Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36D591B/1F6B567CD7C111EE8F2917A2775412E6/D27A6A28D7C111EE8A342CA3775412E6.roa
File: D27A6A28D7C111EE8A342CA3775412E6.roa (raw, json)
Hash identifier: peA4+LIUnTnNHVNJXvAgPW0H2f9Uqrwu8nzHISX24Zo=
Subject key identifier: CA:DB:1A:F5:C6:5D:5A:79:A3:EF:9E:66:50:04:AE:78:D6:C8:60:7D
Certificate issuer: /CN=F36D591BAF/serialNumber=C330387CD218C4CCFA522BC535D770755BCF7B6F
Certificate serial: 02
Authority key identifier: C3:30:38:7C:D2:18:C4:CC:FA:52:2B:C5:35:D7:70:75:5B:CF:7B:6F
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/wzA4fNIYxMz6UivFNddwdVvPe28.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36D591B/1F6B567CD7C111EE8F2917A2775412E6/D27A6A28D7C111EE8A342CA3775412E6.roa
Signing time: Fri 01 Mar 2024 11:49:56 +0000
ROA not before: Fri 01 Mar 2024 11:49:52 +0000
ROA not after: Tue 28 Feb 2034 11:49:52 +0000
asID: 329032
IP address blocks: 102.216.176.0/22 maxlen: 22
2c0f:4680::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36D591B/1F6B567CD7C111EE8F2917A2775412E6/wzA4fNIYxMz6UivFNddwdVvPe28.crl
rsync://rpki.afrinic.net/repository/member_repository/F36D591B/1F6B567CD7C111EE8F2917A2775412E6/wzA4fNIYxMz6UivFNddwdVvPe28.mft
rsync://rpki.afrinic.net/repository/afrinic/wzA4fNIYxMz6UivFNddwdVvPe28.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 21 Feb 2025 02:55:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36D591BAF
Validity
Not Before: Mar 1 11:49:52 2024 GMT
Not After : Feb 28 11:49:52 2034 GMT
Subject: CN=65e1c0e3-33b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:fa:70:dd:d7:f4:37:e1:b4:7f:b9:66:ed:85:
80:ac:2b:ad:51:eb:6c:55:fa:b0:d7:1d:1b:6e:ba:
e6:ba:4d:79:c3:5d:c1:8c:3c:a0:17:72:42:05:b0:
ec:7d:ee:e3:f4:47:54:0f:b6:84:d2:fb:5a:db:03:
92:0d:35:72:ab:3f:0e:6d:9d:de:1d:19:77:3a:96:
34:04:05:5e:73:14:cc:fe:fd:de:2d:9f:5c:be:a6:
ab:f2:0d:cf:a6:88:f3:45:f0:33:5b:c3:e9:fe:36:
f4:70:21:c9:13:ff:ac:32:16:fe:07:95:11:f2:65:
01:06:e2:68:45:a2:eb:5e:67:bd:39:50:93:9f:6a:
7c:50:ea:1d:06:30:42:0c:4f:76:79:01:91:85:81:
e2:fe:ac:89:eb:1f:7d:a2:b0:11:c8:d9:d1:30:58:
11:58:0e:78:30:29:06:0a:86:44:b1:03:f1:a9:6b:
15:e6:ef:12:be:18:12:82:8d:93:05:3a:ba:c2:96:
b3:c3:3c:b1:d7:8c:99:aa:00:b6:3c:53:c7:79:87:
73:19:ae:72:40:56:c8:21:e7:9b:93:62:df:2f:5c:
10:ea:b7:ae:b5:7a:b9:54:eb:85:db:49:21:fd:10:
2e:b4:52:29:89:99:76:6b:82:c4:f7:3b:77:5d:df:
ab:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:DB:1A:F5:C6:5D:5A:79:A3:EF:9E:66:50:04:AE:78:D6:C8:60:7D
X509v3 Authority Key Identifier:
