Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3665E95/BB835CD0AD5E11EF9618654E762E951A/5AF585EAB22811EFB73F1584762E951A.roa
File: 5AF585EAB22811EFB73F1584762E951A.roa (raw, json)
Hash identifier: M9j4j96vg9g40Cd6Oyoi8y4djAsi7G1lD1LSmjWcsgA=
Subject key identifier: 3C:2B:41:47:E5:38:AF:17:5F:BD:77:8A:BB:F8:9C:E1:64:FB:FF:A7
Certificate issuer: /CN=F3665E95AF/serialNumber=C199FC3375C0055E1C200204A9779692AF67FDB1
Certificate serial: 09
Authority key identifier: C1:99:FC:33:75:C0:05:5E:1C:20:02:04:A9:77:96:92:AF:67:FD:B1
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/wZn8M3XABV4cIAIEqXeWkq9n_bE.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3665E95/BB835CD0AD5E11EF9618654E762E951A/5AF585EAB22811EFB73F1584762E951A.roa
Signing time: Wed 04 Dec 2024 10:13:07 +0000
ROA not before: Wed 04 Dec 2024 10:13:03 +0000
ROA not after: Sat 04 Dec 2049 10:13:03 +0000
asID: 37723
IP address blocks: 102.22.104.0/22 maxlen: 24
2c0f:eb60::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3665E95/BB835CD0AD5E11EF9618654E762E951A/wZn8M3XABV4cIAIEqXeWkq9n_bE.crl
rsync://rpki.afrinic.net/repository/member_repository/F3665E95/BB835CD0AD5E11EF9618654E762E951A/wZn8M3XABV4cIAIEqXeWkq9n_bE.mft
rsync://rpki.afrinic.net/repository/afrinic/wZn8M3XABV4cIAIEqXeWkq9n_bE.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 03:20:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9 (0x9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3665E95AF
Validity
Not Before: Dec 4 10:13:03 2024 GMT
Not After : Dec 4 10:13:03 2049 GMT
Subject: CN=67502b33-0ade
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:13:ac:b9:0e:13:5e:13:78:cd:bd:a9:eb:69:
b5:99:95:2e:95:45:ff:1a:31:e0:d5:5c:68:67:a7:
62:aa:3c:41:af:f7:ef:b6:85:40:0f:e6:49:8f:9d:
23:65:6c:72:fc:7d:e8:0e:10:31:13:ee:d1:ff:25:
9e:9f:1c:73:7d:66:33:1d:3f:9d:75:e9:87:6c:d9:
1e:51:5f:bc:4e:11:86:49:93:00:69:51:75:0b:5f:
57:87:92:e7:4b:48:80:10:72:11:aa:73:aa:94:3f:
b9:dd:df:68:16:80:58:43:30:6c:56:ab:d3:aa:f9:
db:da:28:93:5c:14:c9:31:e9:09:51:0d:94:04:47:
97:94:a9:bb:6b:c4:01:6d:6d:4c:b1:78:64:a8:7c:
ad:78:14:41:14:24:d6:74:01:14:a1:16:34:fe:9c:
ab:83:64:e2:c2:80:b8:64:52:3a:b9:15:3e:b6:eb:
2a:7b:36:ac:b6:e4:55:a8:88:4f:52:13:51:18:70:
6a:04:3e:15:ee:64:23:a4:58:59:d0:0e:28:69:03:
15:7e:57:00:64:0e:85:78:ba:f7:2d:ba:4e:2b:3c:
1d:d8:24:b5:14:6e:60:c0:20:ff:70:0f:2a:e6:89:
ce:2d:16:83:1f:3f:a9:cf:6a:82:9c:db:d2:92:61:
1f:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:2B:41:47:E5:38:AF:17:5F:BD:77:8A:BB:F8:9C:E1:64:FB:FF:A7
X509v3 Authority Key Identifier:
keyid:C1:99:FC:33:75:C0:05:5E:1C:20:02:04:A9:77:96:92:AF:67:FD:B1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3665E95/BB835CD0AD5E11EF9618654E762E951A/wZn8M3XABV4cIAIEqXeWkq9n_bE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/wZn8M3XABV4cIAIEqXeWkq9n_bE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3665E95/BB835CD0AD5E11EF9618654E762E951A/5AF585EAB22811EFB73F1584762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.22.104.0/22
