Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36E8D5A/07E44428B57511EE9501EB77775412E6/A3699AF8B57811EEA299007E775412E6.roa
File: A3699AF8B57811EEA299007E775412E6.roa (raw, json)
Hash identifier: ZRCLd3++fODMxgRHWAnJ8OnkFBoCiVyoDwHYHsayGfk=
Subject key identifier: CE:72:F2:13:92:9F:7A:2C:B3:8E:7B:E3:A3:CC:FB:74:31:56:0C:48
Certificate issuer: /CN=F36E8D5AAF/serialNumber=4C2CC35A00A3874B9E8A34617CC0D96B5109820E
Certificate serial: 06
Authority key identifier: 4C:2C:C3:5A:00:A3:87:4B:9E:8A:34:61:7C:C0:D9:6B:51:09:82:0E
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/TCzDWgCjh0ueijRhfMDZa1EJgg4.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36E8D5A/07E44428B57511EE9501EB77775412E6/A3699AF8B57811EEA299007E775412E6.roa
Signing time: Wed 17 Jan 2024 20:40:24 +0000
ROA not before: Wed 17 Jan 2024 20:40:20 +0000
ROA not after: Fri 31 Jan 2031 20:40:20 +0000
asID: 396982
IP address blocks: 102.215.88.0/22 maxlen: 22
2c0f:2480::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36E8D5A/07E44428B57511EE9501EB77775412E6/TCzDWgCjh0ueijRhfMDZa1EJgg4.crl
rsync://rpki.afrinic.net/repository/member_repository/F36E8D5A/07E44428B57511EE9501EB77775412E6/TCzDWgCjh0ueijRhfMDZa1EJgg4.mft
rsync://rpki.afrinic.net/repository/afrinic/TCzDWgCjh0ueijRhfMDZa1EJgg4.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 07 May 2024 00:04:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6 (0x6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36E8D5AAF/serialNumber=4C2CC35A00A3874B9E8A34617CC0D96B5109820E
Validity
Not Before: Jan 17 20:40:20 2024 GMT
Not After : Jan 31 20:40:20 2031 GMT
Subject: CN=65a83b38-160f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:ac:62:ac:ea:a3:da:dc:51:78:75:1f:1a:4e:
fa:82:b1:e8:b2:9a:45:64:e1:fa:c6:bd:97:8e:19:
6a:af:75:39:84:d5:89:f2:66:79:78:f3:8e:db:68:
f4:2d:b9:ce:e0:9a:3f:b3:94:a5:d6:b2:2c:58:9a:
91:3d:7d:97:db:7f:05:2d:06:70:62:42:13:8f:a4:
c9:f8:71:27:fb:83:56:ac:b9:05:5d:d7:d7:30:da:
da:79:b9:f4:d2:9f:0e:1d:30:41:c9:9b:18:5c:cd:
f4:ad:ac:38:4b:e4:cf:df:ae:43:7c:2e:51:fe:13:
7f:8b:52:f4:20:5c:ef:98:a6:f9:8e:05:58:e6:18:
db:98:6b:32:a6:81:c7:b6:77:77:2a:cd:be:4f:1d:
7b:29:39:cd:e2:29:ef:6a:3e:37:63:31:fc:08:20:
f9:be:7a:9f:70:ef:33:d6:40:b7:68:57:da:07:1d:
58:7e:34:a9:39:7c:54:02:b8:8c:61:5a:25:01:aa:
24:90:9c:02:12:fd:10:99:1d:91:d7:ee:b1:fe:e7:
b0:84:86:94:86:87:49:e9:05:37:39:88:07:48:9a:
d0:6d:61:a9:98:c3:77:8d:ad:b0:7b:8c:10:ef:b5:
4d:b5:ab:96:5b:ec:43:34:9b:cd:5b:ff:ee:f0:66:
da:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:72:F2:13:92:9F:7A:2C:B3:8E:7B:E3:A3:CC:FB:74:31:56:0C:48
X509v3 Authority Key Identifier:
