Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F366115B/D6DD2C48D17D11EFAF2085B2762E951A/22C52386D17E11EF9EB2B2B4762E951A.roa
File: 22C52386D17E11EF9EB2B2B4762E951A.roa (raw, json)
Hash identifier: vJZ2B2AwbAuEUqHqjJYOuOHtJZIuniDHAC9L7a46K4Q=
Subject key identifier: FE:4D:3E:CF:BD:6A:16:FC:55:DF:06:69:78:CA:0C:EA:AC:E6:68:2B
Certificate issuer: /CN=F366115BAF/serialNumber=13658DF7E987A11FF568723C7B71DAD7071E33DF
Certificate serial: 02
Authority key identifier: 13:65:8D:F7:E9:87:A1:1F:F5:68:72:3C:7B:71:DA:D7:07:1E:33:DF
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/E2WN9-mHoR_1aHI8e3Ha1wceM98.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F366115B/D6DD2C48D17D11EFAF2085B2762E951A/22C52386D17E11EF9EB2B2B4762E951A.roa
Signing time: Mon 13 Jan 2025 07:15:15 +0000
ROA not before: Mon 13 Jan 2025 07:15:11 +0000
ROA not after: Sat 13 Jan 2035 07:15:11 +0000
asID: 328562
IP address blocks: 102.23.144.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F366115B/D6DD2C48D17D11EFAF2085B2762E951A/E2WN9-mHoR_1aHI8e3Ha1wceM98.crl
rsync://rpki.afrinic.net/repository/member_repository/F366115B/D6DD2C48D17D11EFAF2085B2762E951A/E2WN9-mHoR_1aHI8e3Ha1wceM98.mft
rsync://rpki.afrinic.net/repository/afrinic/E2WN9-mHoR_1aHI8e3Ha1wceM98.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 03:22:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F366115BAF
Validity
Not Before: Jan 13 07:15:11 2025 GMT
Not After : Jan 13 07:15:11 2035 GMT
Subject: CN=6784bd83-d468
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:38:e7:be:8a:96:1f:fc:b2:0b:20:87:6d:59:
c9:30:98:cd:2c:4f:67:41:3a:e2:b6:1f:54:be:ca:
60:4b:03:f3:9f:4b:e0:32:c9:62:92:fd:9e:26:66:
0d:c8:01:ce:90:58:ef:6f:fe:d2:d1:ce:aa:43:d6:
a5:2f:7e:e6:4a:6a:ac:dc:9e:33:79:b1:b3:3d:cf:
7c:93:38:06:92:04:83:36:7f:9a:e4:91:91:ba:f2:
8b:90:b3:3b:7f:ea:6b:dd:78:0d:54:ea:ca:33:fa:
f0:ec:74:c6:6d:69:04:0c:d3:e3:48:a2:79:9b:05:
3a:35:9c:f0:2f:ca:9a:e8:7a:8d:6f:bc:da:ed:8c:
4a:68:ef:61:ba:b5:a3:c0:97:59:90:cd:dc:cd:09:
a9:d3:18:f8:0c:39:c4:d2:78:5a:d1:d2:63:ae:f1:
d1:11:7f:e0:f8:7f:30:25:d5:27:38:0a:ea:ac:e0:
5f:f4:9f:15:27:c3:44:25:8a:e0:07:78:9e:db:c7:
51:8c:3b:7a:9a:61:fd:9a:f1:04:b4:1d:e9:eb:2c:
c5:8d:d1:b5:ac:ab:ac:88:fa:02:33:57:8a:6d:52:
9d:3b:86:87:7d:43:ff:9c:46:23:f4:9b:67:ac:48:
3a:13:53:0b:db:e4:2d:b6:e1:c8:d1:3e:c0:14:9a:
ac:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:4D:3E:CF:BD:6A:16:FC:55:DF:06:69:78:CA:0C:EA:AC:E6:68:2B
X509v3 Authority Key Identifier:
keyid:13:65:8D:F7:E9:87:A1:1F:F5:68:72:3C:7B:71:DA:D7:07:1E:33:DF
