Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3627A02/26DFD6B8B58E11E8A6CE2664F8AEA228/AC6EE31482B211EDAD02E9D8F1222468.roa
File: AC6EE31482B211EDAD02E9D8F1222468.roa (raw, json)
Hash identifier: 64lnyTq0iH4XzUt3+R0aVF8sjkcelqmSIxMaiIhM3Ic=
Subject key identifier: 03:23:51:F6:0A:B6:84:EB:96:3A:77:D9:F1:E8:40:70:6A:50:8F:00
Certificate issuer: /CN=F3627A02AF/serialNumber=56952EF930F44FFE912770E3DBC163049F5AFDB7
Certificate serial: 064B
Authority key identifier: 56:95:2E:F9:30:F4:4F:FE:91:27:70:E3:DB:C1:63:04:9F:5A:FD:B7
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/VpUu-TD0T_6RJ3Dj28FjBJ9a_bc.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3627A02/26DFD6B8B58E11E8A6CE2664F8AEA228/AC6EE31482B211EDAD02E9D8F1222468.roa
Signing time: Fri 23 Dec 2022 11:12:23 +0000
ROA not before: Fri 23 Dec 2022 11:12:18 +0000
ROA not after: Wed 22 Dec 2027 11:12:18 +0000
asID: 37721
IP address blocks: 102.67.96.0/19 maxlen: 24
102.214.64.0/22 maxlen: 24
2c0f:ee00::/32 maxlen: 64
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3627A02/26DFD6B8B58E11E8A6CE2664F8AEA228/VpUu-TD0T_6RJ3Dj28FjBJ9a_bc.crl
rsync://rpki.afrinic.net/repository/member_repository/F3627A02/26DFD6B8B58E11E8A6CE2664F8AEA228/VpUu-TD0T_6RJ3Dj28FjBJ9a_bc.mft
rsync://rpki.afrinic.net/repository/afrinic/VpUu-TD0T_6RJ3Dj28FjBJ9a_bc.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1611 (0x64b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3627A02AF/serialNumber=56952EF930F44FFE912770E3DBC163049F5AFDB7
Validity
Not Before: Dec 23 11:12:18 2022 GMT
Not After : Dec 22 11:12:18 2027 GMT
Subject: CN=63a58d17-55ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:07:a7:e3:f5:40:c6:1c:34:84:d0:76:88:7d:
92:2d:10:7c:26:83:c6:48:0c:66:3e:60:c7:2c:f3:
bc:50:b0:7c:cc:bc:e4:7e:c5:07:d8:48:ed:5b:2a:
2c:3d:1d:b2:39:4b:48:c7:c8:bc:eb:eb:90:6e:5f:
33:1b:a9:6b:aa:97:92:6e:e1:9d:f1:55:29:3a:a3:
e7:cf:0a:54:e3:83:69:de:aa:9d:3c:32:52:3f:f4:
09:7d:59:3f:48:4b:f5:e8:9d:ea:62:3c:b3:67:0b:
af:1e:9f:07:31:6f:a0:19:c1:16:ba:4a:b2:45:a3:
cb:f4:13:95:d1:b8:95:b5:ca:77:4e:60:2d:53:f1:
4b:4e:01:9f:bd:1e:13:d9:47:2c:2f:f4:d0:eb:ab:
6c:64:79:d1:5c:d8:59:5c:c6:81:d9:6a:d5:a0:87:
fd:87:80:63:76:a3:50:c9:d2:6f:a8:51:54:af:48:
65:ae:ca:7d:4f:17:fc:e7:be:64:27:ae:27:41:fe:
5d:9e:31:a8:fb:37:5c:2b:2a:cf:ce:f7:23:eb:87:
d8:43:9c:ec:3d:97:bf:5f:d3:8a:d7:fa:22:ce:16:
9c:5e:da:75:b7:0b:9a:74:40:6e:04:70:41:c0:f0:
b4:bd:1d:7b:ab:9a:0a:3b:b2:c3:49:7e:20:01:80:
de:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:23:51:F6:0A:B6:84:EB:96:3A:77:D9:F1:E8:40:70:6A:50:8F:00
X509v3 Authority Key Identifier:
keyid:56:95:2E:F9:30:F4:4F:FE:91:27:70:E3:DB:C1:63:04:9F:5A:FD:B7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3627A02/26DFD6B8B58E11E8A6CE2664F8AEA228/VpUu-TD0T_6RJ3Dj28FjBJ9a_bc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/VpUu-TD0T_6RJ3Dj28FjBJ9a_bc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3627A02/26DFD6B8B58E11E8A6CE2664F8AEA228/AC6EE31482B211EDAD02E9D8F1222468.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.67.96.0/19
