Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F364E2C5/FBF23E7EC78011EC9829D38BF1222468/CBD4BB4EC7A411EC8C7F26F9F1222468.roa
File: CBD4BB4EC7A411EC8C7F26F9F1222468.roa (raw, json)
Hash identifier: lyiXm98/99h1BTS8mv1keKXy/3hq5R//wYwELeO8tdI=
Subject key identifier: 3A:CE:E9:86:1B:C2:A0:C5:11:46:1F:87:7C:BE:36:D3:6F:65:99:8D
Certificate issuer: /CN=F364E2C5AF/serialNumber=27D35642EC5430E95376A57D531C20CABA384CCC
Certificate serial: 06
Authority key identifier: 27:D3:56:42:EC:54:30:E9:53:76:A5:7D:53:1C:20:CA:BA:38:4C:CC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/J9NWQuxUMOlTdqV9Uxwgyro4TMw.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F364E2C5/FBF23E7EC78011EC9829D38BF1222468/CBD4BB4EC7A411EC8C7F26F9F1222468.roa
Signing time: Fri 29 Apr 2022 10:11:55 +0000
ROA not before: Fri 29 Apr 2022 10:11:52 +0000
ROA not after: Fri 30 Apr 2032 10:11:52 +0000
asID: 329028
IP address blocks: 102.216.72.0/22 maxlen: 24
2c0f:4480::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F364E2C5/FBF23E7EC78011EC9829D38BF1222468/J9NWQuxUMOlTdqV9Uxwgyro4TMw.crl
rsync://rpki.afrinic.net/repository/member_repository/F364E2C5/FBF23E7EC78011EC9829D38BF1222468/J9NWQuxUMOlTdqV9Uxwgyro4TMw.mft
rsync://rpki.afrinic.net/repository/afrinic/J9NWQuxUMOlTdqV9Uxwgyro4TMw.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6 (0x6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F364E2C5AF/serialNumber=27D35642EC5430E95376A57D531C20CABA384CCC
Validity
Not Before: Apr 29 10:11:52 2022 GMT
Not After : Apr 30 10:11:52 2032 GMT
Subject: CN=626bb9eb-b226
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:cb:5c:1e:ef:01:1e:45:13:31:ba:a9:90:35:
a5:bd:d8:b9:2d:20:20:ae:82:d4:5b:c4:d1:50:ff:
82:db:73:68:aa:f1:d5:38:ed:75:06:00:32:42:ce:
37:9b:f7:21:5c:a2:83:cf:86:cb:1c:60:12:ed:68:
37:80:a2:76:01:6e:d2:53:22:e3:5e:40:a2:6e:5f:
d5:d0:8b:f0:87:be:7d:cf:bf:49:c0:00:2e:41:a3:
4e:3f:10:b1:f6:ea:0d:9f:22:bc:7d:8f:be:b3:a4:
3e:e2:f0:57:66:fe:ff:09:be:e7:74:b6:4b:73:c7:
d4:be:6c:fa:31:36:1c:73:cc:0d:28:7d:53:c0:41:
2e:89:e1:6e:e2:c7:eb:a3:47:6f:66:27:3c:74:43:
9d:5b:69:f3:22:9b:f0:4a:57:ce:40:66:14:b1:8e:
5c:28:da:ee:60:fe:11:23:07:9f:a6:98:3d:cb:46:
9a:50:f7:d9:94:96:e0:e8:61:1f:c9:4a:20:80:e1:
07:95:e3:d9:e0:1d:47:b0:19:8a:d7:2e:58:f1:98:
cb:04:13:66:5b:02:d4:37:25:d5:ad:4e:08:a6:44:
63:af:4d:7b:ee:6d:ba:7b:04:fa:40:5d:a2:35:fd:
eb:eb:09:a9:17:2c:67:a7:e7:53:ed:ee:b4:d6:f0:
3b:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:CE:E9:86:1B:C2:A0:C5:11:46:1F:87:7C:BE:36:D3:6F:65:99:8D
X509v3 Authority Key Identifier:
keyid:27:D3:56:42:EC:54:30:E9:53:76:A5:7D:53:1C:20:CA:BA:38:4C:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F364E2C5/FBF23E7EC78011EC9829D38BF1222468/J9NWQuxUMOlTdqV9Uxwgyro4TMw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/J9NWQuxUMOlTdqV9Uxwgyro4TMw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F364E2C5/FBF23E7EC78011EC9829D38BF1222468/CBD4BB4EC7A411EC8C7F26F9F1222468.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.216.72.0/22
