Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3654E24/A318A10892FB11ECA71411895A40D577/58BE8A3A92FD11EC9A66148E5A40D577.roa
File: 58BE8A3A92FD11EC9A66148E5A40D577.roa (raw, json)
Hash identifier: p/Nwn6WbMbiqBh52brLCSrPTezSi2w7+mCvrJxVr0pE=
Subject key identifier: F0:C8:65:34:0F:AE:C1:5E:3C:90:B1:6E:AF:F5:9D:90:DC:1C:DD:B1
Certificate issuer: /CN=F3654E24AF/serialNumber=DA9C064A2973889F10D3ADD9FDF12A88361364BF
Certificate serial: 02
Authority key identifier: DA:9C:06:4A:29:73:88:9F:10:D3:AD:D9:FD:F1:2A:88:36:13:64:BF
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/2pwGSilziJ8Q063Z_fEqiDYTZL8.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3654E24/A318A10892FB11ECA71411895A40D577/58BE8A3A92FD11EC9A66148E5A40D577.roa
Signing time: Mon 21 Feb 2022 10:02:15 +0000
ROA not before: Mon 21 Feb 2022 10:02:12 +0000
ROA not after: Wed 31 Dec 2025 10:02:12 +0000
asID: 37008
IP address blocks: 41.223.232.0/22 maxlen: 32
102.68.101.0/24 maxlen: 32
102.68.102.0/24 maxlen: 32
102.68.103.0/24 maxlen: 32
2c0f:ec58::/32 maxlen: 128
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3654E24/A318A10892FB11ECA71411895A40D577/2pwGSilziJ8Q063Z_fEqiDYTZL8.crl
rsync://rpki.afrinic.net/repository/member_repository/F3654E24/A318A10892FB11ECA71411895A40D577/2pwGSilziJ8Q063Z_fEqiDYTZL8.mft
rsync://rpki.afrinic.net/repository/afrinic/2pwGSilziJ8Q063Z_fEqiDYTZL8.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 21 Feb 2025 02:02:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3654E24AF
Validity
Not Before: Feb 21 10:02:12 2022 GMT
Not After : Dec 31 10:02:12 2025 GMT
Subject: CN=62136327-5168
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:d6:28:43:ae:a9:93:b3:10:62:45:1c:cd:fd:
e0:7f:b2:61:75:97:94:03:2f:5d:2e:ab:b1:24:ab:
b7:f4:8d:41:53:9b:6a:5c:6c:80:c3:8f:9f:48:ca:
7d:4e:09:42:aa:61:6a:9b:53:fe:5f:68:8c:99:d4:
37:a4:2b:bc:72:e0:41:98:50:84:51:80:b2:11:60:
0d:dc:b6:2d:cc:53:2c:c2:ad:f6:7b:49:a7:54:ca:
b1:09:94:60:31:7d:53:98:b3:1f:7b:0b:e6:4b:53:
bb:6e:aa:a7:f6:e9:bb:a2:95:ce:ff:cf:23:9e:ad:
96:7c:34:37:d3:00:fc:d2:9e:06:14:e7:65:61:06:
97:a1:e6:cb:c1:4b:63:84:5b:62:dc:d1:fa:e6:61:
63:53:e9:d0:91:19:60:e3:d9:aa:c0:8c:2a:fb:1f:
52:95:85:17:ca:1e:76:fb:29:0d:f1:d5:e6:04:4f:
e2:28:fe:e4:66:ce:a2:63:19:44:58:4f:c2:00:3e:
b0:15:d6:c6:6e:da:36:67:2e:be:0d:16:ec:a6:f3:
06:ba:18:b6:0b:2a:53:a3:0a:52:56:5c:f3:6f:c5:
ac:00:9d:4a:62:cd:19:b3:18:b3:f5:b8:df:41:f8:
c1:16:7b:a4:8d:e9:af:69:c5:d5:3b:32:2c:ed:32:
9f:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:C8:65:34:0F:AE:C1:5E:3C:90:B1:6E:AF:F5:9D:90:DC:1C:DD:B1
X509v3 Authority Key Identifier:
keyid:DA:9C:06:4A:29:73:88:9F:10:D3:AD:D9:FD:F1:2A:88:36:13:64:BF
