Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36D7FB7/8AC1C572F62C11EDA10D3B3A4AD9E6FC/53B7B60C4A9311EE9902D27E4AD9E6FC.roa
File: 53B7B60C4A9311EE9902D27E4AD9E6FC.roa (raw, json)
Hash identifier: Lc6p/skcV7T38Y2SJSqIQlEnAuZOjjbq8VZr0A0Y0HY=
Subject key identifier: 11:12:8B:4D:74:F4:9F:37:6F:15:C3:50:DA:CA:87:97:85:CA:73:43
Certificate issuer: /CN=F36D7FB7AF/serialNumber=A58A6D29114C881E005877279D95ABAA39EE141C
Certificate serial: 79
Authority key identifier: A5:8A:6D:29:11:4C:88:1E:00:58:77:27:9D:95:AB:AA:39:EE:14:1C
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/pYptKRFMiB4AWHcnnZWrqjnuFBw.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36D7FB7/8AC1C572F62C11EDA10D3B3A4AD9E6FC/53B7B60C4A9311EE9902D27E4AD9E6FC.roa
Signing time: Sun 03 Sep 2023 19:51:52 +0000
ROA not before: Sun 03 Sep 2023 19:51:47 +0000
ROA not after: Wed 15 Sep 2027 19:51:47 +0000
asID: 328344
IP address blocks: 102.135.182.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36D7FB7/8AC1C572F62C11EDA10D3B3A4AD9E6FC/pYptKRFMiB4AWHcnnZWrqjnuFBw.crl
rsync://rpki.afrinic.net/repository/member_repository/F36D7FB7/8AC1C572F62C11EDA10D3B3A4AD9E6FC/pYptKRFMiB4AWHcnnZWrqjnuFBw.mft
rsync://rpki.afrinic.net/repository/afrinic/pYptKRFMiB4AWHcnnZWrqjnuFBw.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 23 Apr 2025 00:06:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 121 (0x79)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36D7FB7AF, serialNumber=A58A6D29114C881E005877279D95ABAA39EE141C
Validity
Not Before: Sep 3 19:51:47 2023 GMT
Not After : Sep 15 19:51:47 2027 GMT
Subject: CN=64f4e3d8-bb20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:d6:89:f2:c8:8b:fa:c9:9f:75:fc:52:01:64:
9c:30:cb:fe:c6:d4:ff:6c:e0:45:7d:11:e8:0d:d2:
93:a8:c7:c5:55:dc:ea:9c:18:47:f3:57:e6:d1:8e:
9b:58:9b:82:5c:5b:65:74:f2:4f:32:e8:79:6f:31:
82:07:d8:60:a2:75:bf:66:b1:32:0a:c7:51:12:1d:
76:f8:15:55:e8:ce:03:29:99:f3:38:d0:06:61:4d:
c1:43:44:ab:10:3e:92:d8:29:df:2b:69:64:57:46:
6f:a5:8c:7b:ee:52:bd:6d:b1:9d:e1:8f:92:bf:f7:
fa:c7:b8:3c:5a:b4:22:b0:47:07:7a:2c:31:12:8d:
e9:f5:4e:6d:99:91:37:00:31:f3:ae:cd:f8:9b:f4:
f7:15:21:90:34:7b:91:28:dc:80:f4:85:ac:5c:4e:
07:00:a6:26:aa:93:2d:09:31:8f:c9:f5:9f:3e:7a:
d3:5c:10:19:30:ac:c5:60:7c:e7:ba:86:f1:5d:c8:
98:09:1a:b5:19:3c:ee:18:6e:98:fd:fd:b1:1e:99:
a1:9d:75:8e:d6:71:f3:cc:96:c4:b0:e5:22:a6:ce:
b0:2a:6e:ae:4a:7c:8a:be:93:db:0d:46:00:b1:45:
a2:0e:80:ad:79:6c:bc:d7:6b:2f:01:7a:0e:e0:cc:
f5:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:12:8B:4D:74:F4:9F:37:6F:15:C3:50:DA:CA:87:97:85:CA:73:43
X509v3 Authority Key Identifier:
