Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36E567D/F0977E4AFE4111EFA78DF3BD762E951A/C3D088FEFE4411EF844C4251762E951A.roa
File: C3D088FEFE4411EF844C4251762E951A.roa (raw, json)
Hash identifier: 8c/UcInEU32uCkkd0bW2sydpnWRZBq/yumh8oAWslXQ=
Subject key identifier: CC:EE:FC:E3:20:37:27:B5:D5:42:AB:1C:54:AC:14:46:5D:29:82:89
Certificate issuer: /CN=F36E567DAF/serialNumber=C858754C80FAC839600BA98073FCF0A37CCCACEB
Certificate serial: 05
Authority key identifier: C8:58:75:4C:80:FA:C8:39:60:0B:A9:80:73:FC:F0:A3:7C:CC:AC:EB
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/yFh1TID6yDlgC6mAc_zwo3zMrOs.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36E567D/F0977E4AFE4111EFA78DF3BD762E951A/C3D088FEFE4411EF844C4251762E951A.roa
Signing time: Tue 11 Mar 2025 06:47:57 +0000
ROA not before: Tue 11 Mar 2025 06:47:53 +0000
ROA not after: Mon 12 Mar 2035 06:47:53 +0000
asID: 327802
IP address blocks: 154.73.160.0/23 maxlen: 32
154.73.162.0/23 maxlen: 32
154.73.164.0/23 maxlen: 32
154.73.166.0/23 maxlen: 32
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36E567D/F0977E4AFE4111EFA78DF3BD762E951A/yFh1TID6yDlgC6mAc_zwo3zMrOs.crl
rsync://rpki.afrinic.net/repository/member_repository/F36E567D/F0977E4AFE4111EFA78DF3BD762E951A/yFh1TID6yDlgC6mAc_zwo3zMrOs.mft
rsync://rpki.afrinic.net/repository/afrinic/yFh1TID6yDlgC6mAc_zwo3zMrOs.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 12 Apr 2025 00:06:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5 (0x5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36E567DAF
Validity
Not Before: Mar 11 06:47:53 2025 GMT
Not After : Mar 12 06:47:53 2035 GMT
Subject: CN=67cfdc9d-8f2c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:c4:2f:69:ef:8f:1d:2d:78:56:50:f4:b4:0f:
2f:99:61:7b:5e:10:f6:dc:49:3e:eb:81:ee:36:e8:
9d:4a:d3:1c:7a:a6:a6:45:eb:33:c5:d1:f8:12:44:
ef:c0:36:c1:16:8a:c0:ae:76:07:9f:4f:04:50:f6:
e7:d0:96:f7:af:23:46:17:0c:c7:c3:c3:c9:c3:97:
fd:93:b6:dd:26:bf:eb:dc:a4:c8:18:b0:d5:d2:e5:
27:5d:3f:53:4c:2d:82:d4:93:4a:19:8e:15:8f:35:
20:e7:3e:b5:40:a8:45:de:5b:a2:ac:4b:7b:33:73:
53:18:fa:1e:4d:65:34:92:57:98:16:23:01:ef:7d:
33:1a:3e:84:c7:51:52:48:50:b9:85:2b:e8:b6:2c:
42:6b:c4:42:64:05:0e:52:f0:93:4a:59:1f:5b:03:
1f:73:59:50:76:bc:ef:c1:f6:17:42:cb:79:4b:bb:
66:3a:66:44:1f:b1:b3:f5:29:09:b2:88:fa:b0:39:
46:5f:a3:d7:c6:05:61:35:7f:b6:3d:00:ff:a7:12:
3d:76:b4:44:fa:66:49:76:e1:41:db:fd:b0:b7:9b:
8a:32:b5:11:f2:81:39:6e:81:f7:7a:25:e1:d2:84:
35:ec:63:6d:24:b7:4c:9c:3e:76:a5:34:78:87:49:
02:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:EE:FC:E3:20:37:27:B5:D5:42:AB:1C:54:AC:14:46:5D:29:82:89
X509v3 Authority Key Identifier:
