Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F366A61A/7578EB6A386511EFA61FC86B762E951A/3ADD93B2386911EF95D6CA87762E951A.roa
File: 3ADD93B2386911EF95D6CA87762E951A.roa (raw, json)
Hash identifier: zRXSoH3XHGWqI6NKqTDZkrU/VQVf3YmKR5+vS2GpN6c=
Subject key identifier: 09:6C:CE:71:EC:DB:5A:D4:DD:AE:80:27:E4:87:31:C1:E3:AC:DF:C3
Certificate issuer: /CN=F366A61AAF/serialNumber=31813322C9B9A2BAFD7C7AF5CE0F4FF874D9CDA1
Certificate serial: 04
Authority key identifier: 31:81:33:22:C9:B9:A2:BA:FD:7C:7A:F5:CE:0F:4F:F8:74:D9:CD:A1
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/MYEzIsm5orr9fHr1zg9P-HTZzaE.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F366A61A/7578EB6A386511EFA61FC86B762E951A/3ADD93B2386911EF95D6CA87762E951A.roa
Signing time: Tue 02 Jul 2024 11:50:08 +0000
ROA not before: Tue 02 Jul 2024 11:50:05 +0000
ROA not after: Sun 02 Jul 2034 11:50:05 +0000
asID: 328943
IP address blocks: 102.218.84.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F366A61A/7578EB6A386511EFA61FC86B762E951A/MYEzIsm5orr9fHr1zg9P-HTZzaE.crl
rsync://rpki.afrinic.net/repository/member_repository/F366A61A/7578EB6A386511EFA61FC86B762E951A/MYEzIsm5orr9fHr1zg9P-HTZzaE.mft
rsync://rpki.afrinic.net/repository/afrinic/MYEzIsm5orr9fHr1zg9P-HTZzaE.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 26 Oct 2024 00:05:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4 (0x4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F366A61AAF/serialNumber=31813322C9B9A2BAFD7C7AF5CE0F4FF874D9CDA1
Validity
Not Before: Jul 2 11:50:05 2024 GMT
Not After : Jul 2 11:50:05 2034 GMT
Subject: CN=6683e970-cc71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:af:e5:8b:76:f5:4a:06:25:47:f0:17:57:2a:
15:93:36:e9:9d:0f:2e:3e:7e:d5:a6:e5:17:df:17:
94:f6:ef:a3:52:c8:b0:e2:84:64:51:25:1d:d2:5a:
0d:81:15:58:b1:08:56:89:6e:58:5b:48:e3:e0:e6:
09:b1:1d:43:39:4c:57:9f:28:c0:64:29:9a:19:46:
aa:75:3e:58:9c:6e:cf:25:1a:e1:9e:2c:a9:31:9c:
47:22:f0:88:cd:fe:89:9e:82:3e:a6:4c:22:42:a5:
0e:14:a6:f1:a5:bc:fd:40:9a:d5:83:9e:33:23:a6:
bc:9d:ee:11:03:58:a5:1e:0c:df:e1:57:ed:dd:7d:
11:d7:0e:4a:c0:10:51:7a:26:a6:78:73:03:3a:58:
06:21:9b:26:5d:8b:7e:e2:ac:92:de:8e:0e:cc:57:
26:2c:38:de:3d:42:8e:f9:23:b6:fe:1e:77:c7:b8:
60:fe:8c:b0:ed:67:8c:69:b9:77:9d:11:9a:0d:44:
70:56:7f:1a:c6:2a:33:58:eb:2c:a9:82:d4:c0:ab:
eb:f2:b8:d1:4d:27:d0:be:b8:7c:a6:3e:bc:64:16:
2b:26:dd:ff:02:05:ba:6d:df:b8:22:af:81:76:e3:
12:d2:8e:c1:25:7a:96:1d:84:41:65:75:7f:a4:10:
57:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:6C:CE:71:EC:DB:5A:D4:DD:AE:80:27:E4:87:31:C1:E3:AC:DF:C3
X509v3 Authority Key Identifier:
