Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F365C79E/1FC34BE6BEDA11EB8F5CE243F8AEA228/EAF11992861611EDB82711AAF1222468.roa
File: EAF11992861611EDB82711AAF1222468.roa (raw, json)
Hash identifier: d1nrOPduQlx7uqYjDydPxBcSQGDAGmtbyhdJuJyFCUQ=
Subject key identifier: 3C:CF:18:DC:14:B8:8C:E8:7A:E5:0F:F6:D1:AE:E2:28:BF:CF:47:BA
Certificate issuer: /CN=F365C79EAF/serialNumber=DD7499A8C8C12AB67E15EB492808A692ED4B59F4
Certificate serial: 0255
Authority key identifier: DD:74:99:A8:C8:C1:2A:B6:7E:15:EB:49:28:08:A6:92:ED:4B:59:F4
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/3XSZqMjBKrZ-FetJKAimku1LWfQ.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F365C79E/1FC34BE6BEDA11EB8F5CE243F8AEA228/EAF11992861611EDB82711AAF1222468.roa
Signing time: Tue 27 Dec 2022 18:47:31 +0000
ROA not before: Tue 27 Dec 2022 18:47:27 +0000
ROA not after: Wed 25 Dec 2024 18:47:27 +0000
asID: 328732
IP address blocks: 102.221.216.0/22 maxlen: 24
2c0f:e9a8::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F365C79E/1FC34BE6BEDA11EB8F5CE243F8AEA228/3XSZqMjBKrZ-FetJKAimku1LWfQ.crl
rsync://rpki.afrinic.net/repository/member_repository/F365C79E/1FC34BE6BEDA11EB8F5CE243F8AEA228/3XSZqMjBKrZ-FetJKAimku1LWfQ.mft
rsync://rpki.afrinic.net/repository/afrinic/3XSZqMjBKrZ-FetJKAimku1LWfQ.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 597 (0x255)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F365C79EAF/serialNumber=DD7499A8C8C12AB67E15EB492808A692ED4B59F4
Validity
Not Before: Dec 27 18:47:27 2022 GMT
Not After : Dec 25 18:47:27 2024 GMT
Subject: CN=63ab3dc3-5c54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:4a:52:34:27:74:3b:d2:52:a6:26:00:38:92:
08:89:45:80:15:18:38:c5:45:37:15:8d:7a:4f:af:
00:53:07:73:9b:e1:d7:3a:20:61:d3:a8:41:1a:a0:
f3:66:2f:06:83:ba:4b:46:fb:66:62:da:2f:ae:21:
08:64:9f:a3:23:88:da:a2:73:75:82:ea:d1:15:2f:
33:8a:7f:a5:46:7c:bc:37:a8:92:c8:84:59:75:b6:
87:2e:ad:18:3e:05:b4:f5:c0:d0:35:31:7e:19:44:
cc:51:ec:e7:dd:1d:61:90:9e:36:4d:2d:13:80:9a:
c6:c0:f0:b5:16:4f:5a:04:e5:ea:89:d5:10:e9:2a:
34:e9:e1:3e:1d:96:44:92:82:f5:bc:f6:9f:7c:2c:
57:7c:21:a1:10:03:1d:b1:e8:aa:c3:78:7f:e9:67:
21:c4:37:e5:82:16:f3:94:b4:ee:a7:93:70:47:8b:
32:54:f8:59:1f:25:9a:67:37:c5:a4:e1:a0:f9:5a:
6a:9a:a2:b9:59:21:5b:48:ea:76:16:d7:b6:17:13:
42:7a:33:56:88:0a:0b:a8:d3:0a:66:80:1c:0e:93:
30:56:14:20:47:1e:98:8d:68:82:ee:0f:00:4a:85:
0a:e3:94:a0:49:b3:4d:2e:be:31:f1:e7:50:20:aa:
93:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:CF:18:DC:14:B8:8C:E8:7A:E5:0F:F6:D1:AE:E2:28:BF:CF:47:BA
X509v3 Authority Key Identifier:
keyid:DD:74:99:A8:C8:C1:2A:B6:7E:15:EB:49:28:08:A6:92:ED:4B:59:F4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F365C79E/1FC34BE6BEDA11EB8F5CE243F8AEA228/3XSZqMjBKrZ-FetJKAimku1LWfQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/3XSZqMjBKrZ-FetJKAimku1LWfQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F365C79E/1FC34BE6BEDA11EB8F5CE243F8AEA228/EAF11992861611EDB82711AAF1222468.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.221.216.0/22
