Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3656CC2/D69DE820BE3111EB9AD44E5DF8AEA228/286E6658BE3611EB873C0563F8AEA228.roa
File: 286E6658BE3611EB873C0563F8AEA228.roa (raw, json)
Hash identifier: eW7RtuAUiI7++s1JsF7wsc4w1OlNAg4jOMdDwCtMIQE=
Subject key identifier: 56:F2:7E:B1:72:8B:11:4B:8A:D3:05:CE:AF:93:DC:F0:3B:C4:4B:EF
Certificate issuer: /CN=F3656CC2AF/serialNumber=F09C2C7A2AF6013A5BBFFFEC61042B3BB4B5812B
Certificate serial: 04
Authority key identifier: F0:9C:2C:7A:2A:F6:01:3A:5B:BF:FF:EC:61:04:2B:3B:B4:B5:81:2B
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/8Jwseir2ATpbv__sYQQrO7S1gSs.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3656CC2/D69DE820BE3111EB9AD44E5DF8AEA228/286E6658BE3611EB873C0563F8AEA228.roa
Signing time: Wed 26 May 2021 15:22:18 +0000
ROA not before: Sat 29 May 2021 15:22:13 +0000
ROA not after: Wed 31 Dec 2025 15:22:13 +0000
asID: 37302
IP address blocks: 102.130.40.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3656CC2/D69DE820BE3111EB9AD44E5DF8AEA228/8Jwseir2ATpbv__sYQQrO7S1gSs.crl
rsync://rpki.afrinic.net/repository/member_repository/F3656CC2/D69DE820BE3111EB9AD44E5DF8AEA228/8Jwseir2ATpbv__sYQQrO7S1gSs.mft
rsync://rpki.afrinic.net/repository/afrinic/8Jwseir2ATpbv__sYQQrO7S1gSs.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4 (0x4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3656CC2AF/serialNumber=F09C2C7A2AF6013A5BBFFFEC61042B3BB4B5812B
Validity
Not Before: May 29 15:22:13 2021 GMT
Not After : Dec 31 15:22:13 2025 GMT
Subject: CN=60ae67aa-4ae9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:cd:fd:06:ec:13:0a:cd:51:94:56:5e:59:21:
5f:42:3f:69:a4:01:2e:a6:98:73:45:4c:dc:3f:fb:
0f:ac:71:0f:ab:8c:e8:52:cf:6a:d1:98:a3:cc:be:
2f:9a:a5:b8:3a:3f:4c:ec:bf:c7:68:67:be:7e:83:
68:58:f1:f9:21:26:d4:19:d6:16:03:09:b3:4c:74:
2d:6e:1a:08:98:2d:ff:dd:31:40:17:84:da:32:30:
a0:0d:89:c7:e0:d5:c7:25:9a:aa:e0:7a:48:b3:9b:
5e:9e:73:26:b7:cf:1d:a4:bb:95:9f:0d:80:28:5a:
42:ff:23:d2:ae:81:3d:27:f1:83:d3:36:42:82:19:
9c:50:20:2f:67:52:61:75:ab:68:0c:6a:69:e9:2e:
a1:59:6b:4f:40:6d:09:a7:c7:19:26:b2:63:24:bc:
17:c1:ea:6b:62:44:a5:b2:5b:9b:41:07:2a:d8:ca:
18:e2:98:c6:5c:5e:15:71:bb:db:75:4e:9b:7c:a3:
79:97:2b:77:8b:ba:8c:4c:24:f1:fd:5f:a9:af:a9:
49:a2:13:71:0f:57:9d:c5:a1:bb:84:49:17:13:9e:
e2:de:09:ed:9f:4b:c0:f5:b7:8e:3e:c5:fe:c4:6d:
73:72:2a:2f:2c:40:21:c3:21:d5:26:9e:56:ef:bf:
8a:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:F2:7E:B1:72:8B:11:4B:8A:D3:05:CE:AF:93:DC:F0:3B:C4:4B:EF
X509v3 Authority Key Identifier:
keyid:F0:9C:2C:7A:2A:F6:01:3A:5B:BF:FF:EC:61:04:2B:3B:B4:B5:81:2B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3656CC2/D69DE820BE3111EB9AD44E5DF8AEA228/8Jwseir2ATpbv__sYQQrO7S1gSs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/8Jwseir2ATpbv__sYQQrO7S1gSs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3656CC2/D69DE820BE3111EB9AD44E5DF8AEA228/286E6658BE3611EB873C0563F8AEA228.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.130.40.0/21
