Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3614659/6656DE746DF811ECBCC210765A40D577/2DD8D0E8AB0311EFB5FA8872762E951A.roa
File: 2DD8D0E8AB0311EFB5FA8872762E951A.roa (raw, json)
Hash identifier: sAAH78D6fmER4zvIrut/NqkddQSLI5cJgPgyMtoMZ2A=
Subject key identifier: 17:46:16:30:67:7C:22:48:80:36:06:38:1D:15:7E:EC:5D:A2:E9:DA
Certificate issuer: /CN=F3614659AF/serialNumber=60A0E5D1AC66C8AE3B7C9E6A8EF5BC04B8BBB88E
Certificate serial: 0577
Authority key identifier: 60:A0:E5:D1:AC:66:C8:AE:3B:7C:9E:6A:8E:F5:BC:04:B8:BB:B8:8E
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/YKDl0axmyK47fJ5qjvW8BLi7uI4.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3614659/6656DE746DF811ECBCC210765A40D577/2DD8D0E8AB0311EFB5FA8872762E951A.roa
Signing time: Mon 25 Nov 2024 07:59:21 +0000
ROA not before: Mon 25 Nov 2024 07:59:18 +0000
ROA not after: Mon 25 Nov 2030 07:59:18 +0000
asID: 60841
IP address blocks: 102.215.224.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3614659/6656DE746DF811ECBCC210765A40D577/YKDl0axmyK47fJ5qjvW8BLi7uI4.crl
rsync://rpki.afrinic.net/repository/member_repository/F3614659/6656DE746DF811ECBCC210765A40D577/YKDl0axmyK47fJ5qjvW8BLi7uI4.mft
rsync://rpki.afrinic.net/repository/afrinic/YKDl0axmyK47fJ5qjvW8BLi7uI4.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:05:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1399 (0x577)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3614659AF
Validity
Not Before: Nov 25 07:59:18 2024 GMT
Not After : Nov 25 07:59:18 2030 GMT
Subject: CN=67442e59-771e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:ee:77:01:19:25:8c:9c:5c:65:28:2e:0b:67:
e0:f5:b9:41:b0:01:53:85:5b:72:66:b3:dd:1d:e0:
1b:51:62:57:b6:32:23:ad:4a:f7:61:d8:f3:da:58:
0c:49:57:c0:1a:b0:69:cd:b0:9f:4e:8e:fe:36:46:
5a:99:ba:8b:f3:ce:d4:79:f0:ff:e0:0f:c9:af:23:
6b:db:6d:48:72:56:4d:0e:8e:ae:69:35:5c:61:9f:
dc:b0:07:f4:da:51:50:c4:f0:32:2c:c6:f5:f9:ad:
b8:60:1b:95:94:e6:0d:d4:3c:f9:05:1f:d7:47:21:
b1:45:2e:75:fb:2f:ef:ad:db:b3:23:bd:d5:6d:ef:
1b:ab:a3:33:02:74:62:54:1d:25:5f:0f:82:9a:e3:
31:da:ac:f7:c2:28:79:9d:e1:b0:df:de:44:62:39:
35:bf:3b:9b:47:17:aa:27:f2:94:19:73:ee:4c:30:
d5:cd:53:f5:0b:17:18:39:78:d7:bc:ff:b1:ac:35:
d6:96:06:1c:be:5f:e9:fb:7c:20:bd:ea:af:42:33:
8a:a9:3f:51:f7:54:4d:40:cf:24:d8:bf:01:aa:1e:
6d:fb:76:3d:94:4a:80:c4:b1:60:0a:2f:6c:f9:f9:
d2:d6:ba:13:9e:6f:90:2d:cb:78:0b:3d:42:f8:3f:
78:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:46:16:30:67:7C:22:48:80:36:06:38:1D:15:7E:EC:5D:A2:E9:DA
X509v3 Authority Key Identifier:
keyid:60:A0:E5:D1:AC:66:C8:AE:3B:7C:9E:6A:8E:F5:BC:04:B8:BB:B8:8E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3614659/6656DE746DF811ECBCC210765A40D577/YKDl0axmyK47fJ5qjvW8BLi7uI4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/YKDl0axmyK47fJ5qjvW8BLi7uI4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3614659/6656DE746DF811ECBCC210765A40D577/2DD8D0E8AB0311EFB5FA8872762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.215.224.0/24
