Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F365F2BD/552C6D641A6B11EEA55ACF204AD9E6FC/3D1407C47CB611EFAC71A891762E951A.roa
File: 3D1407C47CB611EFAC71A891762E951A.roa (raw, json)
Hash identifier: 9cjcvkV8WiknZRld6/vpk/RCy4/zP+e++V0fqwQhvWo=
Subject key identifier: 82:49:72:88:AA:0F:B9:EF:04:22:79:72:37:9E:CC:B6:42:E4:A5:99
Certificate issuer: /CN=F365F2BDAF/serialNumber=1321AB35E317A1C601B244FEC976E58BDA0BB333
Certificate serial: 01D4
Authority key identifier: 13:21:AB:35:E3:17:A1:C6:01:B2:44:FE:C9:76:E5:8B:DA:0B:B3:33
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/EyGrNeMXocYBskT-yXbli9oLszM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F365F2BD/552C6D641A6B11EEA55ACF204AD9E6FC/3D1407C47CB611EFAC71A891762E951A.roa
Signing time: Fri 27 Sep 2024 09:52:42 +0000
ROA not before: Fri 27 Sep 2024 09:52:38 +0000
ROA not after: Wed 27 Sep 2034 09:52:38 +0000
asID: 329153
IP address blocks: 102.134.92.0/22 maxlen: 24
102.208.208.0/22 maxlen: 24
102.217.88.0/22 maxlen: 24
102.222.192.0/22 maxlen: 24
2c0f:f80::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F365F2BD/552C6D641A6B11EEA55ACF204AD9E6FC/EyGrNeMXocYBskT-yXbli9oLszM.crl
rsync://rpki.afrinic.net/repository/member_repository/F365F2BD/552C6D641A6B11EEA55ACF204AD9E6FC/EyGrNeMXocYBskT-yXbli9oLszM.mft
rsync://rpki.afrinic.net/repository/afrinic/EyGrNeMXocYBskT-yXbli9oLszM.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 21 Feb 2025 02:37:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 468 (0x1d4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F365F2BDAF
Validity
Not Before: Sep 27 09:52:38 2024 GMT
Not After : Sep 27 09:52:38 2034 GMT
Subject: CN=66f6806a-b371
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:29:4b:89:6c:f6:ce:5f:b8:51:25:48:02:01:
6d:28:86:7a:c3:ca:2a:36:81:9d:6b:86:6e:ac:d9:
db:c7:53:75:a7:74:21:60:52:8d:49:16:e1:80:9f:
88:00:06:7f:a8:1d:5a:4d:38:d6:7e:9f:0a:3c:c5:
a4:5f:78:9b:12:6b:46:3b:09:95:40:7c:b6:38:89:
5e:2f:95:89:e9:e3:77:76:08:bb:d7:d1:19:9c:a5:
a9:0d:48:1b:cc:19:c8:96:f4:37:27:29:aa:e1:9e:
dd:0b:1c:3c:d4:03:f6:da:7a:3e:72:58:97:76:1c:
bc:20:7e:eb:a8:f1:50:1a:f8:a4:48:0c:0e:ad:d0:
a1:b5:10:f4:d8:79:ea:68:de:d5:10:6d:79:40:e6:
76:67:6a:71:c4:d7:66:bf:2f:8c:e7:2b:8f:0d:54:
1e:94:ac:b6:fa:83:f6:14:3a:41:06:37:a1:66:f4:
36:99:c4:ff:a1:33:82:df:ec:5b:b8:9e:29:71:ae:
a2:72:8a:0a:8f:5c:97:df:64:55:cc:33:e8:f6:0a:
42:e1:34:bb:21:ee:fb:18:2f:d1:4d:3d:49:fe:48:
4e:99:cc:d2:77:fe:38:e2:04:8f:ca:ef:ce:dd:82:
b2:0c:ec:ab:c0:84:c8:44:80:eb:60:3b:c4:59:e3:
ed:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:49:72:88:AA:0F:B9:EF:04:22:79:72:37:9E:CC:B6:42:E4:A5:99
X509v3 Authority Key Identifier:
keyid:13:21:AB:35:E3:17:A1:C6:01:B2:44:FE:C9:76:E5:8B:DA:0B:B3:33
