Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F366D4FE/514F0DB8ECDA11EE87AC6871775412E6/81BE3BD6ECDF11EEBC2B3D97775412E6.roa
File: 81BE3BD6ECDF11EEBC2B3D97775412E6.roa (raw, json)
Hash identifier: hwWQDZAVBCTcvtdC0E2H0gTUN7xTPD8/NsNk295s4ow=
Subject key identifier: 79:88:69:57:08:99:4B:9C:9F:95:63:DC:D3:F9:C2:CC:8D:D0:6F:08
Certificate issuer: /CN=F366D4FEAF/serialNumber=5B99DEF0BA6545154DE2598559B3AEA8D26250B7
Certificate serial: 02
Authority key identifier: 5B:99:DE:F0:BA:65:45:15:4D:E2:59:85:59:B3:AE:A8:D2:62:50:B7
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/W5ne8LplRRVN4lmFWbOuqNJiULc.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F366D4FE/514F0DB8ECDA11EE87AC6871775412E6/81BE3BD6ECDF11EEBC2B3D97775412E6.roa
Signing time: Thu 28 Mar 2024 08:45:20 +0000
ROA not before: Thu 28 Mar 2024 08:45:16 +0000
ROA not after: Sun 31 Dec 2034 08:45:16 +0000
asID: 329014
IP address blocks: 102.210.28.0/22 maxlen: 22
102.216.154.0/23 maxlen: 23
2c0f:5740::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F366D4FE/514F0DB8ECDA11EE87AC6871775412E6/W5ne8LplRRVN4lmFWbOuqNJiULc.crl
rsync://rpki.afrinic.net/repository/member_repository/F366D4FE/514F0DB8ECDA11EE87AC6871775412E6/W5ne8LplRRVN4lmFWbOuqNJiULc.mft
rsync://rpki.afrinic.net/repository/afrinic/W5ne8LplRRVN4lmFWbOuqNJiULc.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 28 Jun 2024 00:05:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F366D4FEAF/serialNumber=5B99DEF0BA6545154DE2598559B3AEA8D26250B7
Validity
Not Before: Mar 28 08:45:16 2024 GMT
Not After : Dec 31 08:45:16 2034 GMT
Subject: CN=66052e20-afdb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:c4:27:d1:53:35:b9:0d:19:cd:17:0a:f8:f2:
e5:43:b2:cd:56:72:16:15:b2:a4:fe:cd:57:7e:7c:
38:f3:e1:2c:48:10:7b:2c:e3:45:81:fe:08:1b:34:
5f:08:9c:94:fc:a9:52:87:3f:96:ce:fb:df:72:06:
4b:73:63:4f:ba:60:37:59:eb:b9:ac:75:38:87:1f:
71:85:19:68:15:24:90:f6:9b:ce:db:d8:83:bf:a5:
30:e6:d8:0e:49:a3:09:7a:70:57:97:c8:95:da:07:
65:9f:4c:f7:37:b9:0e:c7:13:81:0a:5b:b1:98:f6:
6f:20:35:74:cf:82:e6:ef:36:6c:af:68:6a:10:6b:
e8:c5:a8:66:64:8d:7e:02:14:2f:4b:98:eb:21:29:
7b:8a:ae:3b:0f:db:b7:87:c0:e5:50:7f:8d:bc:13:
77:94:1d:e8:a9:2f:1a:d8:67:ce:1a:55:6f:28:c6:
9d:bd:34:46:16:03:b4:72:df:67:2c:45:80:1a:9e:
44:85:02:c4:90:5c:de:4e:6d:6c:20:e3:67:f2:e1:
78:e5:94:8e:d1:9b:f9:91:98:7a:e0:13:3b:1c:1f:
4e:bc:c4:b8:47:09:78:39:77:ed:5a:29:d3:dd:53:
b4:0a:16:78:af:6c:ae:66:fe:81:61:03:f8:d8:0a:
c6:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:88:69:57:08:99:4B:9C:9F:95:63:DC:D3:F9:C2:CC:8D:D0:6F:08
X509v3 Authority Key Identifier:
keyid:5B:99:DE:F0:BA:65:45:15:4D:E2:59:85:59:B3:AE:A8:D2:62:50:B7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F366D4FE/514F0DB8ECDA11EE87AC6871775412E6/W5ne8LplRRVN4lmFWbOuqNJiULc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/W5ne8LplRRVN4lmFWbOuqNJiULc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F366D4FE/514F0DB8ECDA11EE87AC6871775412E6/81BE3BD6ECDF11EEBC2B3D97775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.210.28.0/22
