Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3652893/9742A64C5EED11EF8C934379762E951A/25947A965EEF11EFA8CE8E84762E951A.roa
File: 25947A965EEF11EFA8CE8E84762E951A.roa (raw, json)
Hash identifier: w3FPrtTUNywICvBHUNi6Z9IDVeEht1kgjHG+aqy64j8=
Subject key identifier: 74:C5:1B:76:AA:8F:42:9E:09:A0:D0:A5:90:55:33:9E:11:1F:D6:52
Certificate issuer: /CN=F3652893AF/serialNumber=509AE832ED6B89B16A9E8F7059D31002EBDF5516
Certificate serial: 02
Authority key identifier: 50:9A:E8:32:ED:6B:89:B1:6A:9E:8F:70:59:D3:10:02:EB:DF:55:16
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/UJroMu1ribFqno9wWdMQAuvfVRY.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3652893/9742A64C5EED11EF8C934379762E951A/25947A965EEF11EFA8CE8E84762E951A.roa
Signing time: Tue 20 Aug 2024 12:24:30 +0000
ROA not before: Tue 20 Aug 2024 12:24:24 +0000
ROA not after: Thu 01 Aug 2030 12:24:24 +0000
asID: 328480
IP address blocks: 102.68.120.0/22 maxlen: 22
102.219.168.0/22 maxlen: 22
102.221.232.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3652893/9742A64C5EED11EF8C934379762E951A/UJroMu1ribFqno9wWdMQAuvfVRY.crl
rsync://rpki.afrinic.net/repository/member_repository/F3652893/9742A64C5EED11EF8C934379762E951A/UJroMu1ribFqno9wWdMQAuvfVRY.mft
rsync://rpki.afrinic.net/repository/afrinic/UJroMu1ribFqno9wWdMQAuvfVRY.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 26 Oct 2024 00:05:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3652893AF/serialNumber=509AE832ED6B89B16A9E8F7059D31002EBDF5516
Validity
Not Before: Aug 20 12:24:24 2024 GMT
Not After : Aug 1 12:24:24 2030 GMT
Subject: CN=66c48afe-de9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:ff:ea:36:a2:2b:be:86:ff:b8:b2:18:42:46:
e5:9c:b4:e8:7e:4a:28:c0:99:8f:88:a5:07:cc:ee:
c1:17:11:95:ab:b9:f7:a9:4e:8a:87:0d:ba:47:40:
1f:69:87:46:5e:d5:c7:d9:95:6a:f4:63:2a:4a:f2:
5c:86:c1:6a:4f:08:82:38:b8:91:3a:d7:26:2f:af:
38:f7:8b:42:d7:ae:d8:22:69:c7:3b:df:a8:ed:d8:
a6:6c:6b:ee:75:e6:53:1f:4b:55:2d:0d:9c:ff:13:
87:40:a2:bb:23:40:4c:8b:fe:18:40:4c:48:43:04:
aa:0d:23:a4:d2:4c:a9:b3:88:ec:b1:5e:a9:ff:52:
b3:94:93:e7:1a:ec:8e:0f:54:1d:64:c3:a3:8e:cc:
27:fe:5a:47:b9:4e:12:b5:29:ae:e7:eb:98:ac:d9:
5f:bf:fa:09:a2:96:e4:92:5a:7c:a0:ee:4d:5d:ff:
38:42:c0:f6:e7:09:20:c7:b0:bf:71:af:b9:32:d8:
d3:36:1c:da:e5:2e:e5:65:cd:ae:43:ba:84:3d:de:
a8:70:bc:85:21:81:f2:b0:74:ed:07:0e:05:71:7e:
b9:c5:3b:44:4c:3f:03:34:ac:2f:f1:b9:2d:94:9a:
b3:2c:46:d1:45:74:f1:61:f1:93:f8:d3:61:73:b1:
b1:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:C5:1B:76:AA:8F:42:9E:09:A0:D0:A5:90:55:33:9E:11:1F:D6:52
X509v3 Authority Key Identifier:
keyid:50:9A:E8:32:ED:6B:89:B1:6A:9E:8F:70:59:D3:10:02:EB:DF:55:16
