Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F363E7DE/0AF6EC623D1811EFADCB7693762E951A/D26968643D1911EF839BE3A0762E951A.roa
File: D26968643D1911EF839BE3A0762E951A.roa (raw, json)
Hash identifier: J0djfjB+ImP9O4b/Y0DGlGrugUtQ+yVNNLjhpRXf1yA=
Subject key identifier: DE:62:32:84:55:6C:E4:08:FE:70:14:9D:7B:D5:73:B1:CC:70:BF:56
Certificate issuer: /CN=F363E7DEAF/serialNumber=984B34F2533F976D2FF2119428596C4CB0A83494
Certificate serial: 02
Authority key identifier: 98:4B:34:F2:53:3F:97:6D:2F:F2:11:94:28:59:6C:4C:B0:A8:34:94
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/mEs08lM_l20v8hGUKFlsTLCoNJQ.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F363E7DE/0AF6EC623D1811EFADCB7693762E951A/D26968643D1911EF839BE3A0762E951A.roa
Signing time: Mon 08 Jul 2024 11:04:19 +0000
ROA not before: Mon 08 Jul 2024 11:04:15 +0000
ROA not after: Sat 01 Jul 2034 11:04:15 +0000
asID: 329110
IP address blocks: 102.214.252.0/22 maxlen: 24
2c0f:2c80::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F363E7DE/0AF6EC623D1811EFADCB7693762E951A/mEs08lM_l20v8hGUKFlsTLCoNJQ.crl
rsync://rpki.afrinic.net/repository/member_repository/F363E7DE/0AF6EC623D1811EFADCB7693762E951A/mEs08lM_l20v8hGUKFlsTLCoNJQ.mft
rsync://rpki.afrinic.net/repository/afrinic/mEs08lM_l20v8hGUKFlsTLCoNJQ.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 26 Oct 2024 00:05:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F363E7DEAF/serialNumber=984B34F2533F976D2FF2119428596C4CB0A83494
Validity
Not Before: Jul 8 11:04:15 2024 GMT
Not After : Jul 1 11:04:15 2034 GMT
Subject: CN=668bc7b3-933a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:b2:5e:1c:cd:80:e2:3e:fc:52:5c:94:3b:83:
78:0f:cc:66:59:1d:af:0d:0b:fd:8e:53:b8:a4:70:
69:d4:3f:79:c6:b2:c3:eb:e0:10:54:29:9a:e0:4e:
08:08:cf:15:45:46:87:d2:59:d1:8d:0d:96:bf:22:
74:fc:1a:b1:a7:69:a3:47:41:14:aa:0e:b2:05:40:
79:db:10:22:03:5a:63:c3:11:6e:f0:59:50:c4:5d:
68:0f:3c:c1:73:51:43:71:04:1a:ee:64:72:21:6d:
48:54:dd:12:d0:bb:d0:9f:8b:a2:2a:24:42:a8:d5:
e0:b3:0f:e2:68:46:12:ea:79:e3:df:f6:eb:a0:50:
61:41:99:23:09:6f:43:09:0f:c2:36:c3:a7:cf:3b:
af:bb:fc:f1:39:fe:d4:b9:83:ee:c8:71:90:d1:0e:
1c:27:6b:54:3f:6b:2b:e3:1b:13:d9:09:cd:94:ed:
cc:ba:1f:44:14:c9:2e:c0:9e:61:39:0a:27:ef:c6:
25:60:79:5e:57:20:49:33:7d:06:66:25:79:73:f2:
c3:ad:42:dd:23:32:63:bc:ac:69:ae:8e:ce:13:00:
54:16:ff:14:1a:f7:8b:97:8e:ed:48:ca:60:42:c7:
71:87:92:72:f0:21:3f:b2:b0:c4:69:c0:8d:a9:eb:
23:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:62:32:84:55:6C:E4:08:FE:70:14:9D:7B:D5:73:B1:CC:70:BF:56
X509v3 Authority Key Identifier:
keyid:98:4B:34:F2:53:3F:97:6D:2F:F2:11:94:28:59:6C:4C:B0:A8:34:94
