Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F367CD72/0951C17ECEA511EF93B45BAD762E951A/AB313988F36311EFBAC9DA5E762E951A.roa
File: AB313988F36311EFBAC9DA5E762E951A.roa (raw, json)
Hash identifier: QYTpKFHcH+2F26H8AMuPN3ygS8KPNu9TR1X0KOssigQ=
Subject key identifier: 00:95:AB:0B:11:96:8B:19:DC:5E:26:4B:A1:51:01:0E:4A:6C:D8:94
Certificate issuer: /CN=F367CD72AF/serialNumber=7708E66F1C07C1D7670AEBDBAE186DA42BCB30C7
Certificate serial: 7B
Authority key identifier: 77:08:E6:6F:1C:07:C1:D7:67:0A:EB:DB:AE:18:6D:A4:2B:CB:30:C7
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/dwjmbxwHwddnCuvbrhhtpCvLMMc.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F367CD72/0951C17ECEA511EF93B45BAD762E951A/AB313988F36311EFBAC9DA5E762E951A.roa
Signing time: Tue 25 Feb 2025 10:31:27 +0000
ROA not before: Tue 25 Feb 2025 10:31:23 +0000
ROA not after: Sun 31 Dec 2028 10:31:23 +0000
asID: 30985
IP address blocks: 197.155.128.0/18 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F367CD72/0951C17ECEA511EF93B45BAD762E951A/dwjmbxwHwddnCuvbrhhtpCvLMMc.crl
rsync://rpki.afrinic.net/repository/member_repository/F367CD72/0951C17ECEA511EF93B45BAD762E951A/dwjmbxwHwddnCuvbrhhtpCvLMMc.mft
rsync://rpki.afrinic.net/repository/afrinic/dwjmbxwHwddnCuvbrhhtpCvLMMc.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 29 Apr 2025 05:06:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 123 (0x7b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F367CD72AF, serialNumber=7708E66F1C07C1D7670AEBDBAE186DA42BCB30C7
Validity
Not Before: Feb 25 10:31:23 2025 GMT
Not After : Dec 31 10:31:23 2028 GMT
Subject: CN=67bd9bff-f760
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:c6:4c:68:56:61:a3:09:9a:cd:7a:fd:d1:53:
8b:73:d8:a9:ef:b4:d0:d2:40:3b:5e:7d:cf:72:67:
04:be:92:5c:65:97:40:85:2f:cb:e1:df:99:9c:82:
0b:1e:fd:d3:24:7d:da:67:aa:b7:80:05:05:f6:15:
97:f0:bd:b3:99:12:4d:57:f6:84:1c:3d:06:46:7c:
7c:03:51:df:07:25:be:d1:92:6c:63:75:47:87:5d:
48:82:0e:30:2f:2f:4a:94:03:96:30:e6:f4:cf:c5:
58:00:3d:3e:75:9a:a8:c6:41:bf:63:72:03:1c:3c:
d7:a4:a6:99:68:33:1b:74:c0:aa:54:45:21:48:da:
c2:67:21:88:92:cc:67:7a:f8:e4:d4:d6:9b:69:d5:
4f:e2:cc:63:a8:86:ab:93:af:73:42:a0:13:a1:d8:
9d:59:55:b7:88:d1:4d:6c:3a:2e:88:ff:11:ff:ea:
7f:76:af:d8:05:2b:96:9b:92:25:f9:1e:64:df:b1:
37:b8:63:f6:1f:f5:df:17:59:f2:a2:8f:da:aa:98:
ce:6e:00:b6:06:70:81:18:52:df:94:54:12:ec:89:
f9:6c:e0:ee:fb:4a:98:d0:57:20:f7:57:47:d1:26:
c3:aa:44:0f:f8:aa:91:87:0b:4b:f8:f3:d4:4d:96:
6f:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:95:AB:0B:11:96:8B:19:DC:5E:26:4B:A1:51:01:0E:4A:6C:D8:94
X509v3 Authority Key Identifier:
keyid:77:08:E6:6F:1C:07:C1:D7:67:0A:EB:DB:AE:18:6D:A4:2B:CB:30:C7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F367CD72/0951C17ECEA511EF93B45BAD762E951A/dwjmbxwHwddnCuvbrhhtpCvLMMc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/dwjmbxwHwddnCuvbrhhtpCvLMMc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F367CD72/0951C17ECEA511EF93B45BAD762E951A/AB313988F36311EFBAC9DA5E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
197.155.128.0/18
Signature Algorithm: sha256WithRSAEncryption
94:e6:17:8e:11:6c:e3:2b:21:ee:be:97:32:d2:64:27:35:f7:
95:89:51:6a:76:1e:19:77:ae:fd:ea:09:57:4f:08:89:95:0c:
06:1a:37:d5:e7:05:c3:27:23:12:f7:5e:ce:ce:d6:5e:fd:20:
04:a8:1e:96:af:55:c1:7f:c3:07:7a:8a:59:6d:61:7c:f2:7e:
40:55:a9:d8:73:3c:70:9a:e6:80:10:0b:5e:7a:4a:26:3e:e2:
03:10:f6:b4:cf:b9:6b:16:d1:20:2b:fc:f0:9b:d3:5e:95:94:
48:e4:c5:35:9a:9a:e2:1a:41:ac:6c:93:69:74:6e:5b:6e:9a:
fc:3b:c4:db:13:3a:0c:57:e7:12:83:bd:f6:39:f1:85:2e:2f:
f2:ef:e1:11:e6:bd:0b:1d:d7:34:b6:f3:9d:d1:1b:da:4e:5c:
3a:b2:5c:40:09:37:65:ea:3e:ad:66:83:e5:8f:ac:9d:15:9d:
ca:79:54:39:b0:56:9c:6e:f8:a5:b4:bf:ba:36:22:ac:f3:f2:
6f:d9:83:0b:d3:62:99:73:c8:5b:cc:89:32:21:4e:02:73:af:
af:4d:42:5d:51:ff:9c:74:30:90:05:d6:1b:76:5f:28:e1:5e:
8e:42:95:90:90:11:22:96:79:d8:46:26:75:17:89:fb:77:ec:
97:e6:aa:99
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBezANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY3
Q0Q3MkFGMTEwLwYDVQQFEyg3NzA4RTY2RjFDMDdDMUQ3NjcwQUVCREJBRTE4NkRB
NDJCQ0IzMEM3MB4XDTI1MDIyNTEwMzEyM1oXDTI4MTIzMTEwMzEyM1owGDEWMBQG
A1UEAxMNNjdiZDliZmYtZjc2MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ7GTGhWYaMJms16/dFTi3PYqe+00NJAO159z3JnBL6SXGWXQIUvy+HfmZyC
Cx790yR92meqt4AFBfYVl/C9s5kSTVf2hBw9BkZ8fANR3wclvtGSbGN1R4ddSIIO
MC8vSpQDljDm9M/FWAA9PnWaqMZBv2NyAxw816SmmWgzG3TAqlRFIUjawmchiJLM
Z3r45NTWm2nVT+LMY6iGq5Ovc0KgE6HYnVlVt4jRTWw6Loj/Ef/qf3av2AUrlpuS
JfkeZN+xN7hj9h/13xdZ8qKP2qqYzm4AtgZwgRhS35RUEuyJ+Wzg7vtKmNBXIPdX
R9Emw6pED/iqkYcLS/jz1E2Wbw0CAwEAAaOCAqUwggKhMB0GA1UdDgQWBBQAlasL
EZaLGdxeJkuhUQEOSmzYlDAfBgNVHSMEGDAWgBR3COZvHAfB12cK69uuGG2kK8sw
xzAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2N0NENzIvMDk1MUMxN0VDRUE1MTFFRjkzQjQ1QkFENzYyRTk1MUEvZHdqbWJ4
d0h3ZGRuQ3V2YnJoaHRwQ3ZMTU1jLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvZHdqbWJ4d0h3ZGRuQ3V2YnJoaHRwQ3ZMTU1jLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2N0NENzIvMDk1MUMxN0VDRUE1MTFFRjkzQjQ1QkFENzYy
RTk1MUEvQUIzMTM5ODhGMzYzMTFFRkJBQzlEQTVFNzYyRTk1MUEucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBsWbgDANBgkqhkiG9w0BAQsF
AAOCAQEAlOYXjhFs4ysh7r6XMtJkJzX3lYlRanYeGXeu/eoJV08IiZUMBho31ecF
wycjEvdezs7WXv0gBKgelq9VwX/DB3qKWW1hfPJ+QFWp2HM8cJrmgBALXnpKJj7i
AxD2tM+5axbRICv88JvTXpWUSOTFNZqa4hpBrGyTaXRuW26a/DvE2xM6DFfnEoO9
9jnxhS4v8u/hEea9Cx3XNLbzndEb2k5cOrJcQAk3Zeo+rWaD5Y+snRWdynlUObBW
nG74pbS/ujYirPPyb9mDC9NimXPIW8yJMiFOAnOvr01CXVH/nHQwkAXWG3ZfKOFe
jkKVkJARIpZ52EYmdReJ+3fsl+aqmQ==
-----END CERTIFICATE-----
Generated at Mon Apr 28 01:56:06 2025 by rpki-client