Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3652893/9742A64C5EED11EF8C934379762E951A/D2BD519A6F5F11EFB5A556BC762E951A.roa
File: D2BD519A6F5F11EFB5A556BC762E951A.roa (raw, json)
Hash identifier: eDObOCF32CjsmNceS5K7zEOzteA210reg1RT/KbBTaY=
Subject key identifier: 42:41:EB:79:1A:EF:4B:C6:27:6F:B4:F4:9B:9C:98:69:68:AE:88:89
Certificate issuer: /CN=F3652893AF/serialNumber=509AE832ED6B89B16A9E8F7059D31002EBDF5516
Certificate serial: 21
Authority key identifier: 50:9A:E8:32:ED:6B:89:B1:6A:9E:8F:70:59:D3:10:02:EB:DF:55:16
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/UJroMu1ribFqno9wWdMQAuvfVRY.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3652893/9742A64C5EED11EF8C934379762E951A/D2BD519A6F5F11EFB5A556BC762E951A.roa
Signing time: Tue 10 Sep 2024 10:31:22 +0000
ROA not before: Tue 10 Sep 2024 10:31:19 +0000
ROA not after: Thu 01 Aug 2030 10:31:19 +0000
asID: 328480
IP address blocks: 102.68.120.0/23 maxlen: 23
102.68.122.0/23 maxlen: 23
102.219.168.0/23 maxlen: 23
102.219.170.0/23 maxlen: 23
102.221.232.0/23 maxlen: 23
102.221.234.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3652893/9742A64C5EED11EF8C934379762E951A/UJroMu1ribFqno9wWdMQAuvfVRY.crl
rsync://rpki.afrinic.net/repository/member_repository/F3652893/9742A64C5EED11EF8C934379762E951A/UJroMu1ribFqno9wWdMQAuvfVRY.mft
rsync://rpki.afrinic.net/repository/afrinic/UJroMu1ribFqno9wWdMQAuvfVRY.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 26 Oct 2024 00:05:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 33 (0x21)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3652893AF/serialNumber=509AE832ED6B89B16A9E8F7059D31002EBDF5516
Validity
Not Before: Sep 10 10:31:19 2024 GMT
Not After : Aug 1 10:31:19 2030 GMT
Subject: CN=66e01ffa-11dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:9b:ac:a6:d8:f0:29:04:a9:68:f1:3c:54:e4:
44:35:0f:49:e1:10:78:ae:38:1d:3e:9e:38:27:91:
7a:95:1a:1b:dd:fb:32:a5:ba:18:fe:34:31:58:06:
da:02:c7:db:a7:0e:e4:2b:a0:a8:a1:42:c8:6b:0a:
a7:88:3d:55:af:67:65:3c:39:8f:21:a7:55:b1:58:
fc:ef:e7:b3:b7:c5:10:ad:4f:ba:fd:13:a7:fd:40:
2f:5b:a5:ac:03:27:44:bf:90:40:d0:68:fe:c5:06:
aa:8a:bb:23:59:b8:71:3b:5a:64:96:62:7e:dd:c5:
9e:19:81:94:67:56:a9:44:c8:0e:eb:0b:c0:5f:09:
84:46:62:7b:7d:3c:75:4a:c5:5b:47:8f:d9:f5:08:
1f:50:8d:31:c1:32:de:b1:05:da:25:59:1d:87:77:
36:62:74:5f:2a:48:db:30:5b:79:a2:12:cb:5a:c1:
8a:8d:66:e0:5c:d3:30:08:55:97:c3:02:fa:91:62:
87:93:f5:ad:01:1a:bc:ab:05:e7:e8:5b:09:42:87:
3e:38:d3:db:41:ce:7e:df:a7:c4:89:3a:1d:fd:c3:
fe:c0:4a:ce:c9:d2:44:e9:47:62:f6:1c:d9:80:fb:
ae:5c:35:45:55:32:75:55:5b:bb:2b:e2:ab:1c:06:
46:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:41:EB:79:1A:EF:4B:C6:27:6F:B4:F4:9B:9C:98:69:68:AE:88:89
X509v3 Authority Key Identifier:
keyid:50:9A:E8:32:ED:6B:89:B1:6A:9E:8F:70:59:D3:10:02:EB:DF:55:16
