Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3660442/2962801C4FB211ED837146D4F1222468/CA173E5E37FF11EE925E9B3E4AD9E6FC.roa
File: CA173E5E37FF11EE925E9B3E4AD9E6FC.roa (raw, json)
Hash identifier: DTtlgrbmzzwxu3uoClo86Z6YZ7fh9HCMMfQJyujQvlA=
Subject key identifier: 9E:FD:B7:70:B9:8E:4D:84:7C:78:B4:C1:E0:32:52:34:95:2C:4E:EF
Certificate issuer: /CN=F3660442AF/serialNumber=9DD37DE6361EC3CF68B6EF7C3C12AB399C7C2F8B
Certificate serial: 013D
Authority key identifier: 9D:D3:7D:E6:36:1E:C3:CF:68:B6:EF:7C:3C:12:AB:39:9C:7C:2F:8B
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/ndN95jYew89otu98PBKrOZx8L4s.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3660442/2962801C4FB211ED837146D4F1222468/CA173E5E37FF11EE925E9B3E4AD9E6FC.roa
Signing time: Fri 11 Aug 2023 04:30:24 +0000
ROA not before: Fri 11 Aug 2023 04:30:21 +0000
ROA not after: Wed 11 Aug 2032 04:30:21 +0000
asID: 329166
IP address blocks: 102.211.204.0/22 maxlen: 22
102.214.8.0/22 maxlen: 22
2c0f:5780::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3660442/2962801C4FB211ED837146D4F1222468/ndN95jYew89otu98PBKrOZx8L4s.crl
rsync://rpki.afrinic.net/repository/member_repository/F3660442/2962801C4FB211ED837146D4F1222468/ndN95jYew89otu98PBKrOZx8L4s.mft
rsync://rpki.afrinic.net/repository/afrinic/ndN95jYew89otu98PBKrOZx8L4s.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 317 (0x13d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3660442AF/serialNumber=9DD37DE6361EC3CF68B6EF7C3C12AB399C7C2F8B
Validity
Not Before: Aug 11 04:30:21 2023 GMT
Not After : Aug 11 04:30:21 2032 GMT
Subject: CN=64d5b960-c711
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:6d:a5:90:2c:01:38:fe:c6:b5:61:92:47:34:
cd:46:35:89:c7:99:98:7c:2f:13:f6:0b:c4:67:d3:
ec:9f:ea:40:a6:84:b6:ab:ce:4d:b5:3c:d7:c7:4c:
40:99:13:f6:b4:7c:52:3d:15:92:8d:fa:52:e9:b2:
4b:a5:d8:f5:e7:55:a7:c2:94:62:fc:a9:d6:dd:40:
98:90:a8:61:1a:73:6a:4c:51:f4:59:df:bb:d5:3b:
a2:12:a0:98:fa:04:98:89:47:4c:69:d4:16:e3:bf:
21:dd:c2:b7:a2:41:ec:fe:84:69:41:7f:1c:f9:98:
b4:e6:4e:b7:db:4a:f3:68:c8:e8:41:d5:22:4f:bb:
49:7c:ee:14:c2:c8:82:c2:c9:21:aa:a0:84:7d:4d:
b8:11:d3:51:c3:20:c3:0f:de:4d:db:a1:9b:48:c2:
18:e5:1e:c3:da:a3:1a:b5:7d:90:81:48:06:2c:ac:
d6:87:2c:2a:b1:db:1e:50:96:5e:9d:3d:fc:d4:7a:
cc:d8:32:63:d1:12:ac:72:15:0c:a5:9f:f4:f1:32:
0a:d4:3c:88:7b:5e:5a:17:83:b3:e6:13:ad:e0:1f:
dd:6c:c9:db:1a:b1:15:1d:07:16:aa:d6:a5:d5:84:
21:b0:a1:ea:54:dd:5d:13:19:c5:5d:01:a4:1a:50:
58:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:FD:B7:70:B9:8E:4D:84:7C:78:B4:C1:E0:32:52:34:95:2C:4E:EF
X509v3 Authority Key Identifier:
keyid:9D:D3:7D:E6:36:1E:C3:CF:68:B6:EF:7C:3C:12:AB:39:9C:7C:2F:8B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3660442/2962801C4FB211ED837146D4F1222468/ndN95jYew89otu98PBKrOZx8L4s.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/ndN95jYew89otu98PBKrOZx8L4s.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3660442/2962801C4FB211ED837146D4F1222468/CA173E5E37FF11EE925E9B3E4AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.211.204.0/22
