Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36F0628/F0CCBE7CFBA011EBAB786C49D8A014CE/BA66E382187811F08601B5D76DB8BCC6.roa
File: BA66E382187811F08601B5D76DB8BCC6.roa (raw, json)
Hash identifier: xrkKMEoemFwLFxynJW5/pf7m3USWr81uszWJPf1EKM8=
Subject key identifier: 19:DD:25:78:A5:FE:5E:7D:3B:1D:16:56:F9:45:F2:D3:8E:B2:CB:9E
Certificate issuer: /CN=F36F0628AF/serialNumber=8605D7599A0402F70EC2F258D6C16BD2E4E8D1FE
Certificate serial: 05E9
Authority key identifier: 86:05:D7:59:9A:04:02:F7:0E:C2:F2:58:D6:C1:6B:D2:E4:E8:D1:FE
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/hgXXWZoEAvcOwvJY1sFr0uTo0f4.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36F0628/F0CCBE7CFBA011EBAB786C49D8A014CE/BA66E382187811F08601B5D76DB8BCC6.roa
Signing time: Sun 13 Apr 2025 15:05:25 +0000
ROA not before: Sun 13 Apr 2025 15:05:21 +0000
ROA not after: Mon 13 Oct 2025 15:05:21 +0000
asID: 3320
IP address blocks: 196.44.120.0/22 maxlen: 24
196.44.125.0/24 maxlen: 24
196.44.127.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36F0628/F0CCBE7CFBA011EBAB786C49D8A014CE/hgXXWZoEAvcOwvJY1sFr0uTo0f4.crl
rsync://rpki.afrinic.net/repository/member_repository/F36F0628/F0CCBE7CFBA011EBAB786C49D8A014CE/hgXXWZoEAvcOwvJY1sFr0uTo0f4.mft
rsync://rpki.afrinic.net/repository/afrinic/hgXXWZoEAvcOwvJY1sFr0uTo0f4.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 26 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1513 (0x5e9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36F0628AF, serialNumber=8605D7599A0402F70EC2F258D6C16BD2E4E8D1FE
Validity
Not Before: Apr 13 15:05:21 2025 GMT
Not After : Oct 13 15:05:21 2025 GMT
Subject: CN=67fbd2b5-7ff8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:c4:91:1c:a6:67:25:ba:1f:ed:7f:85:44:9f:
d4:78:8c:8e:ee:7a:d2:9c:b8:f3:8e:ce:47:e3:0c:
e4:4b:28:90:b3:99:62:3b:6d:08:4a:7e:50:8c:11:
af:86:99:08:1b:98:a0:f5:b6:f5:a7:da:73:94:c8:
eb:14:40:78:61:92:ba:b8:73:c8:1b:5e:00:9e:57:
35:11:1e:7d:31:ba:95:ee:f6:54:93:3f:f7:99:d7:
80:32:61:1d:4d:21:39:d7:74:27:6c:c5:af:7a:42:
c2:22:1d:45:0d:e2:a4:44:19:50:86:73:ed:07:78:
af:4e:1c:eb:18:3d:44:a5:e8:44:27:49:28:6b:79:
74:8c:05:07:58:78:9c:7a:5d:fa:21:49:99:bb:8b:
64:89:1f:36:b1:3e:bc:e9:4d:83:56:4c:0f:63:15:
1a:6e:ff:54:4a:ba:b4:5d:c4:bb:ff:f4:93:df:a9:
b1:9b:bd:10:e3:3b:24:a5:6b:33:d9:04:f8:8d:d0:
2d:32:2f:44:ea:ee:99:d0:67:49:52:64:34:e1:d3:
9c:91:32:fc:b2:9c:40:bb:a0:00:03:62:96:32:42:
05:e9:f2:4f:ef:a0:ac:6f:0c:fb:1d:10:8d:bf:21:
20:38:0c:5f:db:cc:0f:4e:20:9e:46:a3:86:ee:30:
ec:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:DD:25:78:A5:FE:5E:7D:3B:1D:16:56:F9:45:F2:D3:8E:B2:CB:9E
X509v3 Authority Key Identifier:
keyid:86:05:D7:59:9A:04:02:F7:0E:C2:F2:58:D6:C1:6B:D2:E4:E8:D1:FE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36F0628/F0CCBE7CFBA011EBAB786C49D8A014CE/hgXXWZoEAvcOwvJY1sFr0uTo0f4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/hgXXWZoEAvcOwvJY1sFr0uTo0f4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36F0628/F0CCBE7CFBA011EBAB786C49D8A014CE/BA66E382187811F08601B5D76DB8BCC6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
196.44.120.0/22
196.44.125.0/24
196.44.127.0/24
Signature Algorithm: sha256WithRSAEncryption
52:0e:66:30:2a:0d:19:a5:37:d8:e5:c1:03:00:71:82:28:c9:
da:3d:6e:8c:c3:17:61:25:a6:5c:11:68:ea:53:14:00:e1:30:
1f:4a:90:51:0b:69:b6:78:2b:eb:da:5c:ee:17:43:ac:2b:31:
5c:5a:89:ce:72:65:56:34:aa:b3:1c:46:49:1e:c1:dd:0d:53:
5a:e3:99:a3:42:06:a6:e2:68:90:86:38:f0:26:67:fa:2d:7c:
26:b8:e0:ab:8c:c2:e1:7a:77:e4:d9:e7:1a:13:7a:35:84:0a:
04:cd:da:ab:34:71:a5:94:77:03:93:18:7b:2b:ed:de:9c:4d:
2f:5d:70:46:0c:44:49:28:66:cd:e4:84:86:61:56:2a:b6:28:
6c:44:58:5b:3d:05:01:4c:08:eb:0f:51:a1:5a:c9:ec:1d:06:
9c:0b:59:62:a0:c4:ed:2d:7d:74:48:63:60:a8:0e:a6:d3:f3:
21:4c:0c:09:79:c3:53:8d:65:32:94:a1:60:56:b7:f1:ef:e5:
e4:ce:ca:37:57:96:c9:d0:ec:3f:60:9d:ed:c1:7c:68:39:ec:
60:0d:f1:af:a3:ce:73:b8:f5:34:29:15:6a:b6:96:65:1d:7f:
2b:ac:34:2d:79:29:6d:7d:1b:66:71:8d:37:69:19:6f:23:18:
38:47:36:ff
-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgICBekwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
RjA2MjhBRjExMC8GA1UEBRMoODYwNUQ3NTk5QTA0MDJGNzBFQzJGMjU4RDZDMTZC
RDJFNEU4RDFGRTAeFw0yNTA0MTMxNTA1MjFaFw0yNTEwMTMxNTA1MjFaMBgxFjAU
BgNVBAMTDTY3ZmJkMmI1LTdmZjgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDVxJEcpmcluh/tf4VEn9R4jI7uetKcuPOOzkfjDORLKJCzmWI7bQhKflCM
Ea+GmQgbmKD1tvWn2nOUyOsUQHhhkrq4c8gbXgCeVzURHn0xupXu9lSTP/eZ14Ay
YR1NITnXdCdsxa96QsIiHUUN4qREGVCGc+0HeK9OHOsYPUSl6EQnSShreXSMBQdY
eJx6XfohSZm7i2SJHzaxPrzpTYNWTA9jFRpu/1RKurRdxLv/9JPfqbGbvRDjOySl
azPZBPiN0C0yL0Tq7pnQZ0lSZDTh05yRMvyynEC7oAADYpYyQgXp8k/voKxvDPsd
EI2/ISA4DF/bzA9OIJ5Go4buMOxfAgMBAAGjggKxMIICrTAdBgNVHQ4EFgQUGd0l
eKX+Xn07HRZW+UXy046yy54wHwYDVR0jBBgwFoAUhgXXWZoEAvcOwvJY1sFr0uTo
0f4wDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkYwNjI4L0YwQ0NCRTdDRkJBMDExRUJBQjc4NkM0OUQ4QTAxNENFL2hnWFhX
Wm9FQXZjT3d2Slkxc0ZyMHVUbzBmNC5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL2hnWFhXWm9FQXZjT3d2Slkxc0ZyMHVUbzBmNC5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkYwNjI4L0YwQ0NCRTdDRkJBMDExRUJBQjc4NkM0OUQ4
QTAxNENFL0JBNjZFMzgyMTg3ODExRjA4NjAxQjVENzZEQjhCQ0M2LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBIDBALELHgDBADELH0DBADELH8w
DQYJKoZIhvcNAQELBQADggEBAFIOZjAqDRmlN9jlwQMAcYIoydo9bozDF2ElplwR
aOpTFADhMB9KkFELabZ4K+vaXO4XQ6wrMVxaic5yZVY0qrMcRkkewd0NU1rjmaNC
BqbiaJCGOPAmZ/otfCa44KuMwuF6d+TZ5xoTejWECgTN2qs0caWUdwOTGHsr7d6c
TS9dcEYMREkoZs3khIZhViq2KGxEWFs9BQFMCOsPUaFayewdBpwLWWKgxO0tfXRI
Y2CoDqbT8yFMDAl5w1ONZTKUoWBWt/Hv5eTOyjdXlsnQ7D9gne3BfGg57GAN8a+j
znO49TQpFWq2lmUdfyusNC15KW19G2ZxjTdpGW8jGDhHNv8=
-----END CERTIFICATE-----
Generated at Thu Apr 24 04:38:35 2025 by rpki-client on console.sobornost.net