IPv6:
2c0f:e9a8::/32
Signature Algorithm: sha256WithRSAEncryption
69:44:ad:7a:ac:1d:38:5c:2a:f6:09:05:01:6a:39:71:93:7a:
b9:0f:83:f0:dc:e7:1d:b8:30:0c:8d:0d:9d:7d:5d:d0:ee:81:
c1:53:ec:6f:24:c7:6f:a5:46:7b:95:74:20:7e:27:4e:76:41:
c3:7a:9d:f5:1d:70:39:d2:f1:41:41:d0:03:92:cd:b5:d8:cf:
98:e3:0f:0b:09:d1:c7:37:44:c3:51:91:ff:16:71:b4:ee:a8:
5e:63:f9:64:a2:29:17:ea:2a:5f:7f:1a:69:53:61:fa:34:b5:
43:6c:8d:34:4a:62:2d:16:46:e7:78:21:62:07:31:64:5f:85:
fe:bc:7c:46:e6:a4:d9:83:dd:51:39:8b:84:25:36:83:e5:a3:
97:ef:c2:1d:0c:df:5d:1b:d4:0b:f7:a5:bc:96:e0:cb:95:2f:
cc:39:46:78:de:25:57:77:4e:a3:87:90:07:54:6f:6e:de:ef:
4c:c6:85:12:e7:45:3c:a0:23:59:62:79:e1:e4:76:05:a3:43:
cc:07:59:f2:cb:c8:b0:1d:97:cd:5c:1b:53:76:c7:4b:a6:48:
ec:51:06:18:d4:35:8b:72:d5:ec:1a:52:72:81:1c:c9:9d:b0:
8c:cb:35:4c:bd:ad:6b:8b:c2:d8:7d:a4:81:43:8e:6e:3d:73:
b3:0a:0e:f3
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgICAlUwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
NUM3OUVBRjExMC8GA1UEBRMoREQ3NDk5QThDOEMxMkFCNjdFMTVFQjQ5MjgwOEE2
OTJFRDRCNTlGNDAeFw0yMjEyMjcxODQ3MjdaFw0yNDEyMjUxODQ3MjdaMBgxFjAU
BgNVBAMMDTYzYWIzZGMzLTVjNTQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDYSlI0J3Q70lKmJgA4kgiJRYAVGDjFRTcVjXpPrwBTB3Ob4dc6IGHTqEEa
oPNmLwaDuktG+2Zi2i+uIQhkn6MjiNqic3WC6tEVLzOKf6VGfLw3qJLIhFl1tocu
rRg+BbT1wNA1MX4ZRMxR7OfdHWGQnjZNLROAmsbA8LUWT1oE5eqJ1RDpKjTp4T4d
lkSSgvW89p98LFd8IaEQAx2x6KrDeH/pZyHEN+WCFvOUtO6nk3BHizJU+FkfJZpn
N8Wk4aD5WmqaorlZIVtI6nYW17YXE0J6M1aICguo0wpmgBwOkzBWFCBHHpiNaILu
DwBKhQrjlKBJs00uvjHx51AgqpN/AgMBAAGjggK0MIICsDAdBgNVHQ4EFgQUPM8Y
3BS4jOh65Q/20a7iKL/PR7owHwYDVR0jBBgwFoAU3XSZqMjBKrZ+FetJKAimku1L
WfQwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjVDNzlFLzFGQzM0QkU2QkVEQTExRUI4RjVDRTI0M0Y4QUVBMjI4LzNYU1px
TWpCS3JaLUZldEpLQWlta3UxTFdmUS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljLzNYU1pxTWpCS3JaLUZldEpLQWlta3UxTFdmUS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjVDNzlFLzFGQzM0QkU2QkVEQTExRUI4RjVDRTI0M0Y4
QUVBMjI4L0VBRjExOTkyODYxNjExRURCODI3MTFBQUYxMjIyNDY4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBAJm3dgwDQQCAAIwBwMFACwP
6agwDQYJKoZIhvcNAQELBQADggEBAGlErXqsHThcKvYJBQFqOXGTerkPg/Dc5x24
MAyNDZ19XdDugcFT7G8kx2+lRnuVdCB+J052QcN6nfUdcDnS8UFB0AOSzbXYz5jj
DwsJ0cc3RMNRkf8WcbTuqF5j+WSiKRfqKl9/GmlTYfo0tUNsjTRKYi0WRud4IWIH
MWRfhf68fEbmpNmD3VE5i4QlNoPlo5fvwh0M310b1Av3pbyW4MuVL8w5RnjeJVd3
TqOHkAdUb27e70zGhRLnRTygI1lieeHkdgWjQ8wHWfLLyLAdl81cG1N2x0umSOxR
BhjUNYty1ewaUnKBHMmdsIzLNUy9rWuLwth9pIFDjm49c7MKDvM=
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:52:54 2024 by rpki-client on console-fra.rpki-client.org