Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36114AA/86D6E57EBE8F11EE832F4491775412E6/472ED74CBE9911EEBE5488A1775412E6.roa
File: 472ED74CBE9911EEBE5488A1775412E6.roa (raw, json)
Hash identifier: IuMi4HBaMKSuvRfubLEiQXMhOlTDSvv+gItJsDU0jtw=
Subject key identifier: 69:72:4D:CA:64:C4:83:19:A9:66:B4:97:32:C6:26:E0:F8:7F:69:6D
Certificate issuer: /CN=F36114AAAF/serialNumber=CD5232B63C6A832990C86707CB739BDC04DB9A59
Certificate serial: 08
Authority key identifier: CD:52:32:B6:3C:6A:83:29:90:C8:67:07:CB:73:9B:DC:04:DB:9A:59
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/zVIytjxqgymQyGcHy3Ob3ATbmlk.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36114AA/86D6E57EBE8F11EE832F4491775412E6/472ED74CBE9911EEBE5488A1775412E6.roa
Signing time: Mon 29 Jan 2024 11:26:43 +0000
ROA not before: Mon 29 Jan 2024 11:26:40 +0000
ROA not after: Thu 29 Jan 2026 11:26:40 +0000
asID: 21003
IP address blocks: 102.68.131.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36114AA/86D6E57EBE8F11EE832F4491775412E6/zVIytjxqgymQyGcHy3Ob3ATbmlk.crl
rsync://rpki.afrinic.net/repository/member_repository/F36114AA/86D6E57EBE8F11EE832F4491775412E6/zVIytjxqgymQyGcHy3Ob3ATbmlk.mft
rsync://rpki.afrinic.net/repository/afrinic/zVIytjxqgymQyGcHy3Ob3ATbmlk.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8 (0x8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36114AAAF/serialNumber=CD5232B63C6A832990C86707CB739BDC04DB9A59
Validity
Not Before: Jan 29 11:26:40 2024 GMT
Not After : Jan 29 11:26:40 2026 GMT
Subject: CN=65b78b73-5777
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:00:f7:92:37:fc:a0:e5:13:f7:5b:49:92:0d:
db:77:e3:17:fe:ee:6c:0e:a6:70:b9:21:c6:7e:ec:
fa:20:c0:0c:87:86:f0:ed:bb:aa:b5:9b:0e:21:c7:
52:08:ea:66:ac:90:14:67:e4:f2:9b:9c:4d:00:37:
56:69:5f:a3:5f:4e:40:09:5b:fc:d2:f0:64:4e:1c:
94:f0:7b:d1:56:12:1b:e2:6c:6a:c3:ed:e5:a9:ce:
b7:69:be:4a:c0:1f:27:91:b0:93:a9:50:38:ce:0b:
4f:c0:e5:36:4f:bc:26:b8:07:d8:69:ed:ed:2e:d0:
34:cb:21:1f:6e:56:ea:2a:2e:1f:fd:5a:3f:ef:05:
76:51:df:a0:09:b5:77:82:ec:9c:29:01:1c:ba:7d:
b1:6e:29:86:73:f0:9f:2a:57:37:f0:f4:9a:c1:0d:
38:19:60:59:2c:77:88:4e:5b:a3:01:f5:de:06:b6:
81:0f:bf:8a:8d:d4:63:e5:8b:98:bb:55:82:4d:81:
83:29:dc:e6:86:32:6c:e5:86:b0:51:16:c8:f6:23:
4e:fd:5b:ff:5a:34:29:7d:89:34:d0:8b:e9:46:d3:
cb:4e:a0:2f:ba:ae:7c:ad:3d:39:9f:03:48:e9:dd:
7d:1d:d7:24:89:ef:b1:42:80:64:6c:3a:5a:84:e5:
03:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:72:4D:CA:64:C4:83:19:A9:66:B4:97:32:C6:26:E0:F8:7F:69:6D
X509v3 Authority Key Identifier:
keyid:CD:52:32:B6:3C:6A:83:29:90:C8:67:07:CB:73:9B:DC:04:DB:9A:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36114AA/86D6E57EBE8F11EE832F4491775412E6/zVIytjxqgymQyGcHy3Ob3ATbmlk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/zVIytjxqgymQyGcHy3Ob3ATbmlk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36114AA/86D6E57EBE8F11EE832F4491775412E6/472ED74CBE9911EEBE5488A1775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.68.131.0/24