102.214.64.0/22
IPv6:
2c0f:ee00::/32
Signature Algorithm: sha256WithRSAEncryption
81:0e:19:9b:02:2d:9a:5e:c4:74:7f:ab:d4:23:0d:ac:6e:d3:
48:ab:89:e0:cb:26:69:c4:6c:17:14:42:31:05:dc:ba:b6:d1:
fa:95:1f:7a:fd:72:13:fb:73:91:5d:2f:f2:ce:90:80:e9:58:
a5:46:86:c2:d7:08:e1:33:b2:d4:7b:02:3e:75:07:6d:42:b8:
fb:43:eb:04:b0:27:93:45:cb:bc:44:e7:ea:fb:ed:70:bf:a6:
ca:17:4d:cc:10:00:c1:b0:6f:60:e6:60:c4:c1:4a:93:50:b7:
16:73:ed:b8:57:ba:1d:8e:06:07:f8:11:4e:dd:8b:4c:b4:75:
b5:36:76:be:b6:7e:5e:82:95:e0:35:bf:d6:b5:37:df:50:ff:
96:85:1d:12:1a:90:10:f5:ce:e3:78:75:e6:58:f6:aa:6b:b1:
6b:6e:4d:e3:95:28:f0:c7:18:4a:a9:fc:8b:8c:26:34:4f:37:
70:02:54:bc:83:4d:24:47:cb:50:ce:92:07:e1:7d:94:db:d1:
80:ce:e7:c9:73:f3:e6:0f:37:f4:51:e8:57:c3:43:86:a3:92:
86:3b:52:67:15:1a:b4:7d:84:9d:08:5c:8c:68:af:a7:d4:f9:
9d:24:62:ee:b1:4c:22:1b:8a:f1:10:76:77:0d:b1:86:0a:e2:
c6:fe:52:47
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgICBkswDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
MjdBMDJBRjExMC8GA1UEBRMoNTY5NTJFRjkzMEY0NEZGRTkxMjc3MEUzREJDMTYz
MDQ5RjVBRkRCNzAeFw0yMjEyMjMxMTEyMThaFw0yNzEyMjIxMTEyMThaMBgxFjAU
BgNVBAMMDTYzYTU4ZDE3LTU1YWQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDWB6fj9UDGHDSE0HaIfZItEHwmg8ZIDGY+YMcs87xQsHzMvOR+xQfYSO1b
Kiw9HbI5S0jHyLzr65BuXzMbqWuql5Ju4Z3xVSk6o+fPClTjg2neqp08MlI/9Al9
WT9IS/XonepiPLNnC68enwcxb6AZwRa6SrJFo8v0E5XRuJW1yndOYC1T8UtOAZ+9
HhPZRywv9NDrq2xkedFc2FlcxoHZatWgh/2HgGN2o1DJ0m+oUVSvSGWuyn1PF/zn
vmQnridB/l2eMaj7N1wrKs/O9yPrh9hDnOw9l79f04rX+iLOFpxe2nW3C5p0QG4E
cEHA8LS9HXurmgo7ssNJfiABgN4pAgMBAAGjggK6MIICtjAdBgNVHQ4EFgQUAyNR
9gq2hOuWOnfZ8ehAcGpQjwAwHwYDVR0jBBgwFoAUVpUu+TD0T/6RJ3Dj28FjBJ9a
/bcwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjI3QTAyLzI2REZENkI4QjU4RTExRThBNkNFMjY2NEY4QUVBMjI4L1ZwVXUt
VEQwVF82UkozRGoyOEZqQko5YV9iYy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL1ZwVXUtVEQwVF82UkozRGoyOEZqQko5YV9iYy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjI3QTAyLzI2REZENkI4QjU4RTExRThBNkNFMjY2NEY4
QUVBMjI4L0FDNkVFMzE0ODJCMjExRURBRDAyRTlEOEYxMjIyNDY4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwNAYIKwYBBQUHAQcBAf8EJTAjMBIEAgABMAwDBAVmQ2ADBAJm1kAwDQQCAAIw
BwMFACwP7gAwDQYJKoZIhvcNAQELBQADggEBAIEOGZsCLZpexHR/q9QjDaxu00ir
ieDLJmnEbBcUQjEF3Lq20fqVH3r9chP7c5FdL/LOkIDpWKVGhsLXCOEzstR7Aj51
B21CuPtD6wSwJ5NFy7xE5+r77XC/psoXTcwQAMGwb2DmYMTBSpNQtxZz7bhXuh2O
Bgf4EU7di0y0dbU2dr62fl6CleA1v9a1N99Q/5aFHRIakBD1zuN4deZY9qprsWtu
TeOVKPDHGEqp/IuMJjRPN3ACVLyDTSRHy1DOkgfhfZTb0YDO58lz8+YPN/RR6FfD
Q4ajkoY7UmcVGrR9hJ0IXIxor6fU+Z0kYu6xTCIbivEQdncNsYYK4sb+Ukc=
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:08:51 2024 by rpki-client on console-fra.rpki-client.org