Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36114AA/86D6E57EBE8F11EE832F4491775412E6/8C387FCEBE9D11EEA544F8A8775412E6.roa
File: 8C387FCEBE9D11EEA544F8A8775412E6.roa (raw, json)
Hash identifier: 7a2h0aandtk+7wd2GG30FexJRyIFmO2jPX2swBuFU4w=
Subject key identifier: 9B:73:64:56:5F:B0:9E:77:E3:C5:A3:99:D1:F7:EE:58:E9:1C:C2:33
Certificate issuer: /CN=F36114AAAF/serialNumber=CD5232B63C6A832990C86707CB739BDC04DB9A59
Certificate serial: 16
Authority key identifier: CD:52:32:B6:3C:6A:83:29:90:C8:67:07:CB:73:9B:DC:04:DB:9A:59
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/zVIytjxqgymQyGcHy3Ob3ATbmlk.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36114AA/86D6E57EBE8F11EE832F4491775412E6/8C387FCEBE9D11EEA544F8A8775412E6.roa
Signing time: Mon 29 Jan 2024 11:57:17 +0000
ROA not before: Mon 29 Jan 2024 11:57:13 +0000
ROA not after: Thu 29 Jan 2026 11:57:13 +0000
asID: 21003
IP address blocks: 102.214.106.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36114AA/86D6E57EBE8F11EE832F4491775412E6/zVIytjxqgymQyGcHy3Ob3ATbmlk.crl
rsync://rpki.afrinic.net/repository/member_repository/F36114AA/86D6E57EBE8F11EE832F4491775412E6/zVIytjxqgymQyGcHy3Ob3ATbmlk.mft
rsync://rpki.afrinic.net/repository/afrinic/zVIytjxqgymQyGcHy3Ob3ATbmlk.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 04 Jun 2024 00:04:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 22 (0x16)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36114AAAF/serialNumber=CD5232B63C6A832990C86707CB739BDC04DB9A59
Validity
Not Before: Jan 29 11:57:13 2024 GMT
Not After : Jan 29 11:57:13 2026 GMT
Subject: CN=65b7929d-f616
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:75:03:88:ae:f6:fe:f1:4c:6e:d9:98:d4:a7:
d8:5f:4a:16:8e:ea:4c:a8:88:3c:25:55:1c:63:02:
37:45:9f:ab:6c:8c:9a:01:4d:49:ff:b5:54:e1:6a:
97:cf:ac:42:4e:44:dc:de:ed:85:7d:78:20:c5:82:
19:05:9d:52:c7:1a:f4:5b:23:df:29:05:70:b6:0f:
d5:4f:8a:25:2f:ef:14:11:eb:69:3e:e1:a5:79:18:
c9:ab:fa:09:ac:87:32:cb:04:7d:c9:94:0c:2e:f3:
2f:2a:51:3c:32:ff:b4:93:08:b8:21:bb:e7:96:0d:
30:44:b5:48:1d:a9:9b:ed:ff:e9:52:97:8f:ea:72:
b4:d2:d3:54:c8:c2:7b:2a:6f:1a:03:66:42:ad:23:
26:88:5e:dc:de:11:25:bf:da:dd:61:21:ac:53:76:
78:b6:4c:8e:14:68:1f:61:d2:e3:e9:5e:cf:98:c3:
a3:1b:84:12:a4:15:e9:bd:c4:40:52:3f:7b:4b:84:
dd:47:2f:cb:18:71:fa:20:83:66:db:52:6c:b2:8b:
00:9c:ad:cb:20:02:e7:b5:6f:78:59:64:66:6b:ff:
17:95:bb:14:77:ea:e6:6b:f2:fd:02:b8:b5:6b:6f:
35:20:59:93:15:9a:ce:b7:a0:1b:7b:9e:4d:4d:8a:
ff:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:73:64:56:5F:B0:9E:77:E3:C5:A3:99:D1:F7:EE:58:E9:1C:C2:33
X509v3 Authority Key Identifier:
keyid:CD:52:32:B6:3C:6A:83:29:90:C8:67:07:CB:73:9B:DC:04:DB:9A:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36114AA/86D6E57EBE8F11EE832F4491775412E6/zVIytjxqgymQyGcHy3Ob3ATbmlk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/zVIytjxqgymQyGcHy3Ob3ATbmlk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36114AA/86D6E57EBE8F11EE832F4491775412E6/8C387FCEBE9D11EEA544F8A8775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.214.106.0/24
Signature Algorithm: sha256WithRSAEncryption
28:bc:8e:34:c7:5b:03:d4:73:d8:e3:29:75:47:d8:ac:eb:d7:
b7:12:90:29:57:87:6c:0c:47:c8:69:73:d9:25:65:c5:7f:eb:
48:3b:09:ea:62:c6:9c:5f:4e:d7:df:34:3b:7f:00:68:0a:dc:
59:cc:7c:f0:f3:bd:c6:bb:7a:9a:03:b7:d9:22:96:27:cc:d8:
83:87:2e:ec:55:e8:9b:6b:c2:b9:9f:7c:9d:b1:ae:84:e4:c0:
f5:b3:16:fe:6b:b2:fe:7a:4f:ff:0b:10:d4:79:fd:dd:f8:d8:
e6:62:ae:13:fb:29:6e:43:14:8b:0f:73:b2:a0:41:61:d8:15:
eb:a9:e1:b1:43:f3:56:7e:84:8f:8c:da:06:fd:b5:4b:b5:c6:
3e:01:68:21:23:92:84:94:01:44:4a:df:ce:21:fa:dc:c5:4b:
00:89:a9:2b:09:6e:0c:af:45:01:1b:fb:f6:c2:cb:dc:ed:62:
52:91:54:d2:7a:30:5f:82:b9:f0:b8:49:01:82:c5:65:e3:5c:
af:f9:89:7e:60:7a:ec:9b:ce:9a:06:d3:65:e7:a4:f7:65:a7:
21:e2:0b:8c:22:13:52:f8:cc:5a:9c:0c:e9:97:91:81:f1:73:
14:f6:9b:ac:22:dc:99:95:18:20:ec:4f:d2:9c:25:8e:36:59:
8c:58:80:6a
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBFjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzYx
MTRBQUFGMTEwLwYDVQQFEyhDRDUyMzJCNjNDNkE4MzI5OTBDODY3MDdDQjczOUJE
QzA0REI5QTU5MB4XDTI0MDEyOTExNTcxM1oXDTI2MDEyOTExNTcxM1owGDEWMBQG
A1UEAxMNNjViNzkyOWQtZjYxNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMN1A4iu9v7xTG7ZmNSn2F9KFo7qTKiIPCVVHGMCN0Wfq2yMmgFNSf+1VOFq
l8+sQk5E3N7thX14IMWCGQWdUsca9Fsj3ykFcLYP1U+KJS/vFBHraT7hpXkYyav6
CayHMssEfcmUDC7zLypRPDL/tJMIuCG755YNMES1SB2pm+3/6VKXj+pytNLTVMjC
eypvGgNmQq0jJohe3N4RJb/a3WEhrFN2eLZMjhRoH2HS4+lez5jDoxuEEqQV6b3E
QFI/e0uE3Ucvyxhx+iCDZttSbLKLAJytyyAC57VveFlkZmv/F5W7FHfq5mvy/QK4
tWtvNSBZkxWazregG3ueTU2K/+UCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBSbc2RW
X7Ced+PFo5nR9+5Y6RzCMzAfBgNVHSMEGDAWgBTNUjK2PGqDKZDIZwfLc5vcBNua
WTAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2MTE0QUEvODZENkU1N0VCRThGMTFFRTgzMkY0NDkxNzc1NDEyRTYvelZJeXRq
eHFneW1ReUdjSHkzT2IzQVRibWxrLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvelZJeXRqeHFneW1ReUdjSHkzT2IzQVRibWxrLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2MTE0QUEvODZENkU1N0VCRThGMTFFRTgzMkY0NDkxNzc1
NDEyRTYvOEMzODdGQ0VCRTlEMTFFRUE1NDRGOEE4Nzc1NDEyRTYucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAGbWajANBgkqhkiG9w0BAQsF
AAOCAQEAKLyONMdbA9Rz2OMpdUfYrOvXtxKQKVeHbAxHyGlz2SVlxX/rSDsJ6mLG
nF9O1980O38AaArcWcx88PO9xrt6mgO32SKWJ8zYg4cu7FXom2vCuZ98nbGuhOTA
9bMW/muy/npP/wsQ1Hn93fjY5mKuE/spbkMUiw9zsqBBYdgV66nhsUPzVn6Ej4za
Bv21S7XGPgFoISOShJQBRErfziH63MVLAImpKwluDK9FARv79sLL3O1iUpFU0now
X4K58LhJAYLFZeNcr/mJfmB67JvOmgbTZeek92WnIeILjCITUvjMWpwM6ZeRgfFz
FPabrCLcmZUYIOxP0pwljjZZjFiAag==
-----END CERTIFICATE-----
Generated at Sun Jun 2 03:39:34 2024 by rpki-client on console-ams.rpki-client.org