Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36185D8/1C1348B45BD711EFAF2C3D5E762E951A/17AC05D05BD811EF91C62F65762E951A.roa
File: 17AC05D05BD811EF91C62F65762E951A.roa (raw, json)
Hash identifier: pGO0PAidVvZBgK+RWqWHGbvgRG1IKwi6oTcbF8OQHYY=
Subject key identifier: A8:FE:8C:09:FC:AD:B6:17:A3:F6:1D:43:7D:DE:B6:0A:F1:83:2A:69
Certificate issuer: /CN=F36185D8AF/serialNumber=64D4BC3EAD919AE8A467329510B5204185335C52
Certificate serial: 02
Authority key identifier: 64:D4:BC:3E:AD:91:9A:E8:A4:67:32:95:10:B5:20:41:85:33:5C:52
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/ZNS8Pq2RmuikZzKVELUgQYUzXFI.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36185D8/1C1348B45BD711EFAF2C3D5E762E951A/17AC05D05BD811EF91C62F65762E951A.roa
Signing time: Fri 16 Aug 2024 14:01:54 +0000
ROA not before: Fri 16 Aug 2024 14:01:51 +0000
ROA not after: Sun 01 Aug 2027 14:01:51 +0000
asID: 329462
IP address blocks: 102.208.108.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36185D8/1C1348B45BD711EFAF2C3D5E762E951A/ZNS8Pq2RmuikZzKVELUgQYUzXFI.crl
rsync://rpki.afrinic.net/repository/member_repository/F36185D8/1C1348B45BD711EFAF2C3D5E762E951A/ZNS8Pq2RmuikZzKVELUgQYUzXFI.mft
rsync://rpki.afrinic.net/repository/afrinic/ZNS8Pq2RmuikZzKVELUgQYUzXFI.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36185D8AF/serialNumber=64D4BC3EAD919AE8A467329510B5204185335C52
Validity
Not Before: Aug 16 14:01:51 2024 GMT
Not After : Aug 1 14:01:51 2027 GMT
Subject: CN=66bf5bd2-1f33
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:01:0c:3a:67:8e:9b:69:bf:1f:f6:a3:57:a0:
f3:b9:07:51:fa:59:90:99:c5:1f:99:7f:9d:0c:39:
5b:9f:c3:70:95:0b:a0:67:2a:2a:b2:79:69:e4:79:
6e:a4:1e:89:f3:27:db:5f:db:34:ce:ed:c2:e7:7d:
fa:7b:91:a5:98:6d:f2:40:54:3a:de:2d:b9:b8:ec:
58:7a:40:a8:7b:99:dd:73:70:18:da:5f:aa:52:4d:
2f:1f:a0:23:11:66:70:2e:85:46:70:c7:77:f8:11:
fc:72:3a:0f:dc:14:60:74:ce:26:4d:ef:84:28:e3:
02:1e:8e:f5:97:41:c1:0c:dc:29:c9:0e:db:5b:36:
16:76:03:99:d3:3a:16:6f:8e:cc:07:f0:e7:49:49:
5e:cb:46:c3:f4:7f:0c:7d:46:9f:11:f9:be:ef:80:
11:c5:b7:ca:5d:af:a9:4c:42:e0:09:dd:a4:81:e4:
57:38:83:40:b0:8a:35:f4:a9:f8:85:6d:c7:ea:ff:
03:68:34:93:1b:e3:a9:f6:42:d4:a2:0b:53:f5:ac:
f8:0a:64:0e:29:a6:70:7a:a7:39:2a:3c:68:68:ee:
47:53:70:f2:4a:49:d4:6a:3a:c4:2b:7f:98:35:07:
e3:6e:df:ae:93:63:02:02:c3:8f:c4:4e:df:63:f9:
e4:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:FE:8C:09:FC:AD:B6:17:A3:F6:1D:43:7D:DE:B6:0A:F1:83:2A:69
X509v3 Authority Key Identifier:
keyid:64:D4:BC:3E:AD:91:9A:E8:A4:67:32:95:10:B5:20:41:85:33:5C:52