keyid:C3:30:38:7C:D2:18:C4:CC:FA:52:2B:C5:35:D7:70:75:5B:CF:7B:6F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36D591B/1F6B567CD7C111EE8F2917A2775412E6/wzA4fNIYxMz6UivFNddwdVvPe28.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/wzA4fNIYxMz6UivFNddwdVvPe28.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36D591B/1F6B567CD7C111EE8F2917A2775412E6/D27A6A28D7C111EE8A342CA3775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.216.176.0/22
IPv6:
2c0f:4680::/32
Signature Algorithm: sha256WithRSAEncryption
02:55:56:33:24:7c:ba:a1:64:de:63:0f:fa:0b:e4:3e:9a:05:
9a:c5:3a:ad:d8:aa:af:17:d1:d5:ec:ef:32:39:5b:6e:3e:4e:
04:a0:0f:aa:dd:13:86:e3:89:d1:e7:73:91:62:37:ea:c4:57:
86:ea:8e:5a:14:d0:a1:01:68:e4:4b:72:e0:37:06:53:42:e2:
45:fe:a4:a2:98:61:a3:65:88:ce:20:48:9a:cb:f2:60:f0:0c:
9f:ef:6d:0a:21:e3:ec:fc:43:d1:ad:4e:22:fb:25:b7:41:f9:
31:09:ca:cd:33:62:72:d5:9c:2b:ff:12:76:ca:fc:94:18:43:
05:35:b9:c7:77:c1:41:59:0f:73:b9:34:ea:d4:87:a0:b2:b5:
05:eb:42:de:d2:fb:44:c9:98:4f:26:f2:6c:02:97:26:be:9d:
45:33:b7:8f:fb:13:7e:38:b9:ba:c5:65:d7:8c:c4:07:4d:42:
98:1d:6f:28:dc:4c:b9:f0:36:96:b0:3e:c2:fe:47:c8:83:32:
d2:11:ae:81:84:78:c4:69:8f:48:03:97:18:bf:f3:9e:b0:b9:
1d:8d:53:d6:d7:9b:c3:26:ba:9a:27:68:95:83:a9:e6:69:2c:
b6:06:9b:2b:f9:b3:d3:50:23:9b:29:cf:9b:db:fb:07:62:e9:
eb:50:cf:f1
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZE
NTkxQkFGMTEwLwYDVQQFEyhDMzMwMzg3Q0QyMThDNENDRkE1MjJCQzUzNUQ3NzA3
NTVCQ0Y3QjZGMB4XDTI0MDMwMTExNDk1MloXDTM0MDIyODExNDk1MlowGDEWMBQG
A1UEAxMNNjVlMWMwZTMtMzNiNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANj6cN3X9DfhtH+5Zu2FgKwrrVHrbFX6sNcdG2665rpNecNdwYw8oBdyQgWw
7H3u4/RHVA+2hNL7WtsDkg01cqs/Dm2d3h0ZdzqWNAQFXnMUzP793i2fXL6mq/IN
z6aI80XwM1vD6f429HAhyRP/rDIW/geVEfJlAQbiaEWi615nvTlQk59qfFDqHQYw
QgxPdnkBkYWB4v6siesffaKwEcjZ0TBYEVgOeDApBgqGRLED8alrFebvEr4YEoKN
kwU6usKWs8M8sdeMmaoAtjxTx3mHcxmuckBWyCHnm5Ni3y9cEOq3rrV6uVTrhdtJ
If0QLrRSKYmZdmuCxPc7d13fq3cCAwEAAaOCArQwggKwMB0GA1UdDgQWBBTK2xr1
xl1aeaPvnmZQBK541shgfTAfBgNVHSMEGDAWgBTDMDh80hjEzPpSK8U113B1W897
bzAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2RDU5MUIvMUY2QjU2N0NEN0MxMTFFRThGMjkxN0EyNzc1NDEyRTYvd3pBNGZO
SVl4TXo2VWl2Rk5kZHdkVnZQZTI4LmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvd3pBNGZOSVl4TXo2VWl2Rk5kZHdkVnZQZTI4LmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2RDU5MUIvMUY2QjU2N0NEN0MxMTFFRThGMjkxN0EyNzc1
NDEyRTYvRDI3QTZBMjhEN0MxMTFFRThBMzQyQ0EzNzc1NDEyRTYucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAmbYsDANBAIAAjAHAwUALA9G
gDANBgkqhkiG9w0BAQsFAAOCAQEAAlVWMyR8uqFk3mMP+gvkPpoFmsU6rdiqrxfR
1ezvMjlbbj5OBKAPqt0ThuOJ0edzkWI36sRXhuqOWhTQoQFo5Ety4DcGU0LiRf6k
ophho2WIziBImsvyYPAMn+9tCiHj7PxD0a1OIvslt0H5MQnKzTNictWcK/8Sdsr8
lBhDBTW5x3fBQVkPc7k06tSHoLK1BetC3tL7RMmYTybybAKXJr6dRTO3j/sTfji5
usVl14zEB01CmB1vKNxMufA2lrA+wv5HyIMy0hGugYR4xGmPSAOXGL/znrC5HY1T
1tebwya6midolYOp5mkstgabK/mz01AjmynPm9v7B2Lp61DP8Q==
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:44:49 2025 by rpki-client