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F365F2BD/552C6D641A6B11EEA55ACF204AD9E6FC/EyGrNeMXocYBskT-yXbli9oLszM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/EyGrNeMXocYBskT-yXbli9oLszM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F365F2BD/552C6D641A6B11EEA55ACF204AD9E6FC/3D1407C47CB611EFAC71A891762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.134.92.0/22
102.208.208.0/22
102.217.88.0/22
102.222.192.0/22
IPv6:
2c0f:f80::/32
Signature Algorithm: sha256WithRSAEncryption
36:6e:87:19:49:83:8d:30:19:95:45:c9:b3:b0:5b:42:ee:62:
e2:47:3c:ea:d1:4b:65:9b:44:a9:ae:72:e0:08:a4:7d:7a:9d:
7f:0a:50:3f:b6:d0:8d:cc:60:22:60:78:5d:39:df:88:45:64:
6d:8f:ff:4a:26:0a:cc:27:73:c0:fc:23:bb:1e:59:97:8b:1f:
f4:13:60:a1:d6:e5:65:49:2f:c4:ba:98:b3:0e:dc:ce:a9:40:
1b:6b:88:75:43:13:c1:ee:df:ae:f7:3c:18:1a:1a:a8:14:a5:
63:9c:f1:c1:03:1f:24:94:29:77:f9:b3:83:fb:6d:d1:f5:3b:
89:75:45:0a:0b:09:96:00:d8:58:74:3f:7a:16:d5:5f:62:14:
37:63:75:18:ca:cf:93:9b:dd:74:49:56:70:37:0b:ac:73:11:
58:72:01:5b:f2:b2:a3:ed:85:76:6e:fa:0a:2e:51:86:ad:06:
c7:f8:08:7b:8b:84:cd:b7:bd:15:4d:32:7b:2b:83:1b:7d:f9:
aa:4e:53:fe:01:1c:c6:b0:85:94:56:b2:99:96:98:f6:9b:c0:
e1:6e:7c:09:85:6a:5c:dc:d0:2c:4e:b5:8c:28:b9:f0:f4:cd:
62:81:4c:4d:81:60:d8:e8:3a:98:a9:ee:39:12:99:c9:17:6e:
89:81:8e:0b
-----BEGIN CERTIFICATE-----
MIIFpDCCBIygAwIBAgICAdQwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
NUYyQkRBRjExMC8GA1UEBRMoMTMyMUFCMzVFMzE3QTFDNjAxQjI0NEZFQzk3NkU1
OEJEQTBCQjMzMzAeFw0yNDA5MjcwOTUyMzhaFw0zNDA5MjcwOTUyMzhaMBgxFjAU
BgNVBAMTDTY2ZjY4MDZhLWIzNzEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDRKUuJbPbOX7hRJUgCAW0ohnrDyio2gZ1rhm6s2dvHU3WndCFgUo1JFuGA
n4gABn+oHVpNONZ+nwo8xaRfeJsSa0Y7CZVAfLY4iV4vlYnp43d2CLvX0RmcpakN
SBvMGciW9DcnKarhnt0LHDzUA/baej5yWJd2HLwgfuuo8VAa+KRIDA6t0KG1EPTY
eepo3tUQbXlA5nZnanHE12a/L4znK48NVB6UrLb6g/YUOkEGN6Fm9DaZxP+hM4Lf
7Fu4nilxrqJyigqPXJffZFXMM+j2CkLhNLsh7vsYL9FNPUn+SE6ZzNJ3/jjiBI/K
787dgrIM7KvAhMhEgOtgO8RZ4+1FAgMBAAGjggLGMIICwjAdBgNVHQ4EFgQUgkly
iKoPue8EInlyN57MtkLkpZkwHwYDVR0jBBgwFoAUEyGrNeMXocYBskT+yXbli9oL
szMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjVGMkJELzU1MkM2RDY0MUE2QjExRUVBNTVBQ0YyMDRBRDlFNkZDL0V5R3JO
ZU1Yb2NZQnNrVC15WGJsaTlvTHN6TS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0V5R3JOZU1Yb2NZQnNrVC15WGJsaTlvTHN6TS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjVGMkJELzU1MkM2RDY0MUE2QjExRUVBNTVBQ0YyMDRB
RDlFNkZDLzNEMTQwN0M0N0NCNjExRUZBQzcxQTg5MTc2MkU5NTFBLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwQAYIKwYBBQUHAQcBAf8EMTAvMB4EAgABMBgDBAJmhlwDBAJm0NADBAJm2VgD
BAJm3sAwDQQCAAIwBwMFACwPD4AwDQYJKoZIhvcNAQELBQADggEBADZuhxlJg40w
GZVFybOwW0LuYuJHPOrRS2WbRKmucuAIpH16nX8KUD+20I3MYCJgeF0534hFZG2P
/0omCswnc8D8I7seWZeLH/QTYKHW5WVJL8S6mLMO3M6pQBtriHVDE8Hu3673PBga
GqgUpWOc8cEDHySUKXf5s4P7bdH1O4l1RQoLCZYA2Fh0P3oW1V9iFDdjdRjKz5Ob
3XRJVnA3C6xzEVhyAVvysqPthXZu+gouUYatBsf4CHuLhM23vRVNMnsrgxt9+apO
U/4BHMawhZRWspmWmPabwOFufAmFalzc0CxOtYwoufD0zWKBTE2BYNjoOpip7jkS
mckXbomBjgs=
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:36:17 2025 by rpki-client