Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F362412E/3A239A207E3811EE854EE4394AD9E6FC/63F96FF2BEB411EE9F8AD251775412E6.roa
File: 63F96FF2BEB411EE9F8AD251775412E6.roa (raw, json)
Hash identifier: ndpKTdXcDoxXSkEuWmu2k8nfK/ZfndTlZeUQ+gODKm4=
Subject key identifier: 43:E2:71:4A:5C:60:DF:B2:8E:58:7A:FC:03:7D:17:81:42:38:3E:EB
Certificate issuer: /CN=F362412EAF/serialNumber=D628E4C96ABA9CFB124477867BBDF1A4435F0F5B
Certificate serial: 5F
Authority key identifier: D6:28:E4:C9:6A:BA:9C:FB:12:44:77:86:7B:BD:F1:A4:43:5F:0F:5B
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/1ijkyWq6nPsSRHeGe73xpENfD1s.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F362412E/3A239A207E3811EE854EE4394AD9E6FC/63F96FF2BEB411EE9F8AD251775412E6.roa
Signing time: Mon 29 Jan 2024 14:40:48 +0000
ROA not before: Mon 29 Jan 2024 14:40:44 +0000
ROA not after: Fri 29 Jan 2044 14:40:44 +0000
asID: 36962
IP address blocks: 102.210.160.0/24 maxlen: 24
102.210.161.0/24 maxlen: 24
102.210.162.0/24 maxlen: 24
102.210.163.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F362412E/3A239A207E3811EE854EE4394AD9E6FC/1ijkyWq6nPsSRHeGe73xpENfD1s.crl
rsync://rpki.afrinic.net/repository/member_repository/F362412E/3A239A207E3811EE854EE4394AD9E6FC/1ijkyWq6nPsSRHeGe73xpENfD1s.mft
rsync://rpki.afrinic.net/repository/afrinic/1ijkyWq6nPsSRHeGe73xpENfD1s.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 95 (0x5f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F362412EAF/serialNumber=D628E4C96ABA9CFB124477867BBDF1A4435F0F5B
Validity
Not Before: Jan 29 14:40:44 2024 GMT
Not After : Jan 29 14:40:44 2044 GMT
Subject: CN=65b7b8ef-c021
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:a0:41:35:47:53:70:4b:22:37:77:7c:22:92:
63:9c:2d:07:47:01:f1:69:6a:b3:99:9a:1f:9b:92:
7c:b6:3c:ba:93:84:53:e3:e0:07:44:1e:ea:53:f2:
34:71:29:f6:33:f4:e2:1b:11:bf:c8:41:65:35:25:
dd:49:9e:9d:ff:11:bd:0b:ba:c5:78:0f:61:a2:c5:
85:a5:26:9e:c0:f4:a3:21:85:1a:f7:82:93:01:f2:
13:a4:49:cc:06:64:9d:3c:5c:28:8a:ba:c0:3f:31:
e2:e4:37:b1:64:da:34:6f:ea:d5:de:70:82:2f:16:
94:a1:f8:05:51:73:d2:0c:e3:02:f4:7b:9b:df:ad:
99:90:fe:c2:63:5d:db:1e:75:0c:4b:a8:dd:ad:97:
91:a8:a7:87:cd:a9:90:9e:41:bf:f4:05:0d:42:90:
f0:13:0f:b4:b1:c7:c5:2f:0d:42:a8:4c:6a:32:ca:
ab:7b:b5:6a:aa:82:80:c9:0c:24:07:40:ba:11:95:
40:40:00:bd:50:a3:82:d8:a7:86:75:a0:8c:03:77:
ef:65:7f:34:f2:85:d2:2b:2b:27:1c:db:b9:cd:f9:
4c:9a:88:98:2c:0b:ee:6b:84:3a:e7:c1:17:32:91:
40:9f:ac:94:27:c6:59:da:22:bd:ad:53:4f:92:1e:
a9:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:E2:71:4A:5C:60:DF:B2:8E:58:7A:FC:03:7D:17:81:42:38:3E:EB
X509v3 Authority Key Identifier:
keyid:D6:28:E4:C9:6A:BA:9C:FB:12:44:77:86:7B:BD:F1:A4:43:5F:0F:5B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F362412E/3A239A207E3811EE854EE4394AD9E6FC/1ijkyWq6nPsSRHeGe73xpENfD1s.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/1ijkyWq6nPsSRHeGe73xpENfD1s.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F362412E/3A239A207E3811EE854EE4394AD9E6FC/63F96FF2BEB411EE9F8AD251775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.210.160.0/22
Signature Algorithm: sha256WithRSAEncryption
7c:07:60:b4:b4:81:f6:f6:89:17:b3:d3:c4:c5:5e:d5:60:f6:
db:e8:c4:ad:b7:28:72:18:87:5e:50:07:66:f9:b2:60:9b:d3:
14:ee:f1:1d:87:73:e0:7c:dc:a7:aa:37:91:18:57:13:13:17:
be:5c:6a:19:cd:29:11:26:89:7b:08:9f:41:96:4e:db:b9:ec:
fb:77:8c:34:e9:66:51:ce:72:ec:f4:e3:9c:63:a7:b7:76:7d:
1f:44:2a:38:92:86:cf:a9:2a:1b:49:b7:02:e8:cb:b5:f0:77:
83:e7:5d:5f:47:03:b4:cf:ef:1e:c6:ae:4e:70:62:12:6e:db:
30:f3:23:cd:52:65:38:87:5a:f9:91:8d:0a:04:2f:e9:85:0d:
37:4b:8c:07:62:13:9f:88:62:a2:75:98:4f:59:e6:36:5a:b4:
7d:73:e8:9b:1e:ce:de:91:53:bb:d1:9f:83:c3:90:76:0f:e2:
34:6c:6d:c4:7f:90:ce:a5:f9:b1:eb:56:bd:e1:26:3c:2a:1d:
a8:41:6d:4f:64:94:7a:eb:90:b3:0c:79:c5:02:97:0c:9e:8d:
13:ae:bf:66:54:7e:ee:e2:8f:a2:82:c1:2b:66:cf:ed:27:61:
f9:6a:bc:5c:5a:57:19:34:20:9b:03:f4:95:27:0f:14:e3:d9:
8c:58:0c:ac
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBXzANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzYy
NDEyRUFGMTEwLwYDVQQFEyhENjI4RTRDOTZBQkE5Q0ZCMTI0NDc3ODY3QkJERjFB
NDQzNUYwRjVCMB4XDTI0MDEyOTE0NDA0NFoXDTQ0MDEyOTE0NDA0NFowGDEWMBQG
A1UEAxMNNjViN2I4ZWYtYzAyMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALugQTVHU3BLIjd3fCKSY5wtB0cB8Wlqs5maH5uSfLY8upOEU+PgB0Qe6lPy
NHEp9jP04hsRv8hBZTUl3Umenf8RvQu6xXgPYaLFhaUmnsD0oyGFGveCkwHyE6RJ
zAZknTxcKIq6wD8x4uQ3sWTaNG/q1d5wgi8WlKH4BVFz0gzjAvR7m9+tmZD+wmNd
2x51DEuo3a2Xkainh82pkJ5Bv/QFDUKQ8BMPtLHHxS8NQqhMajLKq3u1aqqCgMkM
JAdAuhGVQEAAvVCjgtinhnWgjAN372V/NPKF0isrJxzbuc35TJqImCwL7muEOufB
FzKRQJ+slCfGWdoiva1TT5IeqcECAwEAAaOCAqUwggKhMB0GA1UdDgQWBBRD4nFK
XGDfso5YevwDfReBQjg+6zAfBgNVHSMEGDAWgBTWKOTJarqc+xJEd4Z7vfGkQ18P
WzAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2MjQxMkUvM0EyMzlBMjA3RTM4MTFFRTg1NEVFNDM5NEFEOUU2RkMvMWlqa3lX
cTZuUHNTUkhlR2U3M3hwRU5mRDFzLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvMWlqa3lXcTZuUHNTUkhlR2U3M3hwRU5mRDFzLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2MjQxMkUvM0EyMzlBMjA3RTM4MTFFRTg1NEVFNDM5NEFE
OUU2RkMvNjNGOTZGRjJCRUI0MTFFRTlGOEFEMjUxNzc1NDEyRTYucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAmbSoDANBgkqhkiG9w0BAQsF
AAOCAQEAfAdgtLSB9vaJF7PTxMVe1WD22+jErbcochiHXlAHZvmyYJvTFO7xHYdz
4Hzcp6o3kRhXExMXvlxqGc0pESaJewifQZZO27ns+3eMNOlmUc5y7PTjnGOnt3Z9
H0QqOJKGz6kqG0m3AujLtfB3g+ddX0cDtM/vHsauTnBiEm7bMPMjzVJlOIda+ZGN
CgQv6YUNN0uMB2ITn4hionWYT1nmNlq0fXPomx7O3pFTu9Gfg8OQdg/iNGxtxH+Q
zqX5setWveEmPCodqEFtT2SUeuuQswx5xQKXDJ6NE66/ZlR+7uKPooLBK2bP7Sdh
+Wq8XFpXGTQgmwP0lScPFOPZjFgMrA==
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:52:52 2024 by rpki-client on console-fra.rpki-client.org