Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3662DAB/048F88108F3211EDB0EEF1B7F1222468/FF42A1988F3211ED86A292BAF1222468.roa
File: FF42A1988F3211ED86A292BAF1222468.roa (raw, json)
Hash identifier: x+yQ5t8NNejDnfE2F13L3hSaxA+eL6ATRpRXB3MRfYU=
Subject key identifier: ED:E6:E0:A3:99:3E:52:97:6B:78:50:09:84:2F:60:FD:32:D2:E7:49
Certificate issuer: /CN=F3662DABAF/serialNumber=5CA389FB8051D2412BA5DF801D89B2CACE57259C
Certificate serial: 02
Authority key identifier: 5C:A3:89:FB:80:51:D2:41:2B:A5:DF:80:1D:89:B2:CA:CE:57:25:9C
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/XKOJ-4BR0kErpd-AHYmyys5XJZw.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3662DAB/048F88108F3211EDB0EEF1B7F1222468/FF42A1988F3211ED86A292BAF1222468.roa
Signing time: Sun 08 Jan 2023 09:01:11 +0000
ROA not before: Sun 08 Jan 2023 09:01:06 +0000
ROA not after: Mon 31 Jan 2033 09:01:06 +0000
asID: 328073
IP address blocks: 102.218.196.0/22 maxlen: 24
102.218.197.0/24 maxlen: 24
102.218.198.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3662DAB/048F88108F3211EDB0EEF1B7F1222468/XKOJ-4BR0kErpd-AHYmyys5XJZw.crl
rsync://rpki.afrinic.net/repository/member_repository/F3662DAB/048F88108F3211EDB0EEF1B7F1222468/XKOJ-4BR0kErpd-AHYmyys5XJZw.mft
rsync://rpki.afrinic.net/repository/afrinic/XKOJ-4BR0kErpd-AHYmyys5XJZw.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 17 May 2024 00:05:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3662DABAF/serialNumber=5CA389FB8051D2412BA5DF801D89B2CACE57259C
Validity
Not Before: Jan 8 09:01:06 2023 GMT
Not After : Jan 31 09:01:06 2033 GMT
Subject: CN=63ba8657-8106
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:f2:a0:52:5b:ea:02:48:84:ba:14:93:1a:e6:
36:77:6d:ba:c7:87:8f:06:92:95:04:8b:a9:a4:38:
e9:de:55:56:0f:19:eb:fb:5b:61:0b:50:11:76:02:
9b:23:78:71:4a:e9:f4:87:f2:6a:2a:26:72:84:a2:
ee:33:ee:b4:7d:ef:5f:19:c0:6a:07:56:48:12:81:
5c:ef:c7:26:19:38:8d:f6:8e:ad:94:f4:21:d3:ee:
a5:a1:c6:d7:02:ed:bb:de:d9:a1:4a:04:53:41:8c:
30:14:d6:b3:1a:de:b4:cc:85:1c:3d:b7:87:05:ca:
81:c9:f3:9a:e5:b5:29:33:07:83:e4:e7:79:7b:ff:
14:7b:5c:20:b5:23:21:b8:80:23:2a:05:d2:00:b3:
d0:b3:e3:1f:d3:eb:33:a0:24:3c:1f:64:1c:3a:26:
f3:36:46:6e:d8:75:f6:97:a8:ef:82:a5:1d:da:42:
89:bf:13:8d:f2:cf:ce:84:b8:db:9b:b4:61:b7:6f:
3f:0b:39:c9:18:fe:a1:b5:ff:7d:2b:c8:0d:23:ef:
d2:c4:be:4e:3c:04:c9:a7:11:00:89:b5:03:d5:d7:
52:19:c2:c1:d6:21:21:2a:d3:18:09:18:3d:33:5d:
df:0b:51:87:fa:49:17:fc:44:dd:ea:7d:3c:21:e0:
6a:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:E6:E0:A3:99:3E:52:97:6B:78:50:09:84:2F:60:FD:32:D2:E7:49
X509v3 Authority Key Identifier:
keyid:5C:A3:89:FB:80:51:D2:41:2B:A5:DF:80:1D:89:B2:CA:CE:57:25:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3662DAB/048F88108F3211EDB0EEF1B7F1222468/XKOJ-4BR0kErpd-AHYmyys5XJZw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/XKOJ-4BR0kErpd-AHYmyys5XJZw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3662DAB/048F88108F3211EDB0EEF1B7F1222468/FF42A1988F3211ED86A292BAF1222468.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.218.196.0/22
Signature Algorithm: sha256WithRSAEncryption
97:02:df:de:b8:8d:b1:76:7f:f2:29:7a:47:eb:96:71:e9:12:
6f:aa:7b:b3:03:ba:a3:5e:58:a0:47:d4:82:e9:9a:ed:39:60:
d8:d6:cf:2c:00:d3:b8:87:b9:63:f7:89:9b:5c:53:9c:7c:55:
dc:95:c9:5d:9f:37:e0:4b:02:30:74:98:0d:f1:7f:5b:70:8a:
6c:86:e0:b7:46:81:dc:c6:94:b7:8f:5a:a3:c1:92:5d:16:da:
ff:d7:34:02:eb:93:e4:57:8b:f3:91:81:a7:1c:0f:b5:5d:b6:
b6:7b:a5:cf:b6:20:88:f4:75:04:73:ff:46:a7:1f:15:63:4a:
16:a9:ac:8a:0d:e0:15:95:41:9a:12:62:44:07:4a:c1:86:4e:
2f:62:2a:4a:bb:d4:0c:38:e6:00:b3:dc:d6:c8:8c:5c:24:7a:
cd:01:99:b3:0e:d0:b4:0b:29:49:6a:b4:bb:7a:7e:87:6b:8d:
a7:af:0b:c6:88:af:e7:f4:06:92:18:5b:4d:c3:a3:0c:d4:3d:
64:9c:1f:15:17:dd:d5:d0:f8:c7:7a:f5:ea:41:0e:09:53:93:
f8:00:8c:6f:23:d0:a3:02:2c:e6:14:67:5d:c9:4c:b3:1b:ac:
cc:ab:9a:e0:34:10:04:53:1a:b9:d8:92:e9:40:93:bd:6f:3d:
21:03:7a:78
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDDApGMzY2
MkRBQkFGMTEwLwYDVQQFEyg1Q0EzODlGQjgwNTFEMjQxMkJBNURGODAxRDg5QjJD
QUNFNTcyNTlDMB4XDTIzMDEwODA5MDEwNloXDTMzMDEzMTA5MDEwNlowGDEWMBQG
A1UEAwwNNjNiYTg2NTctODEwNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL7yoFJb6gJIhLoUkxrmNndtuseHjwaSlQSLqaQ46d5VVg8Z6/tbYQtQEXYC
myN4cUrp9IfyaiomcoSi7jPutH3vXxnAagdWSBKBXO/HJhk4jfaOrZT0IdPupaHG
1wLtu97ZoUoEU0GMMBTWsxretMyFHD23hwXKgcnzmuW1KTMHg+TneXv/FHtcILUj
IbiAIyoF0gCz0LPjH9PrM6AkPB9kHDom8zZGbth19peo74KlHdpCib8TjfLPzoS4
25u0YbdvPws5yRj+obX/fSvIDSPv0sS+TjwEyacRAIm1A9XXUhnCwdYhISrTGAkY
PTNd3wtRh/pJF/xE3ep9PCHgarkCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBTt5uCj
mT5Sl2t4UAmEL2D9MtLnSTAfBgNVHSMEGDAWgBRco4n7gFHSQSul34AdibLKzlcl
nDAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NjJEQUIvMDQ4Rjg4MTA4RjMyMTFFREIwRUVGMUI3RjEyMjI0NjgvWEtPSi00
QlIwa0VycGQtQUhZbXl5czVYSlp3LmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvWEtPSi00QlIwa0VycGQtQUhZbXl5czVYSlp3LmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2NjJEQUIvMDQ4Rjg4MTA4RjMyMTFFREIwRUVGMUI3RjEy
MjI0NjgvRkY0MkExOTg4RjMyMTFFRDg2QTI5MkJBRjEyMjI0Njgucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAmbaxDANBgkqhkiG9w0BAQsF
AAOCAQEAlwLf3riNsXZ/8il6R+uWcekSb6p7swO6o15YoEfUguma7Tlg2NbPLADT
uIe5Y/eJm1xTnHxV3JXJXZ834EsCMHSYDfF/W3CKbIbgt0aB3MaUt49ao8GSXRba
/9c0AuuT5FeL85GBpxwPtV22tnulz7YgiPR1BHP/RqcfFWNKFqmsig3gFZVBmhJi
RAdKwYZOL2IqSrvUDDjmALPc1siMXCR6zQGZsw7QtAspSWq0u3p+h2uNp68Lxoiv
5/QGkhhbTcOjDNQ9ZJwfFRfd1dD4x3r16kEOCVOT+ACMbyPQowIs5hRnXclMsxus
zKua4DQQBFMaudiS6UCTvW89IQN6eA==
-----END CERTIFICATE-----
Generated at Wed May 15 05:28:49 2024 by rpki-client on console-ams.rpki-client.org