Signature Algorithm: sha256WithRSAEncryption
3a:dc:f9:b2:98:e7:cc:9a:37:43:55:05:a8:47:25:ba:c1:40:
58:3b:f0:3a:2c:01:d9:6f:7d:47:ca:c7:38:42:f4:ce:16:33:
79:01:81:9f:f1:8f:de:69:91:cd:b0:ca:a7:be:0e:61:e9:db:
22:0b:4a:66:2e:7f:7f:4d:57:0c:f7:74:97:6a:9d:5f:35:22:
83:0c:9c:59:2c:66:8e:94:c6:78:8a:8b:6a:48:60:ad:ce:00:
48:18:f4:f1:e3:15:5b:32:29:82:30:25:41:23:72:cb:92:a4:
5f:07:75:88:47:df:5a:d9:8a:d4:28:5d:4e:ae:75:5a:e8:33:
27:0b:b4:da:b5:ec:88:20:58:28:81:9a:67:98:d5:dc:56:c8:
46:40:3b:75:26:c3:9e:08:46:af:6e:bd:53:54:4d:f4:c5:c8:
2c:ae:8f:0d:2c:65:19:51:c0:96:70:d8:27:18:b2:a3:a8:86:
8d:f8:dd:b5:83:6c:3a:9f:81:3f:45:d1:63:f1:23:09:5c:30:
b9:dc:e0:5f:46:9e:42:0e:07:8b:a6:64:97:86:26:c3:ee:e0:
0e:35:3b:94:0f:0a:42:a4:1e:ae:a6:fc:f7:68:6a:af:3c:56:
15:b9:21:f1:0a:ac:80:e8:9a:cd:e6:dd:92:53:b1:94:97:c5:
af:c6:a3:d8
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBBDANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY1
NkNDMkFGMTEwLwYDVQQFEyhGMDlDMkM3QTJBRjYwMTNBNUJCRkZGRUM2MTA0MkIz
QkI0QjU4MTJCMB4XDTIxMDUyOTE1MjIxM1oXDTI1MTIzMTE1MjIxM1owGDEWMBQG
A1UEAxMNNjBhZTY3YWEtNGFlOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKDN/QbsEwrNUZRWXlkhX0I/aaQBLqaYc0VM3D/7D6xxD6uM6FLPatGYo8y+
L5qluDo/TOy/x2hnvn6DaFjx+SEm1BnWFgMJs0x0LW4aCJgt/90xQBeE2jIwoA2J
x+DVxyWaquB6SLObXp5zJrfPHaS7lZ8NgChaQv8j0q6BPSfxg9M2QoIZnFAgL2dS
YXWraAxqaekuoVlrT0BtCafHGSayYyS8F8Hqa2JEpbJbm0EHKtjKGOKYxlxeFXG7
23VOm3yjeZcrd4u6jEwk8f1fqa+pSaITcQ9XncWhu4RJFxOe4t4J7Z9LwPW3jj7F
/sRtc3IqLyxAIcMh1SaeVu+/io0CAwEAAaOCAqUwggKhMB0GA1UdDgQWBBRW8n6x
cosRS4rTBc6vk9zwO8RL7zAfBgNVHSMEGDAWgBTwnCx6KvYBOlu//+xhBCs7tLWB
KzAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NTZDQzIvRDY5REU4MjBCRTMxMTFFQjlBRDQ0RTVERjhBRUEyMjgvOEp3c2Vp
cjJBVHBidl9fc1lRUXJPN1MxZ1NzLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvOEp3c2VpcjJBVHBidl9fc1lRUXJPN1MxZ1NzLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2NTZDQzIvRDY5REU4MjBCRTMxMTFFQjlBRDQ0RTVERjhB
RUEyMjgvMjg2RTY2NThCRTM2MTFFQjg3M0MwNTYzRjhBRUEyMjgucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA2aCKDANBgkqhkiG9w0BAQsF
AAOCAQEAOtz5spjnzJo3Q1UFqEclusFAWDvwOiwB2W99R8rHOEL0zhYzeQGBn/GP
3mmRzbDKp74OYenbIgtKZi5/f01XDPd0l2qdXzUigwycWSxmjpTGeIqLakhgrc4A
SBj08eMVWzIpgjAlQSNyy5KkXwd1iEffWtmK1ChdTq51WugzJwu02rXsiCBYKIGa
Z5jV3FbIRkA7dSbDnghGr269U1RN9MXILK6PDSxlGVHAlnDYJxiyo6iGjfjdtYNs
Op+BP0XRY/EjCVwwudzgX0aeQg4Hi6Zkl4Ymw+7gDjU7lA8KQqQerqb892hqrzxW
Fbkh8QqsgOiazebdklOxlJfFr8aj2A==
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:03:35 2024 by rpki-client on console-ams.rpki-client.org