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F366115B/D6DD2C48D17D11EFAF2085B2762E951A/E2WN9-mHoR_1aHI8e3Ha1wceM98.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/E2WN9-mHoR_1aHI8e3Ha1wceM98.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F366115B/D6DD2C48D17D11EFAF2085B2762E951A/22C52386D17E11EF9EB2B2B4762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.23.144.0/20
Signature Algorithm: sha256WithRSAEncryption
15:b6:b2:32:c7:8d:32:0e:db:98:e8:46:a5:c4:87:88:6b:dc:
de:cf:79:b0:03:f5:57:67:b3:34:eb:b8:cc:23:04:16:52:e6:
80:4d:dc:a7:80:2b:4a:20:87:a3:c4:0e:c0:99:0d:4c:5a:a8:
0a:26:ec:2f:76:51:b7:9e:3c:60:a7:bb:ee:a6:03:c5:6f:56:
ae:18:ac:c5:a2:70:1b:f4:11:3a:6c:62:08:26:d3:09:23:6f:
e0:75:17:53:18:aa:b4:81:b7:16:e1:42:09:3b:b9:1e:1e:25:
ec:21:22:36:38:49:1b:32:54:f2:a1:6e:7c:b5:1f:4d:06:9a:
5c:ca:d9:f8:aa:62:5c:84:27:15:cb:f8:05:fe:88:3b:f2:32:
cc:5e:eb:a7:6b:68:66:3b:b9:56:dd:97:55:ee:3d:f5:58:3c:
6b:9c:2c:0e:0c:1f:d8:7f:62:43:db:eb:13:ee:f7:41:4d:65:
97:4c:75:65:0f:0c:9d:06:fb:51:f8:f1:5c:ab:ce:19:8b:b3:
22:36:50:ed:87:ae:87:1d:6d:ae:a0:67:25:e8:0d:3f:e8:aa:
bc:31:29:d9:d4:fb:96:23:7b:f3:89:b8:48:25:78:12:ba:de:
1b:ef:b2:91:58:a6:06:ea:da:e7:b0:e9:a7:f1:a7:40:22:f8:
68:ae:fc:43
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY2
MTE1QkFGMTEwLwYDVQQFEygxMzY1OERGN0U5ODdBMTFGRjU2ODcyM0M3QjcxREFE
NzA3MUUzM0RGMB4XDTI1MDExMzA3MTUxMVoXDTM1MDExMzA3MTUxMVowGDEWMBQG
A1UEAxMNNjc4NGJkODMtZDQ2ODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKE4576Klh/8sgsgh21ZyTCYzSxPZ0E64rYfVL7KYEsD859L4DLJYpL9niZm
DcgBzpBY72/+0tHOqkPWpS9+5kpqrNyeM3mxsz3PfJM4BpIEgzZ/muSRkbryi5Cz
O3/qa914DVTqyjP68Ox0xm1pBAzT40iieZsFOjWc8C/Kmuh6jW+82u2MSmjvYbq1
o8CXWZDN3M0JqdMY+Aw5xNJ4WtHSY67x0RF/4Ph/MCXVJzgK6qzgX/SfFSfDRCWK
4Ad4ntvHUYw7epph/ZrxBLQd6essxY3RtayrrIj6AjNXim1SnTuGh31D/5xGI/Sb
Z6xIOhNTC9vkLbbhyNE+wBSarFsCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBT+TT7P
vWoW/FXfBml4ygzqrOZoKzAfBgNVHSMEGDAWgBQTZY336YehH/Vocjx7cdrXBx4z
3zAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NjExNUIvRDZERDJDNDhEMTdEMTFFRkFGMjA4NUIyNzYyRTk1MUEvRTJXTjkt
bUhvUl8xYUhJOGUzSGExd2NlTTk4LmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvRTJXTjktbUhvUl8xYUhJOGUzSGExd2NlTTk4LmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2NjExNUIvRDZERDJDNDhEMTdEMTFFRkFGMjA4NUIyNzYy
RTk1MUEvMjJDNTIzODZEMTdFMTFFRjlFQjJCMkI0NzYyRTk1MUEucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBGYXkDANBgkqhkiG9w0BAQsF
AAOCAQEAFbayMseNMg7bmOhGpcSHiGvc3s95sAP1V2ezNOu4zCMEFlLmgE3cp4Ar
SiCHo8QOwJkNTFqoCibsL3ZRt548YKe77qYDxW9WrhisxaJwG/QROmxiCCbTCSNv
4HUXUxiqtIG3FuFCCTu5Hh4l7CEiNjhJGzJU8qFufLUfTQaaXMrZ+KpiXIQnFcv4
Bf6IO/IyzF7rp2toZju5Vt2XVe499Vg8a5wsDgwf2H9iQ9vrE+73QU1ll0x1ZQ8M
nQb7UfjxXKvOGYuzIjZQ7Yeuhx1trqBnJegNP+iqvDEp2dT7liN784m4SCV4Erre
G++ykVimBura57Dpp/GnQCL4aK78Qw==
-----END CERTIFICATE-----
Generated at Wed Feb 5 14:51:31 2025 by rpki-client