Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3613F08/BF472C78690511EEB09925884AD9E6FC/AC0A32D0690611EEB3384E8B4AD9E6FC.roa
File: AC0A32D0690611EEB3384E8B4AD9E6FC.roa (raw, json)
Hash identifier: kErDXNR3ZNhWVzlb8Vo/Il2bfhwKojLKehJI3WdRMNI=
Subject key identifier: A0:80:39:3C:86:E8:08:BA:D4:2F:6F:BD:2D:08:87:5F:6C:5F:42:27
Certificate issuer: /CN=F3613F08AF/serialNumber=33E846614E15442C68005A5E3FCE5CB756E04A7F
Certificate serial: 02
Authority key identifier: 33:E8:46:61:4E:15:44:2C:68:00:5A:5E:3F:CE:5C:B7:56:E0:4A:7F
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/M-hGYU4VRCxoAFpeP85ct1bgSn8.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3613F08/BF472C78690511EEB09925884AD9E6FC/AC0A32D0690611EEB3384E8B4AD9E6FC.roa
Signing time: Thu 12 Oct 2023 13:53:07 +0000
ROA not before: Thu 12 Oct 2023 13:53:04 +0000
ROA not after: Sat 31 Dec 2033 13:53:04 +0000
asID: 328917
IP address blocks: 102.211.124.0/22 maxlen: 24
102.219.76.0/22 maxlen: 24
2c0f:5240::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3613F08/BF472C78690511EEB09925884AD9E6FC/M-hGYU4VRCxoAFpeP85ct1bgSn8.crl
rsync://rpki.afrinic.net/repository/member_repository/F3613F08/BF472C78690511EEB09925884AD9E6FC/M-hGYU4VRCxoAFpeP85ct1bgSn8.mft
rsync://rpki.afrinic.net/repository/afrinic/M-hGYU4VRCxoAFpeP85ct1bgSn8.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 27 Nov 2024 00:05:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3613F08AF/serialNumber=33E846614E15442C68005A5E3FCE5CB756E04A7F
Validity
Not Before: Oct 12 13:53:04 2023 GMT
Not After : Dec 31 13:53:04 2033 GMT
Subject: CN=6527fa43-16ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:11:c7:74:1e:f9:fe:c0:c7:a7:99:6a:77:c7:
68:8d:6d:c8:7c:85:f6:57:e8:2d:d2:99:34:8e:d1:
f0:19:4a:b8:92:78:72:97:9b:0d:75:5c:22:0c:a0:
60:b1:f7:61:43:5e:9c:ec:5d:c7:0b:d1:0b:56:f5:
2b:24:98:0e:d1:be:b5:9f:d6:26:f9:d9:bf:3e:7e:
c4:57:99:21:ae:c5:50:cf:13:36:51:4a:16:2f:66:
c4:2d:14:c2:44:40:c0:49:78:31:15:ee:be:39:bc:
1f:af:1c:83:3e:eb:80:24:ae:ec:57:aa:e7:fc:70:
dc:a9:17:bf:98:89:d7:5d:4a:84:5a:52:df:74:99:
cb:9f:2d:ae:22:99:9f:da:4d:09:7a:82:66:1c:9c:
f9:bb:63:59:ab:bf:61:1c:6c:d7:bb:47:c5:f0:cb:
db:18:8d:a8:61:55:30:10:47:78:54:3a:52:de:4f:
0a:74:f4:30:71:a5:96:23:05:98:f8:b4:6d:31:f6:
e2:65:8a:e4:07:d1:35:b2:e6:3d:bc:3a:66:92:d4:
12:a3:ab:41:a5:35:2c:cb:3e:97:c7:62:9b:0e:d4:
d5:bd:74:8b:58:86:ff:13:dc:00:99:8f:19:fe:b2:
dd:69:ba:3b:36:43:91:d2:3e:81:d8:ed:9b:9f:b6:
2f:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:80:39:3C:86:E8:08:BA:D4:2F:6F:BD:2D:08:87:5F:6C:5F:42:27
X509v3 Authority Key Identifier:
keyid:33:E8:46:61:4E:15:44:2C:68:00:5A:5E:3F:CE:5C:B7:56:E0:4A:7F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3613F08/BF472C78690511EEB09925884AD9E6FC/M-hGYU4VRCxoAFpeP85ct1bgSn8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/M-hGYU4VRCxoAFpeP85ct1bgSn8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3613F08/BF472C78690511EEB09925884AD9E6FC/AC0A32D0690611EEB3384E8B4AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.211.124.0/22