IPv6:
2c0f:eb60::/32
Signature Algorithm: sha256WithRSAEncryption
19:f9:2d:b6:a1:da:15:a9:68:4e:36:b8:6b:62:8e:9c:21:bf:
03:92:69:68:1b:e2:dc:b5:e4:8c:85:ad:cf:68:a4:6b:f9:81:
ba:37:94:13:98:65:18:a7:3a:fc:c7:1e:4c:4a:37:13:2c:11:
39:0a:9f:d4:b2:d8:d4:48:5d:13:7f:cd:e2:f8:7e:cf:84:ad:
21:dd:4c:23:8c:e6:b1:7a:e5:83:3e:92:30:c9:8f:29:a1:64:
85:e0:40:c3:17:a8:31:de:b4:0a:a7:eb:ec:10:ac:22:88:67:
87:36:cd:15:77:7c:27:fa:6c:a6:a7:51:eb:fb:ad:52:3a:c2:
d5:cf:7e:12:5b:51:b8:de:f4:0d:92:03:fc:c4:df:68:59:35:
b3:7d:e2:1e:9b:02:3c:e0:cf:0f:70:7a:1a:0a:86:1d:cd:57:
bb:1b:04:e8:b4:71:b6:02:fb:4f:16:47:73:e9:34:5b:79:f5:
35:fb:59:00:b6:77:27:8a:b0:73:78:ad:b7:7d:62:81:bf:fd:
5a:e8:6f:1d:43:43:5c:e0:e9:65:e0:1a:6a:2d:e8:60:55:90:
a5:c7:97:84:3c:f4:30:8f:9c:8d:84:2c:b4:af:0d:59:ad:b4:
e8:61:11:fd:05:dd:58:0d:1e:17:2a:56:bb:99:9c:2c:c5:25:
59:78:97:da
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgIBCTANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY2
NUU5NUFGMTEwLwYDVQQFEyhDMTk5RkMzMzc1QzAwNTVFMUMyMDAyMDRBOTc3OTY5
MkFGNjdGREIxMB4XDTI0MTIwNDEwMTMwM1oXDTQ5MTIwNDEwMTMwM1owGDEWMBQG
A1UEAxMNNjc1MDJiMzMtMGFkZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKYTrLkOE14TeM29qetptZmVLpVF/xox4NVcaGenYqo8Qa/377aFQA/mSY+d
I2Vscvx96A4QMRPu0f8lnp8cc31mMx0/nXXph2zZHlFfvE4RhkmTAGlRdQtfV4eS
50tIgBByEapzqpQ/ud3faBaAWEMwbFar06r529ook1wUyTHpCVENlARHl5Spu2vE
AW1tTLF4ZKh8rXgUQRQk1nQBFKEWNP6cq4Nk4sKAuGRSOrkVPrbrKns2rLbkVaiI
T1ITURhwagQ+Fe5kI6RYWdAOKGkDFX5XAGQOhXi69y26Tis8HdgktRRuYMAg/3AP
KuaJzi0Wgx8/qc9qgpzb0pJhHykCAwEAAaOCArQwggKwMB0GA1UdDgQWBBQ8K0FH
5TivF1+9d4q7+JzhZPv/pzAfBgNVHSMEGDAWgBTBmfwzdcAFXhwgAgSpd5aSr2f9
sTAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NjVFOTUvQkI4MzVDRDBBRDVFMTFFRjk2MTg2NTRFNzYyRTk1MUEvd1puOE0z
WEFCVjRjSUFJRXFYZVdrcTluX2JFLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvd1puOE0zWEFCVjRjSUFJRXFYZVdrcTluX2JFLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2NjVFOTUvQkI4MzVDRDBBRDVFMTFFRjk2MTg2NTRFNzYy
RTk1MUEvNUFGNTg1RUFCMjI4MTFFRkI3M0YxNTg0NzYyRTk1MUEucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAmYWaDANBAIAAjAHAwUALA/r
YDANBgkqhkiG9w0BAQsFAAOCAQEAGfkttqHaFaloTja4a2KOnCG/A5JpaBvi3LXk
jIWtz2ika/mBujeUE5hlGKc6/MceTEo3EywROQqf1LLY1EhdE3/N4vh+z4StId1M
I4zmsXrlgz6SMMmPKaFkheBAwxeoMd60Cqfr7BCsIohnhzbNFXd8J/pspqdR6/ut
UjrC1c9+EltRuN70DZID/MTfaFk1s33iHpsCPODPD3B6GgqGHc1XuxsE6LRxtgL7
TxZHc+k0W3n1NftZALZ3J4qwc3itt31igb/9WuhvHUNDXODpZeAaai3oYFWQpceX
hDz0MI+cjYQstK8NWa206GER/QXdWA0eFypWu5mcLMUlWXiX2g==
-----END CERTIFICATE-----
Generated at Wed Feb 5 14:48:47 2025 by rpki-client