Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3664036/4840029A4D9211EF9858CABB762E951A/66B953BA4D9311EFA7586846762E951A.roa
File: 66B953BA4D9311EFA7586846762E951A.roa (raw, json)
Hash identifier: byh4Eg9udfVVMXX0HCkdJJZ1KKKQasdGqUIYmXZmtrg=
Subject key identifier: E7:C0:BA:03:B1:37:C4:5C:93:69:F1:1B:06:FA:99:DF:57:EE:3F:27
Certificate issuer: /CN=F3664036AF/serialNumber=056EB3CECDEE6B836D1FA08F087CE7446703DEA1
Certificate serial: 02
Authority key identifier: 05:6E:B3:CE:CD:EE:6B:83:6D:1F:A0:8F:08:7C:E7:44:67:03:DE:A1
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/BW6zzs3ua4NtH6CPCHznRGcD3qE.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3664036/4840029A4D9211EF9858CABB762E951A/66B953BA4D9311EFA7586846762E951A.roa
Signing time: Mon 29 Jul 2024 10:14:55 +0000
ROA not before: Mon 29 Jul 2024 10:14:52 +0000
ROA not after: Fri 31 Jul 2048 10:14:52 +0000
asID: 329457
IP address blocks: 102.208.124.0/22 maxlen: 25
2c0f:3d40::/32 maxlen: 64
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3664036/4840029A4D9211EF9858CABB762E951A/BW6zzs3ua4NtH6CPCHznRGcD3qE.crl
rsync://rpki.afrinic.net/repository/member_repository/F3664036/4840029A4D9211EF9858CABB762E951A/BW6zzs3ua4NtH6CPCHznRGcD3qE.mft
rsync://rpki.afrinic.net/repository/afrinic/BW6zzs3ua4NtH6CPCHznRGcD3qE.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 26 Oct 2024 00:05:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3664036AF/serialNumber=056EB3CECDEE6B836D1FA08F087CE7446703DEA1
Validity
Not Before: Jul 29 10:14:52 2024 GMT
Not After : Jul 31 10:14:52 2048 GMT
Subject: CN=66a76b9f-ac41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:35:4c:3b:1c:43:04:c8:d7:25:db:be:7b:17:
c6:37:b4:96:a3:68:2c:14:c7:0b:3b:03:ef:44:6c:
51:55:d6:09:e1:4a:7d:1c:a4:79:92:49:54:d5:80:
22:c3:b8:39:73:59:b4:29:ad:6f:ac:a7:f7:4f:d8:
5b:07:0e:4f:ca:34:64:c0:79:ea:ce:1c:85:c3:c2:
cd:96:11:ec:f8:b1:fc:d5:c9:8b:54:53:93:60:a5:
46:ed:d5:5e:91:d8:32:7c:29:62:1d:51:66:f1:13:
a0:a6:60:c6:24:07:ce:ad:96:b2:06:2e:1b:77:96:
37:8b:79:26:df:d7:a6:34:ff:e0:7b:e1:55:b8:69:
e3:54:62:65:ec:74:dd:48:3e:ac:c7:23:78:bf:6e:
1c:6b:db:8d:94:5d:69:2f:0b:e3:1c:55:a7:79:43:
2e:7d:d3:0e:0a:38:44:b7:a4:4b:8a:a1:53:86:24:
92:f0:09:52:54:c6:57:2d:e0:57:f1:c5:72:cd:85:
c0:0d:e2:4c:1b:2b:4a:6f:59:44:54:fc:42:6e:91:
41:d2:e5:a0:fc:90:ac:a5:d0:73:23:b5:8f:3c:8b:
97:d9:55:c4:ae:81:d3:a5:48:63:35:1f:85:78:2f:
c9:54:6d:1f:8a:39:30:83:bf:02:b2:83:6a:37:b5:
f7:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:C0:BA:03:B1:37:C4:5C:93:69:F1:1B:06:FA:99:DF:57:EE:3F:27
X509v3 Authority Key Identifier:
keyid:05:6E:B3:CE:CD:EE:6B:83:6D:1F:A0:8F:08:7C:E7:44:67:03:DE:A1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3664036/4840029A4D9211EF9858CABB762E951A/BW6zzs3ua4NtH6CPCHznRGcD3qE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/BW6zzs3ua4NtH6CPCHznRGcD3qE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3664036/4840029A4D9211EF9858CABB762E951A/66B953BA4D9311EFA7586846762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.208.124.0/22
IPv6:
2c0f:3d40::/32
Signature Algorithm: sha256WithRSAEncryption
5e:e9:8d:4d:df:f7:86:05:a3:b7:ef:f3:48:94:fc:c0:e9:98:
81:48:8d:ee:e9:8f:cc:d6:20:d3:93:ca:fc:72:ba:80:4b:45:
12:8a:46:46:ec:8f:5d:d1:84:5a:18:56:cb:d7:7c:c0:fb:cd:
3e:ef:8f:d2:c1:1d:eb:25:02:98:48:06:12:c6:a2:bc:f1:18:
bd:1a:3e:18:e8:a8:bf:18:76:85:34:8a:c1:6a:4b:fd:d0:f3:
fa:c6:40:ac:c4:67:5f:9e:01:24:19:32:23:5e:02:24:e2:ee:
41:bc:45:f8:f9:8e:95:ac:ae:38:0e:be:35:33:83:e3:1f:37:
5d:9a:db:1d:67:2b:a7:c2:bb:1d:d3:22:49:ae:1f:01:1e:9e:
22:13:21:86:b2:61:43:4e:61:af:fb:6b:4e:3c:b2:c5:f2:b8:
da:f9:d5:96:91:a0:72:dd:d6:7d:b6:d9:dc:18:ae:92:90:c3:
75:5f:9c:56:74:66:f6:4e:bc:1d:30:56:b1:ba:77:d8:b8:14:
d8:ec:4a:9e:c5:88:16:cd:3e:af:8e:69:d9:9d:df:4a:fc:89:
1d:ec:77:ce:96:82:82:cc:3e:40:bb:2e:9c:52:68:56:c3:f8:
da:ef:47:48:af:0d:63:9c:c1:a4:e0:d0:1b:ee:b9:3a:7c:f0:
ce:f6:3b:0b
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY2
NDAzNkFGMTEwLwYDVQQFEygwNTZFQjNDRUNERUU2QjgzNkQxRkEwOEYwODdDRTc0
NDY3MDNERUExMB4XDTI0MDcyOTEwMTQ1MloXDTQ4MDczMTEwMTQ1MlowGDEWMBQG
A1UEAxMNNjZhNzZiOWYtYWM0MTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANY1TDscQwTI1yXbvnsXxje0lqNoLBTHCzsD70RsUVXWCeFKfRykeZJJVNWA
IsO4OXNZtCmtb6yn90/YWwcOT8o0ZMB56s4chcPCzZYR7Pix/NXJi1RTk2ClRu3V
XpHYMnwpYh1RZvEToKZgxiQHzq2WsgYuG3eWN4t5Jt/XpjT/4HvhVbhp41RiZex0
3Ug+rMcjeL9uHGvbjZRdaS8L4xxVp3lDLn3TDgo4RLekS4qhU4YkkvAJUlTGVy3g
V/HFcs2FwA3iTBsrSm9ZRFT8Qm6RQdLloPyQrKXQcyO1jzyLl9lVxK6B06VIYzUf
hXgvyVRtH4o5MIO/ArKDaje191UCAwEAAaOCArQwggKwMB0GA1UdDgQWBBTnwLoD
sTfEXJNp8RsG+pnfV+4/JzAfBgNVHSMEGDAWgBQFbrPOze5rg20foI8IfOdEZwPe
oTAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NjQwMzYvNDg0MDAyOUE0RDkyMTFFRjk4NThDQUJCNzYyRTk1MUEvQlc2enpz
M3VhNE50SDZDUENIem5SR2NEM3FFLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvQlc2enpzM3VhNE50SDZDUENIem5SR2NEM3FFLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2NjQwMzYvNDg0MDAyOUE0RDkyMTFFRjk4NThDQUJCNzYy
RTk1MUEvNjZCOTUzQkE0RDkzMTFFRkE3NTg2ODQ2NzYyRTk1MUEucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAmbQfDANBAIAAjAHAwUALA89
QDANBgkqhkiG9w0BAQsFAAOCAQEAXumNTd/3hgWjt+/zSJT8wOmYgUiN7umPzNYg
05PK/HK6gEtFEopGRuyPXdGEWhhWy9d8wPvNPu+P0sEd6yUCmEgGEsaivPEYvRo+
GOiovxh2hTSKwWpL/dDz+sZArMRnX54BJBkyI14CJOLuQbxF+PmOlayuOA6+NTOD
4x83XZrbHWcrp8K7HdMiSa4fAR6eIhMhhrJhQ05hr/trTjyyxfK42vnVlpGgct3W
fbbZ3BiukpDDdV+cVnRm9k68HTBWsbp32LgU2OxKnsWIFs0+r45p2Z3fSvyJHex3
zpaCgsw+QLsunFJoVsP42u9HSK8NY5zBpODQG+65OnzwzvY7Cw==
-----END CERTIFICATE-----
Generated at Thu Oct 24 06:47:48 2024 by rpki-client on console-fra.rpki-client.org