Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36E3530/64051F66FDAA11EEB8D47855017001B1/DF636C20BC5511EF9A9E2F85762E951A.roa
File: DF636C20BC5511EF9A9E2F85762E951A.roa (raw, json)
Hash identifier: tSQEd/CsVNkSQe/vkWSz1QvPEAJap3A5Pjx3E2Z7rJs=
Subject key identifier: 76:E3:E9:A7:14:01:A6:A0:99:AE:B5:ED:3E:79:F6:08:91:A2:0A:80
Certificate issuer: /CN=F36E3530AF/serialNumber=64E48B75E21674F86D4E6B5F42369A7A73BE2541
Certificate serial: 0101
Authority key identifier: 64:E4:8B:75:E2:16:74:F8:6D:4E:6B:5F:42:36:9A:7A:73:BE:25:41
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/ZOSLdeIWdPhtTmtfQjaaenO-JUE.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36E3530/64051F66FDAA11EEB8D47855017001B1/DF636C20BC5511EF9A9E2F85762E951A.roa
Signing time: Tue 17 Dec 2024 09:04:08 +0000
ROA not before: Tue 17 Dec 2024 09:04:04 +0000
ROA not after: Wed 31 Dec 2025 09:04:04 +0000
asID: 328245
IP address blocks: 102.209.188.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36E3530/64051F66FDAA11EEB8D47855017001B1/ZOSLdeIWdPhtTmtfQjaaenO-JUE.crl
rsync://rpki.afrinic.net/repository/member_repository/F36E3530/64051F66FDAA11EEB8D47855017001B1/ZOSLdeIWdPhtTmtfQjaaenO-JUE.mft
rsync://rpki.afrinic.net/repository/afrinic/ZOSLdeIWdPhtTmtfQjaaenO-JUE.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 02:56:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 257 (0x101)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36E3530AF
Validity
Not Before: Dec 17 09:04:04 2024 GMT
Not After : Dec 31 09:04:04 2025 GMT
Subject: CN=67613e88-197e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:78:45:2b:3c:36:e9:dd:90:00:1b:50:70:45:
b7:3a:56:04:9e:1a:67:07:94:e3:28:b4:0b:b6:dc:
89:59:2a:88:36:bc:27:ee:b5:3f:87:1a:91:4b:b5:
f5:c2:2a:f3:9f:36:2d:32:ab:44:0f:c2:1a:af:03:
91:21:fa:ba:0e:47:73:a8:52:8b:8b:d6:6a:b9:e0:
ed:ae:5b:a5:98:79:e3:c2:c4:b7:50:85:b1:37:16:
f7:21:3c:e7:81:d0:72:89:77:e0:0c:d0:f0:73:ad:
e4:0c:ed:b0:92:ba:18:26:a8:7e:55:a5:ee:30:6a:
68:4c:f8:3a:7f:74:8a:16:35:c2:91:97:9f:57:2e:
ec:6e:6c:ea:9a:2f:92:3d:a9:0b:a4:1e:77:fd:b8:
01:d1:4f:87:35:f6:72:c3:35:5d:3f:8c:d6:47:20:
48:5b:ed:fa:95:16:8d:5c:3c:91:d9:3d:6a:d2:e9:
88:d8:42:ff:3e:4d:54:df:2d:ce:66:1d:82:db:30:
81:ec:bd:2c:cc:ef:df:62:bd:5c:e8:e7:73:eb:d1:
74:76:a0:1f:56:e4:2f:4d:2a:87:65:93:ec:f6:e0:
cd:0b:fd:7f:ca:00:c3:00:34:94:da:a4:5c:25:f3:
62:f9:47:bc:56:6e:12:81:fd:e3:d0:7f:e7:d7:35:
a0:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:E3:E9:A7:14:01:A6:A0:99:AE:B5:ED:3E:79:F6:08:91:A2:0A:80
X509v3 Authority Key Identifier:
keyid:64:E4:8B:75:E2:16:74:F8:6D:4E:6B:5F:42:36:9A:7A:73:BE:25:41
