:3a:
d3:5d:12:19:9e:e1:29:69:d5:5f:43:75:77:89:06:7d:99:90:
ee:61:97:5c
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICAk8wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
Q0FEMDNBRjExMC8GA1UEBRMoN0YzNzM4QTJCMjhCNkZBQzBFRTE2OERBQ0RBMTAy
MDk5MUY2NUVGRjAeFw0yNTAxMjgxMTIyMTBaFw0yNjAxMjgxMTIyMTBaMBgxFjAU
BgNVBAMTDTY3OThiZGU2LTdjMGYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCpjv0RwVq5j9XOILQXCQYS1hxrFqKTAvrOLxCYYepTmZ6Rzku+D35Xlbn3
a4zBn7FWo0/ibtgcLDBI/kKAA+JwB1fhgf9Kw3x0R2gNNDbd6v7WdQ1mcycRHopU
rleo9dG2IQEnWC7ShSwXaGYqyCaivIprdfJw8EWiC4tLM8hvmQbeRb4/a2iHHWzm
jfuwUnyj/y+oOui1BW2Q131pRrwIl78KcKg9vrBRrVh55ljwfAWbKbXJ5brqr/+3
5AKSImypapEvL3WrTwbXA67LTZkZtEC6Re/cWNx6yZGKnh39hxHJeRpo7TAo/aw9
Bqi7d9Pg6CyCwQrXhRzNO2cG7LAbAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQU9Eue
flGM1jgfRjV/NL0nVWaan0YwHwYDVR0jBBgwFoAUfzc4orKLb6wO4WjazaECCZH2
Xv8wDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkNBRDAzLzkwQ0Y5Q0NBMUY0MjExRUVCMTgxODQ2MTRBRDlFNkZDL2Z6YzRv
cktMYjZ3TzRXamF6YUVDQ1pIMlh2OC5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL2Z6YzRvcktMYjZ3TzRXamF6YUVDQ1pIMlh2OC5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkNBRDAzLzkwQ0Y5Q0NBMUY0MjExRUVCMTgxODQ2MTRB
RDlFNkZDLzFGQUNDNjNFREQ2QTExRUZCOUZENkY0Qjc2MkU5NTFBLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJm2UAwDQYJKoZIhvcNAQEL
BQADggEBAJEbKNBJAC/b1aycK82asgYsfQ16+OJ/Vph7d3pI8lMfRGlQvAJdjA3x
HD5xokKcquVVc/isVcs1wW3NNcsCSu7tD6329qeZyeyit5FeB2qQflc4B0aahpRv
huN7uiMqAP+5Q8TFGIExIsj/NgZsnQfd5DCMDUIEHrpdFOi+M65RLizYrXjcV6/H
+iFu7p5r8KUZcFK4/h7sAzTgj0RDI3rGrXRqPMsycv9Ejhfleqa2v5VQm6LL90kl
iz0EI82vwYKeAjhha3rou5sOUyMpjciEbWmtKzGtIr5rQq1TWiHU0VIYfxxaChRq
OtNdEhme4Slp1V9DdXeJBn2ZkO5hl1w=
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:33:56 2025 by rpki-client