Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3658AE0/E551C3EC9A3011ECB563A0B45A40D577/9DDD28FC9A3111EC8707D1B65A40D577.roa
File: 9DDD28FC9A3111EC8707D1B65A40D577.roa (raw, json)
Hash identifier: FZcB4QBBqx/jYH6PVYH2VRq/gBlCUQZrKAZfwhy/+S4=
Subject key identifier: C9:73:F6:E2:02:34:8F:77:6E:72:AA:7E:CE:01:B4:5D:11:BE:6C:B3
Certificate issuer: /CN=F3658AE0AF/serialNumber=4506FCA6AA55EF84D3A4C004AC83ABB50BEED3B9
Certificate serial: 02
Authority key identifier: 45:06:FC:A6:AA:55:EF:84:D3:A4:C0:04:AC:83:AB:B5:0B:EE:D3:B9
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/RQb8pqpV74TTpMAErIOrtQvu07k.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3658AE0/E551C3EC9A3011ECB563A0B45A40D577/9DDD28FC9A3111EC8707D1B65A40D577.roa
Signing time: Wed 02 Mar 2022 14:04:04 +0000
ROA not before: Wed 02 Mar 2022 14:04:00 +0000
ROA not after: Fri 29 Mar 2030 14:04:00 +0000
asID: 328598
IP address blocks: 102.22.88.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3658AE0/E551C3EC9A3011ECB563A0B45A40D577/RQb8pqpV74TTpMAErIOrtQvu07k.crl
rsync://rpki.afrinic.net/repository/member_repository/F3658AE0/E551C3EC9A3011ECB563A0B45A40D577/RQb8pqpV74TTpMAErIOrtQvu07k.mft
rsync://rpki.afrinic.net/repository/afrinic/RQb8pqpV74TTpMAErIOrtQvu07k.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 25 May 2024 00:04:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3658AE0AF/serialNumber=4506FCA6AA55EF84D3A4C004AC83ABB50BEED3B9
Validity
Not Before: Mar 2 14:04:00 2022 GMT
Not After : Mar 29 14:04:00 2030 GMT
Subject: CN=621f7953-62f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:93:15:63:53:cf:23:55:33:24:7d:0e:20:6e:
de:35:ce:8d:4c:fc:78:15:6c:da:93:ad:9d:6f:db:
2f:5c:cf:c9:22:5d:80:d4:be:4c:4e:8e:4e:dc:5c:
14:93:a7:d1:6c:a5:5d:6c:4e:49:77:d2:98:98:23:
04:4f:f4:61:d2:ed:40:28:9c:aa:81:53:5e:d1:5b:
dd:a3:10:4a:a5:51:7f:f8:7f:7c:d2:24:82:8b:ac:
64:23:9d:88:88:88:9c:1b:37:14:45:2b:96:6e:7c:
b3:bb:a6:ba:93:db:70:44:4f:1e:b8:9f:54:4f:7f:
1d:30:07:52:7a:be:d2:b8:65:99:b5:b0:24:df:a0:
64:41:49:b2:0b:53:fb:5b:89:b7:b4:49:6b:57:ac:
74:02:5b:35:0d:26:08:38:22:3e:de:a7:05:10:b6:
8f:ca:c0:f6:53:36:0e:ac:fd:0b:8b:fe:c1:74:58:
a6:09:f5:cd:e8:3c:43:29:51:b4:8c:42:d1:f1:e7:
f4:17:18:f0:3b:71:cb:60:45:32:7f:00:12:6e:74:
f8:ac:31:05:0d:f9:51:a8:21:23:ff:1a:98:49:8e:
6e:41:b6:b1:12:ed:aa:a7:3e:ab:27:85:c5:60:6c:
72:6e:66:0a:e4:c2:aa:00:90:66:52:d9:e5:1b:77:
54:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:73:F6:E2:02:34:8F:77:6E:72:AA:7E:CE:01:B4:5D:11:BE:6C:B3
X509v3 Authority Key Identifier:
keyid:45:06:FC:A6:AA:55:EF:84:D3:A4:C0:04:AC:83:AB:B5:0B:EE:D3:B9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3658AE0/E551C3EC9A3011ECB563A0B45A40D577/RQb8pqpV74TTpMAErIOrtQvu07k.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/RQb8pqpV74TTpMAErIOrtQvu07k.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3658AE0/E551C3EC9A3011ECB563A0B45A40D577/9DDD28FC9A3111EC8707D1B65A40D577.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.22.88.0/21
Signature Algorithm: sha256WithRSAEncryption
ae:0f:4a:9e:c8:a3:3c:0e:ce:86:ea:5a:cb:f1:10:60:e2:d6:
73:bf:c8:24:47:50:2c:e2:77:98:de:4a:8a:06:8d:c6:6d:2e:
b8:ea:38:40:e1:cf:99:bb:20:f5:cd:75:64:b4:26:df:41:22:
fe:eb:ba:e8:86:99:96:7d:ee:ed:86:25:25:8c:e8:2f:71:12:
72:9d:93:9e:c3:bd:37:9a:58:2d:94:65:d7:00:d9:dd:1a:d7:
e6:f9:fb:67:16:78:bd:8b:e6:9c:a2:98:09:d8:e1:d5:23:61:
1c:e6:0d:2f:b4:d8:ed:dc:95:6d:fb:8b:85:8c:e5:5b:44:72:
a7:47:db:98:b7:10:d4:8c:ac:4e:64:73:64:a5:bf:75:bb:70:
c6:45:78:72:e3:8a:9b:3e:2b:4b:3b:a2:56:f3:68:f8:7d:9f:
f6:34:3c:1c:22:af:f8:9f:65:57:a5:75:c2:b1:47:a1:e8:9b:
33:09:ed:04:a6:30:4b:1f:73:60:95:54:b3:dc:33:fb:33:ac:
f4:e3:8f:00:5f:53:5a:e3:f9:4b:bc:f8:a6:41:a5:bc:d8:ea:
92:0d:bd:91:4d:e2:85:ad:e4:ff:a0:14:10:1d:6b:22:9f:4d:
21:65:60:1c:c1:5e:40:7e:33:a6:0b:3a:ba:48:80:b5:f4:b6:
51:32:b6:d8
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDDApGMzY1
OEFFMEFGMTEwLwYDVQQFEyg0NTA2RkNBNkFBNTVFRjg0RDNBNEMwMDRBQzgzQUJC
NTBCRUVEM0I5MB4XDTIyMDMwMjE0MDQwMFoXDTMwMDMyOTE0MDQwMFowGDEWMBQG
A1UEAwwNNjIxZjc5NTMtNjJmNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAO2TFWNTzyNVMyR9DiBu3jXOjUz8eBVs2pOtnW/bL1zPySJdgNS+TE6OTtxc
FJOn0WylXWxOSXfSmJgjBE/0YdLtQCicqoFTXtFb3aMQSqVRf/h/fNIkgousZCOd
iIiInBs3FEUrlm58s7umupPbcERPHrifVE9/HTAHUnq+0rhlmbWwJN+gZEFJsgtT
+1uJt7RJa1esdAJbNQ0mCDgiPt6nBRC2j8rA9lM2Dqz9C4v+wXRYpgn1zeg8QylR
tIxC0fHn9BcY8Dtxy2BFMn8AEm50+KwxBQ35UaghI/8amEmObkG2sRLtqqc+qyeF
xWBscm5mCuTCqgCQZlLZ5Rt3VJcCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBTJc/bi
AjSPd25yqn7OAbRdEb5sszAfBgNVHSMEGDAWgBRFBvymqlXvhNOkwASsg6u1C+7T
uTAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NThBRTAvRTU1MUMzRUM5QTMwMTFFQ0I1NjNBMEI0NUE0MEQ1NzcvUlFiOHBx
cFY3NFRUcE1BRXJJT3J0UXZ1MDdrLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvUlFiOHBxcFY3NFRUcE1BRXJJT3J0UXZ1MDdrLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2NThBRTAvRTU1MUMzRUM5QTMwMTFFQ0I1NjNBMEI0NUE0
MEQ1NzcvOURERDI4RkM5QTMxMTFFQzg3MDdEMUI2NUE0MEQ1Nzcucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA2YWWDANBgkqhkiG9w0BAQsF
AAOCAQEArg9KnsijPA7Ohupay/EQYOLWc7/IJEdQLOJ3mN5KigaNxm0uuOo4QOHP
mbsg9c11ZLQm30Ei/uu66IaZln3u7YYlJYzoL3EScp2TnsO9N5pYLZRl1wDZ3RrX
5vn7ZxZ4vYvmnKKYCdjh1SNhHOYNL7TY7dyVbfuLhYzlW0Ryp0fbmLcQ1IysTmRz
ZKW/dbtwxkV4cuOKmz4rSzuiVvNo+H2f9jQ8HCKv+J9lV6V1wrFHoeibMwntBKYw
Sx9zYJVUs9wz+zOs9OOPAF9TWuP5S7z4pkGlvNjqkg29kU3iha3k/6AUEB1rIp9N
IWVgHMFeQH4zpgs6ukiAtfS2UTK22A==
-----END CERTIFICATE-----
Generated at Thu May 23 02:34:40 2024 by rpki-client on console-fra.rpki-client.org