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36E3530/64051F66FDAA11EEB8D47855017001B1/ZOSLdeIWdPhtTmtfQjaaenO-JUE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/ZOSLdeIWdPhtTmtfQjaaenO-JUE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36E3530/64051F66FDAA11EEB8D47855017001B1/DF636C20BC5511EF9A9E2F85762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.209.188.0/23
Signature Algorithm: sha256WithRSAEncryption
81:86:b1:2f:ce:84:58:23:b0:2f:20:0e:7b:5b:b5:3c:09:63:
98:41:de:de:60:68:69:db:d4:d8:91:92:9f:2d:5e:17:ee:c7:
ad:20:47:fb:fd:f9:d3:36:ed:22:06:8e:c8:4b:31:10:6e:89:
c4:3c:79:2e:cd:29:d9:9e:ba:49:51:30:59:be:d2:99:91:e5:
bb:0e:b7:75:7b:2e:22:d4:e3:96:be:8c:45:7e:68:6e:8f:21:
7f:cc:db:53:a5:19:42:9c:9b:f6:a5:27:fa:cc:fe:44:91:dd:
fa:cf:d6:23:99:de:68:d8:6f:f9:d2:46:0d:ec:7e:42:b1:b5:
df:7d:1d:8c:82:8d:f1:5c:05:45:e8:f0:d2:c5:a3:c6:ca:6d:
6f:f1:52:84:c8:54:27:00:55:ad:c3:6a:ea:32:56:ed:50:1e:
a5:bd:66:59:e2:b3:c9:a5:56:af:f9:78:1f:cc:70:75:b8:61:
7f:4a:c8:b3:a8:dd:fa:6d:89:04:d0:fc:f3:d6:b0:31:27:4a:
a2:2d:02:ee:19:b4:22:6f:90:0e:55:a0:b5:fa:22:a9:ae:de:
10:14:74:13:ea:26:16:88:2a:a6:f9:b7:db:24:cd:36:79:9d:
48:93:35:e5:0a:60:8e:1d:31:0e:d7:d7:00:38:d0:ef:11:b0:
67:59:bf:68
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICAQEwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
RTM1MzBBRjExMC8GA1UEBRMoNjRFNDhCNzVFMjE2NzRGODZENEU2QjVGNDIzNjlB
N0E3M0JFMjU0MTAeFw0yNDEyMTcwOTA0MDRaFw0yNTEyMzEwOTA0MDRaMBgxFjAU
BgNVBAMTDTY3NjEzZTg4LTE5N2UwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDGeEUrPDbp3ZAAG1BwRbc6VgSeGmcHlOMotAu23IlZKog2vCfutT+HGpFL
tfXCKvOfNi0yq0QPwhqvA5Eh+roOR3OoUouL1mq54O2uW6WYeePCxLdQhbE3Fvch
POeB0HKJd+AM0PBzreQM7bCSuhgmqH5Vpe4wamhM+Dp/dIoWNcKRl59XLuxubOqa
L5I9qQukHnf9uAHRT4c19nLDNV0/jNZHIEhb7fqVFo1cPJHZPWrS6YjYQv8+TVTf
Lc5mHYLbMIHsvSzM799ivVzo53Pr0XR2oB9W5C9NKodlk+z24M0L/X/KAMMANJTa
pFwl82L5R7xWbhKB/ePQf+fXNaAhAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUduPp
pxQBpqCZrrXtPnn2CJGiCoAwHwYDVR0jBBgwFoAUZOSLdeIWdPhtTmtfQjaaenO+
JUEwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkUzNTMwLzY0MDUxRjY2RkRBQTExRUVCOEQ0Nzg1NTAxNzAwMUIxL1pPU0xk
ZUlXZFBodFRtdGZRamFhZW5PLUpVRS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL1pPU0xkZUlXZFBodFRtdGZRamFhZW5PLUpVRS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkUzNTMwLzY0MDUxRjY2RkRBQTExRUVCOEQ0Nzg1NTAx
NzAwMUIxL0RGNjM2QzIwQkM1NTExRUY5QTlFMkY4NTc2MkU5NTFBLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAFm0bwwDQYJKoZIhvcNAQEL
BQADggEBAIGGsS/OhFgjsC8gDntbtTwJY5hB3t5gaGnb1NiRkp8tXhfux60gR/v9
+dM27SIGjshLMRBuicQ8eS7NKdmeuklRMFm+0pmR5bsOt3V7LiLU45a+jEV+aG6P
IX/M21OlGUKcm/alJ/rM/kSR3frP1iOZ3mjYb/nSRg3sfkKxtd99HYyCjfFcBUXo
8NLFo8bKbW/xUoTIVCcAVa3DauoyVu1QHqW9Zlnis8mlVq/5eB/McHW4YX9KyLOo
3fptiQTQ/PPWsDEnSqItAu4ZtCJvkA5VoLX6Iqmu3hAUdBPqJhaIKqb5t9skzTZ5
nUiTNeUKYI4dMQ7X1wA40O8RsGdZv2g=
-----END CERTIFICATE-----
Generated at Sat Apr 5 03:56:37 2025 by rpki-client