Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36114AA/86D6E57EBE8F11EE832F4491775412E6/7D9A0CEEBE9811EEAA3929A0775412E6.roa
File: 7D9A0CEEBE9811EEAA3929A0775412E6.roa (raw, json)
Hash identifier: QAI8gTiTkofleiNwqNNvOdSN9OEqHznr5e0GGNajQk0=
Subject key identifier: EB:3B:E0:BD:EC:EE:88:31:1B:DA:7D:14:D6:40:19:7B:0D:B7:1E:27
Certificate issuer: /CN=F36114AAAF/serialNumber=CD5232B63C6A832990C86707CB739BDC04DB9A59
Certificate serial: 04
Authority key identifier: CD:52:32:B6:3C:6A:83:29:90:C8:67:07:CB:73:9B:DC:04:DB:9A:59
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/zVIytjxqgymQyGcHy3Ob3ATbmlk.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36114AA/86D6E57EBE8F11EE832F4491775412E6/7D9A0CEEBE9811EEAA3929A0775412E6.roa
Signing time: Mon 29 Jan 2024 11:21:05 +0000
ROA not before: Mon 29 Jan 2024 11:21:01 +0000
ROA not after: Thu 29 Jan 2026 11:21:01 +0000
asID: 21003
IP address blocks: 102.68.129.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36114AA/86D6E57EBE8F11EE832F4491775412E6/zVIytjxqgymQyGcHy3Ob3ATbmlk.crl
rsync://rpki.afrinic.net/repository/member_repository/F36114AA/86D6E57EBE8F11EE832F4491775412E6/zVIytjxqgymQyGcHy3Ob3ATbmlk.mft
rsync://rpki.afrinic.net/repository/afrinic/zVIytjxqgymQyGcHy3Ob3ATbmlk.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4 (0x4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36114AAAF/serialNumber=CD5232B63C6A832990C86707CB739BDC04DB9A59
Validity
Not Before: Jan 29 11:21:01 2024 GMT
Not After : Jan 29 11:21:01 2026 GMT
Subject: CN=65b78a21-e73d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:62:fb:50:8e:f9:5d:75:6a:f6:37:fe:6f:3a:
02:bc:ef:8c:9b:d1:34:15:1d:9b:2c:cf:58:56:09:
1c:54:f8:e3:90:ac:e5:95:cc:5b:25:62:f6:f3:75:
fd:bf:06:1f:14:0f:c2:8c:c5:7c:3b:55:70:78:21:
24:c9:96:65:05:0f:4d:64:81:dd:51:24:a1:76:a6:
e4:7e:68:01:88:e5:48:5b:30:94:29:e4:12:4c:ad:
80:68:96:4e:93:24:13:6b:1a:1f:63:9b:8d:54:c2:
db:2f:a4:97:e6:a4:26:56:67:32:fe:18:e5:38:74:
3c:88:6d:8b:20:95:9b:d6:29:56:cc:91:5b:88:35:
00:32:2e:86:2b:47:05:9b:09:8e:1d:c3:d2:6a:2f:
38:23:00:de:1f:b1:b0:df:23:3a:f6:2f:a1:d9:a1:
16:cd:77:c6:23:e6:b7:cb:f4:06:c3:aa:b3:de:8b:
0e:7d:9a:0f:45:fa:39:50:12:47:5d:31:cc:f4:ac:
10:1f:98:67:ad:0d:41:e3:e2:f0:88:66:e5:63:1d:
d6:e8:11:bd:f9:d4:ce:0b:5a:3d:a1:a8:dd:24:3a:
54:0b:dc:0a:a6:88:4c:47:21:66:ac:d4:d5:e4:d6:
04:be:01:a7:47:ea:c9:55:f4:37:89:93:7f:d5:c3:
b1:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:3B:E0:BD:EC:EE:88:31:1B:DA:7D:14:D6:40:19:7B:0D:B7:1E:27
X509v3 Authority Key Identifier:
keyid:CD:52:32:B6:3C:6A:83:29:90:C8:67:07:CB:73:9B:DC:04:DB:9A:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36114AA/86D6E57EBE8F11EE832F4491775412E6/zVIytjxqgymQyGcHy3Ob3ATbmlk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/zVIytjxqgymQyGcHy3Ob3ATbmlk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36114AA/86D6E57EBE8F11EE832F4491775412E6/7D9A0CEEBE9811EEAA3929A0775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.68.129.0/24