102.219.76.0/22
IPv6:
2c0f:5240::/32
Signature Algorithm: sha256WithRSAEncryption
55:21:0b:9a:92:a9:f2:6d:8e:d1:e6:21:36:30:da:ed:66:52:
63:61:d0:9b:0a:bd:1b:dd:43:a7:9d:2a:8c:3b:8b:23:9c:54:
86:36:70:6b:1f:57:f8:22:42:ba:c1:bd:11:b2:1e:26:fe:58:
ae:34:be:6e:d8:eb:f1:5c:4a:e1:12:36:d9:7d:5e:4a:db:61:
00:39:29:d9:a1:dc:62:25:22:31:80:aa:7d:0a:34:bc:f2:ae:
c8:66:d2:cb:c3:40:0c:05:cd:69:cc:a1:04:28:84:a6:bf:5f:
8e:5a:47:e2:27:b3:a0:b6:fe:49:15:75:f7:06:2c:01:f9:a6:
b1:05:e4:93:5c:f3:57:6d:f8:83:cc:23:cd:da:bb:c6:0e:fc:
e8:25:a3:76:82:c9:c1:d3:6b:ee:aa:81:c1:ef:42:2a:c5:bf:
6a:bd:3f:ca:80:77:66:2a:d7:52:90:40:fd:d9:58:99:d8:83:
2a:46:b7:82:a3:dd:94:7a:6a:62:99:fe:2c:74:75:1d:30:fd:
ef:d9:1d:c0:1b:22:39:de:4a:60:c3:03:a0:4b:e1:d0:6b:4d:
95:c9:c5:3f:5b:14:ae:93:7a:f0:86:58:3e:6d:ea:71:6e:6c:
76:72:f8:08:d2:19:62:8c:7f:32:85:9e:e0:b7:ce:7d:c0:b0:
04:f9:55:5b
-----BEGIN CERTIFICATE-----
MIIFlzCCBH+gAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzYx
M0YwOEFGMTEwLwYDVQQFEygzM0U4NDY2MTRFMTU0NDJDNjgwMDVBNUUzRkNFNUNC
NzU2RTA0QTdGMB4XDTIzMTAxMjEzNTMwNFoXDTMzMTIzMTEzNTMwNFowGDEWMBQG
A1UEAxMNNjUyN2ZhNDMtMTZlZDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOQRx3Qe+f7Ax6eZanfHaI1tyHyF9lfoLdKZNI7R8BlKuJJ4cpebDXVcIgyg
YLH3YUNenOxdxwvRC1b1KySYDtG+tZ/WJvnZvz5+xFeZIa7FUM8TNlFKFi9mxC0U
wkRAwEl4MRXuvjm8H68cgz7rgCSu7Feq5/xw3KkXv5iJ111KhFpS33SZy58triKZ
n9pNCXqCZhyc+btjWau/YRxs17tHxfDL2xiNqGFVMBBHeFQ6Ut5PCnT0MHGlliMF
mPi0bTH24mWK5AfRNbLmPbw6ZpLUEqOrQaU1LMs+l8dimw7U1b10i1iG/xPcAJmP
Gf6y3Wm6OzZDkdI+gdjtm5+2L+kCAwEAAaOCArowggK2MB0GA1UdDgQWBBSggDk8
hugIutQvb70tCIdfbF9CJzAfBgNVHSMEGDAWgBQz6EZhThVELGgAWl4/zly3VuBK
fzAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2MTNGMDgvQkY0NzJDNzg2OTA1MTFFRUIwOTkyNTg4NEFEOUU2RkMvTS1oR1lV
NFZSQ3hvQUZwZVA4NWN0MWJnU244LmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvTS1oR1lVNFZSQ3hvQUZwZVA4NWN0MWJnU244LmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2MTNGMDgvQkY0NzJDNzg2OTA1MTFFRUIwOTkyNTg4NEFE
OUU2RkMvQUMwQTMyRDA2OTA2MTFFRUIzMzg0RThCNEFEOUU2RkMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDA0BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEAmbTfAMEAmbbTDANBAIAAjAH
AwUALA9SQDANBgkqhkiG9w0BAQsFAAOCAQEAVSELmpKp8m2O0eYhNjDa7WZSY2HQ
mwq9G91Dp50qjDuLI5xUhjZwax9X+CJCusG9EbIeJv5YrjS+btjr8VxK4RI22X1e
StthADkp2aHcYiUiMYCqfQo0vPKuyGbSy8NADAXNacyhBCiEpr9fjlpH4iezoLb+
SRV19wYsAfmmsQXkk1zzV234g8wjzdq7xg786CWjdoLJwdNr7qqBwe9CKsW/ar0/
yoB3ZirXUpBA/dlYmdiDKka3gqPdlHpqYpn+LHR1HTD979kdwBsiOd5KYMMDoEvh
0GtNlcnFP1sUrpN68IZYPm3qcW5sdnL4CNIZYox/MoWe4LfOfcCwBPlVWw==
-----END CERTIFICATE-----
Generated at Mon Nov 25 04:43:42 2024 by rpki-client on console-ams.rpki-client.org