keyid:A5:8A:6D:29:11:4C:88:1E:00:58:77:27:9D:95:AB:AA:39:EE:14:1C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36D7FB7/8AC1C572F62C11EDA10D3B3A4AD9E6FC/pYptKRFMiB4AWHcnnZWrqjnuFBw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/pYptKRFMiB4AWHcnnZWrqjnuFBw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36D7FB7/8AC1C572F62C11EDA10D3B3A4AD9E6FC/53B7B60C4A9311EE9902D27E4AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.135.182.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:c9:3c:92:27:60:31:a3:e9:36:cd:54:58:79:fb:9e:88:e4:
8f:48:a1:37:a3:e2:4d:a4:23:02:77:31:3f:d3:f6:3a:81:3e:
4c:ed:cf:1d:c6:74:4d:94:9b:b9:4a:5b:0f:a8:de:be:fd:06:
8c:3a:59:4c:e2:1a:4c:3b:ba:e1:ba:22:58:c6:65:3b:25:7f:
57:83:df:96:a0:17:ee:05:2c:9b:0a:1a:e0:42:ca:ce:f0:ba:
46:a8:45:80:39:97:d9:38:49:e8:2b:b1:5d:42:68:05:4b:0a:
ce:a9:1e:56:6f:e5:d8:9d:30:07:23:4e:e4:a5:28:04:65:4a:
b5:30:dd:e1:91:43:8b:ca:b6:b8:a1:90:35:1f:e6:57:fd:d0:
7c:22:d5:5f:94:ee:37:50:b6:11:88:99:40:bf:31:73:81:de:
a9:97:42:2a:bf:5a:5a:0c:57:b5:cc:00:41:b8:9b:a2:30:7d:
58:0d:09:3f:06:6c:e9:42:48:29:76:73:55:54:06:c0:63:f4:
92:58:3d:36:99:3c:97:54:85:5c:9c:2c:39:57:d9:35:e5:d7:
6d:e3:f2:f9:ae:41:e6:32:16:bc:91:bc:45:c7:d3:36:d1:b3:
11:c0:93:35:91:3a:f2:ff:f8:b0:96:3a:b1:83:d4:93:da:f5:
25:52:25:71
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBeTANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZE
N0ZCN0FGMTEwLwYDVQQFEyhBNThBNkQyOTExNEM4ODFFMDA1ODc3Mjc5RDk1QUJB
QTM5RUUxNDFDMB4XDTIzMDkwMzE5NTE0N1oXDTI3MDkxNTE5NTE0N1owGDEWMBQG
A1UEAxMNNjRmNGUzZDgtYmIyMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALDWifLIi/rJn3X8UgFknDDL/sbU/2zgRX0R6A3Sk6jHxVXc6pwYR/NX5tGO
m1ibglxbZXTyTzLoeW8xggfYYKJ1v2axMgrHURIddvgVVejOAymZ8zjQBmFNwUNE
qxA+ktgp3ytpZFdGb6WMe+5SvW2xneGPkr/3+se4PFq0IrBHB3osMRKN6fVObZmR
NwAx867N+Jv09xUhkDR7kSjcgPSFrFxOBwCmJqqTLQkxj8n1nz5601wQGTCsxWB8
57qG8V3ImAkatRk87hhumP39sR6ZoZ11jtZx88yWxLDlIqbOsCpurkp8ir6T2w1G
ALFFog6ArXlsvNdrLwF6DuDM9UcCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBQREotN
dPSfN28Vw1DayoeXhcpzQzAfBgNVHSMEGDAWgBSlim0pEUyIHgBYdyedlauqOe4U
HDAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2RDdGQjcvOEFDMUM1NzJGNjJDMTFFREExMEQzQjNBNEFEOUU2RkMvcFlwdEtS
Rk1pQjRBV0hjbm5aV3Jxam51RkJ3LmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvcFlwdEtSRk1pQjRBV0hjbm5aV3Jxam51RkJ3LmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2RDdGQjcvOEFDMUM1NzJGNjJDMTFFREExMEQzQjNBNEFE
OUU2RkMvNTNCN0I2MEM0QTkzMTFFRTk5MDJEMjdFNEFEOUU2RkMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAGaHtjANBgkqhkiG9w0BAQsF
AAOCAQEALMk8kidgMaPpNs1UWHn7nojkj0ihN6PiTaQjAncxP9P2OoE+TO3PHcZ0
TZSbuUpbD6jevv0GjDpZTOIaTDu64boiWMZlOyV/V4PflqAX7gUsmwoa4ELKzvC6
RqhFgDmX2ThJ6CuxXUJoBUsKzqkeVm/l2J0wByNO5KUoBGVKtTDd4ZFDi8q2uKGQ
NR/mV/3QfCLVX5TuN1C2EYiZQL8xc4HeqZdCKr9aWgxXtcwAQbibojB9WA0JPwZs
6UJIKXZzVVQGwGP0klg9Npk8l1SFXJwsOVfZNeXXbePy+a5B5jIWvJG8RcfTNtGz
EcCTNZE68v/4sJY6sYPUk9r1JVIlcQ==
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:19:14 2025 by rpki-client