Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3636ECF/0384D03EC65D11EE9108E083775412E6/EF389968386B11EFA85F199A762E951A.roa
File: EF389968386B11EFA85F199A762E951A.roa (raw, json)
Hash identifier: QNpzeaJqOPsqbTWedC5uesR+eFq+D+cIl8ORF+WBu6Q=
Subject key identifier: F7:16:F5:41:5B:14:EA:38:C0:FB:DA:4E:E5:F0:A9:C7:0F:64:B7:CC
Certificate issuer: /CN=F3636ECFAF/serialNumber=FC44A6D8290143398A1DFBEF86FC1DAE3441A2BA
Certificate serial: A3
Authority key identifier: FC:44:A6:D8:29:01:43:39:8A:1D:FB:EF:86:FC:1D:AE:34:41:A2:BA
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/_ESm2CkBQzmKHfvvhvwdrjRBoro.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3636ECF/0384D03EC65D11EE9108E083775412E6/EF389968386B11EFA85F199A762E951A.roa
Signing time: Tue 02 Jul 2024 12:09:30 +0000
ROA not before: Tue 02 Jul 2024 12:09:26 +0000
ROA not after: Wed 01 Jan 2025 12:09:26 +0000
asID: 329391
IP address blocks: 102.210.8.0/22 maxlen: 24
2c0f:2b40::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3636ECF/0384D03EC65D11EE9108E083775412E6/_ESm2CkBQzmKHfvvhvwdrjRBoro.crl
rsync://rpki.afrinic.net/repository/member_repository/F3636ECF/0384D03EC65D11EE9108E083775412E6/_ESm2CkBQzmKHfvvhvwdrjRBoro.mft
rsync://rpki.afrinic.net/repository/afrinic/_ESm2CkBQzmKHfvvhvwdrjRBoro.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 163 (0xa3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3636ECFAF/serialNumber=FC44A6D8290143398A1DFBEF86FC1DAE3441A2BA
Validity
Not Before: Jul 2 12:09:26 2024 GMT
Not After : Jan 1 12:09:26 2025 GMT
Subject: CN=6683edfa-cdaa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:0a:11:5c:fa:19:8f:0e:f2:a7:f0:aa:3e:19:
cd:f9:91:8f:a1:41:9a:d4:25:91:3b:75:d4:6c:6f:
ae:83:b3:e9:ed:f6:e2:64:b7:47:8a:45:b4:cd:a8:
e2:09:3b:77:19:04:99:16:bf:ae:da:ed:8d:79:4f:
0c:85:82:9b:45:2c:69:10:ce:19:43:5e:15:e1:c6:
f5:22:99:c4:4e:c0:d4:1a:39:05:fc:ad:b3:72:00:
8c:c4:0e:45:f0:97:ef:ca:6b:9b:2c:31:7b:51:40:
9c:78:4e:33:c8:98:68:45:89:34:11:61:60:b6:e6:
fa:fc:9b:d5:ed:b8:29:dc:d3:74:52:5c:46:99:bb:
45:24:45:63:d9:9d:1d:0c:7d:20:39:14:6d:24:1e:
61:73:42:4a:42:4b:6d:fc:0c:1e:32:9d:b8:59:f9:
14:a7:9e:98:9c:97:3b:bf:35:f2:3c:cd:6e:71:6c:
ac:16:ff:43:b5:0a:a6:16:d4:6e:e4:c0:9f:8a:bd:
03:25:1f:66:0b:a8:44:26:f7:b1:a0:d1:ce:b3:c3:
2f:96:94:c6:47:09:5e:ea:3c:5c:49:72:98:62:dc:
6a:41:b7:a6:18:0d:22:41:36:22:98:f3:bb:a9:5a:
78:ce:df:4a:59:aa:e6:05:4e:54:37:ec:af:27:b7:
8a:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:16:F5:41:5B:14:EA:38:C0:FB:DA:4E:E5:F0:A9:C7:0F:64:B7:CC
X509v3 Authority Key Identifier:
keyid:FC:44:A6:D8:29:01:43:39:8A:1D:FB:EF:86:FC:1D:AE:34:41:A2:BA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3636ECF/0384D03EC65D11EE9108E083775412E6/_ESm2CkBQzmKHfvvhvwdrjRBoro.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/_ESm2CkBQzmKHfvvhvwdrjRBoro.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3636ECF/0384D03EC65D11EE9108E083775412E6/EF389968386B11EFA85F199A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.210.8.0/22
