Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36EF7D0/36E40A16F2FB11ED821B9D804AD9E6FC/487DF37800FE11F09431944D762E951A.roa
File: 487DF37800FE11F09431944D762E951A.roa (raw, json)
Hash identifier: vFH43GxrKZ9rqeJkPBqFNCpNF2wmx+m29HBGPHLRYRU=
Subject key identifier: 25:3C:2A:A2:FD:97:56:11:90:17:F5:2F:E4:79:53:F7:95:62:0B:84
Certificate issuer: /CN=F36EF7D0AF/serialNumber=3A553B6EF80BF922312F96B8DDC1F219A8C4121B
Certificate serial: 02FA
Authority key identifier: 3A:55:3B:6E:F8:0B:F9:22:31:2F:96:B8:DD:C1:F2:19:A8:C4:12:1B
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/OlU7bvgL-SIxL5a43cHyGajEEhs.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36EF7D0/36E40A16F2FB11ED821B9D804AD9E6FC/487DF37800FE11F09431944D762E951A.roa
Signing time: Fri 14 Mar 2025 18:00:59 +0000
ROA not before: Fri 14 Mar 2025 18:00:54 +0000
ROA not after: Wed 13 Mar 2030 18:00:54 +0000
asID: 212001
IP address blocks: 102.212.6.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36EF7D0/36E40A16F2FB11ED821B9D804AD9E6FC/OlU7bvgL-SIxL5a43cHyGajEEhs.crl
rsync://rpki.afrinic.net/repository/member_repository/F36EF7D0/36E40A16F2FB11ED821B9D804AD9E6FC/OlU7bvgL-SIxL5a43cHyGajEEhs.mft
rsync://rpki.afrinic.net/repository/afrinic/OlU7bvgL-SIxL5a43cHyGajEEhs.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 10 Apr 2025 02:34:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 762 (0x2fa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36EF7D0AF
Validity
Not Before: Mar 14 18:00:54 2025 GMT
Not After : Mar 13 18:00:54 2030 GMT
Subject: CN=67d46edb-eb4e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:42:29:66:a8:d3:50:23:4a:8b:8d:54:cf:21:
96:42:fa:21:97:fb:b0:b5:34:69:e5:8f:10:a8:10:
1b:ac:83:31:82:0e:0a:ab:40:f1:d3:d0:c8:79:5f:
c9:50:2e:ec:74:60:9e:31:69:70:58:7c:d5:2a:04:
5b:60:d6:8a:95:77:19:8d:9f:68:fe:a2:a2:5d:3a:
53:65:52:2e:9f:fb:83:e0:58:d3:2a:01:6f:1d:43:
b0:4f:61:bc:25:6b:be:3b:6c:df:33:63:67:2e:52:
91:d6:69:f6:c5:a9:23:4c:4d:84:c7:58:d6:d2:7c:
7a:60:6e:94:eb:80:c6:39:67:7f:08:29:fc:5c:95:
ce:f4:32:7b:49:d7:09:33:38:10:fe:1a:a1:91:62:
99:3c:18:8c:8b:6c:d1:7e:45:f1:ab:94:57:37:65:
46:f3:fe:ca:62:30:2e:af:d1:4a:ab:6f:d5:21:da:
86:25:9c:7b:d7:c8:96:32:18:4f:8f:04:2c:56:b1:
e1:12:b2:ff:b5:8e:6a:16:0b:8f:99:b9:9f:8f:d1:
cd:77:89:ca:f5:c3:bc:84:a5:d3:a7:1a:44:e0:b4:
b4:a2:ef:25:75:95:a5:96:e2:1c:ff:42:4f:89:61:
1d:4b:0a:09:55:90:d7:d1:76:f8:c6:c4:e5:a4:27:
42:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:3C:2A:A2:FD:97:56:11:90:17:F5:2F:E4:79:53:F7:95:62:0B:84
X509v3 Authority Key Identifier:
keyid:3A:55:3B:6E:F8:0B:F9:22:31:2F:96:B8:DD:C1:F2:19:A8:C4:12:1B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36EF7D0/36E40A16F2FB11ED821B9D804AD9E6FC/OlU7bvgL-SIxL5a43cHyGajEEhs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/OlU7bvgL-SIxL5a43cHyGajEEhs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36EF7D0/36E40A16F2FB11ED821B9D804AD9E6FC/487DF37800FE11F09431944D762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.212.6.0/24
Signature Algorithm: sha256WithRSAEncryption
ab:ca:76:96:0c:9f:82:ac:9d:c8:25:fd:ce:43:ce:50:29:ed:
46:73:5a:d9:50:ae:03:2e:1e:75:71:3e:a0:c5:fd:1f:9f:2b:
66:02:ec:25:e7:cb:70:e1:99:d7:3d:a0:72:6f:9a:c5:68:87:
9d:f7:e6:5f:14:ee:79:2e:a1:ab:12:31:9c:a2:f6:e5:69:12:
3b:b7:5e:f9:5a:81:bc:36:6a:af:cb:5e:d9:98:67:9b:bb:90:
4f:29:0d:29:64:95:d3:c1:6b:db:86:ab:01:da:4a:ec:32:dd:
01:af:48:72:63:71:0f:ca:86:f5:9d:e0:0b:ae:d9:a0:fc:5f:
62:15:67:2b:d4:61:74:c1:dc:c7:e4:0d:b4:a0:2a:90:c4:1c:
a4:b2:71:fa:74:5c:e2:02:a5:64:b2:98:d5:a9:38:7c:cf:f0:
dc:2f:42:30:b9:01:31:26:d5:02:bc:c3:e7:b9:d3:60:16:1d:
85:75:9d:0c:68:38:04:0b:b6:42:4f:49:9a:51:c5:19:11:cf:
c4:5c:00:4d:0b:14:50:fc:6d:67:8a:0a:56:23:bd:43:02:c2:
a1:b0:6a:04:13:51:9d:e5:fd:18:54:b8:ee:84:0c:1a:b3:dc:
84:2d:13:70:81:05:30:c0:ee:05:6b:81:c1:1e:01:53:d5:97:
2c:fe:6d:c6
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICAvowDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
RUY3RDBBRjExMC8GA1UEBRMoM0E1NTNCNkVGODBCRjkyMjMxMkY5NkI4RERDMUYy
MTlBOEM0MTIxQjAeFw0yNTAzMTQxODAwNTRaFw0zMDAzMTMxODAwNTRaMBgxFjAU
BgNVBAMTDTY3ZDQ2ZWRiLWViNGUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDZQilmqNNQI0qLjVTPIZZC+iGX+7C1NGnljxCoEBusgzGCDgqrQPHT0Mh5
X8lQLux0YJ4xaXBYfNUqBFtg1oqVdxmNn2j+oqJdOlNlUi6f+4PgWNMqAW8dQ7BP
Ybwla747bN8zY2cuUpHWafbFqSNMTYTHWNbSfHpgbpTrgMY5Z38IKfxclc70MntJ
1wkzOBD+GqGRYpk8GIyLbNF+RfGrlFc3ZUbz/spiMC6v0Uqrb9Uh2oYlnHvXyJYy
GE+PBCxWseESsv+1jmoWC4+ZuZ+P0c13icr1w7yEpdOnGkTgtLSi7yV1laWW4hz/
Qk+JYR1LCglVkNfRdvjGxOWkJ0I7AgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUJTwq
ov2XVhGQF/Uv5HlT95ViC4QwHwYDVR0jBBgwFoAUOlU7bvgL+SIxL5a43cHyGajE
EhswDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkVGN0QwLzM2RTQwQTE2RjJGQjExRUQ4MjFCOUQ4MDRBRDlFNkZDL09sVTdi
dmdMLVNJeEw1YTQzY0h5R2FqRUVocy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL09sVTdidmdMLVNJeEw1YTQzY0h5R2FqRUVocy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkVGN0QwLzM2RTQwQTE2RjJGQjExRUQ4MjFCOUQ4MDRB
RDlFNkZDLzQ4N0RGMzc4MDBGRTExRjA5NDMxOTQ0RDc2MkU5NTFBLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABm1AYwDQYJKoZIhvcNAQEL
BQADggEBAKvKdpYMn4Ksncgl/c5DzlAp7UZzWtlQrgMuHnVxPqDF/R+fK2YC7CXn
y3Dhmdc9oHJvmsVoh5335l8U7nkuoasSMZyi9uVpEju3Xvlagbw2aq/LXtmYZ5u7
kE8pDSlkldPBa9uGqwHaSuwy3QGvSHJjcQ/KhvWd4Auu2aD8X2IVZyvUYXTB3Mfk
DbSgKpDEHKSycfp0XOICpWSymNWpOHzP8NwvQjC5ATEm1QK8w+e502AWHYV1nQxo
OAQLtkJPSZpRxRkRz8RcAE0LFFD8bWeKClYjvUMCwqGwagQTUZ3l/RhUuO6EDBqz
3IQtE3CBBTDA7gVrgcEeAVPVlyz+bcY=
-----END CERTIFICATE-----
Generated at Tue Apr 8 15:00:17 2025 by rpki-client