Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F366BE85/63E98D6CD29011EF92E8BE78762E951A/48197A8CD29211EF9C4B9D83762E951A.roa
File: 48197A8CD29211EF9C4B9D83762E951A.roa (raw, json)
Hash identifier: mZ9kRI2tetEX+zkrcuQdcEIANnKP7GMoF4oNcGCNj88=
Subject key identifier: 24:6E:86:37:4E:54:EB:16:73:F0:DF:A0:34:CA:5E:12:A3:38:52:32
Certificate issuer: /CN=F366BE85AF/serialNumber=F6B6622DC5A600529FBFD1C1C0F7C98BFC890A50
Certificate serial: 04
Authority key identifier: F6:B6:62:2D:C5:A6:00:52:9F:BF:D1:C1:C0:F7:C9:8B:FC:89:0A:50
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/9rZiLcWmAFKfv9HBwPfJi_yJClA.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F366BE85/63E98D6CD29011EF92E8BE78762E951A/48197A8CD29211EF9C4B9D83762E951A.roa
Signing time: Tue 14 Jan 2025 16:11:59 +0000
ROA not before: Wed 15 Jan 2025 16:11:55 +0000
ROA not after: Sun 31 Jan 2027 16:11:55 +0000
asID: 328704
IP address blocks: 102.222.255.0/24 maxlen: 25
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F366BE85/63E98D6CD29011EF92E8BE78762E951A/9rZiLcWmAFKfv9HBwPfJi_yJClA.crl
rsync://rpki.afrinic.net/repository/member_repository/F366BE85/63E98D6CD29011EF92E8BE78762E951A/9rZiLcWmAFKfv9HBwPfJi_yJClA.mft
rsync://rpki.afrinic.net/repository/afrinic/9rZiLcWmAFKfv9HBwPfJi_yJClA.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 29 Apr 2025 00:06:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4 (0x4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F366BE85AF, serialNumber=F6B6622DC5A600529FBFD1C1C0F7C98BFC890A50
Validity
Not Before: Jan 15 16:11:55 2025 GMT
Not After : Jan 31 16:11:55 2027 GMT
Subject: CN=67868ccf-5253
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:65:11:1a:98:83:d4:ad:01:b0:2f:65:16:88:
8e:1c:dd:38:4e:60:f9:e0:54:58:b6:e4:73:44:84:
2e:a4:f7:39:b1:0d:41:08:34:55:07:e2:4b:fc:97:
5d:a9:bd:b7:0b:be:80:cc:56:4f:66:16:45:d7:92:
69:37:92:fe:57:f8:9a:06:97:84:cb:27:b5:22:17:
1d:88:79:e0:38:61:ed:0f:25:41:08:74:c3:25:9e:
ca:91:82:45:99:fd:d5:05:fd:c0:95:d2:fd:22:be:
f2:fc:d1:50:d0:39:42:fa:9d:d3:60:9f:7b:c5:64:
a7:a7:6a:d5:9f:61:db:f7:da:ef:b4:f1:fd:dc:3e:
f7:4f:a9:f8:15:42:74:f0:05:4d:ee:2e:f3:32:b7:
fa:53:96:92:f6:66:e3:3a:6b:8e:9a:78:93:7f:27:
81:47:a4:3d:31:06:45:b1:17:74:fa:d2:46:b1:ae:
be:46:a6:be:90:64:cb:b4:2e:bc:39:c2:9f:b9:2e:
44:5b:08:7f:93:92:f2:67:b2:d3:b7:ce:16:e7:b5:
d1:48:66:7b:38:77:b9:48:f0:a8:16:b5:04:90:f1:
17:15:29:60:47:a9:ac:04:e3:f6:14:db:89:a3:14:
8f:27:46:42:66:0a:f6:58:ff:65:7b:b3:4e:41:bc:
b8:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:6E:86:37:4E:54:EB:16:73:F0:DF:A0:34:CA:5E:12:A3:38:52:32
X509v3 Authority Key Identifier:
keyid:F6:B6:62:2D:C5:A6:00:52:9F:BF:D1:C1:C0:F7:C9:8B:FC:89:0A:50
