Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3660442/2962801C4FB211ED837146D4F1222468/3F44F5E04FBC11EDBA4652EEF1222468.roa
File: 3F44F5E04FBC11EDBA4652EEF1222468.roa (raw, json)
Hash identifier: 1MP0nL/RNmj/wnYpbM37gUnOutiEeZrvM2LHoJiIhWI=
Subject key identifier: B4:8C:AE:4F:5A:57:72:08:6E:7C:54:CE:25:26:6D:15:16:70:66:C6
Certificate issuer: /CN=F3660442AF/serialNumber=9DD37DE6361EC3CF68B6EF7C3C12AB399C7C2F8B
Certificate serial: 03
Authority key identifier: 9D:D3:7D:E6:36:1E:C3:CF:68:B6:EF:7C:3C:12:AB:39:9C:7C:2F:8B
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/ndN95jYew89otu98PBKrOZx8L4s.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3660442/2962801C4FB211ED837146D4F1222468/3F44F5E04FBC11EDBA4652EEF1222468.roa
Signing time: Wed 19 Oct 2022 14:42:25 +0000
ROA not before: Wed 19 Oct 2022 14:42:21 +0000
ROA not after: Fri 18 Oct 2024 14:42:21 +0000
asID: 329166
IP address blocks: 102.214.8.0/22 maxlen: 22
2c0f:5780::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3660442/2962801C4FB211ED837146D4F1222468/ndN95jYew89otu98PBKrOZx8L4s.crl
rsync://rpki.afrinic.net/repository/member_repository/F3660442/2962801C4FB211ED837146D4F1222468/ndN95jYew89otu98PBKrOZx8L4s.mft
rsync://rpki.afrinic.net/repository/afrinic/ndN95jYew89otu98PBKrOZx8L4s.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 12 May 2024 00:04:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3 (0x3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3660442AF/serialNumber=9DD37DE6361EC3CF68B6EF7C3C12AB399C7C2F8B
Validity
Not Before: Oct 19 14:42:21 2022 GMT
Not After : Oct 18 14:42:21 2024 GMT
Subject: CN=63500cd1-05ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:c2:2d:9b:3f:81:11:55:5f:be:f8:58:fe:3a:
13:f7:c2:93:79:5a:e6:d7:81:7d:a1:48:cc:44:ec:
6f:2d:24:59:a0:bc:01:cb:72:69:3c:08:5c:13:83:
2e:61:65:f7:82:e7:81:07:92:9c:7b:31:11:e4:e9:
6a:24:cf:c0:f3:23:21:57:69:05:bb:96:ae:2f:72:
c2:64:b5:fb:c5:b3:6d:f8:82:27:0d:fc:b6:53:77:
9d:da:55:b6:dd:ee:a7:03:bd:a7:12:39:6c:03:c3:
c0:92:59:43:c2:f5:ef:2f:6d:1b:47:43:75:1f:86:
20:a7:43:d1:de:0e:e2:d8:85:fc:3c:51:70:fa:79:
2b:c4:34:fb:e7:88:f4:98:85:71:8e:2a:ae:99:42:
c9:dc:46:c0:b7:1c:29:7c:70:7c:03:02:b4:50:eb:
ae:5e:fa:7a:0b:03:92:7f:bb:3d:e4:cd:68:9d:97:
4c:cc:76:35:3e:1a:3c:cb:14:0e:a3:06:a6:e4:77:
4a:e1:e6:3f:2d:57:8f:5f:d8:df:5b:51:f9:a5:d1:
36:67:bf:f8:59:01:57:17:1f:7d:5b:54:dc:bd:e6:
24:2f:e3:6a:1a:17:a0:87:e5:73:f5:98:12:ba:ba:
99:f5:39:64:2f:38:6c:77:0b:b6:89:1e:e3:f8:b3:
0f:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:8C:AE:4F:5A:57:72:08:6E:7C:54:CE:25:26:6D:15:16:70:66:C6
X509v3 Authority Key Identifier:
