Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3615533/D80AFE5C295711EFA79717F67CDC24C2/3F026DEC295911EF85667FFF7CDC24C2.roa
File: 3F026DEC295911EF85667FFF7CDC24C2.roa (raw, json)
Hash identifier: UJYsWwlxlQmHxfZyQVF2D+4Hav01PXVdMWO+z82CBbg=
Subject key identifier: 17:0E:79:40:62:95:60:C3:15:24:8A:A5:FE:A7:31:0D:C0:3D:1A:0C
Certificate issuer: /CN=F3615533AF/serialNumber=1CDF695DBF274D2C69AE2C00C2E4EE17C986A9ED
Certificate serial: 07
Authority key identifier: 1C:DF:69:5D:BF:27:4D:2C:69:AE:2C:00:C2:E4:EE:17:C9:86:A9:ED
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/HN9pXb8nTSxpriwAwuTuF8mGqe0.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3615533/D80AFE5C295711EFA79717F67CDC24C2/3F026DEC295911EF85667FFF7CDC24C2.roa
Signing time: Thu 13 Jun 2024 07:47:56 +0000
ROA not before: Thu 13 Jun 2024 07:47:52 +0000
ROA not after: Thu 13 Jun 2030 07:47:52 +0000
asID: 328778
IP address blocks: 102.221.5.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3615533/D80AFE5C295711EFA79717F67CDC24C2/HN9pXb8nTSxpriwAwuTuF8mGqe0.crl
rsync://rpki.afrinic.net/repository/member_repository/F3615533/D80AFE5C295711EFA79717F67CDC24C2/HN9pXb8nTSxpriwAwuTuF8mGqe0.mft
rsync://rpki.afrinic.net/repository/afrinic/HN9pXb8nTSxpriwAwuTuF8mGqe0.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 26 Oct 2024 00:05:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7 (0x7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3615533AF/serialNumber=1CDF695DBF274D2C69AE2C00C2E4EE17C986A9ED
Validity
Not Before: Jun 13 07:47:52 2024 GMT
Not After : Jun 13 07:47:52 2030 GMT
Subject: CN=666aa42c-a11e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:79:33:52:1e:b6:3f:52:5d:22:5d:83:f2:66:
ab:d6:58:8f:06:e9:3e:ad:aa:4b:a6:05:b6:fc:bf:
6a:9c:bd:58:1c:0d:b5:38:af:79:7f:1a:ce:77:62:
11:12:16:37:77:40:72:fe:dd:3a:30:ce:dd:b5:0b:
96:e5:5b:3c:ab:7b:58:88:88:a1:49:2a:f7:69:f5:
0f:6e:ee:06:d9:06:b6:3a:ae:50:0a:08:85:d0:57:
6e:11:14:bc:b5:3d:41:e5:ed:77:5b:af:9a:b0:fe:
82:72:cf:55:9e:e1:a0:de:de:ca:7a:85:97:95:c8:
25:3f:72:7a:4d:a6:cd:11:18:a8:33:8e:f3:07:da:
6c:0c:80:83:16:cc:fe:0a:2c:ca:c2:26:54:ad:0f:
93:c2:5d:67:98:e7:81:a7:bc:63:8f:6c:fa:41:be:
0b:ca:44:d4:9b:7f:cb:5a:d7:91:ec:1f:dc:d2:1a:
6f:2c:c3:b7:b6:00:27:7a:2a:aa:e0:0c:3d:62:cf:
87:02:9f:04:2c:9c:7c:c3:ca:4d:8e:3b:43:16:fb:
d9:a2:16:2a:29:dc:50:8b:b3:8e:42:38:5c:de:94:
b5:9e:85:29:d8:ce:d8:29:e2:f8:4a:7a:80:02:a5:
39:23:20:0f:e6:15:5d:9d:e9:41:c9:d0:f6:d7:eb:
8f:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:0E:79:40:62:95:60:C3:15:24:8A:A5:FE:A7:31:0D:C0:3D:1A:0C
X509v3 Authority Key Identifier:
keyid:1C:DF:69:5D:BF:27:4D:2C:69:AE:2C:00:C2:E4:EE:17:C9:86:A9:ED