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3652893/9742A64C5EED11EF8C934379762E951A/UJroMu1ribFqno9wWdMQAuvfVRY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/UJroMu1ribFqno9wWdMQAuvfVRY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3652893/9742A64C5EED11EF8C934379762E951A/25947A965EEF11EFA8CE8E84762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.68.120.0/22
102.219.168.0/22
102.221.232.0/22
Signature Algorithm: sha256WithRSAEncryption
26:52:f8:3f:a5:ab:16:dc:fb:35:9f:44:d9:02:20:71:17:44:
6f:1f:ae:02:d1:6c:f0:a4:df:85:b4:e9:7a:d6:01:3c:ce:c4:
8d:4d:5d:d7:0c:e7:36:2d:fd:13:a5:b6:91:99:3a:dd:20:7a:
01:4b:df:12:b2:a3:ab:35:91:ce:eb:8d:33:5e:2c:c4:b1:e7:
22:fc:17:d6:cc:2d:5a:e5:3b:b8:e1:11:a0:0d:f5:74:bb:43:
35:b6:15:a8:a1:a3:98:38:85:c2:80:13:8e:5f:1b:d6:97:97:
9a:83:e8:25:55:36:28:a1:78:e0:3d:a9:b2:d3:43:bd:69:a0:
e2:77:6f:32:00:0b:96:5e:69:f8:eb:f0:78:f1:11:ce:ce:40:
78:a6:c6:fe:9a:d8:ab:f3:e8:de:0c:42:55:9c:e2:a9:3d:fc:
f4:56:03:18:7b:f9:8e:4a:60:02:fb:20:eb:f3:be:23:b0:c0:
f2:e0:28:01:04:1c:3c:e5:d9:1b:1b:8e:90:00:a0:4b:e9:1a:
dd:c7:5a:dc:78:66:da:e7:b1:b7:96:fa:a2:6f:a2:c5:5a:64:
c3:aa:1d:06:83:b4:ba:d1:76:b3:78:7a:df:69:90:dd:2d:76:
6b:b0:e0:f4:f9:81:c2:64:c5:04:94:f9:54:47:5e:a9:32:5b:
5f:2f:a6:6b
-----BEGIN CERTIFICATE-----
MIIFjjCCBHagAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY1
Mjg5M0FGMTEwLwYDVQQFEyg1MDlBRTgzMkVENkI4OUIxNkE5RThGNzA1OUQzMTAw
MkVCREY1NTE2MB4XDTI0MDgyMDEyMjQyNFoXDTMwMDgwMTEyMjQyNFowGDEWMBQG
A1UEAxMNNjZjNDhhZmUtZGU5YzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPL/6jaiK76G/7iyGEJG5Zy06H5KKMCZj4ilB8zuwRcRlau596lOiocNukdA
H2mHRl7Vx9mVavRjKkryXIbBak8Igji4kTrXJi+vOPeLQteu2CJpxzvfqO3Ypmxr
7nXmUx9LVS0NnP8Th0CiuyNATIv+GEBMSEMEqg0jpNJMqbOI7LFeqf9Ss5ST5xrs
jg9UHWTDo47MJ/5aR7lOErUprufrmKzZX7/6CaKW5JJafKDuTV3/OELA9ucJIMew
v3GvuTLY0zYc2uUu5WXNrkO6hD3eqHC8hSGB8rB07QcOBXF+ucU7REw/AzSsL/G5
LZSasyxG0UV08WHxk/jTYXOxsUUCAwEAAaOCArEwggKtMB0GA1UdDgQWBBR0xRt2
qo9Cngmg0KWQVTOeER/WUjAfBgNVHSMEGDAWgBRQmugy7WuJsWqej3BZ0xAC699V
FjAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NTI4OTMvOTc0MkE2NEM1RUVEMTFFRjhDOTM0Mzc5NzYyRTk1MUEvVUpyb011
MXJpYkZxbm85d1dkTVFBdXZmVlJZLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvVUpyb011MXJpYkZxbm85d1dkTVFBdXZmVlJZLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2NTI4OTMvOTc0MkE2NEM1RUVEMTFFRjhDOTM0Mzc5NzYy
RTk1MUEvMjU5NDdBOTY1RUVGMTFFRkE4Q0U4RTg0NzYyRTk1MUEucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDArBggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAmZEeAMEAmbbqAMEAmbd6DAN
BgkqhkiG9w0BAQsFAAOCAQEAJlL4P6WrFtz7NZ9E2QIgcRdEbx+uAtFs8KTfhbTp
etYBPM7EjU1d1wznNi39E6W2kZk63SB6AUvfErKjqzWRzuuNM14sxLHnIvwX1swt
WuU7uOERoA31dLtDNbYVqKGjmDiFwoATjl8b1peXmoPoJVU2KKF44D2pstNDvWmg
4ndvMgALll5p+OvwePERzs5AeKbG/prYq/Po3gxCVZziqT389FYDGHv5jkpgAvsg
6/O+I7DA8uAoAQQcPOXZGxuOkACgS+ka3cda3Hhm2uext5b6om+ixVpkw6odBoO0
utF2s3h632mQ3S12a7Dg9PmBwmTFBJT5VEdeqTJbXy+maw==
-----END CERTIFICATE-----
Generated at Thu Oct 24 07:10:17 2024 by rpki-client on console-ams.rpki-client.org