Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3615533/D80AFE5C295711EFA79717F67CDC24C2/08F6F89E295911EFAEB4ADFB7CDC24C2.roa
File: 08F6F89E295911EFAEB4ADFB7CDC24C2.roa (raw, json)
Hash identifier: ISQZsHLWpfTcF1N56rrCqt5O7oqCjXKgBNZGt9pf+XI=
Subject key identifier: CB:8F:A2:63:AC:41:2B:7B:75:D8:D7:13:87:0D:A1:09:E5:BE:37:B3
Certificate issuer: /CN=F3615533AF/serialNumber=1CDF695DBF274D2C69AE2C00C2E4EE17C986A9ED
Certificate serial: 05
Authority key identifier: 1C:DF:69:5D:BF:27:4D:2C:69:AE:2C:00:C2:E4:EE:17:C9:86:A9:ED
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/HN9pXb8nTSxpriwAwuTuF8mGqe0.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3615533/D80AFE5C295711EFA79717F67CDC24C2/08F6F89E295911EFAEB4ADFB7CDC24C2.roa
Signing time: Thu 13 Jun 2024 07:46:25 +0000
ROA not before: Thu 13 Jun 2024 07:46:22 +0000
ROA not after: Thu 13 Jun 2030 07:46:22 +0000
asID: 328778
IP address blocks: 102.221.4.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3615533/D80AFE5C295711EFA79717F67CDC24C2/HN9pXb8nTSxpriwAwuTuF8mGqe0.crl
rsync://rpki.afrinic.net/repository/member_repository/F3615533/D80AFE5C295711EFA79717F67CDC24C2/HN9pXb8nTSxpriwAwuTuF8mGqe0.mft
rsync://rpki.afrinic.net/repository/afrinic/HN9pXb8nTSxpriwAwuTuF8mGqe0.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5 (0x5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3615533AF/serialNumber=1CDF695DBF274D2C69AE2C00C2E4EE17C986A9ED
Validity
Not Before: Jun 13 07:46:22 2024 GMT
Not After : Jun 13 07:46:22 2030 GMT
Subject: CN=666aa3d1-3e5f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:5f:aa:2f:42:c4:54:2f:b1:35:18:61:4f:64:
7d:2b:f6:dd:ea:4d:37:88:94:08:d0:5b:a3:ec:b6:
87:c9:6b:89:2f:97:4c:58:f8:f6:68:39:65:4e:6a:
3e:3b:0a:e0:17:63:68:c0:22:4b:45:41:9c:b4:86:
61:b8:d8:43:b8:07:04:3e:11:04:3a:66:5f:d7:f7:
67:22:d7:86:67:7b:90:f0:e0:70:b9:d4:64:59:23:
0d:2c:ac:a4:d6:5d:d2:06:aa:e7:18:48:1e:50:fb:
6b:15:f2:88:38:cd:3f:16:ed:31:69:42:e8:38:c1:
84:ad:f5:da:64:c5:05:39:cf:6f:71:3d:52:d1:7b:
07:57:a8:70:98:62:57:07:bf:58:c4:aa:91:11:6b:
e7:c3:0b:0e:20:87:73:3c:df:39:ed:82:cd:ca:67:
69:96:82:04:84:ef:d1:6e:3d:b2:d4:ea:1f:60:f7:
03:57:68:12:10:2f:d9:03:5c:a5:c3:28:a8:60:73:
f4:c8:36:fa:f1:6b:4e:48:42:59:a9:2d:82:6b:1b:
e9:45:74:6d:11:a6:3a:4b:c8:39:f4:3a:f3:fe:b8:
e0:be:bf:2d:d4:a4:7c:9f:18:55:e1:3b:c3:ff:3b:
38:2f:6c:29:0a:27:61:23:26:d6:65:3f:96:49:a7:
45:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:8F:A2:63:AC:41:2B:7B:75:D8:D7:13:87:0D:A1:09:E5:BE:37:B3
X509v3 Authority Key Identifier:
keyid:1C:DF:69:5D:BF:27:4D:2C:69:AE:2C:00:C2:E4:EE:17:C9:86:A9:ED
