Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36CC035/71F69968715811ED8B19339FF1222468/4DD725E4F80F11EF86D22A5C762E951A.roa
File: 4DD725E4F80F11EF86D22A5C762E951A.roa (raw, json)
Hash identifier: /ugyz6PR8i04hr2ae3kp6xDqUB/TUr9B+hb22NVvtNo=
Subject key identifier: 85:FC:9F:21:FB:9C:5B:3B:ED:AE:BD:99:BE:05:A8:2C:A6:37:FE:30
Certificate issuer: /CN=F36CC035AF/serialNumber=E3B07BB9D0957749FFE48C7E7325A9E11B416AB9
Certificate serial: 0365
Authority key identifier: E3:B0:7B:B9:D0:95:77:49:FF:E4:8C:7E:73:25:A9:E1:1B:41:6A:B9
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/47B7udCVd0n_5Ix-cyWp4RtBark.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36CC035/71F69968715811ED8B19339FF1222468/4DD725E4F80F11EF86D22A5C762E951A.roa
Signing time: Mon 03 Mar 2025 09:10:09 +0000
ROA not before: Mon 03 Mar 2025 09:10:04 +0000
ROA not after: Sat 31 Mar 2035 09:10:04 +0000
asID: 198949
IP address blocks: 196.3.94.0/24 maxlen: 24
2c0f:f778::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36CC035/71F69968715811ED8B19339FF1222468/47B7udCVd0n_5Ix-cyWp4RtBark.crl
rsync://rpki.afrinic.net/repository/member_repository/F36CC035/71F69968715811ED8B19339FF1222468/47B7udCVd0n_5Ix-cyWp4RtBark.mft
rsync://rpki.afrinic.net/repository/afrinic/47B7udCVd0n_5Ix-cyWp4RtBark.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 869 (0x365)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36CC035AF
Validity
Not Before: Mar 3 09:10:04 2025 GMT
Not After : Mar 31 09:10:04 2035 GMT
Subject: CN=67c571f0-a477
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:9d:2f:02:4c:03:42:07:04:c8:42:35:7f:c4:
f8:55:bb:6d:c3:02:93:83:eb:5e:3b:07:a1:85:aa:
c3:2c:43:7e:9b:c5:7a:16:af:7d:82:bb:de:2d:89:
b8:3d:10:68:73:fe:61:c8:75:a2:2f:8e:80:32:bc:
e0:f8:f9:a0:26:bb:9d:7f:8d:33:a5:7a:54:f0:c1:
c2:af:79:71:0d:78:e3:1d:ee:79:76:ee:77:d7:47:
bc:14:36:c6:c2:b0:06:02:2d:77:77:bf:0c:e1:8a:
20:74:d2:c6:9e:ba:5c:44:7c:3c:65:c9:7f:fc:99:
4e:28:bf:04:bc:b0:44:ca:c3:97:18:cb:3b:84:aa:
8c:ab:4d:6c:c6:c5:e2:46:a0:73:b9:74:1c:68:83:
50:25:b4:11:c0:8d:a9:87:66:c4:96:4b:8e:e6:a9:
10:92:36:1f:9e:c5:a0:78:f2:a4:86:6a:92:a6:d2:
10:9a:0e:b0:c3:5c:ec:90:ec:e7:e9:3b:1d:a7:1f:
07:b2:b8:ec:1f:d2:30:d4:6f:f6:d6:73:bf:6c:08:
02:db:ce:a3:88:c7:74:ed:68:b5:79:6c:a0:78:e6:
5a:12:ce:fb:f4:fe:a1:d0:2b:11:98:2e:15:31:5d:
36:c4:ba:57:56:f5:1e:c6:3c:17:d3:f4:49:be:c5:
85:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:FC:9F:21:FB:9C:5B:3B:ED:AE:BD:99:BE:05:A8:2C:A6:37:FE:30
X509v3 Authority Key Identifier:
keyid:E3:B0:7B:B9:D0:95:77:49:FF:E4:8C:7E:73:25:A9:E1:1B:41:6A:B9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36CC035/71F69968715811ED8B19339FF1222468/47B7udCVd0n_5Ix-cyWp4RtBark.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/47B7udCVd0n_5Ix-cyWp4RtBark.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36CC035/71F69968715811ED8B19339FF1222468/4DD725E4F80F11EF86D22A5C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
