Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36FEA6B/7B27920E8B8211E9888B6F73F8AEA228/E95E4E02065B11F0BF610D92762E951A.roa
File: E95E4E02065B11F0BF610D92762E951A.roa (raw, json)
Hash identifier: hC1qoRCVr73SSJvtnxgOKj5VeDUtOUW6+PzCj2xq8vw=
Subject key identifier: EF:FF:3D:24:E1:93:A5:A8:D7:B2:3F:81:46:3C:3F:50:16:82:08:AF
Certificate issuer: /CN=F36FEA6BAF/serialNumber=93C2C99AF0EC4D1A4643497F5F8CBDC7EC45748F
Certificate serial: 088D
Authority key identifier: 93:C2:C9:9A:F0:EC:4D:1A:46:43:49:7F:5F:8C:BD:C7:EC:45:74:8F
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/k8LJmvDsTRpGQ0l_X4y9x-xFdI8.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36FEA6B/7B27920E8B8211E9888B6F73F8AEA228/E95E4E02065B11F0BF610D92762E951A.roa
Signing time: Fri 21 Mar 2025 13:53:47 +0000
ROA not before: Fri 21 Mar 2025 13:53:43 +0000
ROA not after: Wed 21 Mar 2035 13:53:43 +0000
asID: 327844
IP address blocks: 196.49.5.0/24 maxlen: 24
2001:43f8:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36FEA6B/7B27920E8B8211E9888B6F73F8AEA228/k8LJmvDsTRpGQ0l_X4y9x-xFdI8.crl
rsync://rpki.afrinic.net/repository/member_repository/F36FEA6B/7B27920E8B8211E9888B6F73F8AEA228/k8LJmvDsTRpGQ0l_X4y9x-xFdI8.mft
rsync://rpki.afrinic.net/repository/afrinic/k8LJmvDsTRpGQ0l_X4y9x-xFdI8.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 09 Apr 2025 17:49:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2189 (0x88d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36FEA6BAF
Validity
Not Before: Mar 21 13:53:43 2025 GMT
Not After : Mar 21 13:53:43 2035 GMT
Subject: CN=67dd6f6b-d676
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:dc:36:98:cd:4c:e3:dc:0f:2c:43:5e:96:5d:
f9:44:c1:88:64:36:86:39:04:b9:29:34:66:74:50:
42:66:79:1b:da:cd:fc:2e:57:bf:3c:4b:e3:41:de:
74:4f:8f:7f:c6:c6:3c:de:27:85:d0:22:1c:e7:f6:
f0:c3:ca:82:72:1f:6c:be:4a:83:42:3e:d2:09:a4:
e6:6b:0e:1b:b5:4d:df:05:8e:18:f6:62:40:d4:de:
cd:01:11:4e:92:e1:19:f6:e0:77:44:a6:8b:1c:95:
ce:82:97:39:73:24:2e:0a:bc:0f:b3:03:1f:91:0c:
37:c3:8c:8a:6e:1e:e8:3d:7e:cd:a2:a5:7a:ae:45:
2d:b1:3b:ab:85:89:aa:38:67:58:3f:99:03:ea:15:
d1:84:c3:4e:6b:cc:d4:94:26:d9:92:b1:01:12:e4:
79:93:67:14:52:e4:f0:60:2d:ba:26:7c:a8:83:74:
b9:38:dc:4d:17:68:71:eb:51:3c:9d:16:79:f7:91:
c3:0f:6e:63:e1:17:41:59:30:f2:4b:48:83:14:06:
1a:d7:5b:50:81:14:a6:08:a1:26:d2:00:a7:de:2e:
f5:2d:18:35:08:58:78:ec:d0:61:d1:a5:52:cf:dd:
69:07:76:f4:a6:5f:6b:13:1a:3d:42:f6:77:17:ca:
35:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:FF:3D:24:E1:93:A5:A8:D7:B2:3F:81:46:3C:3F:50:16:82:08:AF
X509v3 Authority Key Identifier:
keyid:93:C2:C9:9A:F0:EC:4D:1A:46:43:49:7F:5F:8C:BD:C7:EC:45:74:8F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36FEA6B/7B27920E8B8211E9888B6F73F8AEA228/k8LJmvDsTRpGQ0l_X4y9x-xFdI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/k8LJmvDsTRpGQ0l_X4y9x-xFdI8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36FEA6B/7B27920E8B8211E9888B6F73F8AEA228/E95E4E02065B11F0BF610D92762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
