Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36E2B8C/C8F9DF1E0B6211EE862D868A4AD9E6FC/CA0A748AE06E11EFBBAD83A9762E951A.roa
File: CA0A748AE06E11EFBBAD83A9762E951A.roa (raw, json)
Hash identifier: MjyQPYZ0w1yB65mwCyV+9VzWTla8w8d5zJEWXodWAO0=
Subject key identifier: 74:6C:B5:C4:C0:93:14:AE:A8:AB:D8:32:76:14:59:D4:F5:55:9C:AF
Certificate issuer: /CN=F36E2B8CAF/serialNumber=872130E69B3FB8035B1B25D3F6FB974A2A078ECC
Certificate serial: 02B1
Authority key identifier: 87:21:30:E6:9B:3F:B8:03:5B:1B:25:D3:F6:FB:97:4A:2A:07:8E:CC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/hyEw5ps_uANbGyXT9vuXSioHjsw.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36E2B8C/C8F9DF1E0B6211EE862D868A4AD9E6FC/CA0A748AE06E11EFBBAD83A9762E951A.roa
Signing time: Sat 01 Feb 2025 07:33:11 +0000
ROA not before: Sat 01 Feb 2025 07:33:07 +0000
ROA not after: Tue 01 Jan 2030 07:33:07 +0000
asID: 37684
IP address blocks: 102.221.35.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36E2B8C/C8F9DF1E0B6211EE862D868A4AD9E6FC/hyEw5ps_uANbGyXT9vuXSioHjsw.crl
rsync://rpki.afrinic.net/repository/member_repository/F36E2B8C/C8F9DF1E0B6211EE862D868A4AD9E6FC/hyEw5ps_uANbGyXT9vuXSioHjsw.mft
rsync://rpki.afrinic.net/repository/afrinic/hyEw5ps_uANbGyXT9vuXSioHjsw.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:06:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 689 (0x2b1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36E2B8CAF
Validity
Not Before: Feb 1 07:33:07 2025 GMT
Not After : Jan 1 07:33:07 2030 GMT
Subject: CN=679dce37-012e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:c3:55:d6:95:b2:23:6c:e0:3f:16:cf:81:2f:
be:17:68:45:93:93:08:fe:61:30:96:3d:02:06:d4:
cc:f2:61:ec:4a:1f:a6:39:ff:fe:fd:fb:eb:6f:e1:
9a:82:18:48:63:64:9c:42:9f:b1:93:8a:d9:47:a1:
76:02:ed:2a:57:62:5a:3e:85:71:93:3c:8c:84:8a:
19:3e:60:68:e8:f8:b0:3a:e8:f6:2c:c8:47:10:4b:
fd:9e:c2:3b:19:de:66:38:c4:e4:87:bd:2f:e8:91:
2a:e4:27:69:52:66:2a:d6:b7:59:fb:49:7b:54:d4:
00:d5:79:e7:28:a5:c1:58:20:b5:cc:56:0a:4d:4f:
e4:14:ef:4f:55:b7:c3:51:92:a5:57:10:3d:eb:a4:
14:ba:c0:28:74:8b:78:21:e0:cb:3e:74:36:77:a6:
c5:bc:13:c1:a5:13:cf:47:ea:57:99:71:5b:63:8e:
05:82:67:72:22:f2:c9:42:b1:8d:39:87:08:65:39:
8a:f7:e5:e8:72:65:00:0b:24:ae:24:cb:98:47:eb:
41:9d:a7:47:48:8f:f7:3a:0f:15:d2:0e:b1:b7:80:
8a:3c:ff:cf:32:df:c0:39:16:c2:cd:31:75:51:e7:
6a:d1:29:a1:38:bd:1f:11:f2:57:4a:45:3e:ea:7e:
96:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:6C:B5:C4:C0:93:14:AE:A8:AB:D8:32:76:14:59:D4:F5:55:9C:AF
X509v3 Authority Key Identifier:
keyid:87:21:30:E6:9B:3F:B8:03:5B:1B:25:D3:F6:FB:97:4A:2A:07:8E:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36E2B8C/C8F9DF1E0B6211EE862D868A4AD9E6FC/hyEw5ps_uANbGyXT9vuXSioHjsw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/hyEw5ps_uANbGyXT9vuXSioHjsw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36E2B8C/C8F9DF1E0B6211EE862D868A4AD9E6FC/CA0A748AE06E11EFBBAD83A9762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.221.35.0/24