196.3.94.0/24
IPv6:
2c0f:f778::/32
Signature Algorithm: sha256WithRSAEncryption
9f:84:a4:9c:1a:1f:bd:56:7e:98:7a:51:cf:4f:82:b8:ed:ee:
a4:89:b9:ba:35:d7:93:63:78:26:2e:45:3d:5c:b4:56:30:65:
f8:18:91:0a:a0:73:49:70:2f:32:86:39:b5:b7:31:bc:6d:4d:
66:d2:4b:df:ce:02:7c:d6:db:41:ee:41:43:8c:99:78:06:92:
aa:fa:48:70:e2:b9:7b:15:b1:02:0d:12:26:95:6a:7c:88:a2:
97:5b:ce:7c:72:a1:09:7a:21:01:52:0f:0b:98:63:0b:2d:3c:
cc:47:76:fd:8f:67:2b:dd:5c:15:88:f2:e0:9d:5c:f2:f2:c3:
36:58:ab:52:da:de:e4:dd:b9:53:f2:56:82:75:ac:03:47:96:
7f:0e:ef:d2:ae:94:aa:4d:dc:41:5d:8a:f2:06:6f:23:6d:07:
fc:17:4e:4d:86:a1:2e:3f:4e:dc:09:c2:77:8f:8a:fa:c8:f5:
7f:7e:c1:1f:df:ff:d4:0e:d9:77:66:4b:b6:76:aa:46:9c:19:
5a:4e:34:41:6a:ca:00:b8:96:e6:3d:73:74:d8:66:67:dd:2d:
87:b8:27:30:45:44:3b:4f:7c:65:c3:10:1a:88:cd:0f:8f:5f:
7d:06:39:ed:1a:e3:e4:0e:fb:a3:05:8d:7f:13:ca:d5:a3:20:
57:05:39:7b
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgICA2UwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
Q0MwMzVBRjExMC8GA1UEBRMoRTNCMDdCQjlEMDk1Nzc0OUZGRTQ4QzdFNzMyNUE5
RTExQjQxNkFCOTAeFw0yNTAzMDMwOTEwMDRaFw0zNTAzMzEwOTEwMDRaMBgxFjAU
BgNVBAMTDTY3YzU3MWYwLWE0NzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCwnS8CTANCBwTIQjV/xPhVu23DApOD6147B6GFqsMsQ36bxXoWr32Cu94t
ibg9EGhz/mHIdaIvjoAyvOD4+aAmu51/jTOlelTwwcKveXENeOMd7nl27nfXR7wU
NsbCsAYCLXd3vwzhiiB00saeulxEfDxlyX/8mU4ovwS8sETKw5cYyzuEqoyrTWzG
xeJGoHO5dBxog1AltBHAjamHZsSWS47mqRCSNh+exaB48qSGapKm0hCaDrDDXOyQ
7OfpOx2nHweyuOwf0jDUb/bWc79sCALbzqOIx3TtaLV5bKB45loSzvv0/qHQKxGY
LhUxXTbEuldW9R7GPBfT9Em+xYVPAgMBAAGjggK0MIICsDAdBgNVHQ4EFgQUhfyf
IfucWzvtrr2ZvgWoLKY3/jAwHwYDVR0jBBgwFoAU47B7udCVd0n/5Ix+cyWp4RtB
arkwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkNDMDM1LzcxRjY5OTY4NzE1ODExRUQ4QjE5MzM5RkYxMjIyNDY4LzQ3Qjd1
ZENWZDBuXzVJeC1jeVdwNFJ0QmFyay5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljLzQ3Qjd1ZENWZDBuXzVJeC1jeVdwNFJ0QmFyay5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkNDMDM1LzcxRjY5OTY4NzE1ODExRUQ4QjE5MzM5RkYx
MjIyNDY4LzRERDcyNUU0RjgwRjExRUY4NkQyMkE1Qzc2MkU5NTFBLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBADEA14wDQQCAAIwBwMFACwP
93gwDQYJKoZIhvcNAQELBQADggEBAJ+EpJwaH71Wfph6Uc9Pgrjt7qSJubo115Nj
eCYuRT1ctFYwZfgYkQqgc0lwLzKGObW3MbxtTWbSS9/OAnzW20HuQUOMmXgGkqr6
SHDiuXsVsQINEiaVanyIopdbznxyoQl6IQFSDwuYYwstPMxHdv2PZyvdXBWI8uCd
XPLywzZYq1La3uTduVPyVoJ1rANHln8O79KulKpN3EFdivIGbyNtB/wXTk2GoS4/
TtwJwnePivrI9X9+wR/f/9QO2XdmS7Z2qkacGVpONEFqygC4luY9c3TYZmfdLYe4
JzBFRDtPfGXDEBqIzQ+PX30GOe0a4+QO+6MFjX8TytWjIFcFOXs=
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:59:57 2025 by rpki-client