Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3630D7E/E06DA510797311EA82E97681F8AEA228/D8F96E58797411EA80D16982F8AEA228.roa
File: D8F96E58797411EA80D16982F8AEA228.roa (raw, json)
Hash identifier: 33E3GMGHj16Wtj4wAHbp/YGThkmOG3yqYGmR9ZqsyE0=
Subject key identifier: 17:6A:B0:C3:9D:79:D8:C6:DD:1A:B2:00:5D:9F:44:D1:70:0C:F2:52
Certificate issuer: /CN=F3630D7EAF/serialNumber=6ECB17028AD5B7DB5C777DB1DCE09787E495B2D1
Certificate serial: 02
Authority key identifier: 6E:CB:17:02:8A:D5:B7:DB:5C:77:7D:B1:DC:E0:97:87:E4:95:B2:D1
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/bssXAorVt9tcd32x3OCXh-SVstE.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3630D7E/E06DA510797311EA82E97681F8AEA228/D8F96E58797411EA80D16982F8AEA228.roa
Signing time: Wed 08 Apr 2020 08:42:15 +0000
ROA not before: Wed 08 Apr 2020 08:42:11 +0000
ROA not after: Mon 08 Apr 2030 08:42:11 +0000
asID: 328517
IP address blocks: 102.69.208.0/22 maxlen: 23
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3630D7E/E06DA510797311EA82E97681F8AEA228/bssXAorVt9tcd32x3OCXh-SVstE.crl
rsync://rpki.afrinic.net/repository/member_repository/F3630D7E/E06DA510797311EA82E97681F8AEA228/bssXAorVt9tcd32x3OCXh-SVstE.mft
rsync://rpki.afrinic.net/repository/afrinic/bssXAorVt9tcd32x3OCXh-SVstE.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3630D7EAF/serialNumber=6ECB17028AD5B7DB5C777DB1DCE09787E495B2D1
Validity
Not Before: Apr 8 08:42:11 2020 GMT
Not After : Apr 8 08:42:11 2030 GMT
Subject: CN=5e8d8e67-d5a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:5f:0c:21:cf:3d:cb:52:00:4d:e7:0f:e3:1b:
ff:28:ef:76:b9:82:69:c3:90:07:1f:86:dd:99:a4:
d9:cf:a5:6f:91:a6:77:20:45:0a:ef:7d:4a:09:14:
67:e5:e9:c4:2d:08:d7:a6:ea:9d:c1:ef:59:2b:08:
78:f5:ea:19:58:bb:1c:68:a3:81:cd:fa:cf:60:dc:
91:49:dc:5e:78:a7:f9:87:cb:61:68:63:c7:8e:91:
21:e3:82:2b:db:41:77:98:23:5d:37:a2:8c:59:70:
91:81:55:3b:30:30:41:81:8f:d8:3f:5d:fa:68:53:
e4:60:0c:1b:91:6e:88:61:ce:27:5c:ed:22:c3:77:
da:a6:02:cf:82:8d:ca:25:04:54:ce:b9:10:9c:50:
75:55:69:2f:2c:d8:fd:94:8b:fd:08:73:92:92:6b:
64:82:d6:cb:84:0a:0d:2f:22:6d:fe:10:c1:77:d7:
f7:6c:b0:99:c6:78:bd:17:c8:9f:a2:b3:08:c5:d8:
90:5b:d0:d2:ca:06:97:eb:61:9f:3c:df:9d:f5:03:
d9:b9:e0:00:0e:51:47:6d:6b:df:74:fc:f2:8c:05:
fa:f9:1f:2b:41:a7:45:86:d8:19:d0:71:ff:b1:1e:
b7:c5:2a:72:de:49:72:46:14:bd:8d:58:24:93:d7:
83:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:6A:B0:C3:9D:79:D8:C6:DD:1A:B2:00:5D:9F:44:D1:70:0C:F2:52
X509v3 Authority Key Identifier:
keyid:6E:CB:17:02:8A:D5:B7:DB:5C:77:7D:B1:DC:E0:97:87:E4:95:B2:D1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3630D7E/E06DA510797311EA82E97681F8AEA228/bssXAorVt9tcd32x3OCXh-SVstE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/bssXAorVt9tcd32x3OCXh-SVstE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3630D7E/E06DA510797311EA82E97681F8AEA228/D8F96E58797411EA80D16982F8AEA228.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.69.208.0/22