Signature Algorithm: sha256WithRSAEncryption
57:f3:ac:11:e5:d1:e0:f7:07:41:fd:fb:c6:44:c4:4c:5e:43:
8a:80:44:e5:76:35:c9:66:42:92:7a:25:e5:0f:5a:db:b1:91:
ff:cb:02:6a:25:b9:d2:ac:d1:55:12:6a:22:6d:37:dd:35:79:
59:72:69:f8:cb:4a:b1:b8:04:74:42:7a:31:17:bb:17:2d:61:
04:de:c0:db:19:bb:16:d1:d6:a0:59:dc:4e:bd:6e:c6:46:55:
8b:bb:f3:6e:b5:a7:f4:a6:ff:7d:94:6c:cb:b2:f9:fe:61:01:
bb:b1:ee:09:34:2e:64:3a:00:95:91:c4:e7:3a:fa:33:8b:a1:
79:40:f9:e8:78:37:31:9d:d0:ee:d5:ee:7c:60:19:a8:e1:d7:
82:ac:4c:7e:0d:f2:36:fa:fa:89:8f:d6:42:a5:0c:de:87:d5:
da:44:ed:2d:02:72:c8:ac:f1:b9:aa:16:cd:37:c0:26:c0:56:
90:ec:65:a8:2b:23:8c:61:c3:d4:a4:ed:da:aa:f1:bd:50:2a:
71:40:da:b7:16:ca:d9:b9:3e:9b:2a:17:11:3e:bf:fe:a7:07:
2e:fd:11:e4:e3:70:1b:50:82:9b:dd:8d:87:f5:6a:17:48:65:
9e:98:53:23:a7:b3:76:52:6e:bf:b0:3f:f4:e6:d9:da:93:2d:
ad:f7:6d:a1
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBBDANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzYx
MTRBQUFGMTEwLwYDVQQFEyhDRDUyMzJCNjNDNkE4MzI5OTBDODY3MDdDQjczOUJE
QzA0REI5QTU5MB4XDTI0MDEyOTExMjEwMVoXDTI2MDEyOTExMjEwMVowGDEWMBQG
A1UEAxMNNjViNzhhMjEtZTczZDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMti+1CO+V11avY3/m86ArzvjJvRNBUdmyzPWFYJHFT445Cs5ZXMWyVi9vN1
/b8GHxQPwozFfDtVcHghJMmWZQUPTWSB3VEkoXam5H5oAYjlSFswlCnkEkytgGiW
TpMkE2saH2ObjVTC2y+kl+akJlZnMv4Y5Th0PIhtiyCVm9YpVsyRW4g1ADIuhitH
BZsJjh3D0movOCMA3h+xsN8jOvYvodmhFs13xiPmt8v0BsOqs96LDn2aD0X6OVAS
R10xzPSsEB+YZ60NQePi8Ihm5WMd1ugRvfnUzgtaPaGo3SQ6VAvcCqaITEchZqzU
1eTWBL4Bp0fqyVX0N4mTf9XDsXUCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBTrO+C9
7O6IMRvafRTWQBl7DbceJzAfBgNVHSMEGDAWgBTNUjK2PGqDKZDIZwfLc5vcBNua
WTAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2MTE0QUEvODZENkU1N0VCRThGMTFFRTgzMkY0NDkxNzc1NDEyRTYvelZJeXRq
eHFneW1ReUdjSHkzT2IzQVRibWxrLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvelZJeXRqeHFneW1ReUdjSHkzT2IzQVRibWxrLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2MTE0QUEvODZENkU1N0VCRThGMTFFRTgzMkY0NDkxNzc1
NDEyRTYvN0Q5QTBDRUVCRTk4MTFFRUFBMzkyOUEwNzc1NDEyRTYucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAGZEgTANBgkqhkiG9w0BAQsF
AAOCAQEAV/OsEeXR4PcHQf37xkTETF5DioBE5XY1yWZCknol5Q9a27GR/8sCaiW5
0qzRVRJqIm033TV5WXJp+MtKsbgEdEJ6MRe7Fy1hBN7A2xm7FtHWoFncTr1uxkZV
i7vzbrWn9Kb/fZRsy7L5/mEBu7HuCTQuZDoAlZHE5zr6M4uheUD56Hg3MZ3Q7tXu
fGAZqOHXgqxMfg3yNvr6iY/WQqUM3ofV2kTtLQJyyKzxuaoWzTfAJsBWkOxlqCsj
jGHD1KTt2qrxvVAqcUDatxbK2bk+myoXET6//qcHLv0R5ONwG1CCm92Nh/VqF0hl
nphTI6ezdlJuv7A/9ObZ2pMtrfdtoQ==
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:52:52 2024 by rpki-client on console-fra.rpki-client.org