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3654E24/A318A10892FB11ECA71411895A40D577/2pwGSilziJ8Q063Z_fEqiDYTZL8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/2pwGSilziJ8Q063Z_fEqiDYTZL8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3654E24/A318A10892FB11ECA71411895A40D577/58BE8A3A92FD11EC9A66148E5A40D577.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
41.223.232.0/22
102.68.101.0-102.68.103.255
IPv6:
2c0f:ec58::/32
Signature Algorithm: sha256WithRSAEncryption
42:91:09:ba:d2:4c:43:6f:14:a1:a0:de:07:6d:f6:11:a8:44:
12:83:bd:bc:18:7f:11:f0:17:ea:4a:42:f6:27:4d:c8:61:63:
e4:20:31:57:75:27:a0:5c:f0:13:87:10:77:9c:5d:00:c1:0d:
ab:8b:32:dc:2c:9a:fd:f3:5d:4d:93:03:e7:ca:6c:eb:93:c6:
cd:37:c4:c7:0c:d9:e0:70:4b:80:e4:e4:9a:7c:8d:f7:ee:2e:
96:b0:5b:4e:45:bc:07:a4:24:0e:20:a8:b5:a4:9f:01:57:14:
37:f9:a1:96:7e:76:70:28:2d:a6:a6:36:1e:79:e1:e2:88:e1:
0a:00:0e:5c:60:00:34:f1:bc:f3:1c:13:e1:b2:31:09:3f:42:
ce:75:5b:0f:72:81:41:76:8b:76:37:44:d6:70:c6:2c:60:c0:
12:61:cc:7f:3a:0b:fd:ca:18:b2:33:74:37:8e:45:99:36:ee:
dc:a9:19:f2:e0:3a:af:fe:91:2c:29:b8:42:60:27:b7:eb:29:
01:e8:fc:89:89:41:17:7d:f4:64:42:a9:f4:e9:d1:d3:92:c6:
0a:9c:de:48:5b:dc:ab:88:35:ca:24:d7:a1:7f:8f:82:d1:73:
13:a6:42:e1:48:21:3a:fd:43:b6:3b:3c:d8:61:ae:26:69:92:
86:51:58:2f
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDDApGMzY1
NEUyNEFGMTEwLwYDVQQFEyhEQTlDMDY0QTI5NzM4ODlGMTBEM0FERDlGREYxMkE4
ODM2MTM2NEJGMB4XDTIyMDIyMTEwMDIxMloXDTI1MTIzMTEwMDIxMlowGDEWMBQG
A1UEAwwNNjIxMzYzMjctNTE2ODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMHWKEOuqZOzEGJFHM394H+yYXWXlAMvXS6rsSSrt/SNQVObalxsgMOPn0jK
fU4JQqphaptT/l9ojJnUN6QrvHLgQZhQhFGAshFgDdy2LcxTLMKt9ntJp1TKsQmU
YDF9U5izH3sL5ktTu26qp/bpu6KVzv/PI56tlnw0N9MA/NKeBhTnZWEGl6Hmy8FL
Y4RbYtzR+uZhY1Pp0JEZYOPZqsCMKvsfUpWFF8oedvspDfHV5gRP4ij+5GbOomMZ
RFhPwgA+sBXWxm7aNmcuvg0W7KbzBroYtgsqU6MKUlZc82/FrACdSmLNGbMYs/W4
30H4wRZ7pI3pr2nF1TsyLO0yn9MCAwEAAaOCAsIwggK+MB0GA1UdDgQWBBTwyGU0
D67BXjyQsW6v9Z2Q3BzdsTAfBgNVHSMEGDAWgBTanAZKKXOInxDTrdn98SqINhNk
vzAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NTRFMjQvQTMxOEExMDg5MkZCMTFFQ0E3MTQxMTg5NUE0MEQ1NzcvMnB3R1Np
bHppSjhRMDYzWl9mRXFpRFlUWkw4LmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvMnB3R1NpbHppSjhRMDYzWl9mRXFpRFlUWkw4LmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2NTRFMjQvQTMxOEExMDg5MkZCMTFFQ0E3MTQxMTg5NUE0
MEQ1NzcvNThCRThBM0E5MkZEMTFFQzlBNjYxNDhFNUE0MEQ1Nzcucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDA8BggrBgEFBQcBBwEB/wQtMCswGgQCAAEwFAMEAinf6DAMAwQAZkRlAwQDZkRg
MA0EAgACMAcDBQAsD+xYMA0GCSqGSIb3DQEBCwUAA4IBAQBCkQm60kxDbxShoN4H
bfYRqEQSg728GH8R8BfqSkL2J03IYWPkIDFXdSegXPAThxB3nF0AwQ2rizLcLJr9
811NkwPnymzrk8bNN8THDNngcEuA5OSafI337i6WsFtORbwHpCQOIKi1pJ8BVxQ3
+aGWfnZwKC2mpjYeeeHiiOEKAA5cYAA08bzzHBPhsjEJP0LOdVsPcoFBdot2N0TW
cMYsYMASYcx/Ogv9yhiyM3Q3jkWZNu7cqRny4Dqv/pEsKbhCYCe36ykB6PyJiUEX
ffRkQqn06dHTksYKnN5IW9yriDXKJNehf4+C0XMTpkLhSCE6/UO2OzzYYa4maZKG
UVgv
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:45:34 2025 by rpki-client