Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3659F22/9A0832F6FCAB11EEA6901B3D017001B1/3EBD2E5AFCAC11EE95547C42017001B1.roa
File: 3EBD2E5AFCAC11EE95547C42017001B1.roa (raw, json)
Hash identifier: NWkoR/zQjYlDH+KmHmPjSFcDVPNGM2CJsY7NPNpJ5rw=
Subject key identifier: 0A:18:DC:B9:98:D8:89:44:45:0B:DB:FC:16:96:FA:6A:47:A1:C6:24
Certificate issuer: /CN=F3659F22AF/serialNumber=5556D637278A4D6987D448763BD3CAEBA058A50F
Certificate serial: 06
Authority key identifier: 55:56:D6:37:27:8A:4D:69:87:D4:48:76:3B:D3:CA:EB:A0:58:A5:0F
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/VVbWNyeKTWmH1Eh2O9PK66BYpQ8.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3659F22/9A0832F6FCAB11EEA6901B3D017001B1/3EBD2E5AFCAC11EE95547C42017001B1.roa
Signing time: Wed 17 Apr 2024 11:18:41 +0000
ROA not before: Wed 17 Apr 2024 11:18:38 +0000
ROA not after: Tue 01 Apr 2025 11:18:38 +0000
asID: 328711
IP address blocks: 102.222.157.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3659F22/9A0832F6FCAB11EEA6901B3D017001B1/VVbWNyeKTWmH1Eh2O9PK66BYpQ8.crl
rsync://rpki.afrinic.net/repository/member_repository/F3659F22/9A0832F6FCAB11EEA6901B3D017001B1/VVbWNyeKTWmH1Eh2O9PK66BYpQ8.mft
rsync://rpki.afrinic.net/repository/afrinic/VVbWNyeKTWmH1Eh2O9PK66BYpQ8.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 04 Jun 2024 00:04:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6 (0x6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3659F22AF/serialNumber=5556D637278A4D6987D448763BD3CAEBA058A50F
Validity
Not Before: Apr 17 11:18:38 2024 GMT
Not After : Apr 1 11:18:38 2025 GMT
Subject: CN=661fb011-c999
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:32:fd:9d:19:41:59:6e:65:32:eb:80:e3:99:
80:ab:21:a2:92:4d:92:51:73:1b:68:26:e9:3b:02:
df:ca:e9:b6:9e:57:42:d6:52:fe:8b:3e:92:75:b4:
12:7c:2a:5f:b8:dd:74:a9:09:ab:67:38:96:a6:39:
2f:57:67:5b:c3:33:cc:44:e6:ed:a8:31:21:66:11:
18:67:ab:9d:d5:c0:c8:34:39:86:2e:41:87:5d:ee:
73:69:1a:cf:21:9e:6f:f4:73:8a:c0:ad:e1:f4:bb:
f1:6e:10:c7:76:08:a0:56:ac:bb:54:b2:ea:69:0b:
15:3d:49:fe:20:37:bc:72:28:c5:4e:f9:29:d4:e8:
b3:ba:ff:aa:d4:d8:04:45:73:13:d3:fc:9e:de:17:
c6:e0:69:f9:89:f6:d2:09:b2:3a:fc:db:5a:3b:12:
b7:0d:89:c1:0c:d2:cf:c4:ef:91:46:f4:bc:9b:2c:
fe:65:d9:ee:77:bf:48:b3:c2:9c:6a:96:f3:42:7c:
c7:41:74:e7:aa:e8:b4:85:63:d9:f2:04:20:3a:a1:
b9:46:98:46:67:53:47:d3:e0:f4:2c:37:9c:c2:bb:
6e:de:23:80:93:71:ab:43:46:68:20:9c:22:e6:40:
99:8d:42:56:c3:c9:7f:54:60:5b:9a:01:76:31:39:
1c:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:18:DC:B9:98:D8:89:44:45:0B:DB:FC:16:96:FA:6A:47:A1:C6:24
X509v3 Authority Key Identifier:
keyid:55:56:D6:37:27:8A:4D:69:87:D4:48:76:3B:D3:CA:EB:A0:58:A5:0F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3659F22/9A0832F6FCAB11EEA6901B3D017001B1/VVbWNyeKTWmH1Eh2O9PK66BYpQ8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/VVbWNyeKTWmH1Eh2O9PK66BYpQ8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3659F22/9A0832F6FCAB11EEA6901B3D017001B1/3EBD2E5AFCAC11EE95547C42017001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.222.157.0/24
Signature Algorithm: sha256WithRSAEncryption
43:b4:19:f9:40:76:fa:dc:6e:36:50:84:9e:d4:46:aa:64:0c:
24:99:30:10:17:75:4f:9b:01:03:2b:b8:1d:d2:37:e4:0a:5e:
e3:cc:b0:f9:02:93:88:b0:9f:24:01:f5:03:10:42:52:0d:fa:
99:7c:47:3e:4d:55:13:23:14:88:59:19:88:99:62:e6:e8:5b:
13:41:13:68:82:f5:00:3c:11:12:1c:e0:18:e1:d6:49:6c:35:
3c:b5:e2:d8:2d:56:0a:26:4a:83:ec:b3:92:ab:49:fa:d0:3e:
8e:98:e8:d8:e0:92:d2:94:75:1c:b0:a9:a3:0e:d3:17:1d:20:
e3:ab:e7:7b:f5:60:da:f3:04:85:7f:3c:c9:cf:9e:ce:47:22:
3a:d3:95:f9:17:ea:c2:6f:6f:df:b0:cc:33:9e:05:53:e0:74:
04:ce:b2:d5:d1:09:a4:f5:ce:70:6c:a8:9e:73:93:06:9c:ac:
73:35:7f:4b:cf:09:39:52:d2:f2:55:f2:7e:a8:99:15:2d:52:
fd:1d:65:4d:ff:28:4b:e0:d6:40:e2:c5:4b:5b:c8:70:b1:f6:
31:f9:72:48:1c:fa:83:17:d8:7c:20:9e:fb:36:a1:e3:7d:8e:
36:47:c7:0d:a2:5c:ef:60:17:86:b8:c0:e8:17:b6:0d:0e:6b:
52:6e:43:ca
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBBjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY1
OUYyMkFGMTEwLwYDVQQFEyg1NTU2RDYzNzI3OEE0RDY5ODdENDQ4NzYzQkQzQ0FF
QkEwNThBNTBGMB4XDTI0MDQxNzExMTgzOFoXDTI1MDQwMTExMTgzOFowGDEWMBQG
A1UEAxMNNjYxZmIwMTEtYzk5OTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANEy/Z0ZQVluZTLrgOOZgKshopJNklFzG2gm6TsC38rptp5XQtZS/os+knW0
EnwqX7jddKkJq2c4lqY5L1dnW8MzzETm7agxIWYRGGerndXAyDQ5hi5Bh13uc2ka
zyGeb/RzisCt4fS78W4Qx3YIoFasu1Sy6mkLFT1J/iA3vHIoxU75KdTos7r/qtTY
BEVzE9P8nt4XxuBp+Yn20gmyOvzbWjsStw2JwQzSz8TvkUb0vJss/mXZ7ne/SLPC
nGqW80J8x0F056rotIVj2fIEIDqhuUaYRmdTR9Pg9Cw3nMK7bt4jgJNxq0NGaCCc
IuZAmY1CVsPJf1RgW5oBdjE5HOkCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBQKGNy5
mNiJREUL2/wWlvpqR6HGJDAfBgNVHSMEGDAWgBRVVtY3J4pNaYfUSHY708rroFil
DzAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NTlGMjIvOUEwODMyRjZGQ0FCMTFFRUE2OTAxQjNEMDE3MDAxQjEvVlZiV055
ZUtUV21IMUVoMk85UEs2NkJZcFE4LmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvVlZiV055ZUtUV21IMUVoMk85UEs2NkJZcFE4LmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2NTlGMjIvOUEwODMyRjZGQ0FCMTFFRUE2OTAxQjNEMDE3
MDAxQjEvM0VCRDJFNUFGQ0FDMTFFRTk1NTQ3QzQyMDE3MDAxQjEucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAGbenTANBgkqhkiG9w0BAQsF
AAOCAQEAQ7QZ+UB2+txuNlCEntRGqmQMJJkwEBd1T5sBAyu4HdI35Ape48yw+QKT
iLCfJAH1AxBCUg36mXxHPk1VEyMUiFkZiJli5uhbE0ETaIL1ADwREhzgGOHWSWw1
PLXi2C1WCiZKg+yzkqtJ+tA+jpjo2OCS0pR1HLCpow7TFx0g46vne/Vg2vMEhX88
yc+ezkciOtOV+Rfqwm9v37DMM54FU+B0BM6y1dEJpPXOcGyonnOTBpysczV/S88J
OVLS8lXyfqiZFS1S/R1lTf8oS+DWQOLFS1vIcLH2MflySBz6gxfYfCCe+zah432O
NkfHDaJc72AXhrjA6Be2DQ5rUm5Dyg==
-----END CERTIFICATE-----
Generated at Sun Jun 2 03:35:33 2024 by rpki-client on console-fra.rpki-client.org