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3615533/D80AFE5C295711EFA79717F67CDC24C2/HN9pXb8nTSxpriwAwuTuF8mGqe0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/HN9pXb8nTSxpriwAwuTuF8mGqe0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3615533/D80AFE5C295711EFA79717F67CDC24C2/3F026DEC295911EF85667FFF7CDC24C2.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.221.5.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:92:88:90:d1:f2:c2:e8:d4:40:8b:b0:a3:42:03:7e:2a:5d:
40:09:22:71:db:78:f3:6f:de:02:21:9d:2f:5a:51:7a:31:b9:
8f:0c:fe:3e:d0:0b:82:6f:4b:3f:21:e1:d8:65:05:91:52:f1:
06:d3:db:bf:0c:a9:7f:b3:75:ce:d3:8c:6f:4f:b0:71:4d:1f:
22:ec:0c:8d:20:46:9f:57:2a:89:6e:b4:b7:2c:2f:d1:6d:d0:
12:cc:da:3c:0b:cf:31:10:42:ed:b5:ef:ca:29:e1:a3:9f:7a:
98:3e:e9:22:5b:e4:ba:28:76:b6:69:4c:5e:f0:4c:70:91:bb:
99:7c:87:c7:af:82:36:0d:7c:23:a6:4b:90:b6:fa:2a:a6:fc:
80:58:65:d9:0a:e7:9e:7d:cd:ff:cb:60:8b:2d:15:64:5d:ad:
65:b0:41:34:48:74:91:9a:f0:6b:95:98:2f:59:f0:28:69:f8:
9b:f6:e9:30:07:1e:bd:95:2f:34:99:8f:37:dc:08:6c:9c:db:
66:10:91:9a:c7:3a:83:b7:ce:9c:ce:1e:80:ba:d9:ad:53:ba:
c2:a9:75:58:5b:8a:e7:1c:4e:0a:98:31:5c:2d:2c:01:b8:8d:
c0:57:6f:e1:6d:b8:f9:27:2d:03:bb:1b:26:5b:dd:7f:c2:66:
85:6e:91:a9
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBBzANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzYx
NTUzM0FGMTEwLwYDVQQFEygxQ0RGNjk1REJGMjc0RDJDNjlBRTJDMDBDMkU0RUUx
N0M5ODZBOUVEMB4XDTI0MDYxMzA3NDc1MloXDTMwMDYxMzA3NDc1MlowGDEWMBQG
A1UEAxMNNjY2YWE0MmMtYTExZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALN5M1Ietj9SXSJdg/Jmq9ZYjwbpPq2qS6YFtvy/apy9WBwNtTiveX8azndi
ERIWN3dAcv7dOjDO3bULluVbPKt7WIiIoUkq92n1D27uBtkGtjquUAoIhdBXbhEU
vLU9QeXtd1uvmrD+gnLPVZ7hoN7eynqFl5XIJT9yek2mzREYqDOO8wfabAyAgxbM
/gosysImVK0Pk8JdZ5jngae8Y49s+kG+C8pE1Jt/y1rXkewf3NIabyzDt7YAJ3oq
quAMPWLPhwKfBCycfMPKTY47Qxb72aIWKincUIuzjkI4XN6UtZ6FKdjO2Cni+Ep6
gAKlOSMgD+YVXZ3pQcnQ9tfrj0ECAwEAAaOCAqUwggKhMB0GA1UdDgQWBBQXDnlA
YpVgwxUkiqX+pzENwD0aDDAfBgNVHSMEGDAWgBQc32ldvydNLGmuLADC5O4XyYap
7TAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2MTU1MzMvRDgwQUZFNUMyOTU3MTFFRkE3OTcxN0Y2N0NEQzI0QzIvSE45cFhi
OG5UU3hwcml3QXd1VHVGOG1HcWUwLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvSE45cFhiOG5UU3hwcml3QXd1VHVGOG1HcWUwLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2MTU1MzMvRDgwQUZFNUMyOTU3MTFFRkE3OTcxN0Y2N0NE
QzI0QzIvM0YwMjZERUMyOTU5MTFFRjg1NjY3RkZGN0NEQzI0QzIucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAGbdBTANBgkqhkiG9w0BAQsF
AAOCAQEAL5KIkNHywujUQIuwo0IDfipdQAkicdt482/eAiGdL1pRejG5jwz+PtAL
gm9LPyHh2GUFkVLxBtPbvwypf7N1ztOMb0+wcU0fIuwMjSBGn1cqiW60tywv0W3Q
EszaPAvPMRBC7bXvyinho596mD7pIlvkuih2tmlMXvBMcJG7mXyHx6+CNg18I6ZL
kLb6Kqb8gFhl2Qrnnn3N/8tgiy0VZF2tZbBBNEh0kZrwa5WYL1nwKGn4m/bpMAce
vZUvNJmPN9wIbJzbZhCRmsc6g7fOnM4egLrZrVO6wql1WFuK5xxOCpgxXC0sAbiN
wFdv4W24+SctA7sbJlvdf8JmhW6RqQ==
-----END CERTIFICATE-----
Generated at Thu Oct 24 06:47:44 2024 by rpki-client on console-fra.rpki-client.org