Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36E570F/A29FCCC0AF2B11EF88A7C19A762E951A/FAB09A2AAF2B11EFBDDD2D9D762E951A.roa
File: FAB09A2AAF2B11EFBDDD2D9D762E951A.roa (raw, json)
Hash identifier: pXJWIZdalTimXX6hDNwirsv+KOa5aQ9rGKxIX49vIsI=
Subject key identifier: 85:93:F4:2A:AA:64:3D:C4:40:98:87:48:12:B8:AD:DD:43:68:92:CF
Certificate issuer: /CN=F36E570FAF/serialNumber=4F2E5D06850FA94B9222CF7FFE76F8B2F3012125
Certificate serial: 02
Authority key identifier: 4F:2E:5D:06:85:0F:A9:4B:92:22:CF:7F:FE:76:F8:B2:F3:01:21:25
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/Ty5dBoUPqUuSIs9__nb4svMBISU.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36E570F/A29FCCC0AF2B11EF88A7C19A762E951A/FAB09A2AAF2B11EFBDDD2D9D762E951A.roa
Signing time: Sat 30 Nov 2024 15:01:30 +0000
ROA not before: Sat 30 Nov 2024 15:01:26 +0000
ROA not after: Tue 03 Nov 2026 15:01:26 +0000
asID: 44592
IP address blocks: 102.212.56.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36E570F/A29FCCC0AF2B11EF88A7C19A762E951A/Ty5dBoUPqUuSIs9__nb4svMBISU.crl
rsync://rpki.afrinic.net/repository/member_repository/F36E570F/A29FCCC0AF2B11EF88A7C19A762E951A/Ty5dBoUPqUuSIs9__nb4svMBISU.mft
rsync://rpki.afrinic.net/repository/afrinic/Ty5dBoUPqUuSIs9__nb4svMBISU.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 03:21:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36E570FAF
Validity
Not Before: Nov 30 15:01:26 2024 GMT
Not After : Nov 3 15:01:26 2026 GMT
Subject: CN=674b28ca-beae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:fb:5e:17:7d:62:ee:74:5e:19:b7:9a:f8:2c:
e5:89:c0:c4:f0:fa:ee:2d:23:fe:16:0d:06:87:97:
66:32:a0:0c:19:ae:76:63:04:66:52:54:10:e3:a4:
bf:c8:dd:59:19:3c:04:a9:d2:9d:bd:c9:e8:c4:a1:
df:a7:24:c8:01:a6:06:c2:58:a6:09:c5:15:43:3b:
08:14:78:d9:f8:ea:5b:97:dc:d4:cb:1b:d9:78:93:
21:b1:db:ba:63:e2:f2:95:5d:47:d0:8d:be:aa:8d:
dd:5b:1b:40:48:54:4f:33:02:85:b4:1b:4b:fb:80:
e5:46:fa:9d:7b:fc:72:a2:17:8b:18:41:5c:ab:9a:
eb:05:c0:c2:2d:70:d6:34:05:47:98:57:cb:5e:45:
ce:24:23:fe:ad:3d:f3:92:8a:24:2f:63:cc:3b:fc:
5b:2a:44:f4:5b:b7:70:ad:a1:a5:35:0a:8a:92:a6:
86:54:37:1d:34:43:5c:96:3f:78:db:a8:e5:f4:3c:
c4:6a:30:36:95:bd:1b:ae:4d:63:4e:20:a6:f7:b9:
c3:f8:d7:26:dd:10:48:8b:84:6d:65:d7:f6:67:61:
04:ed:4c:25:9d:6a:e0:44:8e:bb:ce:61:e3:76:e1:
a0:dd:a6:fa:be:19:bc:0e:5d:14:75:3c:b3:31:cd:
bb:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:93:F4:2A:AA:64:3D:C4:40:98:87:48:12:B8:AD:DD:43:68:92:CF
X509v3 Authority Key Identifier:
keyid:4F:2E:5D:06:85:0F:A9:4B:92:22:CF:7F:FE:76:F8:B2:F3:01:21:25