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3652893/9742A64C5EED11EF8C934379762E951A/UJroMu1ribFqno9wWdMQAuvfVRY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/UJroMu1ribFqno9wWdMQAuvfVRY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3652893/9742A64C5EED11EF8C934379762E951A/D2BD519A6F5F11EFB5A556BC762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.68.120.0/22
102.219.168.0/22
102.221.232.0/22
Signature Algorithm: sha256WithRSAEncryption
41:60:f7:73:61:c5:02:db:04:ef:13:0b:30:60:b2:4a:09:79:
2b:80:0d:3f:00:a5:84:8e:14:44:1e:82:5c:f1:54:b0:7f:29:
25:eb:20:63:b2:62:0a:65:93:0d:e9:bc:5c:ab:59:00:d3:1b:
34:1a:37:88:9d:47:50:10:4f:c7:10:7d:96:7d:4b:1a:ab:2e:
2f:f8:35:62:a0:fe:2f:c8:ea:34:72:a6:5b:10:9f:1f:04:88:
e4:58:bc:66:7a:83:4a:84:52:d8:b7:02:4d:7e:8c:d6:e1:58:
f9:5e:3a:76:27:77:ea:6b:2d:95:ed:21:3e:86:11:05:3b:d2:
f0:20:51:87:48:ed:b2:84:1e:cd:b1:68:8b:bc:66:ca:86:1c:
ab:00:7d:f7:30:eb:69:17:78:68:1b:99:a9:29:05:68:a5:95:
81:fd:b2:d9:f2:80:83:8e:8d:19:45:1c:32:bb:77:8d:df:8d:
93:07:ad:a4:86:f1:af:b3:d5:22:09:55:4a:21:b6:97:6a:4d:
b5:ec:aa:fe:46:0e:a8:0a:af:4c:40:60:38:11:cc:5f:cc:3d:
2c:56:87:8f:55:27:52:31:e1:e2:5f:f7:6d:c6:f4:37:49:e3:
f3:a2:ac:54:23:8e:fc:81:a9:3a:41:5f:ae:6d:82:36:64:13:
3c:67:19:d4
-----BEGIN CERTIFICATE-----
MIIFjjCCBHagAwIBAgIBITANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY1
Mjg5M0FGMTEwLwYDVQQFEyg1MDlBRTgzMkVENkI4OUIxNkE5RThGNzA1OUQzMTAw
MkVCREY1NTE2MB4XDTI0MDkxMDEwMzExOVoXDTMwMDgwMTEwMzExOVowGDEWMBQG
A1UEAxMNNjZlMDFmZmEtMTFkYzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOybrKbY8CkEqWjxPFTkRDUPSeEQeK44HT6eOCeRepUaG937MqW6GP40MVgG
2gLH26cO5CugqKFCyGsKp4g9Va9nZTw5jyGnVbFY/O/ns7fFEK1Puv0Tp/1AL1ul
rAMnRL+QQNBo/sUGqoq7I1m4cTtaZJZift3FnhmBlGdWqUTIDusLwF8JhEZie308
dUrFW0eP2fUIH1CNMcEy3rEF2iVZHYd3NmJ0XypI2zBbeaISy1rBio1m4FzTMAhV
l8MC+pFih5P1rQEavKsF5+hbCUKHPjjT20HOft+nxIk6Hf3D/sBKzsnSROlHYvYc
2YD7rlw1RVUydVVbuyviqxwGRlsCAwEAAaOCArEwggKtMB0GA1UdDgQWBBRCQet5
Gu9LxidvtPSbnJhpaK6IiTAfBgNVHSMEGDAWgBRQmugy7WuJsWqej3BZ0xAC699V
FjAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NTI4OTMvOTc0MkE2NEM1RUVEMTFFRjhDOTM0Mzc5NzYyRTk1MUEvVUpyb011
MXJpYkZxbm85d1dkTVFBdXZmVlJZLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvVUpyb011MXJpYkZxbm85d1dkTVFBdXZmVlJZLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2NTI4OTMvOTc0MkE2NEM1RUVEMTFFRjhDOTM0Mzc5NzYy
RTk1MUEvRDJCRDUxOUE2RjVGMTFFRkI1QTU1NkJDNzYyRTk1MUEucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDArBggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAmZEeAMEAmbbqAMEAmbd6DAN
BgkqhkiG9w0BAQsFAAOCAQEAQWD3c2HFAtsE7xMLMGCySgl5K4ANPwClhI4URB6C
XPFUsH8pJesgY7JiCmWTDem8XKtZANMbNBo3iJ1HUBBPxxB9ln1LGqsuL/g1YqD+
L8jqNHKmWxCfHwSI5Fi8ZnqDSoRS2LcCTX6M1uFY+V46did36mstle0hPoYRBTvS
8CBRh0jtsoQezbFoi7xmyoYcqwB99zDraRd4aBuZqSkFaKWVgf2y2fKAg46NGUUc
Mrt3jd+NkwetpIbxr7PVIglVSiG2l2pNteyq/kYOqAqvTEBgOBHMX8w9LFaHj1Un
UjHh4l/3bcb0N0nj86KsVCOO/IGpOkFfrm2CNmQTPGcZ1A==
-----END CERTIFICATE-----
Generated at Thu Oct 24 06:47:46 2024 by rpki-client on console-fra.rpki-client.org