Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F365BE89/099B483ABE8E11EEB195A98E775412E6/C0AB680CC8D911EE993FE8A9775412E6.roa
File: C0AB680CC8D911EE993FE8A9775412E6.roa (raw, json)
Hash identifier: sRTLZnZmZBrMh5Podj1h8HqONQwSW3SO4AVddfNH/0U=
Subject key identifier: 20:11:D2:BD:0A:D0:71:CB:61:33:73:22:BC:56:71:F8:D8:7C:AA:92
Certificate issuer: /CN=F365BE89AF/serialNumber=C3B4A3DDB2DACFC5388EEEC7359D214664496A01
Certificate serial: 1F
Authority key identifier: C3:B4:A3:DD:B2:DA:CF:C5:38:8E:EE:C7:35:9D:21:46:64:49:6A:01
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/w7Sj3bLaz8U4ju7HNZ0hRmRJagE.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F365BE89/099B483ABE8E11EEB195A98E775412E6/C0AB680CC8D911EE993FE8A9775412E6.roa
Signing time: Sun 11 Feb 2024 12:33:26 +0000
ROA not before: Sun 11 Feb 2024 12:33:23 +0000
ROA not after: Tue 11 Feb 2025 12:33:23 +0000
asID: 329007
IP address blocks: 102.216.254.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F365BE89/099B483ABE8E11EEB195A98E775412E6/w7Sj3bLaz8U4ju7HNZ0hRmRJagE.crl
rsync://rpki.afrinic.net/repository/member_repository/F365BE89/099B483ABE8E11EEB195A98E775412E6/w7Sj3bLaz8U4ju7HNZ0hRmRJagE.mft
rsync://rpki.afrinic.net/repository/afrinic/w7Sj3bLaz8U4ju7HNZ0hRmRJagE.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 04 Jun 2024 00:04:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 31 (0x1f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F365BE89AF/serialNumber=C3B4A3DDB2DACFC5388EEEC7359D214664496A01
Validity
Not Before: Feb 11 12:33:23 2024 GMT
Not After : Feb 11 12:33:23 2025 GMT
Subject: CN=65c8be96-996e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:2f:e3:22:78:51:6e:3e:73:2b:1f:88:e2:49:
c6:02:09:c0:a0:84:95:a6:49:97:8a:53:73:ae:3c:
b1:2d:08:7e:13:3c:4e:dd:ea:04:e3:82:b6:13:27:
9d:3f:1b:8a:8f:ae:3f:96:31:26:81:0c:e3:d8:bd:
83:2f:8d:c0:dc:66:b7:ce:31:ab:39:08:a6:51:5c:
b2:f4:68:3d:ce:60:bc:67:cc:e7:c4:85:8f:d7:4f:
b4:69:0b:46:42:64:4d:68:4c:84:5c:36:90:9b:60:
08:c1:54:ac:91:67:77:08:61:80:7a:62:ea:92:af:
2e:6e:e7:55:d2:bc:ab:cc:a2:6a:2c:5b:f5:b8:69:
ab:b5:be:ce:a8:f3:3b:fc:16:1f:ba:f3:42:3e:e4:
b5:71:e1:50:92:56:a0:86:9f:0f:32:e4:67:79:3f:
f7:de:3b:bd:6e:8e:fb:5b:1b:a0:30:43:5f:9c:94:
41:79:e9:28:66:20:f9:f1:81:8d:8f:9c:66:17:50:
95:d0:02:52:fb:59:00:b3:c2:fa:f8:15:33:e8:c4:
31:11:b6:a3:19:50:47:93:75:ad:d4:75:d4:8f:0b:
0a:47:95:a1:c3:2e:86:26:c2:a7:df:92:9b:25:ec:
f0:4a:35:bb:06:1f:29:3f:a1:05:3e:b9:82:b5:84:
95:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:11:D2:BD:0A:D0:71:CB:61:33:73:22:BC:56:71:F8:D8:7C:AA:92
X509v3 Authority Key Identifier:
