Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F366D4FE/514F0DB8ECDA11EE87AC6871775412E6/A362A16C8F7F11EFAF4BED7B762E951A.roa
File: A362A16C8F7F11EFAF4BED7B762E951A.roa (raw, json)
Hash identifier: IA5E+cidy4P6bwd+KUq6ItG1SjLr77ZOVA7H/rIKJAY=
Subject key identifier: AA:16:3C:E2:48:36:19:E1:03:E3:64:B8:92:CA:79:98:54:8D:BE:9C
Certificate issuer: /CN=F366D4FEAF/serialNumber=5B99DEF0BA6545154DE2598559B3AEA8D26250B7
Certificate serial: DD
Authority key identifier: 5B:99:DE:F0:BA:65:45:15:4D:E2:59:85:59:B3:AE:A8:D2:62:50:B7
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/W5ne8LplRRVN4lmFWbOuqNJiULc.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F366D4FE/514F0DB8ECDA11EE87AC6871775412E6/A362A16C8F7F11EFAF4BED7B762E951A.roa
Signing time: Mon 21 Oct 2024 07:39:44 +0000
ROA not before: Mon 21 Oct 2024 07:39:40 +0000
ROA not after: Sun 31 Dec 2034 07:39:40 +0000
asID: 329014
IP address blocks: 102.210.28.0/24 maxlen: 24
102.210.30.0/24 maxlen: 24
2c0f:5740::/33 maxlen: 33
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F366D4FE/514F0DB8ECDA11EE87AC6871775412E6/W5ne8LplRRVN4lmFWbOuqNJiULc.crl
rsync://rpki.afrinic.net/repository/member_repository/F366D4FE/514F0DB8ECDA11EE87AC6871775412E6/W5ne8LplRRVN4lmFWbOuqNJiULc.mft
rsync://rpki.afrinic.net/repository/afrinic/W5ne8LplRRVN4lmFWbOuqNJiULc.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 26 Nov 2024 00:05:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 221 (0xdd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F366D4FEAF/serialNumber=5B99DEF0BA6545154DE2598559B3AEA8D26250B7
Validity
Not Before: Oct 21 07:39:40 2024 GMT
Not After : Dec 31 07:39:40 2034 GMT
Subject: CN=67160540-87ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:3c:4c:39:70:63:fa:8f:fd:9d:1b:c4:36:b4:
d8:c7:ab:5d:87:46:7e:27:e3:d2:a8:76:da:84:2c:
b5:8e:09:98:1c:d2:2f:43:88:30:34:c4:49:1c:8d:
55:8d:a5:34:3f:c5:05:e1:2e:37:84:79:f2:38:f7:
f0:f2:48:aa:b1:d0:7b:3e:39:74:0a:b0:93:0a:d5:
cf:4f:1c:8b:f3:8b:2c:fd:d2:f1:ed:fd:80:c7:7f:
0d:6c:22:5a:16:20:38:95:bf:0b:87:c8:5b:e4:2f:
70:95:c2:14:e9:85:12:e5:11:78:72:2d:48:3a:91:
2f:97:e6:2f:77:da:23:f1:db:14:45:6d:3f:15:7a:
cc:86:53:54:63:91:e5:3f:05:ca:87:ad:b3:b9:bb:
4e:c2:d9:0f:84:d8:06:fa:9a:b9:eb:9b:7d:70:8c:
0f:9e:79:c3:9d:2b:95:22:4b:80:86:46:78:fb:84:
c3:b5:a4:32:ad:db:e2:a8:d4:a3:3d:9a:68:b1:2c:
fa:c8:56:e1:02:eb:b1:2b:f4:94:0e:cc:33:ec:f7:
31:9f:0b:27:4a:e3:53:d1:a3:56:0c:db:62:56:b7:
24:ae:a6:85:bd:7e:84:03:4f:83:19:87:f9:b5:d6:
5a:3b:36:4e:ad:81:65:cf:05:0a:f3:46:9e:1d:f7:
2d:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:16:3C:E2:48:36:19:E1:03:E3:64:B8:92:CA:79:98:54:8D:BE:9C
X509v3 Authority Key Identifier:
keyid:5B:99:DE:F0:BA:65:45:15:4D:E2:59:85:59:B3:AE:A8:D2:62:50:B7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F366D4FE/514F0DB8ECDA11EE87AC6871775412E6/W5ne8LplRRVN4lmFWbOuqNJiULc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/W5ne8LplRRVN4lmFWbOuqNJiULc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F366D4FE/514F0DB8ECDA11EE87AC6871775412E6/A362A16C8F7F11EFAF4BED7B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.210.28.0/24
102.210.30.0/24
IPv6:
2c0f:5740::/33
Signature Algorithm: sha256WithRSAEncryption
12:6e:84:7e:74:71:c7:5d:73:d5:ad:51:06:ea:a5:1e:1c:5e:
a0:b3:31:f3:28:79:24:61:01:9a:6b:58:af:c6:54:4c:bc:dd:
5c:99:04:bf:c7:73:2b:70:28:cb:01:b3:38:7e:ad:e0:f6:a5:
25:6e:6b:34:9c:87:4e:75:11:4a:97:b3:9f:b8:10:f3:9d:df:
ce:9f:84:35:e6:37:6a:d7:63:7a:f0:54:26:41:39:9f:d9:0c:
6c:be:5d:b2:53:c4:43:f1:1c:ce:b8:46:39:4d:55:ec:9a:d9:
9b:b8:9a:e3:2f:65:d7:7f:ae:9e:aa:d8:75:58:47:26:36:65:
ba:d1:c2:57:a2:da:16:89:0a:c5:89:e2:dc:c7:24:65:8c:53:
87:42:d8:47:65:6d:ff:70:66:9a:86:95:ab:c4:36:18:a5:a2:
ec:81:09:ae:f0:3b:cb:01:9f:eb:1e:ac:69:dd:af:26:24:71:
96:ec:05:7f:db:a7:1e:c1:13:90:28:c9:a2:9e:cc:49:59:57:
1d:36:1e:55:2f:f7:93:4d:85:f8:ac:ec:0c:3c:11:08:0f:4c:
f6:09:b0:97:c3:95:36:17:d0:f8:e9:cc:5f:bb:49:b9:c7:51:
1a:97:68:ba:71:c3:ac:a4:0b:02:99:5e:30:5c:23:42:33:d9:
7a:99:8c:29
-----BEGIN CERTIFICATE-----
MIIFmTCCBIGgAwIBAgICAN0wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
NkQ0RkVBRjExMC8GA1UEBRMoNUI5OURFRjBCQTY1NDUxNTRERTI1OTg1NTlCM0FF
QThEMjYyNTBCNzAeFw0yNDEwMjEwNzM5NDBaFw0zNDEyMzEwNzM5NDBaMBgxFjAU
BgNVBAMTDTY3MTYwNTQwLTg3ZWYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC4PEw5cGP6j/2dG8Q2tNjHq12HRn4n49KodtqELLWOCZgc0i9DiDA0xEkc
jVWNpTQ/xQXhLjeEefI49/DySKqx0Hs+OXQKsJMK1c9PHIvziyz90vHt/YDHfw1s
IloWIDiVvwuHyFvkL3CVwhTphRLlEXhyLUg6kS+X5i932iPx2xRFbT8VesyGU1Rj
keU/BcqHrbO5u07C2Q+E2Ab6mrnrm31wjA+eecOdK5UiS4CGRnj7hMO1pDKt2+Ko
1KM9mmixLPrIVuEC67Er9JQOzDPs9zGfCydK41PRo1YM22JWtySupoW9foQDT4MZ
h/m11lo7Nk6tgWXPBQrzRp4d9y1nAgMBAAGjggK7MIICtzAdBgNVHQ4EFgQUqhY8
4kg2GeED42S4ksp5mFSNvpwwHwYDVR0jBBgwFoAUW5ne8LplRRVN4lmFWbOuqNJi
ULcwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjZENEZFLzUxNEYwREI4RUNEQTExRUU4N0FDNjg3MTc3NTQxMkU2L1c1bmU4
THBsUlJWTjRsbUZXYk91cU5KaVVMYy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL1c1bmU4THBsUlJWTjRsbUZXYk91cU5KaVVMYy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjZENEZFLzUxNEYwREI4RUNEQTExRUU4N0FDNjg3MTc3
NTQxMkU2L0EzNjJBMTZDOEY3RjExRUZBRjRCRUQ3Qjc2MkU5NTFBLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwNQYIKwYBBQUHAQcBAf8EJjAkMBIEAgABMAwDBABm0hwDBABm0h4wDgQCAAIw
CAMGBywPV0AAMA0GCSqGSIb3DQEBCwUAA4IBAQASboR+dHHHXXPVrVEG6qUeHF6g
szHzKHkkYQGaa1ivxlRMvN1cmQS/x3MrcCjLAbM4fq3g9qUlbms0nIdOdRFKl7Of
uBDznd/On4Q15jdq12N68FQmQTmf2Qxsvl2yU8RD8RzOuEY5TVXsmtmbuJrjL2XX
f66eqth1WEcmNmW60cJXotoWiQrFieLcxyRljFOHQthHZW3/cGaahpWrxDYYpaLs
gQmu8DvLAZ/rHqxp3a8mJHGW7AV/26cewROQKMminsxJWVcdNh5VL/eTTYX4rOwM
PBEID0z2CbCXw5U2F9D46cxfu0m5x1Eal2i6ccOspAsCmV4wXCNCM9l6mYwp
-----END CERTIFICATE-----
Generated at Sun Nov 24 05:19:31 2024 by rpki-client on console-ams.rpki-client.org