Signature Algorithm: sha256WithRSAEncryption
15:e4:23:2e:e9:29:1f:db:68:f5:f6:c5:67:7b:f8:e0:8c:3d:
11:b8:f9:7f:3e:05:84:1b:46:45:f3:27:ff:2c:58:55:55:d0:
b0:9f:95:5b:0b:6f:af:a0:c9:d2:cb:eb:5c:9e:25:9e:3e:82:
37:a7:f2:41:55:c5:a6:3c:42:14:b3:d8:7b:70:ab:ae:55:f3:
a4:01:8e:89:f3:f2:65:bf:b1:21:45:3d:3b:95:12:09:60:40:
74:2d:34:10:99:3f:c0:1b:b9:a1:91:56:8d:f7:4b:5a:5e:df:
5d:f2:cc:51:d1:e3:f4:d6:ca:6b:98:bf:5f:0e:4a:66:9a:e0:
17:20:b8:01:ca:65:60:57:bc:7b:b1:97:9e:4f:a9:de:65:8a:
1c:93:af:9e:44:db:02:2b:82:f9:d3:00:88:98:62:2b:15:69:
05:e9:31:04:b0:ac:d3:6d:c8:3a:e9:c7:ce:80:2a:6d:d8:cc:
e7:be:18:69:15:a5:99:4e:5d:42:f3:2a:ae:4d:ed:33:d0:91:
d6:7f:b4:bd:10:95:32:5a:48:4d:65:c2:db:32:75:5c:a6:b1:
02:e5:c0:32:39:08:27:c8:04:59:57:9e:46:0a:b1:b2:e6:2f:
9f:17:e2:82:c8:d2:ef:78:6e:ba:29:f2:c1:25:1b:4f:52:ba:
af:2c:b0:6b
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBCDANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzYx
MTRBQUFGMTEwLwYDVQQFEyhDRDUyMzJCNjNDNkE4MzI5OTBDODY3MDdDQjczOUJE
QzA0REI5QTU5MB4XDTI0MDEyOTExMjY0MFoXDTI2MDEyOTExMjY0MFowGDEWMBQG
A1UEAxMNNjViNzhiNzMtNTc3NzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPQA95I3/KDlE/dbSZIN23fjF/7ubA6mcLkhxn7s+iDADIeG8O27qrWbDiHH
UgjqZqyQFGfk8pucTQA3Vmlfo19OQAlb/NLwZE4clPB70VYSG+JsasPt5anOt2m+
SsAfJ5Gwk6lQOM4LT8DlNk+8JrgH2Gnt7S7QNMshH25W6iouH/1aP+8FdlHfoAm1
d4LsnCkBHLp9sW4phnPwnypXN/D0msENOBlgWSx3iE5bowH13ga2gQ+/io3UY+WL
mLtVgk2Bgync5oYybOWGsFEWyPYjTv1b/1o0KX2JNNCL6UbTy06gL7qufK09OZ8D
SOndfR3XJInvsUKAZGw6WoTlAxECAwEAAaOCAqUwggKhMB0GA1UdDgQWBBRpck3K
ZMSDGalmtJcyxibg+H9pbTAfBgNVHSMEGDAWgBTNUjK2PGqDKZDIZwfLc5vcBNua
WTAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2MTE0QUEvODZENkU1N0VCRThGMTFFRTgzMkY0NDkxNzc1NDEyRTYvelZJeXRq
eHFneW1ReUdjSHkzT2IzQVRibWxrLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvelZJeXRqeHFneW1ReUdjSHkzT2IzQVRibWxrLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2MTE0QUEvODZENkU1N0VCRThGMTFFRTgzMkY0NDkxNzc1
NDEyRTYvNDcyRUQ3NENCRTk5MTFFRUJFNTQ4OEExNzc1NDEyRTYucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAGZEgzANBgkqhkiG9w0BAQsF
AAOCAQEAFeQjLukpH9to9fbFZ3v44Iw9Ebj5fz4FhBtGRfMn/yxYVVXQsJ+VWwtv
r6DJ0svrXJ4lnj6CN6fyQVXFpjxCFLPYe3CrrlXzpAGOifPyZb+xIUU9O5USCWBA
dC00EJk/wBu5oZFWjfdLWl7fXfLMUdHj9NbKa5i/Xw5KZprgFyC4AcplYFe8e7GX
nk+p3mWKHJOvnkTbAiuC+dMAiJhiKxVpBekxBLCs023IOunHzoAqbdjM574YaRWl
mU5dQvMqrk3tM9CR1n+0vRCVMlpITWXC2zJ1XKaxAuXAMjkIJ8gEWVeeRgqxsuYv
nxfigsjS73huuinywSUbT1K6ryywaw==
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:52:52 2024 by rpki-client on console-fra.rpki-client.org