Signature Algorithm: sha256WithRSAEncryption
b3:4b:96:34:34:e6:7a:ce:d0:7a:b0:89:38:9b:51:fb:40:48:
aa:20:7a:08:c5:f3:aa:08:9a:e8:6b:f1:f4:ba:cb:1f:ff:a9:
fb:dc:f7:8b:45:42:52:a9:07:6f:37:c5:3e:00:74:07:f3:fb:
ae:a5:71:d8:b1:de:58:fc:6c:6e:a5:c5:99:3c:87:bb:31:04:
6a:86:76:57:aa:d5:55:e7:f7:0f:4a:c1:03:3a:f2:73:98:86:
8d:45:ce:1c:19:1f:9b:0b:4c:31:71:e0:34:ae:17:29:c5:5a:
cd:22:dc:56:ba:f0:04:9b:a4:69:9c:9e:3d:eb:7f:d9:ac:81:
22:68:74:eb:95:f9:c1:13:ba:66:32:2e:e0:2a:d8:e6:6c:39:
2f:af:8b:26:de:07:61:a1:67:6f:24:0d:9a:81:aa:2b:06:ec:
f1:62:03:4c:d1:ff:e8:13:f2:aa:ac:97:2f:5d:00:57:a9:8b:
6b:17:fa:0e:0b:13:da:af:95:d6:1d:20:6e:8b:3f:bf:ee:21:
84:98:01:e7:2f:0f:9c:e4:6f:64:2a:37:06:be:40:f2:14:19:
fd:cd:b0:2e:8a:c5:80:3a:d2:be:90:85:fc:32:37:34:3b:c1:
e8:03:76:36:8e:83:af:b7:4b:04:f0:72:14:0d:92:31:d4:f8:
d3:a6:56:f4
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzYz
MEQ3RUFGMTEwLwYDVQQFEyg2RUNCMTcwMjhBRDVCN0RCNUM3NzdEQjFEQ0UwOTc4
N0U0OTVCMkQxMB4XDTIwMDQwODA4NDIxMVoXDTMwMDQwODA4NDIxMVowGDEWMBQG
A1UEAxMNNWU4ZDhlNjctZDVhODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALZfDCHPPctSAE3nD+Mb/yjvdrmCacOQBx+G3Zmk2c+lb5GmdyBFCu99SgkU
Z+XpxC0I16bqncHvWSsIePXqGVi7HGijgc36z2DckUncXnin+YfLYWhjx46RIeOC
K9tBd5gjXTeijFlwkYFVOzAwQYGP2D9d+mhT5GAMG5FuiGHOJ1ztIsN32qYCz4KN
yiUEVM65EJxQdVVpLyzY/ZSL/QhzkpJrZILWy4QKDS8ibf4QwXfX92ywmcZ4vRfI
n6KzCMXYkFvQ0soGl+thnzzfnfUD2bngAA5RR21r33T88owF+vkfK0GnRYbYGdBx
/7Eet8Uqct5JckYUvY1YJJPXgzcCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBQXarDD
nXnYxt0asgBdn0TRcAzyUjAfBgNVHSMEGDAWgBRuyxcCitW321x3fbHc4JeH5JWy
0TAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2MzBEN0UvRTA2REE1MTA3OTczMTFFQTgyRTk3NjgxRjhBRUEyMjgvYnNzWEFv
clZ0OXRjZDMyeDNPQ1hoLVNWc3RFLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvYnNzWEFvclZ0OXRjZDMyeDNPQ1hoLVNWc3RFLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2MzBEN0UvRTA2REE1MTA3OTczMTFFQTgyRTk3NjgxRjhB
RUEyMjgvRDhGOTZFNTg3OTc0MTFFQTgwRDE2OTgyRjhBRUEyMjgucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAmZF0DANBgkqhkiG9w0BAQsF
AAOCAQEAs0uWNDTmes7QerCJOJtR+0BIqiB6CMXzqgia6Gvx9LrLH/+p+9z3i0VC
UqkHbzfFPgB0B/P7rqVx2LHeWPxsbqXFmTyHuzEEaoZ2V6rVVef3D0rBAzryc5iG
jUXOHBkfmwtMMXHgNK4XKcVazSLcVrrwBJukaZyePet/2ayBImh065X5wRO6ZjIu
4CrY5mw5L6+LJt4HYaFnbyQNmoGqKwbs8WIDTNH/6BPyqqyXL10AV6mLaxf6DgsT
2q+V1h0gbos/v+4hhJgB5y8PnORvZCo3Br5A8hQZ/c2wLorFgDrSvpCF/DI3NDvB
6AN2No6Dr7dLBPByFA2SMdT406ZW9A==
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:08:52 2024 by rpki-client on console-fra.rpki-client.org