IPv6:
2c0f:2b40::/32
Signature Algorithm: sha256WithRSAEncryption
96:54:13:fe:05:61:9a:78:12:ef:4f:28:f3:30:94:81:23:fa:
16:66:33:ef:a2:9d:83:22:fe:b3:96:1a:2a:97:8a:6d:2a:9d:
6e:31:3b:c7:91:9a:20:66:50:b9:fc:44:21:52:cd:02:4a:5e:
a5:50:61:d4:a8:be:94:4a:69:0b:ad:ea:0e:25:5f:6c:4e:9d:
e7:f5:87:f1:6c:ef:cb:ff:19:02:b2:8a:dd:88:1d:42:5f:6e:
fe:22:6b:1b:35:07:95:df:e8:2b:f1:1a:30:a1:c0:bf:a8:3b:
e5:a0:fc:cd:0c:e8:ca:9d:07:d6:78:ae:65:78:bb:5b:48:01:
e1:c5:26:f4:ed:18:dd:e5:65:e6:af:ea:de:a5:e6:9d:69:60:
1f:6a:b6:7d:2b:04:35:f5:ef:e3:48:f5:59:4e:a4:ab:6e:8d:
98:3d:08:2d:9f:41:e5:60:70:e6:cd:4a:82:60:79:2e:d2:8d:
5e:41:22:2b:a6:dc:21:5a:a9:4f:58:0a:3a:47:44:ba:4e:49:
c1:54:32:2f:81:00:8f:4d:f6:5e:5b:83:d2:cb:5f:b0:71:07:
d6:d8:af:7a:1d:61:24:eb:cb:86:e8:e5:9a:50:ea:cc:41:12:
4e:0e:8c:fb:b7:d7:38:1b:a0:f2:1d:38:d8:d6:d5:01:8f:fa:
82:04:0e:e1
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgICAKMwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
MzZFQ0ZBRjExMC8GA1UEBRMoRkM0NEE2RDgyOTAxNDMzOThBMURGQkVGODZGQzFE
QUUzNDQxQTJCQTAeFw0yNDA3MDIxMjA5MjZaFw0yNTAxMDExMjA5MjZaMBgxFjAU
BgNVBAMTDTY2ODNlZGZhLWNkYWEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDaChFc+hmPDvKn8Ko+Gc35kY+hQZrUJZE7ddRsb66Ds+nt9uJkt0eKRbTN
qOIJO3cZBJkWv67a7Y15TwyFgptFLGkQzhlDXhXhxvUimcROwNQaOQX8rbNyAIzE
DkXwl+/Ka5ssMXtRQJx4TjPImGhFiTQRYWC25vr8m9XtuCnc03RSXEaZu0UkRWPZ
nR0MfSA5FG0kHmFzQkpCS238DB4ynbhZ+RSnnpiclzu/NfI8zW5xbKwW/0O1CqYW
1G7kwJ+KvQMlH2YLqEQm97Gg0c6zwy+WlMZHCV7qPFxJcphi3GpBt6YYDSJBNiKY
87upWnjO30pZquYFTlQ37K8nt4oDAgMBAAGjggK0MIICsDAdBgNVHQ4EFgQU9xb1
QVsU6jjA+9pO5fCpxw9kt8wwHwYDVR0jBBgwFoAU/ESm2CkBQzmKHfvvhvwdrjRB
orowDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjM2RUNGLzAzODREMDNFQzY1RDExRUU5MTA4RTA4Mzc3NTQxMkU2L19FU20y
Q2tCUXptS0hmdnZodndkcmpSQm9yby5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL19FU20yQ2tCUXptS0hmdnZodndkcmpSQm9yby5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjM2RUNGLzAzODREMDNFQzY1RDExRUU5MTA4RTA4Mzc3
NTQxMkU2L0VGMzg5OTY4Mzg2QjExRUZBODVGMTk5QTc2MkU5NTFBLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBAJm0ggwDQQCAAIwBwMFACwP
K0AwDQYJKoZIhvcNAQELBQADggEBAJZUE/4FYZp4Eu9PKPMwlIEj+hZmM++inYMi
/rOWGiqXim0qnW4xO8eRmiBmULn8RCFSzQJKXqVQYdSovpRKaQut6g4lX2xOnef1
h/Fs78v/GQKyit2IHUJfbv4iaxs1B5Xf6CvxGjChwL+oO+Wg/M0M6MqdB9Z4rmV4
u1tIAeHFJvTtGN3lZeav6t6l5p1pYB9qtn0rBDX17+NI9VlOpKtujZg9CC2fQeVg
cObNSoJgeS7SjV5BIium3CFaqU9YCjpHRLpOScFUMi+BAI9N9l5bg9LLX7BxB9bY
r3odYSTry4bo5ZpQ6sxBEk4OjPu31zgboPIdONjW1QGP+oIEDuE=
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:52:53 2024 by rpki-client on console-fra.rpki-client.org