keyid:4C:2C:C3:5A:00:A3:87:4B:9E:8A:34:61:7C:C0:D9:6B:51:09:82:0E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36E8D5A/07E44428B57511EE9501EB77775412E6/TCzDWgCjh0ueijRhfMDZa1EJgg4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/TCzDWgCjh0ueijRhfMDZa1EJgg4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36E8D5A/07E44428B57511EE9501EB77775412E6/A3699AF8B57811EEA299007E775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.215.88.0/22
IPv6:
2c0f:2480::/32
Signature Algorithm: sha256WithRSAEncryption
49:a2:38:68:76:ab:55:a0:cf:c4:b2:4e:b1:2f:ba:b8:72:c3:
2e:5d:43:10:39:4f:6c:f1:56:d8:f9:02:25:6c:fa:2c:1b:f6:
15:42:ed:d7:36:c1:7f:ff:0a:bf:36:e7:f8:d9:f2:75:ef:5f:
58:0e:df:b8:18:92:96:c7:fc:a0:95:3d:d7:a2:a0:f0:a0:b5:
f0:8c:f8:c1:f8:50:e0:bc:40:f4:d7:45:55:3e:60:11:12:bb:
77:21:55:bd:71:98:5e:ff:a9:5e:86:b8:cf:4a:b5:f6:c8:37:
e7:b5:38:32:26:23:e1:f7:35:d3:95:99:c9:8f:08:b4:ed:71:
71:1a:ed:dc:db:3f:a3:d0:03:bd:f8:69:de:5c:f5:cc:0b:47:
7e:a0:b1:71:fc:79:4f:5d:31:be:d5:a2:45:10:c6:0e:a5:1d:
d7:52:b0:70:de:55:0f:e6:ca:24:d0:ba:28:4e:d0:ec:60:c2:
a1:f2:8a:33:05:22:e6:71:c7:41:9e:30:97:9b:48:ad:83:33:
b0:dc:a5:ce:1c:df:81:d3:5d:96:2a:0e:da:fb:01:42:8a:4c:
af:e5:8a:4a:b5:49:92:ab:48:e5:23:30:3c:c7:d4:ba:87:8c:
2a:15:16:81:65:2e:c3:a7:7e:57:0f:00:85:07:5e:56:16:c4:
af:99:d7:e1
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgIBBjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZF
OEQ1QUFGMTEwLwYDVQQFEyg0QzJDQzM1QTAwQTM4NzRCOUU4QTM0NjE3Q0MwRDk2
QjUxMDk4MjBFMB4XDTI0MDExNzIwNDAyMFoXDTMxMDEzMTIwNDAyMFowGDEWMBQG
A1UEAxMNNjVhODNiMzgtMTYwZjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOusYqzqo9rcUXh1HxpO+oKx6LKaRWTh+sa9l44Zaq91OYTVifJmeXjzjtto
9C25zuCaP7OUpdayLFiakT19l9t/BS0GcGJCE4+kyfhxJ/uDVqy5BV3X1zDa2nm5
9NKfDh0wQcmbGFzN9K2sOEvkz9+uQ3wuUf4Tf4tS9CBc75im+Y4FWOYY25hrMqaB
x7Z3dyrNvk8deyk5zeIp72o+N2Mx/Agg+b56n3DvM9ZAt2hX2gcdWH40qTl8VAK4
jGFaJQGqJJCcAhL9EJkdkdfusf7nsISGlIaHSekFNzmIB0ia0G1hqZjDd42tsHuM
EO+1TbWrllvsQzSbzVv/7vBm2nkCAwEAAaOCArQwggKwMB0GA1UdDgQWBBTOcvIT
kp96LLOOe+OjzPt0MVYMSDAfBgNVHSMEGDAWgBRMLMNaAKOHS56KNGF8wNlrUQmC
DjAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2RThENUEvMDdFNDQ0MjhCNTc1MTFFRTk1MDFFQjc3Nzc1NDEyRTYvVEN6RFdn
Q2poMHVlaWpSaGZNRFphMUVKZ2c0LmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvVEN6RFdnQ2poMHVlaWpSaGZNRFphMUVKZ2c0LmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2RThENUEvMDdFNDQ0MjhCNTc1MTFFRTk1MDFFQjc3Nzc1
NDEyRTYvQTM2OTlBRjhCNTc4MTFFRUEyOTkwMDdFNzc1NDEyRTYucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAmbXWDANBAIAAjAHAwUALA8k
gDANBgkqhkiG9w0BAQsFAAOCAQEASaI4aHarVaDPxLJOsS+6uHLDLl1DEDlPbPFW
2PkCJWz6LBv2FULt1zbBf/8Kvzbn+Nnyde9fWA7fuBiSlsf8oJU916Kg8KC18Iz4
wfhQ4LxA9NdFVT5gERK7dyFVvXGYXv+pXoa4z0q19sg357U4MiYj4fc105WZyY8I
tO1xcRrt3Ns/o9ADvfhp3lz1zAtHfqCxcfx5T10xvtWiRRDGDqUd11KwcN5VD+bK
JNC6KE7Q7GDCofKKMwUi5nHHQZ4wl5tIrYMzsNylzhzfgdNdlioO2vsBQopMr+WK
SrVJkqtI5SMwPMfUuoeMKhUWgWUuw6d+Vw8AhQdeVhbEr5nX4Q==
-----END CERTIFICATE-----
Generated at Sun May 5 03:47:40 2024 by rpki-client on console-fra.rpki-client.org