Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36F0F1F/EDA5AFEC314011EE95A038344AD9E6FC/100404ACF0EF11EF88C9AE71762E951A.roa
File: 100404ACF0EF11EF88C9AE71762E951A.roa (raw, json)
Hash identifier: 8k5gdkW/3dmY+rQ2FXNkTuiBZr2cv4drq04xkEmoRrA=
Subject key identifier: 5A:53:2B:F7:7D:CC:F0:96:69:56:2E:13:1E:90:6E:20:C1:AF:71:5F
Certificate issuer: /CN=F36F0F1FAF/serialNumber=922E40550B276DDE1EB2C150DF562581E28CE8B6
Certificate serial: 0253
Authority key identifier: 92:2E:40:55:0B:27:6D:DE:1E:B2:C1:50:DF:56:25:81:E2:8C:E8:B6
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/ki5AVQsnbd4essFQ31YlgeKM6LY.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36F0F1F/EDA5AFEC314011EE95A038344AD9E6FC/100404ACF0EF11EF88C9AE71762E951A.roa
Signing time: Sat 22 Feb 2025 07:31:43 +0000
ROA not before: Sat 22 Feb 2025 07:31:38 +0000
ROA not after: Fri 22 Feb 2030 07:31:38 +0000
asID: 329062
IP address blocks: 102.216.0.0/22 maxlen: 24
2c0f:1880::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36F0F1F/EDA5AFEC314011EE95A038344AD9E6FC/ki5AVQsnbd4essFQ31YlgeKM6LY.crl
rsync://rpki.afrinic.net/repository/member_repository/F36F0F1F/EDA5AFEC314011EE95A038344AD9E6FC/ki5AVQsnbd4essFQ31YlgeKM6LY.mft
rsync://rpki.afrinic.net/repository/afrinic/ki5AVQsnbd4essFQ31YlgeKM6LY.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 595 (0x253)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36F0F1FAF
Validity
Not Before: Feb 22 07:31:38 2025 GMT
Not After : Feb 22 07:31:38 2030 GMT
Subject: CN=67b97d5f-a1b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:21:b0:c8:e8:26:90:cb:e4:61:65:e7:64:f4:
89:3d:ed:c3:d7:61:b5:38:72:aa:96:d1:60:8f:30:
57:41:32:18:70:27:b8:86:da:8f:c5:b5:7e:05:a9:
9a:e3:3c:23:0d:86:d0:3e:78:f4:bd:23:c9:ef:7a:
43:63:8c:02:b6:95:ec:93:12:18:6f:5c:f3:b0:65:
a4:29:ed:8b:fe:c2:45:79:57:11:07:9c:2a:0c:33:
b9:64:a5:a3:ad:b8:67:c3:66:79:08:c2:7b:18:a5:
b4:b9:22:81:8a:6f:18:a2:56:ba:4f:a3:12:d9:b6:
a1:13:29:ed:5c:20:92:b9:8c:2d:ec:68:57:09:7f:
f9:2a:82:bb:cd:12:9f:71:fa:76:8c:b0:c4:83:21:
59:45:14:f3:fe:ed:92:90:a7:7e:ef:01:bb:d6:ea:
62:bd:d5:1e:69:48:d2:56:7e:a9:c1:96:2c:40:bc:
a1:c2:b1:2a:37:07:1b:b8:b2:53:06:1d:20:87:1f:
f1:b2:01:d8:e3:59:17:70:8f:31:a6:bd:ed:26:7b:
1e:b4:6f:32:62:00:1e:c9:93:29:bf:b7:7a:43:7e:
85:e6:36:7d:ab:96:83:21:da:85:af:e9:84:91:da:
d3:c6:f9:57:b1:54:9b:eb:cd:ad:d6:9c:b3:8f:61:
75:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:53:2B:F7:7D:CC:F0:96:69:56:2E:13:1E:90:6E:20:C1:AF:71:5F
X509v3 Authority Key Identifier:
keyid:92:2E:40:55:0B:27:6D:DE:1E:B2:C1:50:DF:56:25:81:E2:8C:E8:B6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36F0F1F/EDA5AFEC314011EE95A038344AD9E6FC/ki5AVQsnbd4essFQ31YlgeKM6LY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/ki5AVQsnbd4essFQ31YlgeKM6LY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36F0F1F/EDA5AFEC314011EE95A038344AD9E6FC/100404ACF0EF11EF88C9AE71762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.216.0.0/22
