Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36576E8/C3808986FC6111ECB17E22ABF1222468/94A6F8682C4211EE9CAAB80F4AD9E6FC.roa
File: 94A6F8682C4211EE9CAAB80F4AD9E6FC.roa (raw, json)
Hash identifier: o0TXx110b3JBiu3Cl6xOs7wBGLlTo9OQb+P0VILZhd0=
Subject key identifier: 08:1D:F2:BE:69:B0:18:38:F5:70:17:E1:50:CC:2C:A3:79:32:DF:F4
Certificate issuer: /CN=F36576E8AF/serialNumber=DBF68C9C5C01D68EBC0C90DEE4C0749DA23A2FD6
Certificate serial: 0199
Authority key identifier: DB:F6:8C:9C:5C:01:D6:8E:BC:0C:90:DE:E4:C0:74:9D:A2:3A:2F:D6
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/2_aMnFwB1o68DJDe5MB0naI6L9Y.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36576E8/C3808986FC6111ECB17E22ABF1222468/94A6F8682C4211EE9CAAB80F4AD9E6FC.roa
Signing time: Thu 27 Jul 2023 05:58:17 +0000
ROA not before: Thu 27 Jul 2023 05:58:13 +0000
ROA not after: Sun 31 Jul 2033 05:58:13 +0000
asID: 327991
IP address blocks: 102.211.188.0/23 maxlen: 23
102.211.190.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36576E8/C3808986FC6111ECB17E22ABF1222468/2_aMnFwB1o68DJDe5MB0naI6L9Y.crl
rsync://rpki.afrinic.net/repository/member_repository/F36576E8/C3808986FC6111ECB17E22ABF1222468/2_aMnFwB1o68DJDe5MB0naI6L9Y.mft
rsync://rpki.afrinic.net/repository/afrinic/2_aMnFwB1o68DJDe5MB0naI6L9Y.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 409 (0x199)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36576E8AF/serialNumber=DBF68C9C5C01D68EBC0C90DEE4C0749DA23A2FD6
Validity
Not Before: Jul 27 05:58:13 2023 GMT
Not After : Jul 31 05:58:13 2033 GMT
Subject: CN=64c20779-e498
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:bb:c8:1c:f3:08:b3:e8:8e:b8:fd:7c:89:81:
e6:07:9a:f1:ee:d5:08:16:d5:3e:5f:c0:84:b3:d2:
9e:78:2c:39:2c:d9:11:80:09:04:86:4f:a2:de:7d:
7b:54:4e:59:9d:f8:ca:40:5b:c2:10:f4:62:3c:f8:
79:2a:0a:10:21:9b:f4:ce:09:73:6d:46:59:7c:6e:
c4:85:a4:9b:6c:31:4a:91:1a:26:b2:83:ec:c6:39:
31:d5:ce:b1:01:3f:7d:dc:cf:f0:5b:29:b0:24:ff:
74:48:63:5c:e5:98:25:87:24:c9:07:ff:5c:91:4c:
08:72:34:5a:31:9d:8b:9f:bd:e3:8d:f2:32:24:07:
1e:71:02:ab:39:35:6c:2a:7a:a8:61:bf:2a:0e:9b:
2b:07:44:ff:a1:1f:6b:b4:eb:45:68:bf:9b:0e:24:
b5:88:21:c9:dc:07:df:5e:68:f6:64:d7:05:1c:57:
56:93:42:b5:d5:22:cf:af:d0:22:72:07:ca:40:20:
5a:bf:f1:22:ab:ab:66:10:07:05:7e:7a:74:e2:ac:
75:5c:7e:6d:2a:f2:0f:b8:d2:87:5b:73:f8:9f:de:
1d:fa:2b:44:21:f1:17:2a:f3:b7:09:db:e7:18:a3:
22:c6:93:81:27:1c:e3:77:5e:53:75:82:0c:93:3c:
e5:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:1D:F2:BE:69:B0:18:38:F5:70:17:E1:50:CC:2C:A3:79:32:DF:F4
X509v3 Authority Key Identifier:
keyid:DB:F6:8C:9C:5C:01:D6:8E:BC:0C:90:DE:E4:C0:74:9D:A2:3A:2F:D6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36576E8/C3808986FC6111ECB17E22ABF1222468/2_aMnFwB1o68DJDe5MB0naI6L9Y.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/2_aMnFwB1o68DJDe5MB0naI6L9Y.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36576E8/C3808986FC6111ECB17E22ABF1222468/94A6F8682C4211EE9CAAB80F4AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.211.188.0/22
Signature Algorithm: sha256WithRSAEncryption
86:ac:cd:30:fb:7c:de:98:b8:8e:96:e5:df:4e:e5:c5:e6:b6:
ee:31:88:0a:2c:6f:e9:56:5f:94:7c:b7:89:de:0a:93:48:14:
44:a7:fa:86:05:e2:d3:0d:7f:9a:6e:4b:63:cc:ec:84:11:ea:
21:d2:af:12:0d:fa:ee:3c:0e:e0:14:1a:6c:64:49:3c:71:99:
a6:1c:bf:c6:72:8a:d5:31:5a:43:6b:9c:92:1c:61:b7:b8:34:
3a:29:62:25:cd:a5:52:5d:ca:ea:14:5b:03:74:54:4f:c0:9e:
de:c5:9a:5b:22:92:cc:25:59:2f:08:87:76:29:4a:21:df:35:
19:eb:ab:58:07:79:d0:ab:5f:a6:64:07:df:d4:e9:80:f7:ba:
81:6a:b1:05:46:9b:55:c3:3e:7e:56:18:e2:c3:27:8c:38:db:
bd:ee:ad:02:f7:f6:9d:93:ea:cf:73:a2:ea:3e:57:73:ea:b7:
f1:16:b1:22:d0:fe:4d:82:f2:4e:bf:b3:86:00:70:21:3f:12:
92:ff:7b:10:ab:b5:50:f7:50:0d:6d:71:4f:95:1c:4e:19:aa:
6d:ed:b4:9f:fc:39:f4:55:83:d6:c1:44:31:52:6f:99:e9:f8:
cf:9f:4d:0d:f4:03:fe:09:13:90:00:8e:8f:ac:84:a5:90:76:
8b:4b:e2:c7
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICAZkwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
NTc2RThBRjExMC8GA1UEBRMoREJGNjhDOUM1QzAxRDY4RUJDMEM5MERFRTRDMDc0
OURBMjNBMkZENjAeFw0yMzA3MjcwNTU4MTNaFw0zMzA3MzEwNTU4MTNaMBgxFjAU
BgNVBAMTDTY0YzIwNzc5LWU0OTgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDCu8gc8wiz6I64/XyJgeYHmvHu1QgW1T5fwISz0p54LDks2RGACQSGT6Le
fXtUTlmd+MpAW8IQ9GI8+HkqChAhm/TOCXNtRll8bsSFpJtsMUqRGiayg+zGOTHV
zrEBP33cz/BbKbAk/3RIY1zlmCWHJMkH/1yRTAhyNFoxnYufveON8jIkBx5xAqs5
NWwqeqhhvyoOmysHRP+hH2u060Vov5sOJLWIIcncB99eaPZk1wUcV1aTQrXVIs+v
0CJyB8pAIFq/8SKrq2YQBwV+enTirHVcfm0q8g+40odbc/if3h36K0Qh8Rcq87cJ
2+cYoyLGk4EnHON3XlN1ggyTPOVrAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUCB3y
vmmwGDj1cBfhUMwso3ky3/QwHwYDVR0jBBgwFoAU2/aMnFwB1o68DJDe5MB0naI6
L9YwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjU3NkU4L0MzODA4OTg2RkM2MTExRUNCMTdFMjJBQkYxMjIyNDY4LzJfYU1u
RndCMW82OERKRGU1TUIwbmFJNkw5WS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljLzJfYU1uRndCMW82OERKRGU1TUIwbmFJNkw5WS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjU3NkU4L0MzODA4OTg2RkM2MTExRUNCMTdFMjJBQkYx
MjIyNDY4Lzk0QTZGODY4MkM0MjExRUU5Q0FBQjgwRjRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJm07wwDQYJKoZIhvcNAQEL
BQADggEBAIaszTD7fN6YuI6W5d9O5cXmtu4xiAosb+lWX5R8t4neCpNIFESn+oYF
4tMNf5puS2PM7IQR6iHSrxIN+u48DuAUGmxkSTxxmaYcv8ZyitUxWkNrnJIcYbe4
NDopYiXNpVJdyuoUWwN0VE/Ant7FmlsikswlWS8Ih3YpSiHfNRnrq1gHedCrX6Zk
B9/U6YD3uoFqsQVGm1XDPn5WGOLDJ4w4273urQL39p2T6s9zouo+V3Pqt/EWsSLQ
/k2C8k6/s4YAcCE/EpL/exCrtVD3UA1tcU+VHE4Zqm3ttJ/8OfRVg9bBRDFSb5np
+M+fTQ30A/4JE5AAjo+shKWQdotL4sc=
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:52:54 2024 by rpki-client on console-fra.rpki-client.org