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F363E7DE/0AF6EC623D1811EFADCB7693762E951A/mEs08lM_l20v8hGUKFlsTLCoNJQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/mEs08lM_l20v8hGUKFlsTLCoNJQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F363E7DE/0AF6EC623D1811EFADCB7693762E951A/D26968643D1911EF839BE3A0762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.214.252.0/22
IPv6:
2c0f:2c80::/32
Signature Algorithm: sha256WithRSAEncryption
42:d8:9c:bd:27:a6:98:b1:2b:0f:ce:73:34:9c:56:da:35:2b:
dd:bc:87:cb:ab:5e:10:fc:c8:9e:09:01:13:50:31:ae:b1:19:
2d:c3:a1:a3:5b:3d:79:f7:c7:e7:eb:22:ca:b5:bf:7d:bc:f1:
b3:8f:9a:eb:ac:69:12:fd:b8:32:a0:64:33:7f:ad:cd:c7:5c:
70:bf:cf:90:27:a0:ba:1d:cb:ce:07:37:0a:00:33:fd:ef:aa:
42:37:9e:11:c5:84:f3:52:90:fc:08:08:41:13:60:af:b0:3c:
9e:29:fe:80:53:4e:5d:64:96:68:30:53:99:21:d2:13:e9:18:
a5:77:40:00:05:ff:4f:f7:bd:0e:1f:ce:a3:c5:66:20:c4:a3:
41:6d:40:6c:0d:1b:12:e4:cd:00:8a:bd:52:b1:0a:65:79:c4:
1e:6b:1d:c0:e4:20:a4:13:fe:ce:3c:83:da:a0:f4:87:c9:89:
89:c9:8b:7e:ff:2d:60:98:e5:af:05:4d:46:ed:e0:11:43:97:
fd:9c:25:eb:75:65:ea:f9:8c:94:83:d4:81:93:af:0c:58:4e:
43:d8:ce:4b:10:f5:d7:dd:1d:d6:0b:d7:6d:52:12:74:3c:f6:
a2:f7:95:27:a0:4e:0b:ad:96:b8:ab:64:12:97:21:15:37:9e:
13:cc:d5:aa
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzYz
RTdERUFGMTEwLwYDVQQFEyg5ODRCMzRGMjUzM0Y5NzZEMkZGMjExOTQyODU5NkM0
Q0IwQTgzNDk0MB4XDTI0MDcwODExMDQxNVoXDTM0MDcwMTExMDQxNVowGDEWMBQG
A1UEAxMNNjY4YmM3YjMtOTMzYTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALKyXhzNgOI+/FJclDuDeA/MZlkdrw0L/Y5TuKRwadQ/ecayw+vgEFQpmuBO
CAjPFUVGh9JZ0Y0Nlr8idPwasadpo0dBFKoOsgVAedsQIgNaY8MRbvBZUMRdaA88
wXNRQ3EEGu5kciFtSFTdEtC70J+LoiokQqjV4LMP4mhGEup549/266BQYUGZIwlv
QwkPwjbDp887r7v88Tn+1LmD7shxkNEOHCdrVD9rK+MbE9kJzZTtzLofRBTJLsCe
YTkKJ+/GJWB5XlcgSTN9BmYleXPyw61C3SMyY7ysaa6OzhMAVBb/FBr3i5eO7UjK
YELHcYeScvAhP7KwxGnAjanrI+cCAwEAAaOCArQwggKwMB0GA1UdDgQWBBTeYjKE
VWzkCP5wFJ171XOxzHC/VjAfBgNVHSMEGDAWgBSYSzTyUz+XbS/yEZQoWWxMsKg0
lDAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2M0U3REUvMEFGNkVDNjIzRDE4MTFFRkFEQ0I3NjkzNzYyRTk1MUEvbUVzMDhs
TV9sMjB2OGhHVUtGbHNUTENvTkpRLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvbUVzMDhsTV9sMjB2OGhHVUtGbHNUTENvTkpRLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2M0U3REUvMEFGNkVDNjIzRDE4MTFFRkFEQ0I3NjkzNzYy
RTk1MUEvRDI2OTY4NjQzRDE5MTFFRjgzOUJFM0EwNzYyRTk1MUEucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAmbW/DANBAIAAjAHAwUALA8s
gDANBgkqhkiG9w0BAQsFAAOCAQEAQticvSemmLErD85zNJxW2jUr3byHy6teEPzI
ngkBE1AxrrEZLcOho1s9effH5+siyrW/fbzxs4+a66xpEv24MqBkM3+tzcdccL/P
kCeguh3Lzgc3CgAz/e+qQjeeEcWE81KQ/AgIQRNgr7A8nin+gFNOXWSWaDBTmSHS
E+kYpXdAAAX/T/e9Dh/Oo8VmIMSjQW1AbA0bEuTNAIq9UrEKZXnEHmsdwOQgpBP+
zjyD2qD0h8mJicmLfv8tYJjlrwVNRu3gEUOX/Zwl63Vl6vmMlIPUgZOvDFhOQ9jO
SxD1190d1gvXbVISdDz2oveVJ6BOC62WuKtkEpchFTeeE8zVqg==
-----END CERTIFICATE-----
Generated at Thu Oct 24 06:47:45 2024 by rpki-client on console-fra.rpki-client.org