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3615533/D80AFE5C295711EFA79717F67CDC24C2/HN9pXb8nTSxpriwAwuTuF8mGqe0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/HN9pXb8nTSxpriwAwuTuF8mGqe0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3615533/D80AFE5C295711EFA79717F67CDC24C2/08F6F89E295911EFAEB4ADFB7CDC24C2.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.221.4.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:e5:f5:79:f7:49:41:01:5e:0d:1f:7d:e1:de:c9:83:de:71:
9f:28:e4:eb:05:ba:65:c7:aa:ca:d7:77:07:9c:8b:45:8a:18:
ae:5f:54:4c:03:07:fb:94:22:68:9c:09:79:1d:2a:c3:85:d6:
29:f1:50:ad:b5:9f:db:aa:01:50:b2:ab:bf:ed:ec:c4:df:37:
83:cd:f1:2c:2e:0a:20:eb:9d:1f:be:39:70:b9:5a:cf:89:ea:
64:c3:4f:5d:19:f2:2d:df:6b:e9:76:ec:3d:3a:69:0a:30:d4:
ed:26:0b:8e:0c:7d:d5:c8:80:eb:54:64:7e:1c:27:aa:5f:6b:
8e:09:8e:2e:95:05:74:8f:de:b9:a1:22:b0:b2:cd:32:36:f3:
d3:8a:c5:92:d2:4e:97:15:76:01:50:01:92:5c:29:03:2d:c5:
ec:81:4d:99:42:c7:8d:ab:87:ca:6b:a8:9b:bf:4f:0d:3d:f7:
96:9c:ef:3c:d5:60:b3:da:51:af:d9:4c:e7:a9:f2:cf:6e:c3:
45:2b:80:bd:be:ec:88:82:8e:cd:ab:3d:fe:27:27:c0:b9:8b:
f2:ac:83:5d:8d:0c:10:56:01:6b:b6:05:fa:de:e6:8a:f5:72:
ae:c2:f9:61:bf:9e:6f:22:11:17:d7:50:d3:2e:7d:2b:69:a0:
9d:7c:4d:a4
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBBTANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzYx
NTUzM0FGMTEwLwYDVQQFEygxQ0RGNjk1REJGMjc0RDJDNjlBRTJDMDBDMkU0RUUx
N0M5ODZBOUVEMB4XDTI0MDYxMzA3NDYyMloXDTMwMDYxMzA3NDYyMlowGDEWMBQG
A1UEAxMNNjY2YWEzZDEtM2U1ZjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALJfqi9CxFQvsTUYYU9kfSv23epNN4iUCNBbo+y2h8lriS+XTFj49mg5ZU5q
PjsK4BdjaMAiS0VBnLSGYbjYQ7gHBD4RBDpmX9f3ZyLXhmd7kPDgcLnUZFkjDSys
pNZd0gaq5xhIHlD7axXyiDjNPxbtMWlC6DjBhK312mTFBTnPb3E9UtF7B1eocJhi
Vwe/WMSqkRFr58MLDiCHczzfOe2CzcpnaZaCBITv0W49stTqH2D3A1doEhAv2QNc
pcMoqGBz9Mg2+vFrTkhCWaktgmsb6UV0bRGmOkvIOfQ68/644L6/LdSkfJ8YVeE7
w/87OC9sKQonYSMm1mU/lkmnRb0CAwEAAaOCAqUwggKhMB0GA1UdDgQWBBTLj6Jj
rEEre3XY1xOHDaEJ5b43szAfBgNVHSMEGDAWgBQc32ldvydNLGmuLADC5O4XyYap
7TAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2MTU1MzMvRDgwQUZFNUMyOTU3MTFFRkE3OTcxN0Y2N0NEQzI0QzIvSE45cFhi
OG5UU3hwcml3QXd1VHVGOG1HcWUwLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvSE45cFhiOG5UU3hwcml3QXd1VHVGOG1HcWUwLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2MTU1MzMvRDgwQUZFNUMyOTU3MTFFRkE3OTcxN0Y2N0NE
QzI0QzIvMDhGNkY4OUUyOTU5MTFFRkFFQjRBREZCN0NEQzI0QzIucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAGbdBDANBgkqhkiG9w0BAQsF
AAOCAQEAb+X1efdJQQFeDR994d7Jg95xnyjk6wW6Zceqytd3B5yLRYoYrl9UTAMH
+5QiaJwJeR0qw4XWKfFQrbWf26oBULKrv+3sxN83g83xLC4KIOudH745cLlaz4nq
ZMNPXRnyLd9r6XbsPTppCjDU7SYLjgx91ciA61Rkfhwnql9rjgmOLpUFdI/euaEi
sLLNMjbz04rFktJOlxV2AVABklwpAy3F7IFNmULHjauHymuom79PDT33lpzvPNVg
s9pRr9lM56nyz27DRSuAvb7siIKOzas9/icnwLmL8qyDXY0MEFYBa7YF+t7mivVy
rsL5Yb+ebyIRF9dQ0y59K2mgnXxNpA==
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:52:52 2024 by rpki-client on console-fra.rpki-client.org