196.49.5.0/24
IPv6:
2001:43f8:1::/48
Signature Algorithm: sha256WithRSAEncryption
2d:f5:c0:ec:53:4e:2b:be:7b:af:3c:d0:45:f7:98:bf:d4:bb:
68:e9:7f:5d:29:73:33:ed:f9:65:a3:f1:b6:83:55:34:92:dd:
94:38:29:f9:95:f8:72:57:6a:76:d9:ae:26:a5:86:e3:de:6d:
d1:f8:f9:5e:dd:4e:b2:4d:3b:f0:4d:2a:a7:66:27:e5:7a:8b:
0b:9d:6e:dc:89:dc:41:b6:6d:61:f5:b5:64:5a:a4:27:82:b4:
ef:f1:f3:4a:3c:ed:be:76:88:22:5c:e7:ed:26:db:a1:be:e9:
fb:9a:d2:11:0d:4d:ab:5e:79:c0:f2:14:08:5b:de:41:07:15:
91:0f:90:b8:6c:c5:d6:89:17:32:f0:3b:2f:ba:e3:87:2d:2c:
d6:0b:c9:54:11:3b:b5:bc:32:b1:9d:32:99:2a:ab:7c:12:e2:
83:09:01:d0:e2:7a:bb:ae:ec:95:1e:cb:15:3e:e3:15:99:5a:
2b:27:5d:8d:86:c1:51:a5:65:ac:b1:12:4a:72:5f:09:d3:bd:
7a:9b:25:68:0e:a9:2a:74:a2:69:ca:1c:13:fc:1c:ca:4b:82:
bb:52:87:9f:0b:d3:26:56:4e:2f:0b:e8:a9:2b:e0:4d:61:c6:
b3:64:bb:fa:76:37:24:f5:85:40:db:39:d1:92:89:35:48:6c:
94:93:f7:b5
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgICCI0wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
RkVBNkJBRjExMC8GA1UEBRMoOTNDMkM5OUFGMEVDNEQxQTQ2NDM0OTdGNUY4Q0JE
QzdFQzQ1NzQ4RjAeFw0yNTAzMjExMzUzNDNaFw0zNTAzMjExMzUzNDNaMBgxFjAU
BgNVBAMTDTY3ZGQ2ZjZiLWQ2NzYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDC3DaYzUzj3A8sQ16WXflEwYhkNoY5BLkpNGZ0UEJmeRvazfwuV788S+NB
3nRPj3/GxjzeJ4XQIhzn9vDDyoJyH2y+SoNCPtIJpOZrDhu1Td8Fjhj2YkDU3s0B
EU6S4Rn24HdEposclc6ClzlzJC4KvA+zAx+RDDfDjIpuHug9fs2ipXquRS2xO6uF
iao4Z1g/mQPqFdGEw05rzNSUJtmSsQES5HmTZxRS5PBgLbomfKiDdLk43E0XaHHr
UTydFnn3kcMPbmPhF0FZMPJLSIMUBhrXW1CBFKYIoSbSAKfeLvUtGDUIWHjs0GHR
pVLP3WkHdvSmX2sTGj1C9ncXyjXrAgMBAAGjggK2MIICsjAdBgNVHQ4EFgQU7/89
JOGTpajXsj+BRjw/UBaCCK8wHwYDVR0jBBgwFoAUk8LJmvDsTRpGQ0l/X4y9x+xF
dI8wDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkZFQTZCLzdCMjc5MjBFOEI4MjExRTk4ODhCNkY3M0Y4QUVBMjI4L2s4TEpt
dkRzVFJwR1EwbF9YNHk5eC14RmRJOC5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL2s4TEptdkRzVFJwR1EwbF9YNHk5eC14RmRJOC5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkZFQTZCLzdCMjc5MjBFOEI4MjExRTk4ODhCNkY3M0Y4
QUVBMjI4L0U5NUU0RTAyMDY1QjExRjBCRjYxMEQ5Mjc2MkU5NTFBLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwMAYIKwYBBQUHAQcBAf8EITAfMAwEAgABMAYDBADEMQUwDwQCAAIwCQMHACAB
Q/gAATANBgkqhkiG9w0BAQsFAAOCAQEALfXA7FNOK757rzzQRfeYv9S7aOl/XSlz
M+35ZaPxtoNVNJLdlDgp+ZX4cldqdtmuJqWG495t0fj5Xt1Osk078E0qp2Yn5XqL
C51u3IncQbZtYfW1ZFqkJ4K07/HzSjztvnaIIlzn7Sbbob7p+5rSEQ1Nq155wPIU
CFveQQcVkQ+QuGzF1okXMvA7L7rjhy0s1gvJVBE7tbwysZ0ymSqrfBLigwkB0OJ6
u67slR7LFT7jFZlaKyddjYbBUaVlrLESSnJfCdO9epslaA6pKnSiacocE/wcykuC
u1KHnwvTJlZOLwvoqSvgTWHGs2S7+nY3JPWFQNs50ZKJNUhslJP3tQ==
-----END CERTIFICATE-----
Generated at Mon Apr 7 22:33:44 2025 by rpki-client