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36185D8/1C1348B45BD711EFAF2C3D5E762E951A/ZNS8Pq2RmuikZzKVELUgQYUzXFI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/ZNS8Pq2RmuikZzKVELUgQYUzXFI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36185D8/1C1348B45BD711EFAF2C3D5E762E951A/17AC05D05BD811EF91C62F65762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.208.108.0/23
Signature Algorithm: sha256WithRSAEncryption
28:a8:bd:9e:e9:b1:20:fc:83:19:88:df:8d:41:ae:ee:34:44:
1e:b1:6e:a7:b6:af:e3:a9:6d:0d:46:37:13:07:bf:2b:77:5c:
83:73:42:a7:d8:b6:21:04:f0:d6:a4:04:68:ff:8d:94:e4:37:
81:cb:7b:10:2d:ce:d6:2a:46:29:03:ee:7e:03:fb:2c:62:44:
27:32:f8:2a:23:f2:94:87:a8:a5:6e:f9:65:51:30:f8:3a:62:
d3:62:18:0f:11:0e:b7:60:2c:be:da:44:4f:8e:ad:29:e2:cc:
dc:b5:7e:bc:bd:02:23:a6:0a:83:3a:4b:1e:ab:b4:03:bf:84:
ac:4a:4b:de:c5:59:93:a9:a9:3c:80:de:d7:22:e0:87:2f:cd:
30:19:2b:fd:ac:84:13:05:ae:ef:3b:4a:b2:f8:36:99:ce:f0:
84:ad:bf:59:f1:b9:ae:51:b1:9a:d0:4d:35:f0:48:22:7d:32:
ea:6d:01:2b:27:28:a0:8d:b9:96:1b:ad:be:93:7a:b0:45:2b:
1d:88:84:a8:c2:89:dc:0d:2b:e3:5e:fa:b4:26:e1:b1:79:df:
d6:76:87:08:48:16:86:e0:ed:9a:fd:35:99:f2:54:f3:62:38:
54:52:5a:2a:27:51:fd:56:06:c2:c1:53:24:69:48:a1:db:3b:
db:f0:04:e4
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzYx
ODVEOEFGMTEwLwYDVQQFEyg2NEQ0QkMzRUFEOTE5QUU4QTQ2NzMyOTUxMEI1MjA0
MTg1MzM1QzUyMB4XDTI0MDgxNjE0MDE1MVoXDTI3MDgwMTE0MDE1MVowGDEWMBQG
A1UEAxMNNjZiZjViZDItMWYzMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL4BDDpnjptpvx/2o1eg87kHUfpZkJnFH5l/nQw5W5/DcJULoGcqKrJ5aeR5
bqQeifMn21/bNM7twud9+nuRpZht8kBUOt4tubjsWHpAqHuZ3XNwGNpfqlJNLx+g
IxFmcC6FRnDHd/gR/HI6D9wUYHTOJk3vhCjjAh6O9ZdBwQzcKckO21s2FnYDmdM6
Fm+OzAfw50lJXstGw/R/DH1GnxH5vu+AEcW3yl2vqUxC4AndpIHkVziDQLCKNfSp
+IVtx+r/A2g0kxvjqfZC1KILU/Ws+ApkDimmcHqnOSo8aGjuR1Nw8kpJ1Go6xCt/
mDUH427frpNjAgLDj8RO32P55HUCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBSo/owJ
/K22F6P2HUN93rYK8YMqaTAfBgNVHSMEGDAWgBRk1Lw+rZGa6KRnMpUQtSBBhTNc
UjAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2MTg1RDgvMUMxMzQ4QjQ1QkQ3MTFFRkFGMkMzRDVFNzYyRTk1MUEvWk5TOFBx
MlJtdWlrWnpLVkVMVWdRWVV6WEZJLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvWk5TOFBxMlJtdWlrWnpLVkVMVWdRWVV6WEZJLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2MTg1RDgvMUMxMzQ4QjQ1QkQ3MTFFRkFGMkMzRDVFNzYy
RTk1MUEvMTdBQzA1RDA1QkQ4MTFFRjkxQzYyRjY1NzYyRTk1MUEucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAWbQbDANBgkqhkiG9w0BAQsF
AAOCAQEAKKi9numxIPyDGYjfjUGu7jREHrFup7av46ltDUY3Ewe/K3dcg3NCp9i2
IQTw1qQEaP+NlOQ3gct7EC3O1ipGKQPufgP7LGJEJzL4KiPylIeopW75ZVEw+Dpi
02IYDxEOt2AsvtpET46tKeLM3LV+vL0CI6YKgzpLHqu0A7+ErEpL3sVZk6mpPIDe
1yLghy/NMBkr/ayEEwWu7ztKsvg2mc7whK2/WfG5rlGxmtBNNfBIIn0y6m0BKyco
oI25lhutvpN6sEUrHYiEqMKJ3A0r4176tCbhsXnf1naHCEgWhuDtmv01mfJU82I4
VFJaKidR/VYGwsFTJGlIods72/AE5A==
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:52:52 2024 by rpki-client on console-fra.rpki-client.org