102.216.154.0/23
IPv6:
2c0f:5740::/32
Signature Algorithm: sha256WithRSAEncryption
50:12:ed:42:36:e9:aa:2e:32:ee:f0:cd:a6:cd:48:f7:ad:58:
66:54:e3:fe:da:92:b1:f7:91:0e:19:2f:ad:cc:01:4c:94:72:
c9:53:55:2d:d6:ec:58:e6:1a:09:f5:eb:56:33:fb:2c:b6:72:
2e:dd:1a:6f:d0:ff:07:9d:ee:1f:1f:75:ca:14:49:0e:70:58:
c2:63:ad:b3:0d:4d:76:80:d1:b5:51:92:79:1c:85:aa:eb:2d:
ec:b1:81:d1:fd:c9:b0:b8:fc:db:58:8d:43:46:46:63:dd:34:
85:2b:eb:8e:66:ed:c9:67:c1:50:53:a8:09:35:cf:12:2d:71:
43:7b:ca:fc:f8:51:3e:fe:24:8d:0d:7d:bb:ac:76:e3:1b:b2:
e4:c0:2c:03:07:83:fb:a0:bd:ac:d1:2f:b4:8f:be:fe:66:31:
54:82:f5:08:36:b6:34:28:a8:48:58:aa:c1:38:04:55:c3:8f:
a1:67:6e:cb:ac:0a:6b:f5:f0:78:c6:7b:f7:50:27:39:a3:e0:
14:df:c3:38:87:37:98:ee:b3:30:c7:82:d2:bf:e5:ab:29:2d:
20:31:7e:3a:1c:a7:6d:c6:df:55:97:18:62:2f:7c:6d:c9:21:
39:f5:73:d7:16:be:02:13:5c:61:74:84:be:f9:fb:a3:06:bd:
fd:62:64:52
-----BEGIN CERTIFICATE-----
MIIFlzCCBH+gAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY2
RDRGRUFGMTEwLwYDVQQFEyg1Qjk5REVGMEJBNjU0NTE1NERFMjU5ODU1OUIzQUVB
OEQyNjI1MEI3MB4XDTI0MDMyODA4NDUxNloXDTM0MTIzMTA4NDUxNlowGDEWMBQG
A1UEAxMNNjYwNTJlMjAtYWZkYjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALLEJ9FTNbkNGc0XCvjy5UOyzVZyFhWypP7NV358OPPhLEgQeyzjRYH+CBs0
XwiclPypUoc/ls7733IGS3NjT7pgN1nruax1OIcfcYUZaBUkkPabztvYg7+lMObY
DkmjCXpwV5fIldoHZZ9M9ze5DscTgQpbsZj2byA1dM+C5u82bK9oahBr6MWoZmSN
fgIUL0uY6yEpe4quOw/bt4fA5VB/jbwTd5Qd6KkvGthnzhpVbyjGnb00RhYDtHLf
ZyxFgBqeRIUCxJBc3k5tbCDjZ/LheOWUjtGb+ZGYeuATOxwfTrzEuEcJeDl37Vop
091TtAoWeK9srmb+gWED+NgKxukCAwEAAaOCArowggK2MB0GA1UdDgQWBBR5iGlX
CJlLnJ+VY9zT+cLMjdBvCDAfBgNVHSMEGDAWgBRbmd7wumVFFU3iWYVZs66o0mJQ
tzAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NkQ0RkUvNTE0RjBEQjhFQ0RBMTFFRTg3QUM2ODcxNzc1NDEyRTYvVzVuZThM
cGxSUlZONGxtRldiT3VxTkppVUxjLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvVzVuZThMcGxSUlZONGxtRldiT3VxTkppVUxjLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2NkQ0RkUvNTE0RjBEQjhFQ0RBMTFFRTg3QUM2ODcxNzc1
NDEyRTYvODFCRTNCRDZFQ0RGMTFFRUJDMkIzRDk3Nzc1NDEyRTYucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDA0BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEAmbSHAMEAWbYmjANBAIAAjAH
AwUALA9XQDANBgkqhkiG9w0BAQsFAAOCAQEAUBLtQjbpqi4y7vDNps1I961YZlTj
/tqSsfeRDhkvrcwBTJRyyVNVLdbsWOYaCfXrVjP7LLZyLt0ab9D/B53uHx91yhRJ
DnBYwmOtsw1NdoDRtVGSeRyFqust7LGB0f3JsLj821iNQ0ZGY900hSvrjmbtyWfB
UFOoCTXPEi1xQ3vK/PhRPv4kjQ19u6x24xuy5MAsAweD+6C9rNEvtI++/mYxVIL1
CDa2NCioSFiqwTgEVcOPoWduy6wKa/XweMZ791AnOaPgFN/DOIc3mO6zMMeC0r/l
qyktIDF+OhynbcbfVZcYYi98bckhOfVz1xa+AhNcYXSEvvn7owa9/WJkUg==
-----END CERTIFICATE-----
Generated at Wed Jun 26 06:21:10 2024 by rpki-client on console-fra.rpki-client.org