Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F363D435/B539FEDED03D11ECAF629084F1222468/5C02D460D03F11EC9A4EAA89F1222468.roa
File: 5C02D460D03F11EC9A4EAA89F1222468.roa (raw, json)
Hash identifier: F/9p11nL0wbGpBdREAn2qkEHpPq+G048kxKZo17dwn4=
Subject key identifier: 99:A8:EA:A6:DB:6C:D4:33:9A:86:FF:75:C0:7C:BE:F0:C1:AE:4A:3F
Certificate issuer: /CN=F363D435AF/serialNumber=1E8E060FC0EA69CBD6FAD4A4BC6ED31D29C8E46A
Certificate serial: 02
Authority key identifier: 1E:8E:06:0F:C0:EA:69:CB:D6:FA:D4:A4:BC:6E:D3:1D:29:C8:E4:6A
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/Ho4GD8DqacvW-tSkvG7THSnI5Go.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F363D435/B539FEDED03D11ECAF629084F1222468/5C02D460D03F11EC9A4EAA89F1222468.roa
Signing time: Tue 10 May 2022 08:58:29 +0000
ROA not before: Tue 10 May 2022 08:58:24 +0000
ROA not after: Mon 11 May 2026 08:58:24 +0000
asID: 328737
IP address blocks: 102.222.8.0/22 maxlen: 24
2c0f:e9d8::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F363D435/B539FEDED03D11ECAF629084F1222468/Ho4GD8DqacvW-tSkvG7THSnI5Go.crl
rsync://rpki.afrinic.net/repository/member_repository/F363D435/B539FEDED03D11ECAF629084F1222468/Ho4GD8DqacvW-tSkvG7THSnI5Go.mft
rsync://rpki.afrinic.net/repository/afrinic/Ho4GD8DqacvW-tSkvG7THSnI5Go.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 19 May 2024 00:04:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F363D435AF/serialNumber=1E8E060FC0EA69CBD6FAD4A4BC6ED31D29C8E46A
Validity
Not Before: May 10 08:58:24 2022 GMT
Not After : May 11 08:58:24 2026 GMT
Subject: CN=627a2935-8a28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:b9:16:67:f3:3b:dc:42:53:20:9c:84:1e:b6:
35:52:58:0c:c4:0e:38:0a:4a:02:f6:70:52:aa:4f:
0a:6b:36:ea:c5:22:50:74:51:85:41:1b:9d:ae:ef:
06:f0:51:ec:0d:74:71:1b:14:aa:40:05:0e:55:33:
8f:7a:8e:a9:a2:ab:1e:c0:b9:4a:47:bc:d9:f3:67:
65:8f:5c:3d:7c:db:a3:16:3c:f6:13:ec:cc:75:cb:
0d:7c:e6:bf:21:85:15:3f:56:77:03:20:23:2a:7c:
fa:2d:08:83:d4:e5:81:5d:aa:0e:72:2a:0d:83:53:
4f:d8:4b:7e:f0:c2:08:46:08:cc:98:88:35:b1:77:
b3:f8:8a:1e:56:ec:be:ea:6b:71:73:a6:92:b6:1b:
8f:94:77:40:8d:86:c9:87:c8:db:a1:1d:79:c0:6c:
0f:ba:b7:fb:77:9c:bb:34:22:0b:7f:ed:ad:72:66:
0a:c3:7b:2f:0b:04:94:d6:80:c8:ff:21:61:5c:32:
8c:2e:43:18:75:c2:3a:fd:5c:22:b1:24:9a:01:ff:
10:95:ea:22:85:5a:29:71:4d:d1:14:59:bf:a3:c3:
a8:ed:c3:3c:20:99:24:31:8c:28:19:4e:d2:05:f5:
94:fd:2f:58:c8:68:53:4b:fe:c1:c1:a1:6c:1d:4d:
7d:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:A8:EA:A6:DB:6C:D4:33:9A:86:FF:75:C0:7C:BE:F0:C1:AE:4A:3F
X509v3 Authority Key Identifier:
keyid:1E:8E:06:0F:C0:EA:69:CB:D6:FA:D4:A4:BC:6E:D3:1D:29:C8:E4:6A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F363D435/B539FEDED03D11ECAF629084F1222468/Ho4GD8DqacvW-tSkvG7THSnI5Go.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/Ho4GD8DqacvW-tSkvG7THSnI5Go.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F363D435/B539FEDED03D11ECAF629084F1222468/5C02D460D03F11EC9A4EAA89F1222468.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.222.8.0/22
IPv6:
2c0f:e9d8::/32
Signature Algorithm: sha256WithRSAEncryption
ae:8d:8f:a8:d8:66:90:57:d7:cc:84:82:d5:3f:9f:ec:8d:45:
0c:13:63:b9:4f:fa:6a:48:be:e3:16:8f:d4:5e:32:4e:d6:86:
4d:02:72:48:5e:29:b0:bb:c7:0a:2b:b3:8a:86:a4:bb:30:31:
85:dd:0d:14:73:3f:96:40:fe:87:2e:4c:52:79:a4:a4:b6:69:
90:21:7a:0e:f9:a4:3c:85:60:f5:bd:d7:8b:1e:af:a9:ef:4a:
32:a7:7f:93:ae:c6:76:a6:9a:1c:04:2d:04:3e:a9:2a:10:29:
ea:bc:ac:0b:57:d5:90:fe:bd:e5:77:b6:26:c8:50:78:78:1f:
04:a8:de:d5:7b:c5:c3:cb:24:5a:98:1c:ed:8b:bf:84:be:e4:
6a:bf:89:cc:93:58:d8:f2:41:dc:e6:89:f0:c5:95:46:24:1d:
e2:ba:89:e2:f6:fe:a0:75:eb:28:19:5d:0b:4d:91:2c:9a:76:
51:95:e7:de:da:12:30:57:45:ac:13:c6:24:09:01:e9:57:50:
58:1e:69:48:76:c8:be:21:cc:2f:3e:6c:d6:01:d1:79:56:ef:
0d:d1:72:4b:f8:8a:96:91:13:3d:96:69:2a:13:63:f7:f5:f1:
6b:91:cf:9d:c6:e4:29:54:32:66:4b:21:65:a1:b0:4b:c4:76:
cf:9a:42:1e
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDDApGMzYz
RDQzNUFGMTEwLwYDVQQFEygxRThFMDYwRkMwRUE2OUNCRDZGQUQ0QTRCQzZFRDMx
RDI5QzhFNDZBMB4XDTIyMDUxMDA4NTgyNFoXDTI2MDUxMTA4NTgyNFowGDEWMBQG
A1UEAwwNNjI3YTI5MzUtOGEyODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANS5FmfzO9xCUyCchB62NVJYDMQOOApKAvZwUqpPCms26sUiUHRRhUEbna7v
BvBR7A10cRsUqkAFDlUzj3qOqaKrHsC5Ske82fNnZY9cPXzboxY89hPszHXLDXzm
vyGFFT9WdwMgIyp8+i0Ig9TlgV2qDnIqDYNTT9hLfvDCCEYIzJiINbF3s/iKHlbs
vuprcXOmkrYbj5R3QI2GyYfI26EdecBsD7q3+3ecuzQiC3/trXJmCsN7LwsElNaA
yP8hYVwyjC5DGHXCOv1cIrEkmgH/EJXqIoVaKXFN0RRZv6PDqO3DPCCZJDGMKBlO
0gX1lP0vWMhoU0v+wcGhbB1NfUMCAwEAAaOCArQwggKwMB0GA1UdDgQWBBSZqOqm
22zUM5qG/3XAfL7wwa5KPzAfBgNVHSMEGDAWgBQejgYPwOppy9b61KS8btMdKcjk
ajAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2M0Q0MzUvQjUzOUZFREVEMDNEMTFFQ0FGNjI5MDg0RjEyMjI0NjgvSG80R0Q4
RHFhY3ZXLXRTa3ZHN1RIU25JNUdvLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvSG80R0Q4RHFhY3ZXLXRTa3ZHN1RIU25JNUdvLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2M0Q0MzUvQjUzOUZFREVEMDNEMTFFQ0FGNjI5MDg0RjEy
MjI0NjgvNUMwMkQ0NjBEMDNGMTFFQzlBNEVBQTg5RjEyMjI0Njgucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAmbeCDANBAIAAjAHAwUALA/p
2DANBgkqhkiG9w0BAQsFAAOCAQEAro2PqNhmkFfXzISC1T+f7I1FDBNjuU/6aki+
4xaP1F4yTtaGTQJySF4psLvHCiuzioakuzAxhd0NFHM/lkD+hy5MUnmkpLZpkCF6
DvmkPIVg9b3Xix6vqe9KMqd/k67GdqaaHAQtBD6pKhAp6rysC1fVkP695Xe2JshQ
eHgfBKje1XvFw8skWpgc7Yu/hL7kar+JzJNY2PJB3OaJ8MWVRiQd4rqJ4vb+oHXr
KBldC02RLJp2UZXn3toSMFdFrBPGJAkB6VdQWB5pSHbIviHMLz5s1gHReVbvDdFy
S/iKlpETPZZpKhNj9/Xxa5HPncbkKVQyZkshZaGwS8R2z5pCHg==
-----END CERTIFICATE-----
Generated at Fri May 17 02:38:33 2024 by rpki-client on console-fra.rpki-client.org