Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3667885/2F732490067811ECB5D5945AD8A014CE/0974EE44692C11EFB84E09BE762E951A.roa
File: 0974EE44692C11EFB84E09BE762E951A.roa (raw, json)
Hash identifier: umDKOoC9/WNBFwfe+01c/iCxCRQnfD2hLqhhCsHnBu0=
Subject key identifier: 8C:07:CE:CE:ED:EF:FE:60:25:24:89:F7:42:3A:A5:36:C9:D5:1B:AA
Certificate issuer: /CN=F3667885AF/serialNumber=C4A7961E002AA89D50BEA2252D4F94B1EEF66A23
Certificate serial: 0472
Authority key identifier: C4:A7:96:1E:00:2A:A8:9D:50:BE:A2:25:2D:4F:94:B1:EE:F6:6A:23
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/xKeWHgAqqJ1QvqIlLU-Use72aiM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3667885/2F732490067811ECB5D5945AD8A014CE/0974EE44692C11EFB84E09BE762E951A.roa
Signing time: Mon 02 Sep 2024 13:05:33 +0000
ROA not before: Mon 02 Sep 2024 13:05:30 +0000
ROA not after: Sat 30 Sep 2034 13:05:30 +0000
asID: 328315
IP address blocks: 102.164.80.0/20 maxlen: 24
2c0f:eec8::/32 maxlen: 35
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3667885/2F732490067811ECB5D5945AD8A014CE/xKeWHgAqqJ1QvqIlLU-Use72aiM.crl
rsync://rpki.afrinic.net/repository/member_repository/F3667885/2F732490067811ECB5D5945AD8A014CE/xKeWHgAqqJ1QvqIlLU-Use72aiM.mft
rsync://rpki.afrinic.net/repository/afrinic/xKeWHgAqqJ1QvqIlLU-Use72aiM.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 22 Sep 2024 01:21:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1138 (0x472)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3667885AF/serialNumber=C4A7961E002AA89D50BEA2252D4F94B1EEF66A23
Validity
Not Before: Sep 2 13:05:30 2024 GMT
Not After : Sep 30 13:05:30 2034 GMT
Subject: CN=66d5b81d-f491
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:f6:78:fd:17:34:9f:a6:3d:ed:ce:31:79:97:
56:fa:77:4e:50:11:72:51:67:de:7d:e5:25:05:35:
80:82:f7:33:18:34:b9:01:79:ab:67:2f:a6:43:9f:
ce:98:ac:86:a5:5d:2e:7a:2c:df:10:7b:33:3e:8d:
73:93:5a:9d:3d:a3:a5:fa:da:9e:08:ad:ef:a8:70:
c7:77:e3:44:da:ff:8d:99:76:e3:c2:c0:e9:ae:ca:
d3:15:c2:09:e3:99:d0:7a:b3:50:74:f4:7d:c1:8f:
b7:7c:8f:d2:25:fa:f1:b2:80:e2:52:ba:f1:86:e2:
23:31:51:74:8c:e9:59:75:20:b0:3c:b1:e8:db:45:
0a:d0:2e:b3:4b:06:1a:b6:9d:f1:02:98:d1:2c:a0:
61:18:ef:ec:bd:f7:dc:5c:56:3e:28:cf:47:95:25:
98:2d:f8:34:3d:1b:5b:f7:7f:59:4b:c0:9c:79:3d:
f2:3e:6f:7f:63:73:da:66:c7:af:a4:8f:57:5d:e1:
8d:08:04:e3:8a:5f:7a:84:66:a5:52:a8:f8:4b:dd:
14:f0:a8:ca:1a:af:47:80:fe:5d:90:de:cd:74:69:
3d:c2:dc:5b:4c:a2:5c:0b:70:4a:d0:f5:19:66:12:
0a:d9:b5:30:3c:e4:b0:f4:d8:e7:5d:07:40:8d:c5:
21:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:07:CE:CE:ED:EF:FE:60:25:24:89:F7:42:3A:A5:36:C9:D5:1B:AA
X509v3 Authority Key Identifier:
keyid:C4:A7:96:1E:00:2A:A8:9D:50:BE:A2:25:2D:4F:94:B1:EE:F6:6A:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3667885/2F732490067811ECB5D5945AD8A014CE/xKeWHgAqqJ1QvqIlLU-Use72aiM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/xKeWHgAqqJ1QvqIlLU-Use72aiM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3667885/2F732490067811ECB5D5945AD8A014CE/0974EE44692C11EFB84E09BE762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.164.80.0/20
IPv6:
2c0f:eec8::/32
Signature Algorithm: sha256WithRSAEncryption
14:10:f3:ea:19:5e:e4:7d:d1:fb:0b:00:f9:15:2a:61:49:dc:
8d:cb:25:b5:28:24:0d:c8:c5:e5:a4:c3:60:27:ef:51:ed:f0:
1d:40:8f:6b:69:2e:05:f7:9c:8c:a6:f1:58:24:8b:e2:41:95:
c7:97:21:2a:80:f2:2c:8f:0d:a5:9f:61:25:db:b6:82:89:f3:
57:c9:00:23:0b:85:ae:20:ba:e8:6c:02:33:f8:a0:67:e3:08:
65:86:be:3b:7c:49:94:d2:f6:cf:77:9d:a2:a7:9b:b6:f7:74:
13:61:44:1f:9e:70:5b:de:49:1f:62:cc:0a:a4:95:c4:3c:d4:
2e:b8:b1:ee:a1:d3:30:39:c8:fe:a0:b4:4d:bd:26:71:3b:36:
56:7b:53:e1:79:e0:0c:7f:3f:28:67:2b:ae:6b:4d:cf:20:67:
56:70:fc:8d:fb:ee:1a:28:a0:1f:9f:a8:dc:8c:5d:2c:51:c0:
d8:6b:f1:54:58:2f:72:7b:73:6f:f1:b7:f6:d5:d5:9b:7f:a5:
df:5c:38:23:3a:ae:b3:62:84:7b:b8:63:9f:7b:92:a7:47:38:
96:1e:89:13:a4:d9:1e:29:ee:e1:02:59:7c:77:b0:79:b0:d3:
81:99:6c:28:c5:2a:ac:91:ab:b7:80:86:5e:0a:22:14:2d:18:
f6:3b:d7:14
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgICBHIwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
Njc4ODVBRjExMC8GA1UEBRMoQzRBNzk2MUUwMDJBQTg5RDUwQkVBMjI1MkQ0Rjk0
QjFFRUY2NkEyMzAeFw0yNDA5MDIxMzA1MzBaFw0zNDA5MzAxMzA1MzBaMBgxFjAU
BgNVBAMTDTY2ZDViODFkLWY0OTEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDx9nj9FzSfpj3tzjF5l1b6d05QEXJRZ9595SUFNYCC9zMYNLkBeatnL6ZD
n86YrIalXS56LN8QezM+jXOTWp09o6X62p4Ire+ocMd340Ta/42ZduPCwOmuytMV
wgnjmdB6s1B09H3Bj7d8j9Il+vGygOJSuvGG4iMxUXSM6Vl1ILA8sejbRQrQLrNL
Bhq2nfECmNEsoGEY7+y999xcVj4oz0eVJZgt+DQ9G1v3f1lLwJx5PfI+b39jc9pm
x6+kj1dd4Y0IBOOKX3qEZqVSqPhL3RTwqMoar0eA/l2Q3s10aT3C3FtMolwLcErQ
9RlmEgrZtTA85LD02OddB0CNxSERAgMBAAGjggK0MIICsDAdBgNVHQ4EFgQUjAfO
zu3v/mAlJIn3QjqlNsnVG6owHwYDVR0jBBgwFoAUxKeWHgAqqJ1QvqIlLU+Use72
aiMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjY3ODg1LzJGNzMyNDkwMDY3ODExRUNCNUQ1OTQ1QUQ4QTAxNENFL3hLZVdI
Z0FxcUoxUXZxSWxMVS1Vc2U3MmFpTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL3hLZVdIZ0FxcUoxUXZxSWxMVS1Vc2U3MmFpTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjY3ODg1LzJGNzMyNDkwMDY3ODExRUNCNUQ1OTQ1QUQ4
QTAxNENFLzA5NzRFRTQ0NjkyQzExRUZCODRFMDlCRTc2MkU5NTFBLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBARmpFAwDQQCAAIwBwMFACwP
7sgwDQYJKoZIhvcNAQELBQADggEBABQQ8+oZXuR90fsLAPkVKmFJ3I3LJbUoJA3I
xeWkw2An71Ht8B1Aj2tpLgX3nIym8Vgki+JBlceXISqA8iyPDaWfYSXbtoKJ81fJ
ACMLha4guuhsAjP4oGfjCGWGvjt8SZTS9s93naKnm7b3dBNhRB+ecFveSR9izAqk
lcQ81C64se6h0zA5yP6gtE29JnE7NlZ7U+F54Ax/PyhnK65rTc8gZ1Zw/I377hoo
oB+fqNyMXSxRwNhr8VRYL3J7c2/xt/bV1Zt/pd9cOCM6rrNihHu4Y597kqdHOJYe
iROk2R4p7uECWXx3sHmw04GZbCjFKqyRq7eAhl4KIhQtGPY71xQ=
-----END CERTIFICATE-----
Generated at Fri Sep 20 04:37:48 2024 by rpki-client on console-ams.rpki-client.org