Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3645A60/24BB1812119011EE8D0BC44A4AD9E6FC/D9BB7DAA119111EE9EC8824F4AD9E6FC.roa
File: D9BB7DAA119111EE9EC8824F4AD9E6FC.roa (raw, json)
Hash identifier: z8n6q+oUQGHtnZrxmlHyDPpdETGxOMXPu63Xt71Wevg=
Subject key identifier: 84:B9:D9:61:70:CD:50:C0:3A:5A:9D:71:25:AE:17:03:BB:B9:36:95
Certificate issuer: /CN=F3645A60AF/serialNumber=1801937A868691E8DDC40A1A43A638EDCC9BD77E
Certificate serial: 02
Authority key identifier: 18:01:93:7A:86:86:91:E8:DD:C4:0A:1A:43:A6:38:ED:CC:9B:D7:7E
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/GAGTeoaGkejdxAoaQ6Y47cyb134.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3645A60/24BB1812119011EE8D0BC44A4AD9E6FC/D9BB7DAA119111EE9EC8824F4AD9E6FC.roa
Signing time: Fri 23 Jun 2023 06:47:42 +0000
ROA not before: Fri 23 Jun 2023 06:47:36 +0000
ROA not after: Thu 23 Jun 2033 06:47:36 +0000
asID: 26130
IP address blocks: 102.214.4.0/22 maxlen: 24
154.66.220.0/22 maxlen: 24
2c0f:eae8::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3645A60/24BB1812119011EE8D0BC44A4AD9E6FC/GAGTeoaGkejdxAoaQ6Y47cyb134.crl
rsync://rpki.afrinic.net/repository/member_repository/F3645A60/24BB1812119011EE8D0BC44A4AD9E6FC/GAGTeoaGkejdxAoaQ6Y47cyb134.mft
rsync://rpki.afrinic.net/repository/afrinic/GAGTeoaGkejdxAoaQ6Y47cyb134.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3645A60AF/serialNumber=1801937A868691E8DDC40A1A43A638EDCC9BD77E
Validity
Not Before: Jun 23 06:47:36 2023 GMT
Not After : Jun 23 06:47:36 2033 GMT
Subject: CN=6495400d-ff40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:95:5a:06:b0:cc:58:2b:8e:ba:11:a0:cb:97:
b7:e8:e8:46:ca:5c:3d:a2:e2:e2:b9:1c:44:95:ce:
8d:61:7f:98:9a:b1:e4:d6:1d:04:02:66:42:e5:ce:
f4:33:78:2a:26:3a:f7:c0:71:e8:69:c7:5b:94:ee:
18:1a:50:84:ed:f4:cb:50:47:84:74:cc:29:af:a9:
44:fe:4a:08:38:c6:c2:78:80:85:31:b8:f9:48:dd:
0c:69:d9:d3:39:6e:78:92:3a:d0:ee:eb:f9:51:bc:
df:0b:31:9e:a1:58:38:f2:d5:4d:7c:4d:85:67:84:
68:05:ed:4e:a2:bc:b1:56:4f:3a:90:fd:7a:ef:3f:
dd:a2:fd:12:85:e3:51:34:a2:65:b9:0c:5e:af:cc:
25:a0:c7:83:08:c8:49:d8:7f:7c:a2:ed:24:3e:36:
b5:95:02:ee:d4:2d:96:3e:57:93:69:2c:9a:92:6b:
56:f4:67:65:c6:34:0e:f7:6f:d7:96:09:29:cf:41:
3e:92:c1:9c:fd:06:fc:91:20:99:1c:5a:3f:60:80:
9d:6e:75:72:5f:f1:18:91:a7:97:39:8c:58:38:c2:
01:9a:8c:70:75:b0:93:87:c1:5d:21:cc:c3:bf:8d:
12:e2:12:7d:6b:6e:a4:51:fe:ee:dc:1a:27:7a:28:
f9:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:B9:D9:61:70:CD:50:C0:3A:5A:9D:71:25:AE:17:03:BB:B9:36:95
X509v3 Authority Key Identifier:
keyid:18:01:93:7A:86:86:91:E8:DD:C4:0A:1A:43:A6:38:ED:CC:9B:D7:7E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3645A60/24BB1812119011EE8D0BC44A4AD9E6FC/GAGTeoaGkejdxAoaQ6Y47cyb134.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/GAGTeoaGkejdxAoaQ6Y47cyb134.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3645A60/24BB1812119011EE8D0BC44A4AD9E6FC/D9BB7DAA119111EE9EC8824F4AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.214.4.0/22
