Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36145DB/5530F6D8CA2811ED94556695F1222468/90E875C0904C11EF9772C688762E951A.roa
File: 90E875C0904C11EF9772C688762E951A.roa (raw, json)
Hash identifier: 09CupRDhj95mgucZxQrzaYLjNHjfWPA23pLSx9OJe5M=
Subject key identifier: CE:BB:1C:54:AE:72:B8:11:9C:0F:A5:92:8C:76:8C:D1:15:45:71:02
Certificate issuer: /CN=F36145DBAF/serialNumber=07345B4425EAA216D03B70E8803F3CC3ABE1751C
Certificate serial: 0259
Authority key identifier: 07:34:5B:44:25:EA:A2:16:D0:3B:70:E8:80:3F:3C:C3:AB:E1:75:1C
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/BzRbRCXqohbQO3DogD88w6vhdRw.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36145DB/5530F6D8CA2811ED94556695F1222468/90E875C0904C11EF9772C688762E951A.roa
Signing time: Tue 22 Oct 2024 08:06:40 +0000
ROA not before: Tue 22 Oct 2024 08:06:28 +0000
ROA not after: Wed 22 Oct 2025 08:06:28 +0000
asID: 327906
IP address blocks: 102.217.144.0/22 maxlen: 24
2c0f:f008::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36145DB/5530F6D8CA2811ED94556695F1222468/BzRbRCXqohbQO3DogD88w6vhdRw.crl
rsync://rpki.afrinic.net/repository/member_repository/F36145DB/5530F6D8CA2811ED94556695F1222468/BzRbRCXqohbQO3DogD88w6vhdRw.mft
rsync://rpki.afrinic.net/repository/afrinic/BzRbRCXqohbQO3DogD88w6vhdRw.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 601 (0x259)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36145DBAF/serialNumber=07345B4425EAA216D03B70E8803F3CC3ABE1751C
Validity
Not Before: Oct 22 08:06:28 2024 GMT
Not After : Oct 22 08:06:28 2025 GMT
Subject: CN=67175d0f-627a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:0a:a9:18:e9:61:8f:17:46:6b:b8:89:1c:c0:
33:fa:2b:30:93:0b:cc:59:b4:4e:0c:a9:69:5a:52:
23:77:ba:de:b7:f2:a6:09:a2:8a:1f:8f:4a:1c:91:
e5:27:39:7c:47:92:c9:0b:f5:d0:06:9b:01:42:7c:
c2:a0:f6:be:26:e1:01:a0:87:a8:66:ab:a0:33:29:
f2:50:48:b0:72:ea:96:c0:a2:e4:08:ab:02:76:84:
06:1d:30:e8:d0:c3:f3:fb:f9:f4:0d:f0:10:09:c0:
31:7c:35:6e:78:63:d1:56:ef:bc:c2:69:41:75:9d:
4e:70:b0:0b:21:59:c3:56:55:42:d1:7d:ed:8f:20:
1d:91:d2:14:72:93:fc:dc:6a:92:62:65:27:a3:e1:
b1:93:b6:50:bc:b9:69:2f:4e:28:11:e7:2d:d3:82:
b5:33:f9:40:cf:26:07:8e:57:ad:fa:4f:da:3d:a2:
b0:03:28:70:27:62:cc:ef:a9:5d:13:17:98:de:0a:
14:57:b3:78:9e:ea:57:e9:68:85:10:95:99:ca:07:
7c:09:9b:ad:63:75:0f:0a:96:31:20:41:1f:f5:a4:
da:eb:24:30:1d:25:b3:97:99:ef:0b:ff:e6:59:20:
dc:63:e5:56:53:ba:f2:f2:d4:e0:c5:66:ac:8a:fb:
34:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:BB:1C:54:AE:72:B8:11:9C:0F:A5:92:8C:76:8C:D1:15:45:71:02
X509v3 Authority Key Identifier:
keyid:07:34:5B:44:25:EA:A2:16:D0:3B:70:E8:80:3F:3C:C3:AB:E1:75:1C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36145DB/5530F6D8CA2811ED94556695F1222468/BzRbRCXqohbQO3DogD88w6vhdRw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/BzRbRCXqohbQO3DogD88w6vhdRw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36145DB/5530F6D8CA2811ED94556695F1222468/90E875C0904C11EF9772C688762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.217.144.0/22
