Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3633204/13204AC61F8B11EC91E3A235D8A014CE/60C18DA81F8B11EC8FB62036D8A014CE.roa
File: 60C18DA81F8B11EC8FB62036D8A014CE.roa (raw, json)
Hash identifier: Jdq3emfvNJDMjT/lQOHOUpy/8j3a1sny+FYMlqTox8c=
Subject key identifier: 5B:3B:B1:84:CA:30:AC:BE:EA:27:FC:BC:1F:99:B8:18:63:D7:C6:1B
Certificate issuer: /CN=F3633204AF/serialNumber=41A6ED7580FFE114C922B8AF107327095E0055BA
Certificate serial: 02
Authority key identifier: 41:A6:ED:75:80:FF:E1:14:C9:22:B8:AF:10:73:27:09:5E:00:55:BA
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/QabtdYD_4RTJIrivEHMnCV4AVbo.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3633204/13204AC61F8B11EC91E3A235D8A014CE/60C18DA81F8B11EC8FB62036D8A014CE.roa
Signing time: Mon 27 Sep 2021 12:06:43 +0000
ROA not before: Mon 27 Sep 2021 12:06:38 +0000
ROA not after: Sat 27 Sep 2031 12:06:38 +0000
asID: 60171
IP address blocks: 102.221.96.0/23 maxlen: 24
2c0f:7800::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3633204/13204AC61F8B11EC91E3A235D8A014CE/QabtdYD_4RTJIrivEHMnCV4AVbo.crl
rsync://rpki.afrinic.net/repository/member_repository/F3633204/13204AC61F8B11EC91E3A235D8A014CE/QabtdYD_4RTJIrivEHMnCV4AVbo.mft
rsync://rpki.afrinic.net/repository/afrinic/QabtdYD_4RTJIrivEHMnCV4AVbo.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3633204AF/serialNumber=41A6ED7580FFE114C922B8AF107327095E0055BA
Validity
Not Before: Sep 27 12:06:38 2021 GMT
Not After : Sep 27 12:06:38 2031 GMT
Subject: CN=6151b3d2-1c5e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:7a:e5:cd:10:96:4c:16:5c:21:7a:75:97:cc:
20:1d:a0:33:4e:24:a3:15:d0:91:60:7e:eb:37:ba:
41:54:23:65:cb:94:c6:1e:9c:eb:55:8d:94:ae:fe:
aa:64:df:3e:2c:d2:e1:27:73:bd:f6:d9:99:86:a1:
3a:34:dc:8f:c2:87:6c:da:e2:05:ac:a0:40:48:01:
97:b4:01:5d:f0:f9:8c:95:6d:9d:b5:f6:3d:0a:80:
32:f2:06:16:f3:4d:6c:86:20:27:67:45:49:b6:2f:
22:ab:db:2a:87:07:b1:0f:0d:b8:50:e1:d2:43:4e:
95:3a:4c:0e:f6:97:23:79:ad:43:b0:43:d8:1d:f9:
a0:c1:84:2f:e8:ae:c2:55:76:ac:de:6a:8d:f4:ee:
7d:0f:7a:89:07:1d:88:fd:7b:ea:51:67:51:d6:61:
10:02:f4:5a:2a:51:c2:97:73:c1:f1:d1:df:3f:67:
a4:34:ed:1d:67:b1:e6:c7:10:4d:ff:89:00:28:1d:
28:a4:db:3a:68:9a:f1:24:6c:43:19:3b:a6:e6:48:
2d:62:cd:c1:67:fb:df:ff:0e:98:e1:f4:3c:fe:bb:
d1:e8:4a:63:63:6f:85:64:3a:ba:11:18:54:8f:28:
ea:02:cb:33:71:fc:53:b9:10:e1:77:c1:d1:f1:05:
75:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:3B:B1:84:CA:30:AC:BE:EA:27:FC:BC:1F:99:B8:18:63:D7:C6:1B
X509v3 Authority Key Identifier:
keyid:41:A6:ED:75:80:FF:E1:14:C9:22:B8:AF:10:73:27:09:5E:00:55:BA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3633204/13204AC61F8B11EC91E3A235D8A014CE/QabtdYD_4RTJIrivEHMnCV4AVbo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/QabtdYD_4RTJIrivEHMnCV4AVbo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3633204/13204AC61F8B11EC91E3A235D8A014CE/60C18DA81F8B11EC8FB62036D8A014CE.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.221.96.0/23
