Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3675292/264D17FEBDDC11EEB41E414D775412E6/8F2451D0BE9E11EEBA8196AA775412E6.roa
File: 8F2451D0BE9E11EEBA8196AA775412E6.roa (raw, json)
Hash identifier: 4AAd/b+kE9JKp63Wlhwua7XjTGFImGjuMiypLHiKkR8=
Subject key identifier: B1:34:8A:3D:1D:B0:1F:F3:03:83:74:9F:CB:61:F4:DB:CA:84:94:F7
Certificate issuer: /CN=F3675292AF/serialNumber=8579BC27E73D7B29108EBFF397FB6CFD5C6B0247
Certificate serial: 05
Authority key identifier: 85:79:BC:27:E7:3D:7B:29:10:8E:BF:F3:97:FB:6C:FD:5C:6B:02:47
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/hXm8J-c9eykQjr_zl_ts_VxrAkc.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3675292/264D17FEBDDC11EEB41E414D775412E6/8F2451D0BE9E11EEBA8196AA775412E6.roa
Signing time: Mon 29 Jan 2024 12:04:31 +0000
ROA not before: Mon 29 Jan 2024 12:04:28 +0000
ROA not after: Thu 29 Jan 2026 12:04:28 +0000
asID: 21003
IP address blocks: 102.215.197.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3675292/264D17FEBDDC11EEB41E414D775412E6/hXm8J-c9eykQjr_zl_ts_VxrAkc.crl
rsync://rpki.afrinic.net/repository/member_repository/F3675292/264D17FEBDDC11EEB41E414D775412E6/hXm8J-c9eykQjr_zl_ts_VxrAkc.mft
rsync://rpki.afrinic.net/repository/afrinic/hXm8J-c9eykQjr_zl_ts_VxrAkc.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 30 Sep 2024 00:05:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5 (0x5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3675292AF/serialNumber=8579BC27E73D7B29108EBFF397FB6CFD5C6B0247
Validity
Not Before: Jan 29 12:04:28 2024 GMT
Not After : Jan 29 12:04:28 2026 GMT
Subject: CN=65b7944f-1076
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:89:2b:6f:66:47:14:61:7d:87:b6:56:54:7a:
87:7c:d2:dd:e2:c1:a8:da:ed:de:a6:92:a2:17:b4:
c8:c5:f4:17:5c:e7:4a:f4:89:7c:15:19:00:9b:1c:
21:d8:b6:cf:c5:94:2e:c7:a9:0b:4a:5c:b6:cb:08:
bf:d8:df:71:4d:06:08:c5:14:43:e8:7e:10:ac:75:
bf:60:1e:32:fb:be:8e:b1:32:00:62:f7:70:45:b1:
11:54:7a:5a:04:4b:48:36:c4:0e:7e:56:17:41:4a:
c7:ed:9a:da:53:59:77:dc:c2:b1:81:52:74:74:49:
c7:7f:f9:0d:cb:20:7a:f5:72:62:4b:0f:d3:7f:b8:
de:50:d1:a4:eb:b2:d0:06:43:00:c7:b9:c6:33:a0:
0c:a1:79:e5:95:7a:a8:c2:65:7a:24:11:fe:3a:3c:
9f:08:2d:69:cc:30:c4:e9:61:1c:65:4d:ca:97:7f:
e8:ee:b9:0a:64:4e:6a:53:23:e2:35:e2:a5:f8:3a:
a4:d6:93:ad:fc:02:b5:d6:f1:34:8c:b5:76:26:23:
b3:f4:3c:03:d2:4c:ee:a0:a6:fd:ee:78:2e:c6:e1:
4e:12:38:77:9c:47:69:d6:0d:c8:7d:53:53:50:18:
dd:b8:7c:93:e6:34:b2:86:17:55:36:ed:ff:d6:80:
1a:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:34:8A:3D:1D:B0:1F:F3:03:83:74:9F:CB:61:F4:DB:CA:84:94:F7
X509v3 Authority Key Identifier:
keyid:85:79:BC:27:E7:3D:7B:29:10:8E:BF:F3:97:FB:6C:FD:5C:6B:02:47