IPv6:
2c0f:f008::/32
Signature Algorithm: sha256WithRSAEncryption
35:f0:70:72:aa:6b:4d:51:dd:30:09:7f:33:97:58:87:a3:d6:
cb:3d:29:a1:f2:fa:15:be:21:cc:21:c2:8a:a4:7d:04:bc:fa:
56:45:0e:e3:b4:69:15:54:da:95:c5:c0:83:05:0d:d4:ac:d7:
07:79:54:53:47:d0:4d:4a:53:ec:e6:84:56:ec:bb:f0:5c:97:
24:9a:12:58:e6:c3:32:f4:7c:ec:f1:04:3d:59:c2:bc:ac:1b:
4c:56:10:97:dc:dc:cf:11:bb:72:fd:f2:ad:d5:27:6e:fc:5c:
c6:7b:71:8d:f7:2c:cf:5f:e7:31:d5:8f:08:c9:9d:2f:b5:8c:
94:59:b5:3c:9c:3e:5f:3e:50:9c:3c:8e:3e:90:ce:e9:fa:da:
65:29:50:f8:df:91:19:97:39:14:d0:a5:dd:1a:5f:64:f2:dd:
d4:f3:a9:e1:65:b0:05:84:63:f4:36:63:b8:ef:13:88:a9:e1:
02:b8:fe:49:1d:c0:5d:77:6f:fe:7f:f3:4f:b4:fc:4a:4b:2d:
c9:1e:a5:d9:7f:34:ec:2f:e0:41:c5:3b:54:38:41:90:0c:aa:
ec:e7:de:e2:2a:b2:86:ed:b6:ab:ea:61:56:c3:f8:5f:ee:3a:
3e:1f:a3:72:84:51:6d:76:3f:cc:2c:83:f0:ea:f3:11:af:a0:
33:3b:03:19
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgICAlkwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
MTQ1REJBRjExMC8GA1UEBRMoMDczNDVCNDQyNUVBQTIxNkQwM0I3MEU4ODAzRjND
QzNBQkUxNzUxQzAeFw0yNDEwMjIwODA2MjhaFw0yNTEwMjIwODA2MjhaMBgxFjAU
BgNVBAMTDTY3MTc1ZDBmLTYyN2EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC0CqkY6WGPF0ZruIkcwDP6KzCTC8xZtE4MqWlaUiN3ut638qYJooofj0oc
keUnOXxHkskL9dAGmwFCfMKg9r4m4QGgh6hmq6AzKfJQSLBy6pbAouQIqwJ2hAYd
MOjQw/P7+fQN8BAJwDF8NW54Y9FW77zCaUF1nU5wsAshWcNWVULRfe2PIB2R0hRy
k/zcapJiZSej4bGTtlC8uWkvTigR5y3TgrUz+UDPJgeOV636T9o9orADKHAnYszv
qV0TF5jeChRXs3ie6lfpaIUQlZnKB3wJm61jdQ8KljEgQR/1pNrrJDAdJbOXme8L
/+ZZINxj5VZTuvLy1ODFZqyK+zQBAgMBAAGjggK0MIICsDAdBgNVHQ4EFgQUzrsc
VK5yuBGcD6WSjHaM0RVFcQIwHwYDVR0jBBgwFoAUBzRbRCXqohbQO3DogD88w6vh
dRwwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjE0NURCLzU1MzBGNkQ4Q0EyODExRUQ5NDU1NjY5NUYxMjIyNDY4L0J6UmJS
Q1hxb2hiUU8zRG9nRDg4dzZ2aGRSdy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0J6UmJSQ1hxb2hiUU8zRG9nRDg4dzZ2aGRSdy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjE0NURCLzU1MzBGNkQ4Q0EyODExRUQ5NDU1NjY5NUYx
MjIyNDY4LzkwRTg3NUMwOTA0QzExRUY5NzcyQzY4ODc2MkU5NTFBLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBAJm2ZAwDQQCAAIwBwMFACwP
8AgwDQYJKoZIhvcNAQELBQADggEBADXwcHKqa01R3TAJfzOXWIej1ss9KaHy+hW+
IcwhwoqkfQS8+lZFDuO0aRVU2pXFwIMFDdSs1wd5VFNH0E1KU+zmhFbsu/BclySa
EljmwzL0fOzxBD1ZwrysG0xWEJfc3M8Ru3L98q3VJ278XMZ7cY33LM9f5zHVjwjJ
nS+1jJRZtTycPl8+UJw8jj6Qzun62mUpUPjfkRmXORTQpd0aX2Ty3dTzqeFlsAWE
Y/Q2Y7jvE4ip4QK4/kkdwF13b/5/80+0/EpLLckepdl/NOwv4EHFO1Q4QZAMquzn
3uIqsobttqvqYVbD+F/uOj4fo3KEUW12P8wsg/Dq8xGvoDM7Axk=
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:52:52 2024 by rpki-client on console-fra.rpki-client.org