Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36432B6/F3AB7302B75811ED8B42AC8FF1222468/4DDB7228038511EEAD70B94C4AD9E6FC.roa
File: 4DDB7228038511EEAD70B94C4AD9E6FC.roa (raw, json)
Hash identifier: c2ddbCPHmmvJv1S8GCuUfE7hXuI9EaV9rtxUGDdpShs=
Subject key identifier: A2:9A:DB:F8:BE:4B:DD:D3:1F:C1:F5:D3:D6:4E:C4:D9:B8:1C:3A:09
Certificate issuer: /CN=F36432B6AF/serialNumber=1C91B5AF9B60EA3F1C1DB87EAEC6DA7C2EA0A877
Certificate serial: 6E
Authority key identifier: 1C:91:B5:AF:9B:60:EA:3F:1C:1D:B8:7E:AE:C6:DA:7C:2E:A0:A8:77
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/HJG1r5tg6j8cHbh-rsbafC6gqHc.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36432B6/F3AB7302B75811ED8B42AC8FF1222468/4DDB7228038511EEAD70B94C4AD9E6FC.roa
Signing time: Mon 05 Jun 2023 09:42:37 +0000
ROA not before: Mon 05 Jun 2023 09:42:33 +0000
ROA not after: Sun 30 Jun 2030 09:42:33 +0000
asID: 36992
IP address blocks: 102.56.0.0/13 maxlen: 24
2c0f:fc88::/31 maxlen: 64
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36432B6/F3AB7302B75811ED8B42AC8FF1222468/HJG1r5tg6j8cHbh-rsbafC6gqHc.crl
rsync://rpki.afrinic.net/repository/member_repository/F36432B6/F3AB7302B75811ED8B42AC8FF1222468/HJG1r5tg6j8cHbh-rsbafC6gqHc.mft
rsync://rpki.afrinic.net/repository/afrinic/HJG1r5tg6j8cHbh-rsbafC6gqHc.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 110 (0x6e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36432B6AF/serialNumber=1C91B5AF9B60EA3F1C1DB87EAEC6DA7C2EA0A877
Validity
Not Before: Jun 5 09:42:33 2023 GMT
Not After : Jun 30 09:42:33 2030 GMT
Subject: CN=647dae0d-8b49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:a5:e2:d5:5d:4e:d9:5a:22:f3:b0:a4:de:b2:
59:ce:c2:b4:71:ad:90:e6:37:b8:c8:4a:57:13:d6:
cd:80:14:92:c4:40:2a:d6:8e:40:c6:fa:70:f5:b9:
03:2f:a6:5b:4e:ce:41:7a:de:7b:c9:06:97:aa:c7:
74:c0:e2:d9:bb:93:41:3e:56:c5:54:52:4f:40:bb:
4a:b1:c8:a5:51:69:69:a5:4a:32:21:ed:f6:bc:59:
9d:8a:69:4f:2e:aa:28:00:b0:1c:27:e6:b0:8f:a4:
e1:ac:95:13:db:da:74:9d:0a:b1:20:5d:28:08:48:
61:9e:d0:68:4c:40:56:04:42:1c:2f:81:dc:6e:01:
28:b7:c8:51:80:a0:42:04:49:18:46:47:8a:a6:98:
3f:06:db:c3:0a:03:47:23:21:9c:e9:09:a5:32:ea:
85:ee:87:52:47:18:36:90:a0:af:96:98:43:55:82:
c5:1f:12:ba:5a:ca:f5:21:43:b5:4b:26:67:fc:42:
19:8f:16:3d:59:9b:3f:43:ab:7b:71:9b:be:b8:7f:
df:7f:f0:7b:f6:f2:40:57:05:12:6a:04:0c:17:0d:
07:51:09:98:91:4a:0b:4e:f1:a8:97:1f:bf:b2:b5:
2b:d2:22:f6:d5:fc:d3:a1:66:17:25:01:07:60:ee:
92:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:9A:DB:F8:BE:4B:DD:D3:1F:C1:F5:D3:D6:4E:C4:D9:B8:1C:3A:09
X509v3 Authority Key Identifier:
keyid:1C:91:B5:AF:9B:60:EA:3F:1C:1D:B8:7E:AE:C6:DA:7C:2E:A0:A8:77