102.214.8.0/22
IPv6:
2c0f:5780::/32
Signature Algorithm: sha256WithRSAEncryption
40:66:b2:6d:30:22:c8:e2:63:bd:6d:3a:a5:d9:03:c2:ce:4e:
64:7e:81:97:b8:ae:b6:0e:98:42:c7:26:be:30:40:a7:db:0f:
c4:79:86:17:97:bd:39:72:6b:22:cf:ef:48:3b:c3:f0:b2:fb:
65:2e:bf:75:47:c1:b4:85:c3:6d:42:53:dd:dd:88:f9:a3:a5:
33:ec:71:f0:87:de:20:10:fc:18:9c:ed:80:a5:34:df:0d:d5:
5e:89:0f:30:ec:0e:20:6f:6f:88:39:81:e9:30:75:fc:be:0d:
f9:f2:4e:d8:a1:7f:4f:d9:0d:74:6e:02:38:70:95:a0:e5:2e:
93:2d:94:fa:e5:65:3b:76:08:57:5b:f3:90:a4:b2:42:85:ff:
d9:4c:6d:dd:4d:ba:de:f8:82:09:b6:02:aa:d9:90:78:c0:f4:
18:b0:13:f7:ae:e2:ec:da:8c:6d:f3:04:9e:7e:bd:fa:bc:80:
79:0d:33:c7:20:61:8e:de:a6:b9:dc:be:4d:21:f3:f2:03:f8:
69:82:a8:87:1c:8a:fc:39:49:41:c8:a9:b1:db:8a:7b:83:9a:
7e:c1:f7:eb:e8:8c:aa:b6:77:3a:e1:b9:20:25:7f:60:2e:87:
b2:05:51:5e:eb:1f:fc:ea:a1:7e:21:88:04:3e:73:a4:98:9c:
d5:ff:77:f5
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgICAT0wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
NjA0NDJBRjExMC8GA1UEBRMoOUREMzdERTYzNjFFQzNDRjY4QjZFRjdDM0MxMkFC
Mzk5QzdDMkY4QjAeFw0yMzA4MTEwNDMwMjFaFw0zMjA4MTEwNDMwMjFaMBgxFjAU
BgNVBAMTDTY0ZDViOTYwLWM3MTEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC2baWQLAE4/sa1YZJHNM1GNYnHmZh8LxP2C8Rn0+yf6kCmhLarzk21PNfH
TECZE/a0fFI9FZKN+lLpskul2PXnVafClGL8qdbdQJiQqGEac2pMUfRZ37vVO6IS
oJj6BJiJR0xp1BbjvyHdwreiQez+hGlBfxz5mLTmTrfbSvNoyOhB1SJPu0l87hTC
yILCySGqoIR9TbgR01HDIMMP3k3boZtIwhjlHsPaoxq1fZCBSAYsrNaHLCqx2x5Q
ll6dPfzUeszYMmPREqxyFQyln/TxMgrUPIh7XloXg7PmE63gH91sydsasRUdBxaq
1qXVhCGwoepU3V0TGcVdAaQaUFgBAgMBAAGjggK6MIICtjAdBgNVHQ4EFgQUnv23
cLmOTYR8eLTB4DJSNJUsTu8wHwYDVR0jBBgwFoAUndN95jYew89otu98PBKrOZx8
L4swDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjYwNDQyLzI5NjI4MDFDNEZCMjExRUQ4MzcxNDZENEYxMjIyNDY4L25kTjk1
allldzg5b3R1OThQQktyT1p4OEw0cy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL25kTjk1allldzg5b3R1OThQQktyT1p4OEw0cy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjYwNDQyLzI5NjI4MDFDNEZCMjExRUQ4MzcxNDZENEYx
MjIyNDY4L0NBMTczRTVFMzdGRjExRUU5MjVFOUIzRTRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwNAYIKwYBBQUHAQcBAf8EJTAjMBIEAgABMAwDBAJm08wDBAJm1ggwDQQCAAIw
BwMFACwPV4AwDQYJKoZIhvcNAQELBQADggEBAEBmsm0wIsjiY71tOqXZA8LOTmR+
gZe4rrYOmELHJr4wQKfbD8R5hheXvTlyayLP70g7w/Cy+2Uuv3VHwbSFw21CU93d
iPmjpTPscfCH3iAQ/Bic7YClNN8N1V6JDzDsDiBvb4g5gekwdfy+DfnyTtihf0/Z
DXRuAjhwlaDlLpMtlPrlZTt2CFdb85CkskKF/9lMbd1Nut74ggm2AqrZkHjA9Biw
E/eu4uzajG3zBJ5+vfq8gHkNM8cgYY7eprncvk0h8/ID+GmCqIccivw5SUHIqbHb
inuDmn7B9+vojKq2dzrhuSAlf2Auh7IFUV7rH/zqoX4hiAQ+c6SYnNX/d/U=
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:03:41 2024 by rpki-client on console-ams.rpki-client.org