Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3621C8A/0E4E6838D3F111EBB0F12E18F8AEA228/48E2F93A1FFB11EDA58CC9C5F1222468.roa
File: 48E2F93A1FFB11EDA58CC9C5F1222468.roa (raw, json)
Hash identifier: RjLPfzgkdN2ZwbGON57T6lSnUm+N9Sb9duXVeRoxO88=
Subject key identifier: 2B:9E:D4:0C:B8:95:1A:0A:A2:7A:46:05:E7:DC:36:73:82:8D:A6:33
Certificate issuer: /CN=F3621C8AAF/serialNumber=FF8ED292BABB2F8640EE46F1B359164B80538F55
Certificate serial: 01B7
Authority key identifier: FF:8E:D2:92:BA:BB:2F:86:40:EE:46:F1:B3:59:16:4B:80:53:8F:55
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/_47Skrq7L4ZA7kbxs1kWS4BTj1U.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3621C8A/0E4E6838D3F111EBB0F12E18F8AEA228/48E2F93A1FFB11EDA58CC9C5F1222468.roa
Signing time: Fri 19 Aug 2022 20:12:44 +0000
ROA not before: Fri 19 Aug 2022 20:12:38 +0000
ROA not after: Thu 19 Aug 2027 20:12:38 +0000
asID: 328808
IP address blocks: 102.220.228.0/22 maxlen: 24
2c0f:4500::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3621C8A/0E4E6838D3F111EBB0F12E18F8AEA228/_47Skrq7L4ZA7kbxs1kWS4BTj1U.crl
rsync://rpki.afrinic.net/repository/member_repository/F3621C8A/0E4E6838D3F111EBB0F12E18F8AEA228/_47Skrq7L4ZA7kbxs1kWS4BTj1U.mft
rsync://rpki.afrinic.net/repository/afrinic/_47Skrq7L4ZA7kbxs1kWS4BTj1U.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 439 (0x1b7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3621C8AAF/serialNumber=FF8ED292BABB2F8640EE46F1B359164B80538F55
Validity
Not Before: Aug 19 20:12:38 2022 GMT
Not After : Aug 19 20:12:38 2027 GMT
Subject: CN=62ffeebc-cfd2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:d6:b2:7f:14:88:94:21:50:b6:b5:e6:70:c3:
1a:aa:67:e9:a0:e9:fd:b9:0d:39:d0:d1:11:08:5f:
ef:12:99:8a:2a:36:69:0b:76:8f:13:9d:af:35:34:
86:19:08:4e:70:93:41:cf:6a:0a:b2:56:b1:82:62:
60:d0:59:73:0e:4c:f6:c4:62:29:0d:3f:c0:14:d8:
8f:62:93:8b:02:53:86:c6:a8:46:20:8b:ee:f1:48:
47:5c:e0:39:f7:82:1f:99:06:3a:f3:81:ed:61:b4:
d7:63:00:aa:b5:01:bc:38:93:c1:5d:92:51:c8:4a:
bb:7f:a8:b4:67:60:e9:29:f9:12:1e:0b:7a:0d:62:
be:49:4a:d5:09:97:ef:a9:71:1c:1c:86:00:8d:cb:
a1:1b:58:a7:7b:36:c6:49:26:f0:68:f9:1e:e0:c8:
c6:03:e8:8b:92:c5:f4:c7:7a:7c:88:67:5b:2a:c5:
7b:e2:39:10:09:11:a0:52:d1:25:22:91:67:f7:dd:
ff:d3:8b:4c:65:50:f9:b6:44:13:fc:fc:e8:0f:2a:
af:ef:2f:ef:81:21:90:c9:eb:82:1b:a4:07:fe:f8:
04:a9:fb:b1:4a:3d:81:e7:17:53:92:f7:1e:5b:43:
0e:d0:fb:03:ad:62:ea:4c:20:b8:6a:ea:3b:af:86:
40:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:9E:D4:0C:B8:95:1A:0A:A2:7A:46:05:E7:DC:36:73:82:8D:A6:33
X509v3 Authority Key Identifier:
keyid:FF:8E:D2:92:BA:BB:2F:86:40:EE:46:F1:B3:59:16:4B:80:53:8F:55
