Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F367CD72/0951C17ECEA511EF93B45BAD762E951A/04466B80F36211EFB7841C54762E951A.roa
File: 04466B80F36211EFB7841C54762E951A.roa (raw, json)
Hash identifier: k+w+Al72cOLFmLNM9M2TGC8l+4WDkBhNaHH0njxWTY4=
Subject key identifier: 2C:F0:C7:4E:46:CE:93:18:9D:B4:7C:5D:76:ED:08:EB:3E:72:D7:C4
Certificate issuer: /CN=F367CD72AF/serialNumber=7708E66F1C07C1D7670AEBDBAE186DA42BCB30C7
Certificate serial: 75
Authority key identifier: 77:08:E6:6F:1C:07:C1:D7:67:0A:EB:DB:AE:18:6D:A4:2B:CB:30:C7
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/dwjmbxwHwddnCuvbrhhtpCvLMMc.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F367CD72/0951C17ECEA511EF93B45BAD762E951A/04466B80F36211EFB7841C54762E951A.roa
Signing time: Tue 25 Feb 2025 10:19:38 +0000
ROA not before: Tue 25 Feb 2025 10:19:34 +0000
ROA not after: Sun 31 Dec 2028 10:19:34 +0000
asID: 30985
IP address blocks: 102.221.132.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F367CD72/0951C17ECEA511EF93B45BAD762E951A/dwjmbxwHwddnCuvbrhhtpCvLMMc.crl
rsync://rpki.afrinic.net/repository/member_repository/F367CD72/0951C17ECEA511EF93B45BAD762E951A/dwjmbxwHwddnCuvbrhhtpCvLMMc.mft
rsync://rpki.afrinic.net/repository/afrinic/dwjmbxwHwddnCuvbrhhtpCvLMMc.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 01 May 2025 05:07:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 117 (0x75)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F367CD72AF, serialNumber=7708E66F1C07C1D7670AEBDBAE186DA42BCB30C7
Validity
Not Before: Feb 25 10:19:34 2025 GMT
Not After : Dec 31 10:19:34 2028 GMT
Subject: CN=67bd9939-3583
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:32:9c:71:9b:df:16:d9:a5:52:a8:b0:3b:fb:
d8:cf:05:7a:b1:46:e6:20:49:38:af:2b:d4:4e:d4:
3b:39:84:94:b0:a5:c2:f0:ce:1e:b4:d3:04:7e:45:
4d:1e:ac:51:8a:a6:e5:e9:00:a5:eb:56:ef:d9:a4:
e4:e5:02:5e:04:3d:11:4c:2e:70:5e:fd:f9:ec:1a:
df:c5:71:75:08:c2:8f:b9:29:b6:dd:fc:a4:3b:40:
5d:b8:ed:ce:c9:e5:07:b2:57:82:d4:d0:bf:b0:5d:
ca:0f:a1:17:ff:e6:64:7f:49:93:59:5e:25:5c:30:
c5:ae:d0:d2:59:bd:4c:0a:ef:e6:bc:49:40:66:5e:
39:a7:6f:3a:49:1b:35:0e:5c:cf:a4:9c:0d:9d:2a:
99:61:34:1f:88:c7:e0:df:ec:cb:f6:09:2f:5b:52:
41:28:f2:f1:af:0b:2b:e8:4c:fd:aa:ca:4d:4e:75:
b9:56:b2:39:7c:19:fb:45:e9:f7:74:62:bb:f0:a3:
8d:c4:75:22:a3:b3:a4:2a:8e:5a:96:03:bc:39:fc:
ab:85:22:a8:ca:bb:fd:ac:8b:7e:3d:24:06:91:c6:
9c:28:91:b9:7b:96:60:09:19:64:7c:19:16:40:0e:
c2:d2:72:8e:8f:df:07:ba:2d:48:35:68:d4:f0:38:
f5:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:F0:C7:4E:46:CE:93:18:9D:B4:7C:5D:76:ED:08:EB:3E:72:D7:C4
X509v3 Authority Key Identifier:
keyid:77:08:E6:6F:1C:07:C1:D7:67:0A:EB:DB:AE:18:6D:A4:2B:CB:30:C7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F367CD72/0951C17ECEA511EF93B45BAD762E951A/dwjmbxwHwddnCuvbrhhtpCvLMMc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/dwjmbxwHwddnCuvbrhhtpCvLMMc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F367CD72/0951C17ECEA511EF93B45BAD762E951A/04466B80F36211EFB7841C54762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.221.132.0/22
Signature Algorithm: sha256WithRSAEncryption
3f:e5:b7:f0:d7:c7:64:7b:79:31:1f:aa:a2:e4:57:b6:9b:2d:
7a:3a:69:2e:46:80:2b:0e:11:88:53:1a:29:f0:10:9f:0e:d2:
00:26:2f:c4:7d:1e:15:a5:8e:17:64:bb:c0:3d:9f:fc:13:f0:
17:b6:27:6e:e2:98:af:f6:71:c0:0d:f2:09:34:24:1b:28:b5:
8f:81:fa:d0:1b:5d:6d:83:62:87:38:74:35:2c:f8:69:fc:1e:
e4:0d:34:99:8f:15:23:6d:63:30:17:9c:25:8f:ab:76:7e:33:
d6:e0:82:09:50:2b:07:ff:d8:75:30:5c:17:35:95:af:49:ac:
ba:2e:0b:04:2e:a3:ad:3f:95:da:e4:19:a2:0a:52:6e:fd:29:
7c:27:90:80:2c:2a:6a:be:44:18:77:9d:3d:1a:94:bc:e7:00:
94:d6:a4:f4:51:a8:6e:85:31:cf:dc:cf:c7:e6:d7:59:a1:64:
ef:af:3f:56:e4:51:f1:f6:4f:fa:52:61:51:cc:38:fd:77:f8:
47:08:da:d4:64:10:7f:87:b5:b9:af:13:6a:d2:45:fc:62:02:
30:c4:fa:2e:4d:a8:90:d6:5a:37:00:aa:c3:f7:b0:f4:5d:fa:
e3:bc:48:6a:d6:c8:f0:6d:f6:17:25:0e:4d:75:c5:4b:93:4d:
96:82:ae:71
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBdTANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY3
Q0Q3MkFGMTEwLwYDVQQFEyg3NzA4RTY2RjFDMDdDMUQ3NjcwQUVCREJBRTE4NkRB
NDJCQ0IzMEM3MB4XDTI1MDIyNTEwMTkzNFoXDTI4MTIzMTEwMTkzNFowGDEWMBQG
A1UEAxMNNjdiZDk5MzktMzU4MzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMEynHGb3xbZpVKosDv72M8FerFG5iBJOK8r1E7UOzmElLClwvDOHrTTBH5F
TR6sUYqm5ekApetW79mk5OUCXgQ9EUwucF79+ewa38VxdQjCj7kptt38pDtAXbjt
zsnlB7JXgtTQv7Bdyg+hF//mZH9Jk1leJVwwxa7Q0lm9TArv5rxJQGZeOadvOkkb
NQ5cz6ScDZ0qmWE0H4jH4N/sy/YJL1tSQSjy8a8LK+hM/arKTU51uVayOXwZ+0Xp
93Riu/CjjcR1IqOzpCqOWpYDvDn8q4UiqMq7/ayLfj0kBpHGnCiRuXuWYAkZZHwZ
FkAOwtJyjo/fB7otSDVo1PA49Q8CAwEAAaOCAqUwggKhMB0GA1UdDgQWBBQs8MdO
Rs6TGJ20fF127QjrPnLXxDAfBgNVHSMEGDAWgBR3COZvHAfB12cK69uuGG2kK8sw
xzAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2N0NENzIvMDk1MUMxN0VDRUE1MTFFRjkzQjQ1QkFENzYyRTk1MUEvZHdqbWJ4
d0h3ZGRuQ3V2YnJoaHRwQ3ZMTU1jLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvZHdqbWJ4d0h3ZGRuQ3V2YnJoaHRwQ3ZMTU1jLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2N0NENzIvMDk1MUMxN0VDRUE1MTFFRjkzQjQ1QkFENzYy
RTk1MUEvMDQ0NjZCODBGMzYyMTFFRkI3ODQxQzU0NzYyRTk1MUEucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAmbdhDANBgkqhkiG9w0BAQsF
AAOCAQEAP+W38NfHZHt5MR+qouRXtpstejppLkaAKw4RiFMaKfAQnw7SACYvxH0e
FaWOF2S7wD2f/BPwF7YnbuKYr/ZxwA3yCTQkGyi1j4H60BtdbYNihzh0NSz4afwe
5A00mY8VI21jMBecJY+rdn4z1uCCCVArB//YdTBcFzWVr0msui4LBC6jrT+V2uQZ
ogpSbv0pfCeQgCwqar5EGHedPRqUvOcAlNak9FGoboUxz9zPx+bXWaFk768/VuRR
8fZP+lJhUcw4/Xf4Rwja1GQQf4e1ua8TatJF/GICMMT6Lk2okNZaNwCqw/ew9F36
47xIatbI8G32FyUOTXXFS5NNloKucQ==
-----END CERTIFICATE-----
Generated at Tue Apr 29 12:12:21 2025 by rpki-client