IPv6:
2c0f:4480::/32
Signature Algorithm: sha256WithRSAEncryption
8d:81:5f:c0:4e:01:a3:8d:8b:ca:ee:a4:d5:1b:87:8b:51:be:
f4:83:fa:72:0e:78:c6:f7:f6:89:3c:b7:78:1f:9e:45:39:df:
50:ac:f4:c9:3f:3c:c3:a2:33:ec:80:cf:a3:70:23:98:7b:93:
f8:b0:80:84:ce:34:ab:26:c5:79:56:b3:1c:f7:a7:13:4a:bd:
db:69:b8:af:e3:fe:86:01:97:1d:ac:7c:81:c8:c7:8f:29:40:
7b:66:45:07:ab:b1:6f:f7:ed:8c:1d:86:72:4b:74:7c:ea:76:
f9:dc:c3:03:98:05:6f:0f:40:4e:c3:10:86:62:6f:40:4a:47:
11:22:e8:fe:9c:69:2c:1d:53:91:74:26:7a:b2:0f:13:52:d6:
34:8e:a4:c5:6f:e0:81:b7:db:d4:73:ae:14:5c:bc:b5:c1:1c:
ee:82:63:ec:8b:e4:fa:1d:12:18:c4:d7:82:b9:2a:f5:1b:53:
ac:cf:75:02:a2:25:0c:ba:45:24:70:dc:79:a7:46:4f:d5:be:
45:6e:a6:45:0f:b5:e1:ac:52:23:77:f3:3a:38:b4:9f:04:ba:
bb:7f:8a:03:33:70:28:de:ec:20:53:8f:8e:56:4d:b2:f4:5a:
5f:7c:4f:dc:0a:b7:bc:66:61:e6:e5:e8:27:ef:6f:eb:42:cd:
5f:f5:06:d6
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgIBBjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDDApGMzY0
RTJDNUFGMTEwLwYDVQQFEygyN0QzNTY0MkVDNTQzMEU5NTM3NkE1N0Q1MzFDMjBD
QUJBMzg0Q0NDMB4XDTIyMDQyOTEwMTE1MloXDTMyMDQzMDEwMTE1MlowGDEWMBQG
A1UEAwwNNjI2YmI5ZWItYjIyNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMTLXB7vAR5FEzG6qZA1pb3YuS0gIK6C1FvE0VD/gttzaKrx1TjtdQYAMkLO
N5v3IVyig8+GyxxgEu1oN4CidgFu0lMi415Aom5f1dCL8Ie+fc+/ScAALkGjTj8Q
sfbqDZ8ivH2PvrOkPuLwV2b+/wm+53S2S3PH1L5s+jE2HHPMDSh9U8BBLonhbuLH
66NHb2YnPHRDnVtp8yKb8EpXzkBmFLGOXCja7mD+ESMHn6aYPctGmlD32ZSW4Ohh
H8lKIIDhB5Xj2eAdR7AZitcuWPGYywQTZlsC1Dcl1a1OCKZEY69Ne+5tunsE+kBd
ojX96+sJqRcsZ6fnU+3utNbwOxkCAwEAAaOCArQwggKwMB0GA1UdDgQWBBQ6zumG
G8KgxRFGH4d8vjbTb2WZjTAfBgNVHSMEGDAWgBQn01ZC7FQw6VN2pX1THCDKujhM
zDAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NEUyQzUvRkJGMjNFN0VDNzgwMTFFQzk4MjlEMzhCRjEyMjI0NjgvSjlOV1F1
eFVNT2xUZHFWOVV4d2d5cm80VE13LmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvSjlOV1F1eFVNT2xUZHFWOVV4d2d5cm80VE13LmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2NEUyQzUvRkJGMjNFN0VDNzgwMTFFQzk4MjlEMzhCRjEy
MjI0NjgvQ0JENEJCNEVDN0E0MTFFQzhDN0YyNkY5RjEyMjI0Njgucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAmbYSDANBAIAAjAHAwUALA9E
gDANBgkqhkiG9w0BAQsFAAOCAQEAjYFfwE4Bo42Lyu6k1RuHi1G+9IP6cg54xvf2
iTy3eB+eRTnfUKz0yT88w6Iz7IDPo3AjmHuT+LCAhM40qybFeVazHPenE0q922m4
r+P+hgGXHax8gcjHjylAe2ZFB6uxb/ftjB2Gckt0fOp2+dzDA5gFbw9ATsMQhmJv
QEpHESLo/pxpLB1TkXQmerIPE1LWNI6kxW/ggbfb1HOuFFy8tcEc7oJj7Ivk+h0S
GMTXgrkq9RtTrM91AqIlDLpFJHDceadGT9W+RW6mRQ+14axSI3fzOji0nwS6u3+K
AzNwKN7sIFOPjlZNsvRaX3xP3Aq3vGZh5uXoJ+9v60LNX/UG1g==
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:03:34 2024 by rpki-client on console-ams.rpki-client.org