Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36698E4/F20BF188961511EEA29AF12CD25BE465/60ED6DDC961811EE8B260031D25BE465.roa
File: 60ED6DDC961811EE8B260031D25BE465.roa (raw, json)
Hash identifier: asfSfKN0B+P/CqvfZfKADYhVA1OGqJtLEdZ0SA8ovOc=
Subject key identifier: C6:F0:5C:A4:23:8F:C6:EE:B5:EF:52:77:C1:32:45:C8:2D:A0:4A:E3
Certificate issuer: /CN=F36698E4AF/serialNumber=C300117D5494961E05B7D9DE16D628B23B25B901
Certificate serial: 03
Authority key identifier: C3:00:11:7D:54:94:96:1E:05:B7:D9:DE:16:D6:28:B2:3B:25:B9:01
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/wwARfVSUlh4Ft9neFtYosjsluQE.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36698E4/F20BF188961511EEA29AF12CD25BE465/60ED6DDC961811EE8B260031D25BE465.roa
Signing time: Fri 08 Dec 2023 22:23:14 +0000
ROA not before: Sat 09 Dec 2023 22:23:11 +0000
ROA not after: Mon 09 Dec 2024 22:23:11 +0000
asID: 329114
IP address blocks: 102.221.142.0/24 maxlen: 24
102.221.143.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36698E4/F20BF188961511EEA29AF12CD25BE465/wwARfVSUlh4Ft9neFtYosjsluQE.crl
rsync://rpki.afrinic.net/repository/member_repository/F36698E4/F20BF188961511EEA29AF12CD25BE465/wwARfVSUlh4Ft9neFtYosjsluQE.mft
rsync://rpki.afrinic.net/repository/afrinic/wwARfVSUlh4Ft9neFtYosjsluQE.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3 (0x3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36698E4AF/serialNumber=C300117D5494961E05B7D9DE16D628B23B25B901
Validity
Not Before: Dec 9 22:23:11 2023 GMT
Not After : Dec 9 22:23:11 2024 GMT
Subject: CN=65739752-ea09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:eb:1f:de:77:d2:f4:b7:fc:c7:70:a9:d3:02:
69:a8:8c:42:d6:2f:71:90:3b:d0:93:68:ee:45:55:
08:79:64:95:5e:b9:17:ee:70:d1:a6:87:ac:06:0c:
c6:a5:02:3a:b3:32:ca:db:16:d9:10:46:db:a6:48:
5c:91:5e:64:14:b3:84:a1:74:17:ce:12:6b:38:58:
ac:ad:f0:7e:5a:e6:4c:d8:1c:7b:7d:0b:35:a9:44:
6d:8b:3a:8f:d8:c5:51:a0:79:24:2a:75:dd:1d:8f:
b2:5c:f8:89:9e:0d:26:f5:71:69:f0:64:0c:b4:9d:
75:1f:9e:c6:42:66:e3:57:fc:cb:38:71:ef:ab:48:
3e:8c:24:23:6a:7a:ec:13:e5:2b:19:40:ae:ef:1a:
88:28:29:3d:f5:99:73:ba:e9:bb:b4:ec:8c:8a:47:
1a:ff:90:f3:09:0b:bd:21:71:91:8b:54:79:85:4b:
e3:e4:2d:a8:ec:50:e0:50:73:7b:6f:cc:b8:ea:32:
79:2b:99:45:71:23:cc:1c:d3:03:39:78:c4:5d:59:
f2:5d:b4:c6:cd:0c:08:85:19:ec:fd:b7:db:a4:47:
e6:3d:ab:2e:e6:44:38:c2:be:1e:7a:c6:44:df:ea:
80:7a:25:03:bc:99:fc:71:a1:b5:54:e9:94:69:67:
5d:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:F0:5C:A4:23:8F:C6:EE:B5:EF:52:77:C1:32:45:C8:2D:A0:4A:E3
X509v3 Authority Key Identifier:
keyid:C3:00:11:7D:54:94:96:1E:05:B7:D9:DE:16:D6:28:B2:3B:25:B9:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36698E4/F20BF188961511EEA29AF12CD25BE465/wwARfVSUlh4Ft9neFtYosjsluQE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/wwARfVSUlh4Ft9neFtYosjsluQE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36698E4/F20BF188961511EEA29AF12CD25BE465/60ED6DDC961811EE8B260031D25BE465.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.221.142.0/23
Signature Algorithm: sha256WithRSAEncryption
50:8d:d6:e5:cb:69:5e:77:bb:46:a1:4f:49:e8:af:be:c5:51:
88:f6:dd:38:92:b9:99:e0:88:20:90:b9:8d:ba:8b:3c:96:d5:
02:ab:6c:37:fa:5d:a3:4b:0e:e2:64:6d:b0:fe:ef:d7:93:4f:
4d:4c:7d:89:96:3c:be:2e:06:d1:6d:be:08:83:37:e6:88:0b:
df:c3:8e:a9:1c:0b:c4:28:65:b7:d8:b2:84:6f:e9:0b:0c:8e:
81:fa:5e:d0:7a:04:82:9f:6b:ba:8b:6d:67:58:11:80:09:f6:
0c:fb:23:4c:a0:1d:5a:90:eb:79:c0:ab:70:be:0c:f2:a4:85:
37:e3:10:b5:c6:4b:88:fc:e8:34:6a:9c:99:5b:a6:f6:94:ff:
fd:6e:62:44:7c:c2:65:44:f9:25:e9:6a:81:a1:69:98:45:65:
78:9c:b0:25:12:6d:43:5d:09:73:19:a6:f2:29:89:a8:be:63:
9d:09:62:4b:87:a8:9d:f4:95:d9:05:77:e2:0a:79:23:7b:50:
39:4a:17:d2:11:dc:55:66:3d:7f:f1:59:06:ee:4e:0e:bd:df:
a9:a4:a5:25:47:b8:fd:99:fa:41:58:22:88:58:f8:82:76:08:
d9:3e:33:78:6e:47:5f:b9:4a:f6:bb:b2:fc:32:f1:17:1e:b3:
d3:98:c9:f4
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBAzANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY2
OThFNEFGMTEwLwYDVQQFEyhDMzAwMTE3RDU0OTQ5NjFFMDVCN0Q5REUxNkQ2MjhC
MjNCMjVCOTAxMB4XDTIzMTIwOTIyMjMxMVoXDTI0MTIwOTIyMjMxMVowGDEWMBQG
A1UEAxMNNjU3Mzk3NTItZWEwOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMDrH9530vS3/MdwqdMCaaiMQtYvcZA70JNo7kVVCHlklV65F+5w0aaHrAYM
xqUCOrMyytsW2RBG26ZIXJFeZBSzhKF0F84SazhYrK3wflrmTNgce30LNalEbYs6
j9jFUaB5JCp13R2Pslz4iZ4NJvVxafBkDLSddR+exkJm41f8yzhx76tIPowkI2p6
7BPlKxlAru8aiCgpPfWZc7rpu7TsjIpHGv+Q8wkLvSFxkYtUeYVL4+QtqOxQ4FBz
e2/MuOoyeSuZRXEjzBzTAzl4xF1Z8l20xs0MCIUZ7P2326RH5j2rLuZEOMK+HnrG
RN/qgHolA7yZ/HGhtVTplGlnXe0CAwEAAaOCAqUwggKhMB0GA1UdDgQWBBTG8Fyk
I4/G7rXvUnfBMkXILaBK4zAfBgNVHSMEGDAWgBTDABF9VJSWHgW32d4W1iiyOyW5
ATAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2Njk4RTQvRjIwQkYxODg5NjE1MTFFRUEyOUFGMTJDRDI1QkU0NjUvd3dBUmZW
U1VsaDRGdDluZUZ0WW9zanNsdVFFLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvd3dBUmZWU1VsaDRGdDluZUZ0WW9zanNsdVFFLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2Njk4RTQvRjIwQkYxODg5NjE1MTFFRUEyOUFGMTJDRDI1
QkU0NjUvNjBFRDZEREM5NjE4MTFFRThCMjYwMDMxRDI1QkU0NjUucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAWbdjjANBgkqhkiG9w0BAQsF
AAOCAQEAUI3W5ctpXne7RqFPSeivvsVRiPbdOJK5meCIIJC5jbqLPJbVAqtsN/pd
o0sO4mRtsP7v15NPTUx9iZY8vi4G0W2+CIM35ogL38OOqRwLxChlt9iyhG/pCwyO
gfpe0HoEgp9ruottZ1gRgAn2DPsjTKAdWpDrecCrcL4M8qSFN+MQtcZLiPzoNGqc
mVum9pT//W5iRHzCZUT5JelqgaFpmEVleJywJRJtQ10Jcxmm8imJqL5jnQliS4eo
nfSV2QV34gp5I3tQOUoX0hHcVWY9f/FZBu5ODr3fqaSlJUe4/Zn6QVgiiFj4gnYI
2T4zeG5HX7lK9ruy/DLxFx6z05jJ9A==
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:52:55 2024 by rpki-client on console-fra.rpki-client.org