Signature Algorithm: sha256WithRSAEncryption
86:55:9e:07:71:82:41:0d:eb:38:a4:a9:13:ef:b8:c0:95:33:
0a:74:3e:f3:65:cc:9c:85:98:71:e4:d4:1a:b9:16:72:45:24:
d5:32:8e:7c:63:e3:5f:21:5e:50:ec:25:ee:ec:0d:fd:13:ad:
0f:59:cf:02:49:a7:a1:2e:f5:92:2e:73:c4:b8:58:3c:7f:88:
8b:d6:6b:0b:af:2b:66:3e:fd:eb:fb:a9:a3:7d:1e:77:bf:3f:
d5:1e:46:3d:41:89:fd:f7:61:97:03:2a:6a:24:f4:3b:df:7e:
bf:1c:84:07:07:88:44:59:3f:ee:b8:f0:4e:4f:ac:5e:6a:0d:
fb:1a:8a:a8:22:6d:0c:ee:32:17:fa:dc:00:8a:ee:ca:c5:3a:
6d:0e:68:24:d6:17:19:11:7a:56:76:14:87:7f:d1:f2:ef:af:
cd:50:09:ff:da:ef:fd:f4:a6:c4:64:de:95:13:ac:96:bf:d0:
7d:9e:e3:da:c3:31:8a:34:47:08:47:20:39:cf:d3:e5:3d:7b:
1e:51:aa:38:2a:d5:17:9a:e6:8a:3b:28:62:7f:9f:03:d1:26:
21:b8:72:d6:d1:df:92:2c:bc:e2:1a:1e:14:c9:d8:e4:35:e2:
4c:75:c4:87:f6:21:d8:6a:aa:f5:ba:0e:ac:66:b7:12:86:b4:
e8:c2:ef:9e
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICBXcwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
MTQ2NTlBRjExMC8GA1UEBRMoNjBBMEU1RDFBQzY2QzhBRTNCN0M5RTZBOEVGNUJD
MDRCOEJCQjg4RTAeFw0yNDExMjUwNzU5MThaFw0zMDExMjUwNzU5MThaMBgxFjAU
BgNVBAMTDTY3NDQyZTU5LTc3MWUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC97ncBGSWMnFxlKC4LZ+D1uUGwAVOFW3Jms90d4BtRYle2MiOtSvdh2PPa
WAxJV8AasGnNsJ9Ojv42RlqZuovzztR58P/gD8mvI2vbbUhyVk0Ojq5pNVxhn9yw
B/TaUVDE8DIsxvX5rbhgG5WU5g3UPPkFH9dHIbFFLnX7L++t27MjvdVt7xurozMC
dGJUHSVfD4Ka4zHarPfCKHmd4bDf3kRiOTW/O5tHF6on8pQZc+5MMNXNU/ULFxg5
eNe8/7GsNdaWBhy+X+n7fCC96q9CM4qpP1H3VE1AzyTYvwGqHm37dj2USoDEsWAK
L2z5+dLWuhOeb5Aty3gLPUL4P3izAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUF0YW
MGd8IkiANgY4HRV+7F2i6dowHwYDVR0jBBgwFoAUYKDl0axmyK47fJ5qjvW8BLi7
uI4wDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjE0NjU5LzY2NTZERTc0NkRGODExRUNCQ0MyMTA3NjVBNDBENTc3L1lLRGww
YXhteUs0N2ZKNXFqdlc4QkxpN3VJNC5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL1lLRGwwYXhteUs0N2ZKNXFqdlc4QkxpN3VJNC5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjE0NjU5LzY2NTZERTc0NkRGODExRUNCQ0MyMTA3NjVB
NDBENTc3LzJERDhEMEU4QUIwMzExRUZCNUZBODg3Mjc2MkU5NTFBLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABm1+AwDQYJKoZIhvcNAQEL
BQADggEBAIZVngdxgkEN6zikqRPvuMCVMwp0PvNlzJyFmHHk1Bq5FnJFJNUyjnxj
418hXlDsJe7sDf0TrQ9ZzwJJp6Eu9ZIuc8S4WDx/iIvWawuvK2Y+/ev7qaN9Hne/
P9UeRj1Bif33YZcDKmok9Dvffr8chAcHiERZP+648E5PrF5qDfsaiqgibQzuMhf6
3ACK7srFOm0OaCTWFxkRelZ2FId/0fLvr81QCf/a7/30psRk3pUTrJa/0H2e49rD
MYo0RwhHIDnP0+U9ex5Rqjgq1Rea5oo7KGJ/nwPRJiG4ctbR35IsvOIaHhTJ2OQ1
4kx1xIf2IdhqqvW6DqxmtxKGtOjC754=
-----END CERTIFICATE-----
Generated at Wed Feb 5 10:47:55 2025 by rpki-client