Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36E3941/5818052445D111EE8A5CA6574AD9E6FC/EC716680DFF811EFADCBE781762E951A.roa
File: EC716680DFF811EFADCBE781762E951A.roa (raw, json)
Hash identifier: oPKoX17XBcVWDruW8njPRytKKsu2yxLVq+E1bf3Vds0=
Subject key identifier: F6:F9:D0:9D:E4:3E:22:4D:EE:1B:54:EC:61:EA:F4:31:DF:93:93:DD
Certificate issuer: /CN=F36E3941AF/serialNumber=456931501964CDB884B1475B56D68F3069C22AF2
Certificate serial: 0226
Authority key identifier: 45:69:31:50:19:64:CD:B8:84:B1:47:5B:56:D6:8F:30:69:C2:2A:F2
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/RWkxUBlkzbiEsUdbVtaPMGnCKvI.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36E3941/5818052445D111EE8A5CA6574AD9E6FC/EC716680DFF811EFADCBE781762E951A.roa
Signing time: Fri 31 Jan 2025 17:29:28 +0000
ROA not before: Fri 31 Jan 2025 17:29:24 +0000
ROA not after: Tue 30 Jan 2035 17:29:24 +0000
asID: 328780
IP address blocks: 102.221.87.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36E3941/5818052445D111EE8A5CA6574AD9E6FC/RWkxUBlkzbiEsUdbVtaPMGnCKvI.crl
rsync://rpki.afrinic.net/repository/member_repository/F36E3941/5818052445D111EE8A5CA6574AD9E6FC/RWkxUBlkzbiEsUdbVtaPMGnCKvI.mft
rsync://rpki.afrinic.net/repository/afrinic/RWkxUBlkzbiEsUdbVtaPMGnCKvI.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 05 Apr 2025 02:38:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 550 (0x226)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36E3941AF
Validity
Not Before: Jan 31 17:29:24 2025 GMT
Not After : Jan 30 17:29:24 2035 GMT
Subject: CN=679d0878-1006
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:d6:03:ce:65:ab:b8:d5:6b:a1:f3:e8:fb:f4:
57:29:7b:76:0d:a3:d3:5f:42:92:46:77:de:9d:58:
c0:05:44:e7:9f:c8:9a:25:5c:15:0c:81:53:1d:5f:
5e:8e:aa:f6:f5:9d:80:0e:c8:13:00:19:dc:8d:ac:
f9:f3:f3:92:99:49:ec:72:a2:0c:5b:c1:44:76:64:
6a:5b:f2:73:41:fa:ec:0c:7f:55:78:ee:ee:38:39:
d2:47:c3:ff:9c:d2:5f:04:80:df:53:71:2f:83:f3:
46:c8:d1:c6:a5:fb:04:39:f3:64:a0:ed:89:c3:a3:
47:ff:b0:12:08:05:91:e8:95:38:ff:ef:59:bd:55:
8e:9d:0e:4e:cb:33:97:72:85:ed:35:52:36:8b:72:
09:27:68:a7:49:a7:20:e3:4e:6a:3c:73:d6:93:b7:
a2:c2:db:1c:91:b9:1e:9e:04:53:a1:76:07:3a:49:
c5:97:fa:d3:92:2f:5f:b8:cd:41:4f:7c:c3:94:aa:
cb:81:7b:41:eb:d1:18:73:90:77:d5:96:92:f0:37:
44:d3:a9:e7:59:22:0c:fd:88:73:e5:12:68:f2:0f:
15:92:ca:b0:f0:f8:2d:74:44:a4:73:26:4a:f5:bc:
1e:b6:14:45:2b:97:c0:69:a7:bf:a5:8e:5f:2c:9f:
fa:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:F9:D0:9D:E4:3E:22:4D:EE:1B:54:EC:61:EA:F4:31:DF:93:93:DD
X509v3 Authority Key Identifier:
keyid:45:69:31:50:19:64:CD:B8:84:B1:47:5B:56:D6:8F:30:69:C2:2A:F2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36E3941/5818052445D111EE8A5CA6574AD9E6FC/RWkxUBlkzbiEsUdbVtaPMGnCKvI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/RWkxUBlkzbiEsUdbVtaPMGnCKvI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36E3941/5818052445D111EE8A5CA6574AD9E6FC/EC716680DFF811EFADCBE781762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.221.87.0/24
Signature Algorithm: sha256WithRSAEncryption
58:d0:f8:0e:14:b3:f0:38:1c:5c:90:b3:07:94:3a:bd:44:36:
1c:1f:8b:79:2c:ef:e5:35:75:51:13:9f:a4:5a:d7:14:f2:3f:
31:c7:23:d6:45:7f:75:b8:13:d2:e3:c0:e9:e7:e1:6e:90:b7:
d4:b0:bf:35:ad:22:46:d9:20:2d:71:47:5e:65:a7:c7:6e:ad:
21:56:aa:2e:b1:86:92:30:36:80:50:52:02:7a:d2:e9:61:28:
44:c9:8a:3a:45:48:87:60:67:09:72:7c:5e:23:50:70:14:f0:
a4:04:43:17:3a:90:db:b0:65:33:6f:3a:9f:8d:0f:1b:15:4c:
f4:a9:de:b7:b3:93:0f:9e:54:ff:36:82:ca:63:b0:76:a0:47:
41:0d:d3:32:27:f1:e3:47:6c:b8:79:1b:cb:38:4a:2b:9b:54:
24:9b:eb:4c:37:b6:02:59:60:04:62:19:af:45:b7:f6:31:e0:
62:5b:c3:53:0c:cc:62:6b:bb:f9:51:35:a9:66:c0:b0:ce:75:
7a:e1:10:77:f1:32:14:3d:40:95:59:c6:60:05:db:a1:11:cc:
ed:7a:ee:17:23:c8:4c:42:af:98:57:f7:ee:25:73:f0:97:7b:
cf:da:7e:c7:00:e0:5c:82:b3:4b:91:f7:df:a8:85:d3:6b:51:
7d:0f:78:41
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICAiYwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
RTM5NDFBRjExMC8GA1UEBRMoNDU2OTMxNTAxOTY0Q0RCODg0QjE0NzVCNTZENjhG
MzA2OUMyMkFGMjAeFw0yNTAxMzExNzI5MjRaFw0zNTAxMzAxNzI5MjRaMBgxFjAU
BgNVBAMTDTY3OWQwODc4LTEwMDYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCZ1gPOZau41Wuh8+j79Fcpe3YNo9NfQpJGd96dWMAFROefyJolXBUMgVMd
X16Oqvb1nYAOyBMAGdyNrPnz85KZSexyogxbwUR2ZGpb8nNB+uwMf1V47u44OdJH
w/+c0l8EgN9TcS+D80bI0cal+wQ582Sg7YnDo0f/sBIIBZHolTj/71m9VY6dDk7L
M5dyhe01UjaLcgknaKdJpyDjTmo8c9aTt6LC2xyRuR6eBFOhdgc6ScWX+tOSL1+4
zUFPfMOUqsuBe0Hr0RhzkHfVlpLwN0TTqedZIgz9iHPlEmjyDxWSyrDw+C10RKRz
Jkr1vB62FEUrl8Bpp7+ljl8sn/o1AgMBAAGjggKlMIICoTAdBgNVHQ4EFgQU9vnQ
neQ+Ik3uG1TsYer0Md+Tk90wHwYDVR0jBBgwFoAURWkxUBlkzbiEsUdbVtaPMGnC
KvIwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkUzOTQxLzU4MTgwNTI0NDVEMTExRUU4QTVDQTY1NzRBRDlFNkZDL1JXa3hV
QmxremJpRXNVZGJWdGFQTUduQ0t2SS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL1JXa3hVQmxremJpRXNVZGJWdGFQTUduQ0t2SS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkUzOTQxLzU4MTgwNTI0NDVEMTExRUU4QTVDQTY1NzRB
RDlFNkZDL0VDNzE2NjgwREZGODExRUZBRENCRTc4MTc2MkU5NTFBLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABm3VcwDQYJKoZIhvcNAQEL
BQADggEBAFjQ+A4Us/A4HFyQsweUOr1ENhwfi3ks7+U1dVETn6Ra1xTyPzHHI9ZF
f3W4E9LjwOnn4W6Qt9SwvzWtIkbZIC1xR15lp8durSFWqi6xhpIwNoBQUgJ60ulh
KETJijpFSIdgZwlyfF4jUHAU8KQEQxc6kNuwZTNvOp+NDxsVTPSp3rezkw+eVP82
gspjsHagR0EN0zIn8eNHbLh5G8s4SiubVCSb60w3tgJZYARiGa9Ft/Yx4GJbw1MM
zGJru/lRNalmwLDOdXrhEHfxMhQ9QJVZxmAF26ERzO167hcjyExCr5hX9+4lc/CX
e8/afscA4FyCs0uR99+ohdNrUX0PeEE=
-----END CERTIFICATE-----
Generated at Fri Apr 4 02:08:13 2025 by rpki-client