IPv6:
2c0f:7800::/32
Signature Algorithm: sha256WithRSAEncryption
7d:40:9f:da:63:c9:70:0b:d1:69:8e:7e:d3:6b:63:36:5a:8d:
9a:ae:18:23:ab:1a:c3:b9:df:e9:44:35:5b:3a:4b:e1:30:e4:
a9:ab:ec:5b:d7:c0:74:98:8f:6e:81:51:d5:64:a3:1e:74:4b:
b8:a7:30:03:00:c6:45:b3:e8:67:3d:db:4a:2b:90:c9:27:cd:
f9:b3:36:fa:b2:e5:f6:30:fe:3d:1d:4b:0c:52:32:03:d1:ea:
c4:eb:43:cb:e9:ed:22:8f:69:f0:b3:a1:a9:31:a5:c5:f3:00:
9b:9f:39:ff:3b:9e:6f:8e:bf:e0:e5:8d:d5:b7:d7:70:66:e7:
02:03:b8:fb:8e:ca:82:f9:15:28:09:ae:7b:9c:2f:2b:cf:59:
8c:6e:f9:49:22:e3:ec:a3:78:ce:6a:0c:98:80:8a:b4:2b:0e:
1a:a2:d1:1a:92:7e:6e:05:ac:63:76:bb:8c:00:50:fc:72:90:
f7:ab:92:8c:74:88:87:82:dc:b2:4b:68:cd:01:f3:73:7e:cc:
7b:9a:25:89:c3:b0:00:39:d0:d4:d7:69:b7:fd:47:e8:4a:fe:
70:4e:bf:35:8f:34:5c:c8:73:4c:82:c1:26:69:6e:82:0a:10:
c4:b7:92:29:99:c3:ed:57:d6:e5:f3:7a:7a:6b:fb:25:ac:f4:
8e:52:f0:84
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDDApGMzYz
MzIwNEFGMTEwLwYDVQQFEyg0MUE2RUQ3NTgwRkZFMTE0QzkyMkI4QUYxMDczMjcw
OTVFMDA1NUJBMB4XDTIxMDkyNzEyMDYzOFoXDTMxMDkyNzEyMDYzOFowGDEWMBQG
A1UEAwwNNjE1MWIzZDItMWM1ZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALF65c0QlkwWXCF6dZfMIB2gM04koxXQkWB+6ze6QVQjZcuUxh6c61WNlK7+
qmTfPizS4SdzvfbZmYahOjTcj8KHbNriBaygQEgBl7QBXfD5jJVtnbX2PQqAMvIG
FvNNbIYgJ2dFSbYvIqvbKocHsQ8NuFDh0kNOlTpMDvaXI3mtQ7BD2B35oMGEL+iu
wlV2rN5qjfTufQ96iQcdiP176lFnUdZhEAL0WipRwpdzwfHR3z9npDTtHWex5scQ
Tf+JACgdKKTbOmia8SRsQxk7puZILWLNwWf73/8OmOH0PP670ehKY2NvhWQ6uhEY
VI8o6gLLM3H8U7kQ4XfB0fEFddcCAwEAAaOCArQwggKwMB0GA1UdDgQWBBRbO7GE
yjCsvuon/LwfmbgYY9fGGzAfBgNVHSMEGDAWgBRBpu11gP/hFMkiuK8QcycJXgBV
ujAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2MzMyMDQvMTMyMDRBQzYxRjhCMTFFQzkxRTNBMjM1RDhBMDE0Q0UvUWFidGRZ
RF80UlRKSXJpdkVITW5DVjRBVmJvLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvUWFidGRZRF80UlRKSXJpdkVITW5DVjRBVmJvLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2MzMyMDQvMTMyMDRBQzYxRjhCMTFFQzkxRTNBMjM1RDhB
MDE0Q0UvNjBDMThEQTgxRjhCMTFFQzhGQjYyMDM2RDhBMDE0Q0Uucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAWbdYDANBAIAAjAHAwUALA94
ADANBgkqhkiG9w0BAQsFAAOCAQEAfUCf2mPJcAvRaY5+02tjNlqNmq4YI6saw7nf
6UQ1WzpL4TDkqavsW9fAdJiPboFR1WSjHnRLuKcwAwDGRbPoZz3bSiuQySfN+bM2
+rLl9jD+PR1LDFIyA9HqxOtDy+ntIo9p8LOhqTGlxfMAm585/zueb46/4OWN1bfX
cGbnAgO4+47KgvkVKAmue5wvK89ZjG75SSLj7KN4zmoMmICKtCsOGqLRGpJ+bgWs
Y3a7jABQ/HKQ96uSjHSIh4LcsktozQHzc37Me5olicOwADnQ1Ndpt/1H6Er+cE6/
NY80XMhzTILBJmluggoQxLeSKZnD7VfW5fN6emv7Jaz0jlLwhA==
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:52:53 2024 by rpki-client on console-fra.rpki-client.org