keyid:C3:B4:A3:DD:B2:DA:CF:C5:38:8E:EE:C7:35:9D:21:46:64:49:6A:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F365BE89/099B483ABE8E11EEB195A98E775412E6/w7Sj3bLaz8U4ju7HNZ0hRmRJagE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/w7Sj3bLaz8U4ju7HNZ0hRmRJagE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F365BE89/099B483ABE8E11EEB195A98E775412E6/C0AB680CC8D911EE993FE8A9775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.216.254.0/24
Signature Algorithm: sha256WithRSAEncryption
58:fc:1f:bd:2f:8b:eb:f1:b1:cd:79:7c:14:ad:5f:40:50:12:
13:16:50:55:13:0c:11:37:ab:c3:7d:75:4a:4d:da:6a:53:9b:
b7:93:62:7a:4d:7d:2f:54:6f:e8:51:1f:c8:2c:4a:76:30:5c:
59:03:fb:fd:f6:a9:55:78:c8:62:e9:21:92:dd:fc:4c:ef:0f:
b9:7c:6a:75:e6:9b:b4:57:64:8e:70:44:8d:8f:11:4d:05:cb:
25:2b:43:42:a6:92:83:ff:08:a5:5f:c1:b3:d8:0c:21:48:8d:
ab:50:a9:d5:4b:da:ad:fa:0f:74:7b:82:33:cf:4b:64:48:9f:
18:1a:1f:98:75:a2:56:61:f5:af:0f:e0:60:c5:99:f8:e2:7b:
19:0b:be:dc:84:6d:e0:78:20:50:3d:61:b2:a8:3c:96:2e:78:
f3:b1:cb:74:54:ed:8f:8f:9a:f9:c3:64:2d:0a:56:99:e8:ed:
5f:cc:24:eb:94:a9:6b:b8:79:c6:dd:3b:7c:70:43:10:73:ea:
a1:13:75:49:c5:0d:4f:cf:4b:d7:37:0f:9c:e1:6c:bf:6b:40:
8e:0c:11:0f:5d:56:f0:c4:d8:6a:9d:a0:b5:13:9b:69:9f:1b:
46:b4:4d:c0:e0:07:fa:3f:d9:40:74:44:7a:7a:ca:e5:35:0f:
e9:50:38:b7
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBHzANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY1
QkU4OUFGMTEwLwYDVQQFEyhDM0I0QTNEREIyREFDRkM1Mzg4RUVFQzczNTlEMjE0
NjY0NDk2QTAxMB4XDTI0MDIxMTEyMzMyM1oXDTI1MDIxMTEyMzMyM1owGDEWMBQG
A1UEAxMNNjVjOGJlOTYtOTk2ZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ0v4yJ4UW4+cysfiOJJxgIJwKCElaZJl4pTc648sS0IfhM8Tt3qBOOCthMn
nT8bio+uP5YxJoEM49i9gy+NwNxmt84xqzkIplFcsvRoPc5gvGfM58SFj9dPtGkL
RkJkTWhMhFw2kJtgCMFUrJFndwhhgHpi6pKvLm7nVdK8q8yiaixb9bhpq7W+zqjz
O/wWH7rzQj7ktXHhUJJWoIafDzLkZ3k/9947vW6O+1sboDBDX5yUQXnpKGYg+fGB
jY+cZhdQldACUvtZALPC+vgVM+jEMRG2oxlQR5N1rdR11I8LCkeVocMuhibCp9+S
myXs8Eo1uwYfKT+hBT65grWElT8CAwEAAaOCAqUwggKhMB0GA1UdDgQWBBQgEdK9
CtBxy2EzcyK8VnH42HyqkjAfBgNVHSMEGDAWgBTDtKPdstrPxTiO7sc1nSFGZElq
ATAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NUJFODkvMDk5QjQ4M0FCRThFMTFFRUIxOTVBOThFNzc1NDEyRTYvdzdTajNi
TGF6OFU0anU3SE5aMGhSbVJKYWdFLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvdzdTajNiTGF6OFU0anU3SE5aMGhSbVJKYWdFLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2NUJFODkvMDk5QjQ4M0FCRThFMTFFRUIxOTVBOThFNzc1
NDEyRTYvQzBBQjY4MENDOEQ5MTFFRTk5M0ZFOEE5Nzc1NDEyRTYucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAGbY/jANBgkqhkiG9w0BAQsF
AAOCAQEAWPwfvS+L6/GxzXl8FK1fQFASExZQVRMMETerw311Sk3aalObt5Niek19
L1Rv6FEfyCxKdjBcWQP7/fapVXjIYukhkt38TO8PuXxqdeabtFdkjnBEjY8RTQXL
JStDQqaSg/8IpV/Bs9gMIUiNq1Cp1UvarfoPdHuCM89LZEifGBofmHWiVmH1rw/g
YMWZ+OJ7GQu+3IRt4HggUD1hsqg8li5487HLdFTtj4+a+cNkLQpWmejtX8wk65Sp
a7h5xt07fHBDEHPqoRN1ScUNT89L1zcPnOFsv2tAjgwRD11W8MTYap2gtRObaZ8b
RrRNwOAH+j/ZQHREenrK5TUP6VA4tw==
-----END CERTIFICATE-----
Generated at Sun Jun 2 03:39:39 2024 by rpki-client on console-ams.rpki-client.org