Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3619C8C/C3E10AFC5FDA11EF8EE59AA9762E951A/647FC9285FFC11EFBB5ADB78762E951A.roa
File: 647FC9285FFC11EFBB5ADB78762E951A.roa (raw, json)
Hash identifier: H2q1fmOzE7jtNl9AE16ng8aqC1lbAw9rIP10pKwdV+Y=
Subject key identifier: 85:67:14:95:F4:FA:B3:FC:22:FB:B5:90:EC:F2:32:12:6E:D9:83:40
Certificate issuer: /CN=F3619C8CAF/serialNumber=46D405558001A8B029B96AB13406D69A1DD74045
Certificate serial: 05
Authority key identifier: 46:D4:05:55:80:01:A8:B0:29:B9:6A:B1:34:06:D6:9A:1D:D7:40:45
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/RtQFVYABqLApuWqxNAbWmh3XQEU.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3619C8C/C3E10AFC5FDA11EF8EE59AA9762E951A/647FC9285FFC11EFBB5ADB78762E951A.roa
Signing time: Wed 21 Aug 2024 20:31:49 +0000
ROA not before: Wed 21 Aug 2024 20:31:45 +0000
ROA not after: Sun 31 Dec 2028 20:31:45 +0000
asID: 36974
IP address blocks: 102.136.0.0/14 maxlen: 24
154.232.0.0/14 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3619C8C/C3E10AFC5FDA11EF8EE59AA9762E951A/RtQFVYABqLApuWqxNAbWmh3XQEU.crl
rsync://rpki.afrinic.net/repository/member_repository/F3619C8C/C3E10AFC5FDA11EF8EE59AA9762E951A/RtQFVYABqLApuWqxNAbWmh3XQEU.mft
rsync://rpki.afrinic.net/repository/afrinic/RtQFVYABqLApuWqxNAbWmh3XQEU.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 26 Nov 2024 00:05:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5 (0x5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3619C8CAF/serialNumber=46D405558001A8B029B96AB13406D69A1DD74045
Validity
Not Before: Aug 21 20:31:45 2024 GMT
Not After : Dec 31 20:31:45 2028 GMT
Subject: CN=66c64eb5-0f28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:e6:10:d1:08:7d:17:17:93:8b:1a:02:d7:05:
ec:13:21:fd:67:09:70:ff:91:ab:98:67:70:9e:66:
8a:0d:a9:bd:24:6d:39:17:7d:83:d7:5d:b1:7c:48:
c7:e5:85:32:42:6f:30:a0:7c:35:02:5e:e5:c2:b1:
00:88:89:5d:d2:26:c0:20:ab:34:a3:ff:31:fc:48:
bf:c2:87:e1:05:cb:8e:af:67:26:f6:94:f2:33:e3:
96:89:cb:67:6d:f7:0f:e5:f4:ab:63:31:6b:fc:8a:
04:f4:ea:b7:a1:bb:da:be:14:61:b0:ce:25:1b:0e:
89:a1:75:d3:dc:8b:db:46:dc:46:2c:c0:84:03:e5:
3b:3c:b0:db:b5:8e:12:19:1b:95:51:45:17:d9:61:
54:a9:2c:87:5f:38:eb:a6:0c:53:57:38:40:ff:49:
db:7a:31:91:b0:06:9a:40:c6:38:8d:87:d9:ce:a5:
eb:ed:04:8b:8d:bb:49:8c:25:84:7b:ac:84:f9:e8:
2b:7e:83:f9:52:97:a1:f7:b3:c1:10:07:ba:d0:21:
10:7d:30:34:a1:fb:7f:44:eb:5f:0a:ff:ac:38:6c:
7d:ac:4b:e3:4e:31:fc:91:83:26:d8:2a:99:d3:fd:
4d:d1:9c:27:25:d0:65:5d:44:8c:a5:fe:f3:07:6e:
c9:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:67:14:95:F4:FA:B3:FC:22:FB:B5:90:EC:F2:32:12:6E:D9:83:40
X509v3 Authority Key Identifier:
keyid:46:D4:05:55:80:01:A8:B0:29:B9:6A:B1:34:06:D6:9A:1D:D7:40:45