keyid:31:81:33:22:C9:B9:A2:BA:FD:7C:7A:F5:CE:0F:4F:F8:74:D9:CD:A1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F366A61A/7578EB6A386511EFA61FC86B762E951A/MYEzIsm5orr9fHr1zg9P-HTZzaE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/MYEzIsm5orr9fHr1zg9P-HTZzaE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F366A61A/7578EB6A386511EFA61FC86B762E951A/3ADD93B2386911EF95D6CA87762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.218.84.0/22
Signature Algorithm: sha256WithRSAEncryption
56:02:76:9c:a3:50:72:64:2d:90:a2:8b:7d:f0:ec:74:68:c9:
9c:92:c0:b8:74:a1:b3:a1:de:db:5c:93:e8:15:a9:74:df:89:
df:5b:b5:90:29:49:ec:21:cc:db:96:4d:c4:59:34:35:8f:05:
f4:d4:dc:54:6f:bd:ea:cb:18:4d:75:0a:59:38:ff:4e:dd:30:
06:8f:07:f3:18:95:98:b9:d1:7a:fc:02:bd:db:f0:45:88:21:
01:2b:ab:80:03:60:bc:31:ad:50:21:6f:9f:0f:86:80:0a:4c:
61:ba:fd:6f:f6:35:a1:7c:c2:ad:c8:64:13:e4:80:99:42:6b:
49:f9:9a:d1:0e:c2:92:e5:7b:39:20:b8:ed:aa:0b:78:5d:1c:
9e:b6:db:5c:0d:f2:ea:07:6b:2a:36:3d:cb:83:0f:31:e9:cd:
c0:5a:78:b9:fb:bc:1d:9d:43:09:b5:87:ef:93:74:0a:6e:5d:
16:9a:ac:d1:15:0e:91:0e:9b:a0:b4:21:6d:e6:2c:b7:44:3e:
63:ee:61:48:b6:3f:5b:7c:29:16:e4:33:63:19:48:15:ca:8b:
bd:16:89:b7:19:d3:2f:ac:06:2d:61:14:3f:b0:c7:5a:53:fe:
91:df:97:b7:0b:26:7d:b2:18:3b:f4:37:13:ec:63:88:76:0e:
85:50:1f:ad
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBBDANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY2
QTYxQUFGMTEwLwYDVQQFEygzMTgxMzMyMkM5QjlBMkJBRkQ3QzdBRjVDRTBGNEZG
ODc0RDlDREExMB4XDTI0MDcwMjExNTAwNVoXDTM0MDcwMjExNTAwNVowGDEWMBQG
A1UEAxMNNjY4M2U5NzAtY2M3MTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANev5Yt29UoGJUfwF1cqFZM26Z0PLj5+1ablF98XlPbvo1LIsOKEZFElHdJa
DYEVWLEIVoluWFtI4+DmCbEdQzlMV58owGQpmhlGqnU+WJxuzyUa4Z4sqTGcRyLw
iM3+iZ6CPqZMIkKlDhSm8aW8/UCa1YOeMyOmvJ3uEQNYpR4M3+FX7d19EdcOSsAQ
UXompnhzAzpYBiGbJl2LfuKskt6ODsxXJiw43j1Cjvkjtv4ed8e4YP6MsO1njGm5
d50Rmg1EcFZ/GsYqM1jrLKmC1MCr6/K40U0n0L64fKY+vGQWKybd/wIFum3fuCKv
gXbjEtKOwSV6lh2EQWV1f6QQV8UCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBQJbM5x
7Nta1N2ugCfkhzHB46zfwzAfBgNVHSMEGDAWgBQxgTMiybmiuv18evXOD0/4dNnN
oTAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NkE2MUEvNzU3OEVCNkEzODY1MTFFRkE2MUZDODZCNzYyRTk1MUEvTVlFeklz
bTVvcnI5ZkhyMXpnOVAtSFRaemFFLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvTVlFeklzbTVvcnI5ZkhyMXpnOVAtSFRaemFFLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2NkE2MUEvNzU3OEVCNkEzODY1MTFFRkE2MUZDODZCNzYy
RTk1MUEvM0FERDkzQjIzODY5MTFFRjk1RDZDQTg3NzYyRTk1MUEucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAmbaVDANBgkqhkiG9w0BAQsF
AAOCAQEAVgJ2nKNQcmQtkKKLffDsdGjJnJLAuHShs6He21yT6BWpdN+J31u1kClJ
7CHM25ZNxFk0NY8F9NTcVG+96ssYTXUKWTj/Tt0wBo8H8xiVmLnRevwCvdvwRYgh
ASurgANgvDGtUCFvnw+GgApMYbr9b/Y1oXzCrchkE+SAmUJrSfma0Q7CkuV7OSC4
7aoLeF0cnrbbXA3y6gdrKjY9y4MPMenNwFp4ufu8HZ1DCbWH75N0Cm5dFpqs0RUO
kQ6boLQhbeYst0Q+Y+5hSLY/W3wpFuQzYxlIFcqLvRaJtxnTL6wGLWEUP7DHWlP+
kd+XtwsmfbIYO/Q3E+xjiHYOhVAfrQ==
-----END CERTIFICATE-----
Generated at Thu Oct 24 07:10:19 2024 by rpki-client on console-ams.rpki-client.org