Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F364C329/E383A4E0048D11EEA39B4C6A4AD9E6FC/8E2AFAC4048E11EEA671536C4AD9E6FC.roa
File: 8E2AFAC4048E11EEA671536C4AD9E6FC.roa (raw, json)
Hash identifier: 6Jqn2aGmjDcmImvw5mjB/z8k1HYXJolq+lf84m8vfCY=
Subject key identifier: 09:E6:F0:93:AB:59:D6:B8:53:45:FC:DB:EA:56:EA:69:14:0C:B3:0B
Certificate issuer: /CN=F364C329AF/serialNumber=ED7665290D13123EBD2C11CF087D83FF50CB724F
Certificate serial: 02
Authority key identifier: ED:76:65:29:0D:13:12:3E:BD:2C:11:CF:08:7D:83:FF:50:CB:72:4F
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/7XZlKQ0TEj69LBHPCH2D_1DLck8.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F364C329/E383A4E0048D11EEA39B4C6A4AD9E6FC/8E2AFAC4048E11EEA671536C4AD9E6FC.roa
Signing time: Tue 06 Jun 2023 17:21:21 +0000
ROA not before: Tue 06 Jun 2023 17:21:18 +0000
ROA not after: Fri 31 Dec 2049 17:21:18 +0000
asID: 328858
IP address blocks: 102.220.12.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F364C329/E383A4E0048D11EEA39B4C6A4AD9E6FC/7XZlKQ0TEj69LBHPCH2D_1DLck8.crl
rsync://rpki.afrinic.net/repository/member_repository/F364C329/E383A4E0048D11EEA39B4C6A4AD9E6FC/7XZlKQ0TEj69LBHPCH2D_1DLck8.mft
rsync://rpki.afrinic.net/repository/afrinic/7XZlKQ0TEj69LBHPCH2D_1DLck8.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 26 Nov 2024 00:05:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F364C329AF/serialNumber=ED7665290D13123EBD2C11CF087D83FF50CB724F
Validity
Not Before: Jun 6 17:21:18 2023 GMT
Not After : Dec 31 17:21:18 2049 GMT
Subject: CN=647f6b11-1762
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:6a:4d:b0:e3:7c:6d:8c:fa:bd:01:f2:11:39:
de:8f:8b:65:44:ec:ec:dc:18:eb:47:fa:53:5a:36:
59:64:d7:6d:20:80:f8:ac:6b:51:e6:6f:a8:b5:0e:
3b:14:e8:26:11:46:2b:28:08:7e:23:50:af:2f:a5:
6b:26:a7:22:36:f4:85:d0:13:e6:39:86:45:39:d4:
c6:f9:00:37:fb:40:42:19:e0:2f:32:2a:c3:a8:3f:
2f:b5:9d:30:e2:63:bb:62:d7:54:6e:84:ab:7f:d3:
cc:e2:6f:ea:e6:ac:81:07:f8:18:54:55:1e:96:9d:
c0:a1:91:ad:c0:a2:7c:40:54:30:5d:bd:5c:e2:ee:
7c:71:13:4d:d9:99:4d:51:2b:0e:41:9d:d0:ee:a3:
11:66:1d:64:2e:b9:49:2c:7d:cd:63:42:1b:d8:de:
19:2b:cf:7a:89:4f:a9:95:f6:e5:86:bc:2d:1e:2a:
3e:d8:22:b0:36:89:e1:04:80:ec:9a:7a:36:92:4e:
05:f7:13:fd:e1:ba:79:08:f8:37:91:19:7e:13:d0:
c6:35:d1:0d:2b:96:fe:88:22:12:4b:6e:33:3d:04:
f1:1b:74:70:a7:b6:ab:25:1e:f4:d0:34:04:49:ad:
6c:fe:de:64:87:50:2d:63:12:a0:9d:bb:2b:17:a3:
e5:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:E6:F0:93:AB:59:D6:B8:53:45:FC:DB:EA:56:EA:69:14:0C:B3:0B
X509v3 Authority Key Identifier:
keyid:ED:76:65:29:0D:13:12:3E:BD:2C:11:CF:08:7D:83:FF:50:CB:72:4F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F364C329/E383A4E0048D11EEA39B4C6A4AD9E6FC/7XZlKQ0TEj69LBHPCH2D_1DLck8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/7XZlKQ0TEj69LBHPCH2D_1DLck8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F364C329/E383A4E0048D11EEA39B4C6A4AD9E6FC/8E2AFAC4048E11EEA671536C4AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.220.12.0/22
Signature Algorithm: sha256WithRSAEncryption
0d:4a:89:46:67:fb:9f:8e:cb:13:c0:e9:d7:29:bf:4d:89:0d:
05:34:88:e8:30:f8:1c:61:80:6a:78:1f:39:42:02:92:8f:06:
4f:db:18:14:e1:df:1d:2c:7f:86:45:49:ae:a4:ac:47:6d:1f:
e0:9b:fc:17:71:a8:3b:c3:86:00:a0:e8:54:a1:86:66:f2:f3:
6e:b2:b9:3b:07:59:55:7f:f7:dd:66:76:cc:6a:b8:31:9d:8c:
91:b1:c4:a4:9a:c6:88:10:3e:dc:6e:81:6f:d9:b3:22:e7:1b:
44:e0:ec:96:55:07:6c:51:c4:ec:d4:eb:ce:67:35:bf:d6:09:
c1:73:56:ea:68:d3:ab:29:38:94:ac:4e:93:c8:aa:b3:41:26:
8f:bf:ac:2b:b4:37:c6:16:b0:a5:be:6a:0c:fd:33:ee:68:fc:
4c:6e:f7:e8:90:b3:38:21:1d:39:67:d6:c0:e5:1d:e1:60:94:
50:9d:26:cf:ef:18:9d:3e:00:f2:95:8b:43:6d:6e:4a:7a:4d:
b3:b1:73:d1:df:40:97:0c:62:e9:6e:5f:9a:31:48:0b:c7:2a:
d5:61:87:0a:bb:21:cf:d8:a4:53:b3:6e:08:86:80:8e:23:73:
e6:3e:c5:58:7e:53:88:02:67:ff:82:be:f9:8b:a3:90:c4:67:
15:17:31:10
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY0
QzMyOUFGMTEwLwYDVQQFEyhFRDc2NjUyOTBEMTMxMjNFQkQyQzExQ0YwODdEODNG
RjUwQ0I3MjRGMB4XDTIzMDYwNjE3MjExOFoXDTQ5MTIzMTE3MjExOFowGDEWMBQG
A1UEAxMNNjQ3ZjZiMTEtMTc2MjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKNqTbDjfG2M+r0B8hE53o+LZUTs7NwY60f6U1o2WWTXbSCA+KxrUeZvqLUO
OxToJhFGKygIfiNQry+layanIjb0hdAT5jmGRTnUxvkAN/tAQhngLzIqw6g/L7Wd
MOJju2LXVG6Eq3/TzOJv6uasgQf4GFRVHpadwKGRrcCifEBUMF29XOLufHETTdmZ
TVErDkGd0O6jEWYdZC65SSx9zWNCG9jeGSvPeolPqZX25Ya8LR4qPtgisDaJ4QSA
7Jp6NpJOBfcT/eG6eQj4N5EZfhPQxjXRDSuW/ogiEktuMz0E8Rt0cKe2qyUe9NA0
BEmtbP7eZIdQLWMSoJ27Kxej5X8CAwEAAaOCAqUwggKhMB0GA1UdDgQWBBQJ5vCT
q1nWuFNF/NvqVuppFAyzCzAfBgNVHSMEGDAWgBTtdmUpDRMSPr0sEc8IfYP/UMty
TzAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NEMzMjkvRTM4M0E0RTAwNDhEMTFFRUEzOUI0QzZBNEFEOUU2RkMvN1habEtR
MFRFajY5TEJIUENIMkRfMURMY2s4LmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvN1habEtRMFRFajY5TEJIUENIMkRfMURMY2s4LmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2NEMzMjkvRTM4M0E0RTAwNDhEMTFFRUEzOUI0QzZBNEFE
OUU2RkMvOEUyQUZBQzQwNDhFMTFFRUE2NzE1MzZDNEFEOUU2RkMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAmbcDDANBgkqhkiG9w0BAQsF
AAOCAQEADUqJRmf7n47LE8Dp1ym/TYkNBTSI6DD4HGGAangfOUICko8GT9sYFOHf
HSx/hkVJrqSsR20f4Jv8F3GoO8OGAKDoVKGGZvLzbrK5OwdZVX/33WZ2zGq4MZ2M
kbHEpJrGiBA+3G6Bb9mzIucbRODsllUHbFHE7NTrzmc1v9YJwXNW6mjTqyk4lKxO
k8iqs0Emj7+sK7Q3xhawpb5qDP0z7mj8TG736JCzOCEdOWfWwOUd4WCUUJ0mz+8Y
nT4A8pWLQ21uSnpNs7Fz0d9Alwxi6W5fmjFIC8cq1WGHCrshz9ikU7NuCIaAjiNz
5j7FWH5TiAJn/4K++YujkMRnFRcxEA==
-----END CERTIFICATE-----
Generated at Sun Nov 24 04:29:36 2024 by rpki-client on console-fra.rpki-client.org