keyid:C8:58:75:4C:80:FA:C8:39:60:0B:A9:80:73:FC:F0:A3:7C:CC:AC:EB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36E567D/F0977E4AFE4111EFA78DF3BD762E951A/yFh1TID6yDlgC6mAc_zwo3zMrOs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/yFh1TID6yDlgC6mAc_zwo3zMrOs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36E567D/F0977E4AFE4111EFA78DF3BD762E951A/C3D088FEFE4411EF844C4251762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.73.160.0/21
Signature Algorithm: sha256WithRSAEncryption
8b:03:00:42:d5:6c:68:e6:10:27:bd:bf:6f:10:f8:45:c2:80:
22:8c:c3:f5:51:d2:69:60:8c:e4:61:e1:b2:ee:f7:e4:bf:e6:
b9:cb:df:27:20:21:10:5f:65:cc:46:28:74:00:f6:64:ba:f5:
98:8e:dd:0a:a4:2c:fc:ca:33:7c:d9:22:c0:24:44:0b:2c:7b:
68:5d:1e:a5:b5:6d:5a:a9:03:2f:59:13:1f:b7:74:f1:1f:d2:
2b:a9:53:76:e8:f2:1a:ae:80:c1:30:62:ff:65:87:73:3e:a4:
8e:4c:a8:65:1c:d6:22:c0:d4:cc:9c:22:62:c8:38:4b:ca:39:
5b:01:85:2c:c2:85:c2:bc:4c:35:dc:88:92:0e:2b:ad:4b:54:
48:8d:93:94:40:4b:2f:46:04:6a:84:19:28:b2:52:b3:53:81:
30:bc:21:42:ff:17:6c:c7:6c:16:74:ea:23:18:89:7d:f4:05:
ec:07:04:dc:0d:6c:1d:fb:18:3e:61:db:0e:2d:46:22:4c:6e:
62:d0:23:f3:76:e9:e1:d6:fb:0c:b9:d5:98:30:ca:41:d3:9e:
03:7a:9c:09:de:a3:04:ef:80:99:dc:40:d6:06:c7:24:c2:5b:
1f:0f:66:b7:2c:7e:7f:8e:ff:21:1e:c0:e7:a9:c6:8f:48:94:
69:1a:56:80
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBBTANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZF
NTY3REFGMTEwLwYDVQQFEyhDODU4NzU0QzgwRkFDODM5NjAwQkE5ODA3M0ZDRjBB
MzdDQ0NBQ0VCMB4XDTI1MDMxMTA2NDc1M1oXDTM1MDMxMjA2NDc1M1owGDEWMBQG
A1UEAxMNNjdjZmRjOWQtOGYyYzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM7EL2nvjx0teFZQ9LQPL5lhe14Q9txJPuuB7jbonUrTHHqmpkXrM8XR+BJE
78A2wRaKwK52B59PBFD259CW968jRhcMx8PDycOX/ZO23Sa/69ykyBiw1dLlJ10/
U0wtgtSTShmOFY81IOc+tUCoRd5boqxLezNzUxj6Hk1lNJJXmBYjAe99Mxo+hMdR
UkhQuYUr6LYsQmvEQmQFDlLwk0pZH1sDH3NZUHa878H2F0LLeUu7ZjpmRB+xs/Up
CbKI+rA5Rl+j18YFYTV/tj0A/6cSPXa0RPpmSXbhQdv9sLebijK1EfKBOW6B93ol
4dKENexjbSS3TJw+dqU0eIdJAs0CAwEAAaOCAqUwggKhMB0GA1UdDgQWBBTM7vzj
IDcntdVCqxxUrBRGXSmCiTAfBgNVHSMEGDAWgBTIWHVMgPrIOWALqYBz/PCjfMys
6zAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2RTU2N0QvRjA5NzdFNEFGRTQxMTFFRkE3OERGM0JENzYyRTk1MUEveUZoMVRJ
RDZ5RGxnQzZtQWNfendvM3pNck9zLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMveUZoMVRJRDZ5RGxnQzZtQWNfendvM3pNck9zLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2RTU2N0QvRjA5NzdFNEFGRTQxMTFFRkE3OERGM0JENzYy
RTk1MUEvQzNEMDg4RkVGRTQ0MTFFRjg0NEM0MjUxNzYyRTk1MUEucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA5pJoDANBgkqhkiG9w0BAQsF
AAOCAQEAiwMAQtVsaOYQJ72/bxD4RcKAIozD9VHSaWCM5GHhsu735L/mucvfJyAh
EF9lzEYodAD2ZLr1mI7dCqQs/MozfNkiwCRECyx7aF0epbVtWqkDL1kTH7d08R/S
K6lTdujyGq6AwTBi/2WHcz6kjkyoZRzWIsDUzJwiYsg4S8o5WwGFLMKFwrxMNdyI
kg4rrUtUSI2TlEBLL0YEaoQZKLJSs1OBMLwhQv8XbMdsFnTqIxiJffQF7AcE3A1s
HfsYPmHbDi1GIkxuYtAj83bp4db7DLnVmDDKQdOeA3qcCd6jBO+AmdxA1gbHJMJb
Hw9mtyx+f47/IR7A56nGj0iUaRpWgA==
-----END CERTIFICATE-----
Generated at Thu Apr 10 05:31:55 2025 by rpki-client