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3619C8C/C3E10AFC5FDA11EF8EE59AA9762E951A/RtQFVYABqLApuWqxNAbWmh3XQEU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/RtQFVYABqLApuWqxNAbWmh3XQEU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3619C8C/C3E10AFC5FDA11EF8EE59AA9762E951A/647FC9285FFC11EFBB5ADB78762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.136.0.0/14
154.232.0.0/14
Signature Algorithm: sha256WithRSAEncryption
3a:63:bf:f8:7c:bd:7f:71:c1:ed:03:6c:e7:82:f3:46:18:fd:
c1:08:6f:cb:9a:e7:a0:f8:b0:5e:c4:6c:aa:23:65:d2:31:85:
ee:b2:ae:d8:9a:36:52:f4:71:8c:35:8d:74:b0:7b:ee:72:d7:
84:23:84:1a:9f:0d:6f:94:55:c9:39:e2:53:3a:29:c5:e0:22:
6d:cc:79:5e:e0:57:f9:5e:8f:8c:51:b3:c0:e9:2e:2e:16:9f:
e5:1b:20:58:f1:b8:0e:70:d5:4b:e8:26:64:79:0a:d1:4d:8e:
41:13:2e:93:bb:1b:b8:21:d8:d4:38:d1:54:ec:ed:e2:ee:e5:
a5:bc:bc:6d:86:4b:6e:74:b3:39:27:38:69:b8:ab:d7:c5:58:
da:ae:87:bc:52:fe:47:26:8a:3e:d5:c2:1f:c6:aa:cb:f4:06:
36:44:24:0f:a8:2d:14:ac:17:d1:46:77:ab:43:88:3f:58:61:
07:50:41:da:f9:e1:0e:12:bc:2e:5f:0f:8f:dd:0a:4f:02:9b:
35:e5:59:dc:e3:07:38:7e:70:ee:e6:f3:ae:f6:1a:2c:35:bf:
06:23:f7:90:ca:74:76:04:f0:48:96:92:11:ae:8b:d5:dc:54:
f0:46:33:41:f7:0f:b2:66:0a:06:3d:a8:62:7a:7e:d3:26:89:
57:93:6c:10
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgIBBTANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzYx
OUM4Q0FGMTEwLwYDVQQFEyg0NkQ0MDU1NTgwMDFBOEIwMjlCOTZBQjEzNDA2RDY5
QTFERDc0MDQ1MB4XDTI0MDgyMTIwMzE0NVoXDTI4MTIzMTIwMzE0NVowGDEWMBQG
A1UEAxMNNjZjNjRlYjUtMGYyODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKvmENEIfRcXk4saAtcF7BMh/WcJcP+Rq5hncJ5mig2pvSRtORd9g9ddsXxI
x+WFMkJvMKB8NQJe5cKxAIiJXdImwCCrNKP/MfxIv8KH4QXLjq9nJvaU8jPjlonL
Z233D+X0q2Mxa/yKBPTqt6G72r4UYbDOJRsOiaF109yL20bcRizAhAPlOzyw27WO
EhkblVFFF9lhVKksh18466YMU1c4QP9J23oxkbAGmkDGOI2H2c6l6+0Ei427SYwl
hHushPnoK36D+VKXofezwRAHutAhEH0wNKH7f0TrXwr/rDhsfaxL404x/JGDJtgq
mdP9TdGcJyXQZV1EjKX+8wduya8CAwEAAaOCAqkwggKlMB0GA1UdDgQWBBSFZxSV
9Pqz/CL7tZDs8jISbtmDQDAfBgNVHSMEGDAWgBRG1AVVgAGosCm5arE0BtaaHddA
RTAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2MTlDOEMvQzNFMTBBRkM1RkRBMTFFRjhFRTU5QUE5NzYyRTk1MUEvUnRRRlZZ
QUJxTEFwdVdxeE5BYldtaDNYUUVVLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvUnRRRlZZQUJxTEFwdVdxeE5BYldtaDNYUUVVLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2MTlDOEMvQzNFMTBBRkM1RkRBMTFFRjhFRTU5QUE5NzYy
RTk1MUEvNjQ3RkM5Mjg1RkZDMTFFRkJCNUFEQjc4NzYyRTk1MUEucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAjBggrBgEFBQcBBwEB/wQUMBIwEAQCAAEwCgMDAmaIAwMCmugwDQYJKoZIhvcN
AQELBQADggEBADpjv/h8vX9xwe0DbOeC80YY/cEIb8ua56D4sF7EbKojZdIxhe6y
rtiaNlL0cYw1jXSwe+5y14QjhBqfDW+UVck54lM6KcXgIm3MeV7gV/lej4xRs8Dp
Li4Wn+UbIFjxuA5w1UvoJmR5CtFNjkETLpO7G7gh2NQ40VTs7eLu5aW8vG2GS250
szknOGm4q9fFWNquh7xS/kcmij7Vwh/Gqsv0BjZEJA+oLRSsF9FGd6tDiD9YYQdQ
Qdr54Q4SvC5fD4/dCk8CmzXlWdzjBzh+cO7m8672Giw1vwYj95DKdHYE8EiWkhGu
i9XcVPBGM0H3D7JmCgY9qGJ6ftMmiVeTbBA=
-----END CERTIFICATE-----
Generated at Sun Nov 24 18:34:40 2024 by rpki-client on console-fra.rpki-client.org