Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36114AA/86D6E57EBE8F11EE832F4491775412E6/5DEF8AB8BE9D11EEA53E40A8775412E6.roa
File: 5DEF8AB8BE9D11EEA53E40A8775412E6.roa (raw, json)
Hash identifier: VO2iMV/jxCvAs2IJefOCn2yGYKSsfwTSPJXA5qWGccs=
Subject key identifier: AE:34:63:6D:A1:56:EE:28:0F:EB:72:76:A8:2A:29:8C:3D:8E:1E:93
Certificate issuer: /CN=F36114AAAF/serialNumber=CD5232B63C6A832990C86707CB739BDC04DB9A59
Certificate serial: 14
Authority key identifier: CD:52:32:B6:3C:6A:83:29:90:C8:67:07:CB:73:9B:DC:04:DB:9A:59
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/zVIytjxqgymQyGcHy3Ob3ATbmlk.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36114AA/86D6E57EBE8F11EE832F4491775412E6/5DEF8AB8BE9D11EEA53E40A8775412E6.roa
Signing time: Mon 29 Jan 2024 11:55:59 +0000
ROA not before: Mon 29 Jan 2024 11:55:55 +0000
ROA not after: Thu 29 Jan 2026 11:55:55 +0000
asID: 21003
IP address blocks: 102.214.105.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36114AA/86D6E57EBE8F11EE832F4491775412E6/zVIytjxqgymQyGcHy3Ob3ATbmlk.crl
rsync://rpki.afrinic.net/repository/member_repository/F36114AA/86D6E57EBE8F11EE832F4491775412E6/zVIytjxqgymQyGcHy3Ob3ATbmlk.mft
rsync://rpki.afrinic.net/repository/afrinic/zVIytjxqgymQyGcHy3Ob3ATbmlk.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20 (0x14)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36114AAAF/serialNumber=CD5232B63C6A832990C86707CB739BDC04DB9A59
Validity
Not Before: Jan 29 11:55:55 2024 GMT
Not After : Jan 29 11:55:55 2026 GMT
Subject: CN=65b7924f-1d7e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:13:c8:a7:c0:7e:2d:6c:62:40:b0:81:e8:64:
11:53:52:39:0f:7b:b6:79:32:4d:47:84:f7:34:9d:
32:ef:1f:e9:c9:6b:fb:63:74:10:a4:1f:26:40:e7:
79:22:11:f7:b2:d7:76:a2:37:c6:c6:88:b7:d9:61:
ac:ed:5b:b6:51:d6:74:58:52:52:b8:eb:10:07:4b:
ec:47:0b:4e:9d:28:65:e3:84:04:a4:10:fb:1c:de:
40:69:fc:d8:87:67:7e:cf:8e:74:fe:1e:20:4b:c2:
da:17:18:6b:cf:b0:e5:aa:d5:a4:f8:ab:2d:46:99:
59:14:83:5a:92:4d:ef:f2:ee:dc:27:fe:c9:d1:60:
86:c2:53:e5:5d:4e:08:4a:dd:0e:06:71:c0:d5:37:
4b:6c:d0:73:b2:f6:92:46:f3:34:66:66:b8:87:26:
47:ed:0a:a4:ce:10:96:62:94:c6:0e:5e:49:82:7f:
f0:d5:76:89:98:44:6a:9a:a4:3e:43:de:7f:80:95:
24:e8:4f:cc:86:f9:c5:96:71:8b:19:25:e8:01:27:
a0:c0:c7:27:3a:7e:2e:e0:87:39:34:7d:8b:6a:20:
db:bf:b9:5c:82:72:57:7f:18:c6:8b:e4:cc:cd:f2:
58:4f:ba:7b:8d:b4:d6:38:ea:c5:d8:ef:31:db:14:
8d:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:34:63:6D:A1:56:EE:28:0F:EB:72:76:A8:2A:29:8C:3D:8E:1E:93
X509v3 Authority Key Identifier:
keyid:CD:52:32:B6:3C:6A:83:29:90:C8:67:07:CB:73:9B:DC:04:DB:9A:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36114AA/86D6E57EBE8F11EE832F4491775412E6/zVIytjxqgymQyGcHy3Ob3ATbmlk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/zVIytjxqgymQyGcHy3Ob3ATbmlk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36114AA/86D6E57EBE8F11EE832F4491775412E6/5DEF8AB8BE9D11EEA53E40A8775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.214.105.0/24