154.66.220.0/22
IPv6:
2c0f:eae8::/32
Signature Algorithm: sha256WithRSAEncryption
04:49:4e:b1:33:78:94:4c:5e:bb:74:0a:17:75:53:f6:bf:d8:
a3:51:67:5d:b2:dd:0e:3a:76:68:d8:d4:ac:e1:f3:d9:30:23:
eb:43:ff:ee:95:f0:92:06:f7:ec:bb:36:94:e2:d0:fb:37:99:
0e:8a:fc:98:3e:f2:66:e0:07:b5:23:28:9e:78:29:8b:0a:32:
77:5b:69:84:ab:ba:c3:52:72:db:1d:6b:49:85:44:73:ab:e0:
9f:40:01:60:f0:6b:0e:b0:16:0e:28:c1:66:85:af:b0:05:35:
d7:42:da:44:6f:77:67:f3:64:bd:85:d8:a8:fa:2a:15:ca:79:
81:f2:64:e7:63:f2:11:b6:14:17:8f:7a:da:32:a7:49:f9:79:
88:29:44:d3:da:b2:8e:d5:aa:2b:bf:b3:71:b3:48:d7:93:1e:
bb:4c:91:d2:87:b7:90:73:6f:99:06:f6:88:ab:bd:fe:59:bb:
32:bc:06:dc:a7:30:ec:83:a7:b7:44:a3:fe:db:41:b6:d4:89:
7a:2e:ae:df:21:26:81:61:ad:8e:da:eb:aa:be:dd:a8:80:06:
fe:0d:e7:91:e4:0d:c4:13:2a:76:8a:2b:ee:cc:4b:f7:5a:7e:
c6:f3:44:75:dd:eb:00:fc:0f:4f:06:d0:ef:50:1f:6a:1c:3b:
51:ce:38:62
-----BEGIN CERTIFICATE-----
MIIFlzCCBH+gAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY0
NUE2MEFGMTEwLwYDVQQFEygxODAxOTM3QTg2ODY5MUU4RERDNDBBMUE0M0E2MzhF
RENDOUJENzdFMB4XDTIzMDYyMzA2NDczNloXDTMzMDYyMzA2NDczNlowGDEWMBQG
A1UEAxMNNjQ5NTQwMGQtZmY0MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANuVWgawzFgrjroRoMuXt+joRspcPaLi4rkcRJXOjWF/mJqx5NYdBAJmQuXO
9DN4KiY698Bx6GnHW5TuGBpQhO30y1BHhHTMKa+pRP5KCDjGwniAhTG4+UjdDGnZ
0zlueJI60O7r+VG83wsxnqFYOPLVTXxNhWeEaAXtTqK8sVZPOpD9eu8/3aL9EoXj
UTSiZbkMXq/MJaDHgwjISdh/fKLtJD42tZUC7tQtlj5Xk2ksmpJrVvRnZcY0Dvdv
15YJKc9BPpLBnP0G/JEgmRxaP2CAnW51cl/xGJGnlzmMWDjCAZqMcHWwk4fBXSHM
w7+NEuISfWtupFH+7twaJ3oo+ZUCAwEAAaOCArowggK2MB0GA1UdDgQWBBSEudlh
cM1QwDpanXElrhcDu7k2lTAfBgNVHSMEGDAWgBQYAZN6hoaR6N3EChpDpjjtzJvX
fjAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NDVBNjAvMjRCQjE4MTIxMTkwMTFFRThEMEJDNDRBNEFEOUU2RkMvR0FHVGVv
YUdrZWpkeEFvYVE2WTQ3Y3liMTM0LmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvR0FHVGVvYUdrZWpkeEFvYVE2WTQ3Y3liMTM0LmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2NDVBNjAvMjRCQjE4MTIxMTkwMTFFRThEMEJDNDRBNEFE
OUU2RkMvRDlCQjdEQUExMTkxMTFFRTlFQzg4MjRGNEFEOUU2RkMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDA0BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEAmbWBAMEAppC3DANBAIAAjAH
AwUALA/q6DANBgkqhkiG9w0BAQsFAAOCAQEABElOsTN4lExeu3QKF3VT9r/Yo1Fn
XbLdDjp2aNjUrOHz2TAj60P/7pXwkgb37Ls2lOLQ+zeZDor8mD7yZuAHtSMonngp
iwoyd1tphKu6w1Jy2x1rSYVEc6vgn0ABYPBrDrAWDijBZoWvsAU110LaRG93Z/Nk
vYXYqPoqFcp5gfJk52PyEbYUF4962jKnSfl5iClE09qyjtWqK7+zcbNI15Meu0yR
0oe3kHNvmQb2iKu9/lm7MrwG3Kcw7IOnt0Sj/ttBttSJei6u3yEmgWGtjtrrqr7d
qIAG/g3nkeQNxBMqdoor7sxL91p+xvNEdd3rAPwPTwbQ71Afahw7Uc44Yg==
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:52:53 2024 by rpki-client on console-fra.rpki-client.org