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36432B6/F3AB7302B75811ED8B42AC8FF1222468/HJG1r5tg6j8cHbh-rsbafC6gqHc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/HJG1r5tg6j8cHbh-rsbafC6gqHc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36432B6/F3AB7302B75811ED8B42AC8FF1222468/4DDB7228038511EEAD70B94C4AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.56.0.0/13
IPv6:
2c0f:fc88::/31
Signature Algorithm: sha256WithRSAEncryption
1e:bc:3d:97:b3:74:65:b4:8c:38:12:51:df:0a:f8:e1:d2:f9:
c0:e2:16:3a:2d:77:1d:22:70:e1:ac:cd:91:cc:ed:09:b2:82:
c7:f0:ab:f9:b0:f9:2b:65:fd:63:10:28:3f:d4:2b:17:75:7c:
92:eb:83:68:97:50:97:3a:d9:9a:f8:f4:78:61:1b:52:8f:c6:
8f:b4:ee:34:01:7f:79:a6:c0:b0:59:b5:eb:94:aa:c6:8c:18:
6b:fc:d6:08:42:50:23:d9:9c:dc:8b:ed:f6:b9:e6:a3:d3:74:
8c:a4:10:7f:ab:18:59:f8:37:5c:28:8f:6f:f3:36:c0:f6:f2:
69:3c:d7:00:26:ac:df:e7:2f:7d:db:e2:4b:59:3b:49:3a:d8:
53:75:a7:48:0d:ef:fc:bf:df:0a:7b:20:d9:73:d0:3d:c5:d6:
bc:32:dd:82:99:55:68:b1:6f:ea:16:1c:9c:bb:f7:28:88:9f:
fa:cb:32:ec:1a:57:95:80:a1:a0:bf:c3:66:08:07:2a:84:12:
d0:e2:51:60:82:c7:6a:b6:10:23:10:b4:c4:43:a7:97:c0:d9:
0a:16:88:e2:88:0a:a7:26:c1:c8:c1:a7:b2:aa:75:b1:96:4e:
3b:bb:e7:57:1a:e9:a0:42:5f:e1:8a:7b:5e:b6:15:29:36:67:
5b:a5:c2:9a
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgIBbjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDDApGMzY0
MzJCNkFGMTEwLwYDVQQFEygxQzkxQjVBRjlCNjBFQTNGMUMxREI4N0VBRUM2REE3
QzJFQTBBODc3MB4XDTIzMDYwNTA5NDIzM1oXDTMwMDYzMDA5NDIzM1owGDEWMBQG
A1UEAxMNNjQ3ZGFlMGQtOGI0OTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMel4tVdTtlaIvOwpN6yWc7CtHGtkOY3uMhKVxPWzYAUksRAKtaOQMb6cPW5
Ay+mW07OQXree8kGl6rHdMDi2buTQT5WxVRST0C7SrHIpVFpaaVKMiHt9rxZnYpp
Ty6qKACwHCfmsI+k4ayVE9vadJ0KsSBdKAhIYZ7QaExAVgRCHC+B3G4BKLfIUYCg
QgRJGEZHiqaYPwbbwwoDRyMhnOkJpTLqhe6HUkcYNpCgr5aYQ1WCxR8SulrK9SFD
tUsmZ/xCGY8WPVmbP0Ore3Gbvrh/33/we/byQFcFEmoEDBcNB1EJmJFKC07xqJcf
v7K1K9Ii9tX806FmFyUBB2DukmcCAwEAAaOCArMwggKvMB0GA1UdDgQWBBSimtv4
vkvd0x/B9dPWTsTZuBw6CTAfBgNVHSMEGDAWgBQckbWvm2DqPxwduH6uxtp8LqCo
dzAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NDMyQjYvRjNBQjczMDJCNzU4MTFFRDhCNDJBQzhGRjEyMjI0NjgvSEpHMXI1
dGc2ajhjSGJoLXJzYmFmQzZncUhjLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvSEpHMXI1dGc2ajhjSGJoLXJzYmFmQzZncUhjLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2NDMyQjYvRjNBQjczMDJCNzU4MTFFRDhCNDJBQzhGRjEy
MjI0NjgvNEREQjcyMjgwMzg1MTFFRUFENzBCOTRDNEFEOUU2RkMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAtBggrBgEFBQcBBwEB/wQeMBwwCwQCAAEwBQMDA2Y4MA0EAgACMAcDBQEsD/yI
MA0GCSqGSIb3DQEBCwUAA4IBAQAevD2Xs3RltIw4ElHfCvjh0vnA4hY6LXcdInDh
rM2RzO0JsoLH8Kv5sPkrZf1jECg/1CsXdXyS64Nol1CXOtma+PR4YRtSj8aPtO40
AX95psCwWbXrlKrGjBhr/NYIQlAj2Zzci+32ueaj03SMpBB/qxhZ+DdcKI9v8zbA
9vJpPNcAJqzf5y992+JLWTtJOthTdadIDe/8v98KeyDZc9A9xda8Mt2CmVVosW/q
Fhycu/coiJ/6yzLsGleVgKGgv8NmCAcqhBLQ4lFggsdqthAjELTEQ6eXwNkKFoji
iAqnJsHIwaeyqnWxlk47u+dXGumgQl/hintethUpNmdbpcKa
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:52:53 2024 by rpki-client on console-fra.rpki-client.org