Signature Algorithm: sha256WithRSAEncryption
93:e4:3d:2d:8b:e5:bd:07:10:a6:25:69:26:b8:ff:81:55:98:
c6:cc:d6:99:41:5d:e1:a9:83:46:d2:e2:34:f6:41:18:1d:86:
1b:03:1e:16:5e:df:aa:21:50:2b:cb:bf:5b:e8:f5:21:69:15:
b4:b6:8b:84:5a:0a:79:4e:39:1d:20:e8:1f:98:5a:c6:ce:c4:
21:0b:ed:4f:db:c1:f8:dc:5b:cd:35:21:7a:3f:b3:d8:fd:ca:
08:83:94:00:f4:84:19:99:7c:cc:6a:e8:8b:81:70:b7:f6:e2:
32:68:af:97:ec:c1:1e:84:95:fe:c5:fc:45:4f:11:c6:18:cf:
de:52:3d:04:5c:3d:52:8c:77:fc:9a:b8:27:4a:aa:b5:73:11:
b5:77:f1:68:8f:f8:60:4a:6e:c7:ea:00:14:de:45:aa:a4:f8:
34:5d:68:a6:8a:ea:55:f2:d3:40:6c:d6:fb:e6:e6:fc:a5:c0:
33:2d:8c:7b:43:e9:fd:5d:d4:0a:30:4f:44:fc:28:34:d0:52:
78:82:f4:e0:90:44:b2:b1:1f:7f:05:84:d6:49:52:ee:55:60:
16:89:f9:18:c6:a4:c7:3f:2d:32:94:ce:00:8f:43:1f:6f:06:
ca:68:a6:3c:51:57:2c:f9:be:2c:9f:48:9b:23:3d:25:05:ec:
94:7d:cc:b6
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBFDANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzYx
MTRBQUFGMTEwLwYDVQQFEyhDRDUyMzJCNjNDNkE4MzI5OTBDODY3MDdDQjczOUJE
QzA0REI5QTU5MB4XDTI0MDEyOTExNTU1NVoXDTI2MDEyOTExNTU1NVowGDEWMBQG
A1UEAxMNNjViNzkyNGYtMWQ3ZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMYTyKfAfi1sYkCwgehkEVNSOQ97tnkyTUeE9zSdMu8f6clr+2N0EKQfJkDn
eSIR97LXdqI3xsaIt9lhrO1btlHWdFhSUrjrEAdL7EcLTp0oZeOEBKQQ+xzeQGn8
2Idnfs+OdP4eIEvC2hcYa8+w5arVpPirLUaZWRSDWpJN7/Lu3Cf+ydFghsJT5V1O
CErdDgZxwNU3S2zQc7L2kkbzNGZmuIcmR+0KpM4QlmKUxg5eSYJ/8NV2iZhEapqk
PkPef4CVJOhPzIb5xZZxixkl6AEnoMDHJzp+LuCHOTR9i2og27+5XIJyV38Yxovk
zM3yWE+6e4201jjqxdjvMdsUjVECAwEAAaOCAqUwggKhMB0GA1UdDgQWBBSuNGNt
oVbuKA/rcnaoKimMPY4ekzAfBgNVHSMEGDAWgBTNUjK2PGqDKZDIZwfLc5vcBNua
WTAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2MTE0QUEvODZENkU1N0VCRThGMTFFRTgzMkY0NDkxNzc1NDEyRTYvelZJeXRq
eHFneW1ReUdjSHkzT2IzQVRibWxrLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvelZJeXRqeHFneW1ReUdjSHkzT2IzQVRibWxrLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2MTE0QUEvODZENkU1N0VCRThGMTFFRTgzMkY0NDkxNzc1
NDEyRTYvNURFRjhBQjhCRTlEMTFFRUE1M0U0MEE4Nzc1NDEyRTYucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAGbWaTANBgkqhkiG9w0BAQsF
AAOCAQEAk+Q9LYvlvQcQpiVpJrj/gVWYxszWmUFd4amDRtLiNPZBGB2GGwMeFl7f
qiFQK8u/W+j1IWkVtLaLhFoKeU45HSDoH5haxs7EIQvtT9vB+NxbzTUhej+z2P3K
CIOUAPSEGZl8zGroi4Fwt/biMmivl+zBHoSV/sX8RU8RxhjP3lI9BFw9Uox3/Jq4
J0qqtXMRtXfxaI/4YEpux+oAFN5FqqT4NF1oporqVfLTQGzW++bm/KXAMy2Me0Pp
/V3UCjBPRPwoNNBSeIL04JBEsrEffwWE1klS7lVgFon5GMakxz8tMpTOAI9DH28G
ymimPFFXLPm+LJ9ImyM9JQXslH3Mtg==
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:03:30 2024 by rpki-client on console-ams.rpki-client.org