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36E570F/A29FCCC0AF2B11EF88A7C19A762E951A/Ty5dBoUPqUuSIs9__nb4svMBISU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/Ty5dBoUPqUuSIs9__nb4svMBISU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36E570F/A29FCCC0AF2B11EF88A7C19A762E951A/FAB09A2AAF2B11EFBDDD2D9D762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.212.56.0/22
Signature Algorithm: sha256WithRSAEncryption
b5:22:49:99:91:e1:c2:1a:6b:e3:70:15:05:42:86:63:47:92:
53:b2:fb:28:f4:cb:0b:ec:bf:23:f8:22:25:ad:90:75:af:1f:
27:d0:e7:bc:a3:87:e4:44:e6:ba:f3:69:12:45:39:05:1c:45:
6e:a7:77:56:ce:5c:04:58:86:a6:bd:34:f2:75:1d:2d:78:7d:
93:f1:a9:4d:f6:62:47:71:5c:c2:da:68:49:6b:49:58:c0:f6:
67:6c:74:8e:cd:bb:99:3e:03:cd:7f:98:0b:f5:4f:68:bf:e6:
f2:86:fd:b0:dc:33:73:2d:3c:0b:bd:88:30:e7:b0:0c:45:06:
cd:65:d4:cf:14:15:d0:11:ab:63:f5:19:2d:a9:2f:49:32:10:
61:58:69:ba:35:bc:60:fe:69:61:2c:da:37:d3:88:ea:ee:8b:
3f:1d:fb:3e:30:10:98:3b:17:ec:e1:98:25:64:8d:62:c0:cd:
04:5e:13:17:a2:d9:da:4d:60:19:f7:a3:0a:c3:64:fd:2a:5a:
b2:b9:3e:fc:53:a5:3b:dd:8c:99:fe:aa:6d:05:df:e6:73:c4:
b4:87:46:e5:a4:7c:10:2c:ba:e7:c1:63:bc:68:d2:77:27:b8:
16:af:7f:79:7a:b8:9f:0f:58:be:7a:17:19:32:16:bd:d5:b8:
45:f3:68:12
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZF
NTcwRkFGMTEwLwYDVQQFEyg0RjJFNUQwNjg1MEZBOTRCOTIyMkNGN0ZGRTc2RjhC
MkYzMDEyMTI1MB4XDTI0MTEzMDE1MDEyNloXDTI2MTEwMzE1MDEyNlowGDEWMBQG
A1UEAxMNNjc0YjI4Y2EtYmVhZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOT7Xhd9Yu50Xhm3mvgs5YnAxPD67i0j/hYNBoeXZjKgDBmudmMEZlJUEOOk
v8jdWRk8BKnSnb3J6MSh36ckyAGmBsJYpgnFFUM7CBR42fjqW5fc1Msb2XiTIbHb
umPi8pVdR9CNvqqN3VsbQEhUTzMChbQbS/uA5Ub6nXv8cqIXixhBXKua6wXAwi1w
1jQFR5hXy15FziQj/q0985KKJC9jzDv8WypE9Fu3cK2hpTUKipKmhlQ3HTRDXJY/
eNuo5fQ8xGowNpW9G65NY04gpve5w/jXJt0QSIuEbWXX9mdhBO1MJZ1q4ESOu85h
43bhoN2m+r4ZvA5dFHU8szHNu2ECAwEAAaOCAqUwggKhMB0GA1UdDgQWBBSFk/Qq
qmQ9xECYh0gSuK3dQ2iSzzAfBgNVHSMEGDAWgBRPLl0GhQ+pS5Iiz3/+dviy8wEh
JTAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2RTU3MEYvQTI5RkNDQzBBRjJCMTFFRjg4QTdDMTlBNzYyRTk1MUEvVHk1ZEJv
VVBxVXVTSXM5X19uYjRzdk1CSVNVLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvVHk1ZEJvVVBxVXVTSXM5X19uYjRzdk1CSVNVLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2RTU3MEYvQTI5RkNDQzBBRjJCMTFFRjg4QTdDMTlBNzYy
RTk1MUEvRkFCMDlBMkFBRjJCMTFFRkJEREQyRDlENzYyRTk1MUEucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAmbUODANBgkqhkiG9w0BAQsF
AAOCAQEAtSJJmZHhwhpr43AVBUKGY0eSU7L7KPTLC+y/I/giJa2Qda8fJ9DnvKOH
5ETmuvNpEkU5BRxFbqd3Vs5cBFiGpr008nUdLXh9k/GpTfZiR3FcwtpoSWtJWMD2
Z2x0js27mT4DzX+YC/VPaL/m8ob9sNwzcy08C72IMOewDEUGzWXUzxQV0BGrY/UZ
LakvSTIQYVhpujW8YP5pYSzaN9OI6u6LPx37PjAQmDsX7OGYJWSNYsDNBF4TF6LZ
2k1gGfejCsNk/Spasrk+/FOlO92Mmf6qbQXf5nPEtIdG5aR8ECy658FjvGjSdye4
Fq9/eXq4nw9YvnoXGTIWvdW4RfNoEg==
-----END CERTIFICATE-----
Generated at Wed Feb 5 15:59:15 2025 by rpki-client