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3675292/264D17FEBDDC11EEB41E414D775412E6/hXm8J-c9eykQjr_zl_ts_VxrAkc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/hXm8J-c9eykQjr_zl_ts_VxrAkc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3675292/264D17FEBDDC11EEB41E414D775412E6/8F2451D0BE9E11EEBA8196AA775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.215.197.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:90:44:ad:8a:43:d3:72:8f:ad:c6:e7:1f:02:55:bd:5e:df:
84:e4:d7:6e:7e:a9:c9:eb:35:f2:80:92:54:5c:36:86:bf:60:
8a:87:65:a6:22:ff:db:c9:d3:dd:a2:1b:13:62:0b:47:2c:19:
21:b9:cb:72:5f:f1:d5:64:db:a0:28:e8:52:2a:5d:3c:5a:c5:
1d:82:62:61:25:c9:e5:07:f5:1c:4c:48:fd:60:e0:41:c5:17:
11:cd:11:80:f5:c9:ab:a6:6b:1d:02:18:92:bf:bd:98:8b:5c:
e5:92:ab:31:00:d2:de:0f:c4:af:29:e5:44:17:fc:06:90:b1:
d5:d6:32:ed:93:95:a6:0a:16:80:8b:88:be:24:92:bd:05:c4:
8b:98:2e:4f:9f:4c:8d:8c:5b:c6:ea:69:b1:ba:9e:5a:3b:c3:
9c:35:a8:8c:ed:57:57:55:ef:e6:a4:1d:f7:60:7c:16:da:60:
f6:3e:88:2c:04:c2:9c:3f:bf:ea:7d:73:a7:72:44:7a:cb:ae:
c4:0c:0f:13:c4:3c:8b:4e:08:76:23:55:ea:c2:25:6b:df:9d:
72:02:c7:d4:e2:be:9e:8d:be:6c:d1:e9:f8:20:cd:ae:f5:d7:
cb:18:91:5d:56:89:f0:a5:f2:c0:c5:18:6d:32:40:f8:34:ae:
f4:aa:f8:b4
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBBTANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY3
NTI5MkFGMTEwLwYDVQQFEyg4NTc5QkMyN0U3M0Q3QjI5MTA4RUJGRjM5N0ZCNkNG
RDVDNkIwMjQ3MB4XDTI0MDEyOTEyMDQyOFoXDTI2MDEyOTEyMDQyOFowGDEWMBQG
A1UEAxMNNjViNzk0NGYtMTA3NjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPWJK29mRxRhfYe2VlR6h3zS3eLBqNrt3qaSohe0yMX0F1znSvSJfBUZAJsc
Idi2z8WULsepC0pctssIv9jfcU0GCMUUQ+h+EKx1v2AeMvu+jrEyAGL3cEWxEVR6
WgRLSDbEDn5WF0FKx+2a2lNZd9zCsYFSdHRJx3/5DcsgevVyYksP03+43lDRpOuy
0AZDAMe5xjOgDKF55ZV6qMJleiQR/jo8nwgtacwwxOlhHGVNypd/6O65CmROalMj
4jXipfg6pNaTrfwCtdbxNIy1diYjs/Q8A9JM7qCm/e54LsbhThI4d5xHadYNyH1T
U1AY3bh8k+Y0soYXVTbt/9aAGgUCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBSxNIo9
HbAf8wODdJ/LYfTbyoSU9zAfBgNVHSMEGDAWgBSFebwn5z17KRCOv/OX+2z9XGsC
RzAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NzUyOTIvMjY0RDE3RkVCRERDMTFFRUI0MUU0MTRENzc1NDEyRTYvaFhtOEot
YzlleWtRanJfemxfdHNfVnhyQWtjLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvaFhtOEotYzlleWtRanJfemxfdHNfVnhyQWtjLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2NzUyOTIvMjY0RDE3RkVCRERDMTFFRUI0MUU0MTRENzc1
NDEyRTYvOEYyNDUxRDBCRTlFMTFFRUJBODE5NkFBNzc1NDEyRTYucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAGbXxTANBgkqhkiG9w0BAQsF
AAOCAQEAGpBErYpD03KPrcbnHwJVvV7fhOTXbn6pyes18oCSVFw2hr9giodlpiL/
28nT3aIbE2ILRywZIbnLcl/x1WTboCjoUipdPFrFHYJiYSXJ5Qf1HExI/WDgQcUX
Ec0RgPXJq6ZrHQIYkr+9mItc5ZKrMQDS3g/ErynlRBf8BpCx1dYy7ZOVpgoWgIuI
viSSvQXEi5guT59MjYxbxuppsbqeWjvDnDWojO1XV1Xv5qQd92B8Ftpg9j6ILATC
nD+/6n1zp3JEesuuxAwPE8Q8i04IdiNV6sIla9+dcgLH1OK+no2+bNHp+CDNrvXX
yxiRXVaJ8KXywMUYbTJA+DSu9Kr4tA==
-----END CERTIFICATE-----
Generated at Sat Sep 28 04:04:16 2024 by rpki-client on console-fra.rpki-client.org