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F366BE85/63E98D6CD29011EF92E8BE78762E951A/9rZiLcWmAFKfv9HBwPfJi_yJClA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/9rZiLcWmAFKfv9HBwPfJi_yJClA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F366BE85/63E98D6CD29011EF92E8BE78762E951A/48197A8CD29211EF9C4B9D83762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.222.255.0/24
Signature Algorithm: sha256WithRSAEncryption
de:df:c6:37:72:ec:b4:35:da:5c:86:f5:e0:f0:82:e4:a1:de:
b9:22:01:61:fe:4a:1a:8b:fa:5d:d3:3d:2a:44:4a:e9:26:b3:
48:de:e8:f7:c1:52:25:c1:3d:7a:8b:c6:f6:96:68:fb:8f:25:
35:e5:4c:ab:5d:e0:a6:52:7b:36:8c:d6:9f:c0:67:00:bd:01:
f3:8d:be:39:be:59:5a:bb:f0:29:8d:aa:c1:52:6a:30:a5:64:
e4:58:f1:48:ac:5d:35:a3:f9:23:05:9e:d8:6e:78:e2:37:14:
90:fb:33:d8:a1:1f:f3:c8:d7:82:1e:01:b9:d5:77:d0:f0:83:
9f:d7:25:68:34:c8:1d:44:6d:f7:3f:6c:81:1b:14:9d:fb:70:
d1:8e:e9:3f:15:67:dd:91:db:bc:59:60:64:55:e9:2c:99:d5:
31:d4:19:50:45:dd:71:12:cd:2f:64:bf:38:62:d1:57:44:55:
4c:41:a3:bc:14:dc:ae:27:c8:5c:3a:75:2d:38:4a:84:27:d9:
7a:da:83:32:23:3b:6d:bb:4d:cc:24:01:df:82:1c:52:34:a9:
8d:d2:4c:a6:9f:98:ee:a8:d7:9b:7c:ad:08:08:17:66:97:74:
6c:5b:f3:6f:4c:98:67:68:3c:c4:78:be:82:a6:19:25:99:e3:
25:29:89:bb
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBBDANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY2
QkU4NUFGMTEwLwYDVQQFEyhGNkI2NjIyREM1QTYwMDUyOUZCRkQxQzFDMEY3Qzk4
QkZDODkwQTUwMB4XDTI1MDExNTE2MTE1NVoXDTI3MDEzMTE2MTE1NVowGDEWMBQG
A1UEAxMNNjc4NjhjY2YtNTI1MzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL1lERqYg9StAbAvZRaIjhzdOE5g+eBUWLbkc0SELqT3ObENQQg0VQfiS/yX
Xam9twu+gMxWT2YWRdeSaTeS/lf4mgaXhMsntSIXHYh54Dhh7Q8lQQh0wyWeypGC
RZn91QX9wJXS/SK+8vzRUNA5Qvqd02Cfe8Vkp6dq1Z9h2/fa77Tx/dw+90+p+BVC
dPAFTe4u8zK3+lOWkvZm4zprjpp4k38ngUekPTEGRbEXdPrSRrGuvkamvpBky7Qu
vDnCn7kuRFsIf5OS8mey07fOFue10Uhmezh3uUjwqBa1BJDxFxUpYEeprATj9hTb
iaMUjydGQmYK9lj/ZXuzTkG8uF0CAwEAAaOCAqUwggKhMB0GA1UdDgQWBBQkboY3
TlTrFnPw36A0yl4SozhSMjAfBgNVHSMEGDAWgBT2tmItxaYAUp+/0cHA98mL/IkK
UDAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NkJFODUvNjNFOThENkNEMjkwMTFFRjkyRThCRTc4NzYyRTk1MUEvOXJaaUxj
V21BRktmdjlIQndQZkppX3lKQ2xBLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvOXJaaUxjV21BRktmdjlIQndQZkppX3lKQ2xBLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2NkJFODUvNjNFOThENkNEMjkwMTFFRjkyRThCRTc4NzYy
RTk1MUEvNDgxOTdBOENEMjkyMTFFRjlDNEI5RDgzNzYyRTk1MUEucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAGbe/zANBgkqhkiG9w0BAQsF
AAOCAQEA3t/GN3LstDXaXIb14PCC5KHeuSIBYf5KGov6XdM9KkRK6SazSN7o98FS
JcE9eovG9pZo+48lNeVMq13gplJ7NozWn8BnAL0B842+Ob5ZWrvwKY2qwVJqMKVk
5FjxSKxdNaP5IwWe2G544jcUkPsz2KEf88jXgh4BudV30PCDn9claDTIHURt9z9s
gRsUnftw0Y7pPxVn3ZHbvFlgZFXpLJnVMdQZUEXdcRLNL2S/OGLRV0RVTEGjvBTc
rifIXDp1LThKhCfZetqDMiM7bbtNzCQB34IcUjSpjdJMpp+Y7qjXm3ytCAgXZpd0
bFvzb0yYZ2g8xHi+gqYZJZnjJSmJuw==
-----END CERTIFICATE-----
Generated at Sun Apr 27 08:07:38 2025 by rpki-client on console.sobornost.net