IPv6:
2c0f:1880::/32
Signature Algorithm: sha256WithRSAEncryption
28:af:17:a3:80:fc:c9:6f:3f:c3:96:8b:50:2e:a0:a4:f0:4d:
5a:1c:42:41:42:98:a4:95:0c:8d:e9:09:86:3b:65:2a:b9:41:
52:e4:b4:2e:1f:ab:de:d9:a4:10:28:13:3c:f0:a0:9a:d1:77:
7f:a1:a3:f2:de:e8:61:5b:21:a9:eb:0f:18:47:db:79:3b:11:
d3:9b:89:c6:a2:11:f5:77:f1:f2:64:b9:1b:d6:ce:0e:55:20:
67:2d:f7:9b:02:1c:a7:fb:71:3b:66:8a:60:ea:19:b0:70:ca:
38:d3:b0:6b:94:c8:33:b6:9c:7d:51:9d:41:8f:90:eb:53:09:
38:56:f4:2c:5a:b5:9a:a0:aa:1c:35:c3:f7:b9:a9:06:a1:2b:
97:ed:51:3f:a6:9a:41:e9:6e:af:3b:54:6b:3b:7c:43:c1:61:
f1:5c:99:4a:91:5e:e4:2b:12:9a:a5:b7:c3:cb:60:9f:ad:0a:
b9:8f:af:0a:66:b5:ee:a1:3d:9f:e2:79:e6:d7:2e:41:ec:bf:
2c:69:f4:97:40:2b:fa:4e:11:02:5b:60:fd:89:0b:bd:61:74:
53:8a:4d:1a:93:41:74:65:09:15:d5:80:2b:58:4c:a6:94:0c:
ea:36:79:5e:f3:c8:df:ea:73:56:90:7e:02:4d:d0:e6:cf:8f:
b5:0c:33:cd
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgICAlMwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
RjBGMUZBRjExMC8GA1UEBRMoOTIyRTQwNTUwQjI3NkRERTFFQjJDMTUwREY1NjI1
ODFFMjhDRThCNjAeFw0yNTAyMjIwNzMxMzhaFw0zMDAyMjIwNzMxMzhaMBgxFjAU
BgNVBAMTDTY3Yjk3ZDVmLWExYjcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDCIbDI6CaQy+RhZedk9Ik97cPXYbU4cqqW0WCPMFdBMhhwJ7iG2o/FtX4F
qZrjPCMNhtA+ePS9I8nvekNjjAK2leyTEhhvXPOwZaQp7Yv+wkV5VxEHnCoMM7lk
paOtuGfDZnkIwnsYpbS5IoGKbxiiVrpPoxLZtqETKe1cIJK5jC3saFcJf/kqgrvN
Ep9x+naMsMSDIVlFFPP+7ZKQp37vAbvW6mK91R5pSNJWfqnBlixAvKHCsSo3Bxu4
slMGHSCHH/GyAdjjWRdwjzGmve0mex60bzJiAB7Jkym/t3pDfoXmNn2rloMh2oWv
6YSR2tPG+VexVJvrza3WnLOPYXUpAgMBAAGjggK0MIICsDAdBgNVHQ4EFgQUWlMr
933M8JZpVi4THpBuIMGvcV8wHwYDVR0jBBgwFoAUki5AVQsnbd4essFQ31YlgeKM
6LYwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkYwRjFGL0VEQTVBRkVDMzE0MDExRUU5NUEwMzgzNDRBRDlFNkZDL2tpNUFW
UXNuYmQ0ZXNzRlEzMVlsZ2VLTTZMWS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL2tpNUFWUXNuYmQ0ZXNzRlEzMVlsZ2VLTTZMWS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkYwRjFGL0VEQTVBRkVDMzE0MDExRUU5NUEwMzgzNDRB
RDlFNkZDLzEwMDQwNEFDRjBFRjExRUY4OEM5QUU3MTc2MkU5NTFBLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBAJm2AAwDQQCAAIwBwMFACwP
GIAwDQYJKoZIhvcNAQELBQADggEBACivF6OA/MlvP8OWi1AuoKTwTVocQkFCmKSV
DI3pCYY7ZSq5QVLktC4fq97ZpBAoEzzwoJrRd3+ho/Le6GFbIanrDxhH23k7EdOb
icaiEfV38fJkuRvWzg5VIGct95sCHKf7cTtmimDqGbBwyjjTsGuUyDO2nH1RnUGP
kOtTCThW9CxatZqgqhw1w/e5qQahK5ftUT+mmkHpbq87VGs7fEPBYfFcmUqRXuQr
Epqlt8PLYJ+tCrmPrwpmte6hPZ/ieebXLkHsvyxp9JdAK/pOEQJbYP2JC71hdFOK
TRqTQXRlCRXVgCtYTKaUDOo2eV7zyN/qc1aQfgJN0ObPj7UMM80=
-----END CERTIFICATE-----
Generated at Fri Apr 4 20:16:46 2025 by rpki-client