keyid:9D:D3:7D:E6:36:1E:C3:CF:68:B6:EF:7C:3C:12:AB:39:9C:7C:2F:8B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3660442/2962801C4FB211ED837146D4F1222468/ndN95jYew89otu98PBKrOZx8L4s.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/ndN95jYew89otu98PBKrOZx8L4s.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3660442/2962801C4FB211ED837146D4F1222468/3F44F5E04FBC11EDBA4652EEF1222468.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.214.8.0/22
IPv6:
2c0f:5780::/32
Signature Algorithm: sha256WithRSAEncryption
91:9a:86:e1:fe:db:85:94:75:83:ca:2b:56:52:25:3d:eb:da:
67:59:d8:4c:ba:9e:af:e5:22:6a:e1:ef:cb:12:b7:1b:3f:6e:
0c:79:3d:73:2b:15:51:61:66:ad:7c:7a:48:c0:03:93:36:f3:
5b:26:3b:86:1e:e4:b3:52:60:27:c1:29:d0:1a:43:99:31:9f:
b9:66:ab:5b:0c:d1:00:e4:00:e4:f9:01:a9:34:bc:7f:cf:c2:
a5:6d:bf:da:aa:a9:06:63:54:80:f4:c5:e4:4e:b3:6e:42:8c:
0f:69:32:52:ca:1f:15:27:70:00:9e:3b:d3:c6:93:23:c1:31:
c6:a7:d9:8a:09:2f:8d:fd:74:ba:ee:ff:6f:49:25:49:c5:95:
38:6f:c1:b7:da:bd:04:ae:34:c1:8a:4a:d2:ee:3b:f4:43:46:
fc:4b:5a:e8:b2:df:2a:c0:bd:f7:7e:61:32:db:2a:59:43:09:
57:03:fd:de:67:17:58:9b:be:44:0e:b6:72:ec:a7:40:a7:d0:
2a:a8:02:41:d0:8b:41:bf:6c:1b:0d:38:f7:aa:69:a9:d5:d6:
6e:4c:80:8c:9f:30:5c:c9:28:50:23:bd:7d:62:97:b1:b0:f3:
21:d8:cd:f2:5b:0f:4d:84:e5:07:42:06:0a:88:86:76:81:6e:
c3:03:cc:48
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgIBAzANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDDApGMzY2
MDQ0MkFGMTEwLwYDVQQFEyg5REQzN0RFNjM2MUVDM0NGNjhCNkVGN0MzQzEyQUIz
OTlDN0MyRjhCMB4XDTIyMTAxOTE0NDIyMVoXDTI0MTAxODE0NDIyMVowGDEWMBQG
A1UEAwwNNjM1MDBjZDEtMDVjYTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANPCLZs/gRFVX774WP46E/fCk3la5teBfaFIzETsby0kWaC8ActyaTwIXBOD
LmFl94LngQeSnHsxEeTpaiTPwPMjIVdpBbuWri9ywmS1+8WzbfiCJw38tlN3ndpV
tt3upwO9pxI5bAPDwJJZQ8L17y9tG0dDdR+GIKdD0d4O4tiF/DxRcPp5K8Q0++eI
9JiFcY4qrplCydxGwLccKXxwfAMCtFDrrl76egsDkn+7PeTNaJ2XTMx2NT4aPMsU
DqMGpuR3SuHmPy1Xj1/Y31tR+aXRNme/+FkBVxcffVtU3L3mJC/jahoXoIflc/WY
Erq6mfU5ZC84bHcLtoke4/izD0sCAwEAAaOCArQwggKwMB0GA1UdDgQWBBS0jK5P
WldyCG58VM4lJm0VFnBmxjAfBgNVHSMEGDAWgBSd033mNh7Dz2i273w8Eqs5nHwv
izAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NjA0NDIvMjk2MjgwMUM0RkIyMTFFRDgzNzE0NkQ0RjEyMjI0NjgvbmROOTVq
WWV3ODlvdHU5OFBCS3JPWng4TDRzLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvbmROOTVqWWV3ODlvdHU5OFBCS3JPWng4TDRzLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2NjA0NDIvMjk2MjgwMUM0RkIyMTFFRDgzNzE0NkQ0RjEy
MjI0NjgvM0Y0NEY1RTA0RkJDMTFFREJBNDY1MkVFRjEyMjI0Njgucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAmbWCDANBAIAAjAHAwUALA9X
gDANBgkqhkiG9w0BAQsFAAOCAQEAkZqG4f7bhZR1g8orVlIlPevaZ1nYTLqer+Ui
auHvyxK3Gz9uDHk9cysVUWFmrXx6SMADkzbzWyY7hh7ks1JgJ8Ep0BpDmTGfuWar
WwzRAOQA5PkBqTS8f8/CpW2/2qqpBmNUgPTF5E6zbkKMD2kyUsofFSdwAJ4708aT
I8ExxqfZigkvjf10uu7/b0klScWVOG/Bt9q9BK40wYpK0u479ENG/Eta6LLfKsC9
935hMtsqWUMJVwP93mcXWJu+RA62cuynQKfQKqgCQdCLQb9sGw0496ppqdXWbkyA
jJ8wXMkoUCO9fWKXsbDzIdjN8lsPTYTlB0IGCoiGdoFuwwPMSA==
-----END CERTIFICATE-----
Generated at Fri May 10 02:53:03 2024 by rpki-client on console-ams.rpki-client.org