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3621C8A/0E4E6838D3F111EBB0F12E18F8AEA228/_47Skrq7L4ZA7kbxs1kWS4BTj1U.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/_47Skrq7L4ZA7kbxs1kWS4BTj1U.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3621C8A/0E4E6838D3F111EBB0F12E18F8AEA228/48E2F93A1FFB11EDA58CC9C5F1222468.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.220.228.0/22
IPv6:
2c0f:4500::/32
Signature Algorithm: sha256WithRSAEncryption
03:60:c5:c3:f2:59:e3:e2:4b:3a:ed:7d:1b:eb:d5:34:76:bc:
1a:b6:48:56:09:fe:e1:53:33:f2:d1:69:f1:4b:84:62:13:4d:
a6:a1:74:00:5b:f6:e8:ba:60:9b:5a:93:99:4a:90:51:b6:a4:
f0:70:74:6d:8a:00:18:f3:f1:4e:cf:97:80:a3:0b:be:b5:a6:
35:f0:59:e5:33:4a:dd:92:56:61:62:c6:69:0f:20:0c:db:7b:
9e:a7:e2:db:6e:c5:4f:cf:17:36:b6:f6:4e:2f:63:20:68:84:
dc:b5:c0:20:2a:4c:a9:db:52:fa:46:10:9b:7c:31:1c:a8:5f:
53:59:85:bf:fe:3b:cb:24:1c:50:2f:a4:a9:ab:a7:e4:a9:41:
c7:b2:92:67:42:18:7a:01:a8:7d:57:7c:41:43:c1:fa:7c:6e:
7c:e1:91:37:6a:84:3e:9b:c5:15:db:40:ad:b7:04:5a:7a:31:
89:29:1b:88:34:ed:6f:cb:d8:c4:dd:f4:f9:29:d7:a8:03:07:
1d:d4:ba:db:f2:d4:bf:66:1c:45:7d:54:7a:06:5a:1c:87:9b:
87:92:48:b9:c8:c0:9b:59:e8:85:8f:a4:9c:72:98:19:93:5d:
75:ce:4f:cf:5c:cb:58:ee:42:7f:6e:80:9e:93:b7:68:da:95:
6d:6c:80:79
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgICAbcwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
MjFDOEFBRjExMC8GA1UEBRMoRkY4RUQyOTJCQUJCMkY4NjQwRUU0NkYxQjM1OTE2
NEI4MDUzOEY1NTAeFw0yMjA4MTkyMDEyMzhaFw0yNzA4MTkyMDEyMzhaMBgxFjAU
BgNVBAMMDTYyZmZlZWJjLWNmZDIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDA1rJ/FIiUIVC2teZwwxqqZ+mg6f25DTnQ0REIX+8SmYoqNmkLdo8Tna81
NIYZCE5wk0HPagqyVrGCYmDQWXMOTPbEYikNP8AU2I9ik4sCU4bGqEYgi+7xSEdc
4Dn3gh+ZBjrzge1htNdjAKq1Abw4k8FdklHISrt/qLRnYOkp+RIeC3oNYr5JStUJ
l++pcRwchgCNy6EbWKd7NsZJJvBo+R7gyMYD6IuSxfTHenyIZ1sqxXviORAJEaBS
0SUikWf33f/Ti0xlUPm2RBP8/OgPKq/vL++BIZDJ64IbpAf++ASp+7FKPYHnF1OS
9x5bQw7Q+wOtYupMILhq6juvhkC1AgMBAAGjggK0MIICsDAdBgNVHQ4EFgQUK57U
DLiVGgqiekYF59w2c4KNpjMwHwYDVR0jBBgwFoAU/47Skrq7L4ZA7kbxs1kWS4BT
j1UwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjIxQzhBLzBFNEU2ODM4RDNGMTExRUJCMEYxMkUxOEY4QUVBMjI4L180N1Nr
cnE3TDRaQTdrYnhzMWtXUzRCVGoxVS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL180N1NrcnE3TDRaQTdrYnhzMWtXUzRCVGoxVS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjIxQzhBLzBFNEU2ODM4RDNGMTExRUJCMEYxMkUxOEY4
QUVBMjI4LzQ4RTJGOTNBMUZGQjExRURBNThDQzlDNUYxMjIyNDY4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBAJm3OQwDQQCAAIwBwMFACwP
RQAwDQYJKoZIhvcNAQELBQADggEBAANgxcPyWePiSzrtfRvr1TR2vBq2SFYJ/uFT
M/LRafFLhGITTaahdABb9ui6YJtak5lKkFG2pPBwdG2KABjz8U7Pl4CjC761pjXw
WeUzSt2SVmFixmkPIAzbe56n4ttuxU/PFza29k4vYyBohNy1wCAqTKnbUvpGEJt8
MRyoX1NZhb/+O8skHFAvpKmrp+SpQceykmdCGHoBqH1XfEFDwfp8bnzhkTdqhD6b
xRXbQK23BFp6MYkpG4g07W/L2MTd9Pkp16gDBx3Uutvy1L9mHEV9VHoGWhyHm4eS
SLnIwJtZ6IWPpJxymBmTXXXOT89cy1juQn9ugJ6Tt2jalW1sgHk=
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:03:31 2024 by rpki-client on console-ams.rpki-client.org