Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3625046/9BC19E3079C811EF9E0A858F762E951A/F68C77C279C811EFB5AD7293762E951A.roa
File: F68C77C279C811EFB5AD7293762E951A.roa (raw, json)
Hash identifier: w7SzFM4rVLShHyz8Uu4JGbAwVkZlRI11cdVpH3TTF5M=
Subject key identifier: 1B:8A:AF:CB:D5:75:49:D1:FB:4F:E7:6D:7A:4D:BB:94:5F:65:5A:81
Certificate issuer: /CN=F3625046AF/serialNumber=5D3211C26A5EB4656AC45B678B4FF4BF240409AE
Certificate serial: 02
Authority key identifier: 5D:32:11:C2:6A:5E:B4:65:6A:C4:5B:67:8B:4F:F4:BF:24:04:09:AE
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/XTIRwmpetGVqxFtni0_0vyQECa4.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3625046/9BC19E3079C811EF9E0A858F762E951A/F68C77C279C811EFB5AD7293762E951A.roa
Signing time: Mon 23 Sep 2024 16:29:11 +0000
ROA not before: Mon 23 Sep 2024 16:29:07 +0000
ROA not after: Tue 23 Sep 2025 16:29:07 +0000
asID: 328270
IP address blocks: 102.165.168.0/21 maxlen: 24
2c0f:eee0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3625046/9BC19E3079C811EF9E0A858F762E951A/XTIRwmpetGVqxFtni0_0vyQECa4.crl
rsync://rpki.afrinic.net/repository/member_repository/F3625046/9BC19E3079C811EF9E0A858F762E951A/XTIRwmpetGVqxFtni0_0vyQECa4.mft
rsync://rpki.afrinic.net/repository/afrinic/XTIRwmpetGVqxFtni0_0vyQECa4.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 27 Nov 2024 00:05:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3625046AF/serialNumber=5D3211C26A5EB4656AC45B678B4FF4BF240409AE
Validity
Not Before: Sep 23 16:29:07 2024 GMT
Not After : Sep 23 16:29:07 2025 GMT
Subject: CN=66f19757-cf99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:04:2e:7e:0c:1c:fa:a9:58:0a:cf:6b:1d:3e:
19:7f:1b:49:4a:33:1f:62:96:0b:f2:45:90:95:d7:
fd:c8:e1:e9:7e:4c:b6:0a:82:a3:24:95:a7:d0:d3:
f3:a9:66:0a:92:84:12:5d:e6:c6:c0:34:b9:88:dd:
59:10:81:5b:ef:b9:18:6b:fa:ff:e6:d3:46:f9:c1:
bc:49:76:8e:0c:3d:3d:29:29:f1:c3:1b:e3:6e:42:
81:10:c8:bb:f0:9d:64:90:c3:e6:dd:eb:46:ae:82:
20:2c:85:cd:53:c7:0b:d6:24:e4:8d:d4:a5:80:e1:
9f:d6:cd:a9:58:2b:7d:e8:f1:d0:04:76:d5:60:0c:
cb:30:2f:9c:2e:d1:f9:fc:2c:08:b4:82:ec:d5:bc:
93:49:fd:0a:42:e3:a0:30:a5:30:04:47:1d:bc:9a:
56:f6:01:4c:6b:f6:2a:cf:8f:9c:a6:87:cc:a3:e5:
be:8e:d7:27:1c:f9:d3:19:be:37:f5:32:ff:10:41:
c8:7b:4b:b9:59:63:b9:05:df:7b:7e:bd:50:80:e8:
a8:00:34:53:2e:34:49:f5:0c:f0:65:75:cd:76:71:
2b:41:9a:0a:02:c1:3a:19:01:50:60:be:f0:46:0d:
52:05:e9:6b:83:6d:9e:2f:8a:c2:ac:8c:e3:f8:1b:
ef:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:8A:AF:CB:D5:75:49:D1:FB:4F:E7:6D:7A:4D:BB:94:5F:65:5A:81
X509v3 Authority Key Identifier:
keyid:5D:32:11:C2:6A:5E:B4:65:6A:C4:5B:67:8B:4F:F4:BF:24:04:09:AE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3625046/9BC19E3079C811EF9E0A858F762E951A/XTIRwmpetGVqxFtni0_0vyQECa4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/XTIRwmpetGVqxFtni0_0vyQECa4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3625046/9BC19E3079C811EF9E0A858F762E951A/F68C77C279C811EFB5AD7293762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.165.168.0/21
IPv6:
2c0f:eee0::/32
Signature Algorithm: sha256WithRSAEncryption
2c:b4:5f:18:82:45:fb:8f:ec:0b:3c:eb:c0:9a:ae:26:20:fc:
c9:04:8a:bf:a4:25:ff:e8:9d:29:84:8d:bf:71:24:8c:56:4e:
0c:ef:f5:e4:c0:36:62:6e:b7:e5:9e:92:6d:09:19:76:53:8c:
ca:7b:bd:2f:1e:b4:8e:47:b2:18:b9:5d:cd:e0:c2:e7:6b:de:
64:cc:1d:5e:ce:36:a0:35:2e:42:40:71:a0:10:1d:75:2f:57:
97:ff:9a:8c:02:c7:49:48:69:44:06:d8:6b:1f:6c:5a:fa:df:
9c:0d:56:71:e0:3b:02:b2:96:80:23:e3:d4:3c:64:75:47:98:
10:59:c8:72:89:a6:29:6f:f3:68:00:6f:a8:be:f9:4e:79:7d:
6e:c2:b7:0b:47:aa:aa:00:d8:cc:35:bc:fb:a1:b6:c9:8d:31:
13:d4:33:72:99:73:e4:87:42:c8:f2:eb:68:ab:f8:e7:dd:43:
d5:3e:21:bf:b4:5b:62:a2:27:0b:f3:6b:c1:4a:9e:fd:a8:5f:
c7:10:0d:19:29:b9:76:50:da:a3:dd:9c:51:c4:8e:df:d0:33:
21:80:ed:8b:0a:e8:fd:ea:9e:4a:77:a2:bd:ef:a1:09:f9:0e:
51:6b:b4:54:3f:d1:6c:b7:f5:36:12:2e:b0:2f:f1:d5:25:fc:
c8:9b:be:4f
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzYy
NTA0NkFGMTEwLwYDVQQFEyg1RDMyMTFDMjZBNUVCNDY1NkFDNDVCNjc4QjRGRjRC
RjI0MDQwOUFFMB4XDTI0MDkyMzE2MjkwN1oXDTI1MDkyMzE2MjkwN1owGDEWMBQG
A1UEAxMNNjZmMTk3NTctY2Y5OTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAO4ELn4MHPqpWArPax0+GX8bSUozH2KWC/JFkJXX/cjh6X5MtgqCoySVp9DT
86lmCpKEEl3mxsA0uYjdWRCBW++5GGv6/+bTRvnBvEl2jgw9PSkp8cMb425CgRDI
u/CdZJDD5t3rRq6CICyFzVPHC9Yk5I3UpYDhn9bNqVgrfejx0AR21WAMyzAvnC7R
+fwsCLSC7NW8k0n9CkLjoDClMARHHbyaVvYBTGv2Ks+PnKaHzKPlvo7XJxz50xm+
N/Uy/xBByHtLuVljuQXfe369UIDoqAA0Uy40SfUM8GV1zXZxK0GaCgLBOhkBUGC+
8EYNUgXpa4Ntni+KwqyM4/gb77MCAwEAAaOCArQwggKwMB0GA1UdDgQWBBQbiq/L
1XVJ0ftP5216TbuUX2VagTAfBgNVHSMEGDAWgBRdMhHCal60ZWrEW2eLT/S/JAQJ
rjAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2MjUwNDYvOUJDMTlFMzA3OUM4MTFFRjlFMEE4NThGNzYyRTk1MUEvWFRJUndt
cGV0R1ZxeEZ0bmkwXzB2eVFFQ2E0LmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvWFRJUndtcGV0R1ZxeEZ0bmkwXzB2eVFFQ2E0LmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2MjUwNDYvOUJDMTlFMzA3OUM4MTFFRjlFMEE4NThGNzYy
RTk1MUEvRjY4Qzc3QzI3OUM4MTFFRkI1QUQ3MjkzNzYyRTk1MUEucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEA2alqDANBAIAAjAHAwUALA/u
4DANBgkqhkiG9w0BAQsFAAOCAQEALLRfGIJF+4/sCzzrwJquJiD8yQSKv6Ql/+id
KYSNv3EkjFZODO/15MA2Ym635Z6SbQkZdlOMynu9Lx60jkeyGLldzeDC52veZMwd
Xs42oDUuQkBxoBAddS9Xl/+ajALHSUhpRAbYax9sWvrfnA1WceA7ArKWgCPj1Dxk
dUeYEFnIcommKW/zaABvqL75Tnl9bsK3C0eqqgDYzDW8+6G2yY0xE9Qzcplz5IdC
yPLraKv4591D1T4hv7RbYqInC/NrwUqe/ahfxxANGSm5dlDao92cUcSO39AzIYDt
iwro/eqeSneive+hCfkOUWu0VD/RbLf1NhIusC/x1SX8yJu+Tw==
-----END CERTIFICATE-----
Generated at Mon Nov 25 04:54:22 2024 by rpki-client on console-fra.rpki-client.org