Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F367CD72/0951C17ECEA511EF93B45BAD762E951A/6D9333C8F36411EFA21E3864762E951A.roa
File: 6D9333C8F36411EFA21E3864762E951A.roa (raw, json)
Hash identifier: qCcMIGMPv6iLqntlPxto9IWFZxg/PkX6K91u1W/HaMo=
Subject key identifier: 30:DC:9A:8C:9D:A8:3E:82:77:45:2C:81:AE:13:A0:23:39:28:20:F7
Certificate issuer: /CN=F367CD72AF/serialNumber=7708E66F1C07C1D7670AEBDBAE186DA42BCB30C7
Certificate serial: 7F
Authority key identifier: 77:08:E6:6F:1C:07:C1:D7:67:0A:EB:DB:AE:18:6D:A4:2B:CB:30:C7
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/dwjmbxwHwddnCuvbrhhtpCvLMMc.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F367CD72/0951C17ECEA511EF93B45BAD762E951A/6D9333C8F36411EFA21E3864762E951A.roa
Signing time: Tue 25 Feb 2025 10:36:53 +0000
ROA not before: Tue 25 Feb 2025 10:36:49 +0000
ROA not after: Sun 31 Dec 2028 10:36:49 +0000
asID: 30985
IP address blocks: 41.221.176.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F367CD72/0951C17ECEA511EF93B45BAD762E951A/dwjmbxwHwddnCuvbrhhtpCvLMMc.crl
rsync://rpki.afrinic.net/repository/member_repository/F367CD72/0951C17ECEA511EF93B45BAD762E951A/dwjmbxwHwddnCuvbrhhtpCvLMMc.mft
rsync://rpki.afrinic.net/repository/afrinic/dwjmbxwHwddnCuvbrhhtpCvLMMc.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 29 Apr 2025 00:06:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 127 (0x7f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F367CD72AF, serialNumber=7708E66F1C07C1D7670AEBDBAE186DA42BCB30C7
Validity
Not Before: Feb 25 10:36:49 2025 GMT
Not After : Dec 31 10:36:49 2028 GMT
Subject: CN=67bd9d45-340b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:87:b0:33:fe:01:49:8d:17:06:dd:81:76:09:
d3:69:3d:be:76:e7:c4:b0:45:32:af:30:80:c1:76:
dd:2e:e7:cb:ff:d7:fd:bc:49:d3:08:bc:c6:34:63:
4f:79:cc:54:cd:7b:70:2a:4a:42:d7:c0:6c:bd:01:
40:d3:ad:36:65:bb:9c:7c:6a:00:8e:29:51:2d:eb:
4f:f7:9e:ed:b7:6a:6b:49:ab:f4:11:cf:99:83:df:
81:7a:05:86:a5:03:df:1e:1d:eb:a4:5c:01:f8:8c:
1e:a9:ec:50:19:59:01:59:45:d0:b6:36:e8:dc:56:
fd:de:63:29:99:d0:b6:c1:0d:d6:96:1e:9c:c0:14:
43:3c:6a:ca:78:57:ae:2e:69:88:a3:db:ab:12:fe:
48:69:e5:1d:73:ad:91:d4:98:ca:a6:f5:ef:66:e5:
bf:2f:d7:65:f4:b4:dc:ca:8c:df:6c:b5:e5:93:91:
b3:e2:21:aa:ac:27:3d:6f:ca:c6:08:7d:3e:a4:da:
c6:f4:cb:ab:ed:98:0b:0c:70:fc:d8:3e:01:ef:af:
87:59:16:19:f6:06:d9:4a:62:33:e6:68:6f:eb:bf:
10:0c:92:84:08:a7:1f:39:6c:51:bb:b3:f2:d1:73:
7e:42:a0:d2:a7:16:f5:5d:f5:6b:30:31:8c:2d:86:
b7:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:DC:9A:8C:9D:A8:3E:82:77:45:2C:81:AE:13:A0:23:39:28:20:F7
X509v3 Authority Key Identifier:
keyid:77:08:E6:6F:1C:07:C1:D7:67:0A:EB:DB:AE:18:6D:A4:2B:CB:30:C7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F367CD72/0951C17ECEA511EF93B45BAD762E951A/dwjmbxwHwddnCuvbrhhtpCvLMMc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/dwjmbxwHwddnCuvbrhhtpCvLMMc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F367CD72/0951C17ECEA511EF93B45BAD762E951A/6D9333C8F36411EFA21E3864762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
41.221.176.0/20
Signature Algorithm: sha256WithRSAEncryption
a5:d0:ef:83:0d:db:dc:9e:9f:76:7d:96:be:cf:fc:e0:d7:c9:
7c:b3:8b:a1:eb:fa:74:35:48:fd:98:af:06:52:0e:66:81:cc:
ff:cb:47:1d:91:6f:f5:15:19:3b:06:74:29:d0:ad:7b:cd:0a:
09:49:d9:03:47:a9:48:bf:d7:64:01:7e:33:b7:90:e5:9f:93:
59:9a:20:b8:13:83:86:7d:c2:76:a6:ce:6d:42:05:64:74:88:
3f:49:93:28:a8:2b:39:e3:d1:db:18:8a:21:97:c9:7c:97:bf:
eb:1d:c3:81:b0:fd:a3:84:86:ee:5c:30:81:ee:a7:f9:91:4a:
d9:fe:8f:22:ac:12:f2:5c:35:13:cc:ff:13:9d:e9:6c:ec:a5:
a4:9e:0e:1c:3d:9f:ea:bf:72:2f:d4:7c:2b:09:66:83:4c:8a:
5f:5b:1d:84:85:bc:4f:8c:42:d3:3b:b4:23:90:ef:11:0a:64:
7f:9e:7f:ef:89:64:5d:92:1b:23:30:3d:c9:57:4f:bf:16:24:
9b:6d:76:73:ae:cf:66:f3:ba:be:7a:2c:5a:d3:b8:c1:54:ea:
1d:0d:d8:62:7f:bf:e2:b7:5e:db:08:6a:57:65:67:37:78:34:
ef:91:a7:8b:ce:83:34:25:77:9e:55:52:c8:48:6a:68:43:46:
0b:76:63:d6
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBfzANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY3
Q0Q3MkFGMTEwLwYDVQQFEyg3NzA4RTY2RjFDMDdDMUQ3NjcwQUVCREJBRTE4NkRB
NDJCQ0IzMEM3MB4XDTI1MDIyNTEwMzY0OVoXDTI4MTIzMTEwMzY0OVowGDEWMBQG
A1UEAxMNNjdiZDlkNDUtMzQwYjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALuHsDP+AUmNFwbdgXYJ02k9vnbnxLBFMq8wgMF23S7ny//X/bxJ0wi8xjRj
T3nMVM17cCpKQtfAbL0BQNOtNmW7nHxqAI4pUS3rT/ee7bdqa0mr9BHPmYPfgXoF
hqUD3x4d66RcAfiMHqnsUBlZAVlF0LY26NxW/d5jKZnQtsEN1pYenMAUQzxqynhX
ri5piKPbqxL+SGnlHXOtkdSYyqb172blvy/XZfS03MqM32y15ZORs+IhqqwnPW/K
xgh9PqTaxvTLq+2YCwxw/Ng+Ae+vh1kWGfYG2UpiM+Zob+u/EAyShAinHzlsUbuz
8tFzfkKg0qcW9V31azAxjC2Gt7sCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBQw3JqM
nag+gndFLIGuE6AjOSgg9zAfBgNVHSMEGDAWgBR3COZvHAfB12cK69uuGG2kK8sw
xzAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2N0NENzIvMDk1MUMxN0VDRUE1MTFFRjkzQjQ1QkFENzYyRTk1MUEvZHdqbWJ4
d0h3ZGRuQ3V2YnJoaHRwQ3ZMTU1jLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvZHdqbWJ4d0h3ZGRuQ3V2YnJoaHRwQ3ZMTU1jLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2N0NENzIvMDk1MUMxN0VDRUE1MTFFRjkzQjQ1QkFENzYy
RTk1MUEvNkQ5MzMzQzhGMzY0MTFFRkEyMUUzODY0NzYyRTk1MUEucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBCndsDANBgkqhkiG9w0BAQsF
AAOCAQEApdDvgw3b3J6fdn2Wvs/84NfJfLOLoev6dDVI/ZivBlIOZoHM/8tHHZFv
9RUZOwZ0KdCte80KCUnZA0epSL/XZAF+M7eQ5Z+TWZoguBODhn3CdqbObUIFZHSI
P0mTKKgrOePR2xiKIZfJfJe/6x3DgbD9o4SG7lwwge6n+ZFK2f6PIqwS8lw1E8z/
E53pbOylpJ4OHD2f6r9yL9R8Kwlmg0yKX1sdhIW8T4xC0zu0I5DvEQpkf55/74lk
XZIbIzA9yVdPvxYkm212c67PZvO6vnosWtO4wVTqHQ3YYn+/4rde2whqV2VnN3g0
75Gni86DNCV3nlVSyEhqaENGC3Zj1g==
-----END CERTIFICATE-----
Generated at Mon Apr 28 00:55:13 2025 by rpki-client