Signature Algorithm: sha256WithRSAEncryption
31:c4:44:08:e0:e9:4d:c4:b0:52:c6:09:49:83:8c:0d:a9:ef:
0b:c6:93:6f:ad:21:5a:af:f7:ef:6e:01:e8:23:7c:b6:24:42:
fb:14:d8:5e:3d:50:ab:88:21:fd:6d:19:81:9f:fc:34:3a:21:
b5:80:f5:52:52:1a:1f:c4:ed:76:d8:f2:91:89:4b:ed:c5:59:
ae:a8:2d:1c:f3:ff:3a:7f:a8:09:dd:b9:e5:80:04:f1:1a:55:
21:78:84:c6:e7:f9:da:ad:b1:d5:f5:2a:a3:ec:83:a9:12:8e:
81:b9:ba:a3:e1:b6:b0:6e:93:79:a7:a9:91:3c:bc:a5:ab:ed:
5b:f2:36:b0:23:bc:6a:d1:6b:d0:9e:52:b1:ac:9d:43:68:4b:
f4:cc:4d:73:eb:4d:bf:82:da:3a:bd:51:90:50:7b:8d:24:8d:
2d:c0:1d:d5:73:e9:a1:79:72:85:7d:90:61:45:38:4b:58:36:
e4:bf:d6:61:ac:86:1c:90:60:40:76:69:55:fb:c4:9c:2c:e7:
5c:c4:f0:d9:6c:25:bb:10:8e:2c:ea:1c:bc:2b:c9:ff:91:1a:
04:ba:01:06:d1:df:90:59:a3:e4:35:cf:d3:56:8a:e9:8e:a0:
d6:8a:c7:ec:75:d8:26:0d:84:25:5a:da:36:da:87:dc:87:0d:
cb:8d:e7:a1
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICArEwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
RTJCOENBRjExMC8GA1UEBRMoODcyMTMwRTY5QjNGQjgwMzVCMUIyNUQzRjZGQjk3
NEEyQTA3OEVDQzAeFw0yNTAyMDEwNzMzMDdaFw0zMDAxMDEwNzMzMDdaMBgxFjAU
BgNVBAMTDTY3OWRjZTM3LTAxMmUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC/w1XWlbIjbOA/Fs+BL74XaEWTkwj+YTCWPQIG1MzyYexKH6Y5//79++tv
4ZqCGEhjZJxCn7GTitlHoXYC7SpXYlo+hXGTPIyEihk+YGjo+LA66PYsyEcQS/2e
wjsZ3mY4xOSHvS/okSrkJ2lSZirWt1n7SXtU1ADVeecopcFYILXMVgpNT+QU709V
t8NRkqVXED3rpBS6wCh0i3gh4Ms+dDZ3psW8E8GlE89H6leZcVtjjgWCZ3Ii8slC
sY05hwhlOYr35ehyZQALJK4ky5hH60Gdp0dIj/c6DxXSDrG3gIo8/88y38A5FsLN
MXVR52rRKaE4vR8R8ldKRT7qfparAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUdGy1
xMCTFK6oq9gydhRZ1PVVnK8wHwYDVR0jBBgwFoAUhyEw5ps/uANbGyXT9vuXSioH
jswwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkUyQjhDL0M4RjlERjFFMEI2MjExRUU4NjJEODY4QTRBRDlFNkZDL2h5RXc1
cHNfdUFOYkd5WFQ5dnVYU2lvSGpzdy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL2h5RXc1cHNfdUFOYkd5WFQ5dnVYU2lvSGpzdy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkUyQjhDL0M4RjlERjFFMEI2MjExRUU4NjJEODY4QTRB
RDlFNkZDL0NBMEE3NDhBRTA2RTExRUZCQkFEODNBOTc2MkU5NTFBLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABm3SMwDQYJKoZIhvcNAQEL
BQADggEBADHERAjg6U3EsFLGCUmDjA2p7wvGk2+tIVqv9+9uAegjfLYkQvsU2F49
UKuIIf1tGYGf/DQ6IbWA9VJSGh/E7XbY8pGJS+3FWa6oLRzz/zp/qAndueWABPEa
VSF4hMbn+dqtsdX1KqPsg6kSjoG5uqPhtrBuk3mnqZE8vKWr7VvyNrAjvGrRa9Ce
UrGsnUNoS/TMTXPrTb+C2jq9UZBQe40kjS3AHdVz6aF5coV9kGFFOEtYNuS/1mGs
hhyQYEB2aVX7xJws51zE8NlsJbsQjizqHLwryf+RGgS6AQbR35BZo+Q1z9NWiumO
oNaKx+x12CYNhCVa2jbah9yHDcuN56E=
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:08:56 2025 by rpki-client