Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36FA116/8DC44E0EC62B11EF98DEC0B5762E951A/74C92FDCFE8411EFB3FEFB62762E951A.roa
File: 74C92FDCFE8411EFB3FEFB62762E951A.roa (raw, json)
Hash identifier: eHqdBEPhpazkxslbGcP2V+4HpaXe+rnpJ0Tw6avCYNg=
Subject key identifier: E9:67:96:4C:D0:E9:C0:8C:88:08:3B:50:19:92:93:16:AB:17:53:B0
Certificate issuer: /CN=F36FA116AF/serialNumber=BC44CE85A5EC97BDBB21D3348800310153A01CCA
Certificate serial: 51
Authority key identifier: BC:44:CE:85:A5:EC:97:BD:BB:21:D3:34:88:00:31:01:53:A0:1C:CA
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/vETOhaXsl727IdM0iAAxAVOgHMo.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36FA116/8DC44E0EC62B11EF98DEC0B5762E951A/74C92FDCFE8411EFB3FEFB62762E951A.roa
Signing time: Tue 11 Mar 2025 14:23:53 +0000
ROA not before: Tue 11 Mar 2025 14:23:46 +0000
ROA not after: Sat 31 Mar 2035 14:23:46 +0000
asID: 328140
IP address blocks: 196.223.146.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36FA116/8DC44E0EC62B11EF98DEC0B5762E951A/vETOhaXsl727IdM0iAAxAVOgHMo.crl
rsync://rpki.afrinic.net/repository/member_repository/F36FA116/8DC44E0EC62B11EF98DEC0B5762E951A/vETOhaXsl727IdM0iAAxAVOgHMo.mft
rsync://rpki.afrinic.net/repository/afrinic/vETOhaXsl727IdM0iAAxAVOgHMo.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 30 Apr 2025 00:06:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 81 (0x51)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36FA116AF, serialNumber=BC44CE85A5EC97BDBB21D3348800310153A01CCA
Validity
Not Before: Mar 11 14:23:46 2025 GMT
Not After : Mar 31 14:23:46 2035 GMT
Subject: CN=67d04779-a016
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:07:ce:6e:8a:39:e2:4c:76:b4:06:6b:44:4d:
e8:57:43:b3:db:bf:c2:6f:14:e7:25:b4:cc:34:0a:
65:85:4e:e8:b5:c8:e6:28:9c:7f:76:f0:e0:82:af:
88:10:d8:e4:c5:45:60:5c:23:92:c6:d9:30:f9:42:
4c:62:e1:98:59:e6:fb:a1:df:21:6d:50:b2:e3:6e:
81:7d:b6:f8:fd:7a:f0:7c:92:c9:16:c8:5d:1a:44:
8e:81:aa:0b:63:50:b0:0d:b4:9f:e0:3a:84:a1:ad:
94:fa:65:14:6b:99:a9:e7:7f:d8:cb:2c:ee:b5:da:
70:a6:90:1b:3d:5d:3b:3e:0f:fa:1f:2f:e4:20:84:
07:e6:c6:62:2e:85:87:81:58:00:bb:1f:36:cb:ed:
c7:22:d0:a5:ea:f0:10:e8:f7:ed:6e:d3:c8:56:c2:
07:90:98:80:a4:27:b4:7c:95:60:b7:ea:4d:15:e5:
38:e0:7e:39:77:fe:53:e6:64:3d:52:f1:22:23:18:
82:45:e0:8b:3c:e0:06:99:c9:9f:99:fc:2b:f6:b0:
f6:b9:91:58:7e:d4:2b:5b:4e:53:49:cd:7d:4b:22:
81:18:91:41:7f:31:e9:7c:93:dd:6f:3b:4a:29:b5:
80:47:7c:98:43:0c:2c:54:05:82:a0:8e:49:f5:95:
e3:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:67:96:4C:D0:E9:C0:8C:88:08:3B:50:19:92:93:16:AB:17:53:B0
X509v3 Authority Key Identifier:
keyid:BC:44:CE:85:A5:EC:97:BD:BB:21:D3:34:88:00:31:01:53:A0:1C:CA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36FA116/8DC44E0EC62B11EF98DEC0B5762E951A/vETOhaXsl727IdM0iAAxAVOgHMo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/vETOhaXsl727IdM0iAAxAVOgHMo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36FA116/8DC44E0EC62B11EF98DEC0B5762E951A/74C92FDCFE8411EFB3FEFB62762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
196.223.146.0/24
Signature Algorithm: sha256WithRSAEncryption
40:5c:0b:05:7b:66:69:c6:ed:3d:d8:f9:24:ca:bb:89:08:25:
d8:05:88:e6:42:c7:0d:27:0e:d3:3f:fa:43:54:56:4d:1b:aa:
ba:be:4e:64:2c:ce:07:05:58:d4:0c:46:e3:60:6c:b2:e9:47:
85:a7:40:1a:e4:11:84:61:a6:c2:83:d6:fa:cf:54:ef:18:07:
81:e3:e1:c3:7a:79:da:ad:ba:e3:66:3b:3e:7c:5b:46:5a:7c:
58:7c:12:53:bc:e7:2c:6d:0f:ed:9c:3a:0d:d7:61:37:d4:c1:
0f:ff:83:df:45:c9:95:b7:7d:dc:3f:11:27:c3:e5:22:a8:5e:
f9:32:89:ba:1e:9f:c1:a2:93:cc:d4:2c:af:8a:8e:3c:66:15:
37:c8:bb:c0:a4:96:6d:49:d8:d8:f8:c1:4c:0a:60:2c:8f:95:
3d:da:51:08:03:51:bb:2a:62:70:33:c2:b6:30:b7:58:10:21:
c9:c7:76:63:eb:e0:c5:90:7e:eb:f4:f2:aa:81:7f:4d:bd:60:
54:cc:1c:ea:17:cd:38:e2:6c:0d:93:c8:9c:82:95:25:3a:cf:
9c:02:94:1b:fd:12:67:87:7c:cd:a9:16:9c:f7:a1:4c:5e:a1:
69:35:cf:55:dd:72:95:69:dd:09:42:fe:57:64:5c:46:f5:2c:
ba:cb:54:3e
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBUTANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZG
QTExNkFGMTEwLwYDVQQFEyhCQzQ0Q0U4NUE1RUM5N0JEQkIyMUQzMzQ4ODAwMzEw
MTUzQTAxQ0NBMB4XDTI1MDMxMTE0MjM0NloXDTM1MDMzMTE0MjM0NlowGDEWMBQG
A1UEAxMNNjdkMDQ3NzktYTAxNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANQHzm6KOeJMdrQGa0RN6FdDs9u/wm8U5yW0zDQKZYVO6LXI5iicf3bw4IKv
iBDY5MVFYFwjksbZMPlCTGLhmFnm+6HfIW1QsuNugX22+P168HySyRbIXRpEjoGq
C2NQsA20n+A6hKGtlPplFGuZqed/2Mss7rXacKaQGz1dOz4P+h8v5CCEB+bGYi6F
h4FYALsfNsvtxyLQperwEOj37W7TyFbCB5CYgKQntHyVYLfqTRXlOOB+OXf+U+Zk
PVLxIiMYgkXgizzgBpnJn5n8K/aw9rmRWH7UK1tOU0nNfUsigRiRQX8x6XyT3W87
Sim1gEd8mEMMLFQFgqCOSfWV46MCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBTpZ5ZM
0OnAjIgIO1AZkpMWqxdTsDAfBgNVHSMEGDAWgBS8RM6FpeyXvbsh0zSIADEBU6Ac
yjAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2RkExMTYvOERDNDRFMEVDNjJCMTFFRjk4REVDMEI1NzYyRTk1MUEvdkVUT2hh
WHNsNzI3SWRNMGlBQXhBVk9nSE1vLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvdkVUT2hhWHNsNzI3SWRNMGlBQXhBVk9nSE1vLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2RkExMTYvOERDNDRFMEVDNjJCMTFFRjk4REVDMEI1NzYy
RTk1MUEvNzRDOTJGRENGRTg0MTFFRkIzRkVGQjYyNzYyRTk1MUEucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMTfkjANBgkqhkiG9w0BAQsF
AAOCAQEAQFwLBXtmacbtPdj5JMq7iQgl2AWI5kLHDScO0z/6Q1RWTRuqur5OZCzO
BwVY1AxG42BssulHhadAGuQRhGGmwoPW+s9U7xgHgePhw3p52q2642Y7PnxbRlp8
WHwSU7znLG0P7Zw6DddhN9TBD/+D30XJlbd93D8RJ8PlIqhe+TKJuh6fwaKTzNQs
r4qOPGYVN8i7wKSWbUnY2PjBTApgLI+VPdpRCANRuypicDPCtjC3WBAhycd2Y+vg
xZB+6/TyqoF/Tb1gVMwc6hfNOOJsDZPInIKVJTrPnAKUG/0SZ4d8zakWnPehTF6h
aTXPVd1ylWndCUL+V2RcRvUsustUPg==
-----END CERTIFICATE-----
Generated at Mon Apr 28 08:25:34 2025 by rpki-client on console.sobornost.net