Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3676EF0/6E8128646AAA11EF9DAC8CA5762E951A/20A5B5426AAF11EF9EC3AA42762E951A.roa
File: 20A5B5426AAF11EF9EC3AA42762E951A.roa (raw, json)
Hash identifier: 0P+WY7UOiMY+YcWMWFMkGPCy9cUGpM29pOZMdtFlc64=
Subject key identifier: F6:F3:BC:BD:62:9E:A7:E9:2C:F9:41:D7:E0:D5:63:D4:3B:03:FA:4E
Certificate issuer: /CN=F3676EF0AF/serialNumber=EFD2C3DE3AE8C4CE9E7B93C9F7D45BA92EB14E8C
Certificate serial: 02
Authority key identifier: EF:D2:C3:DE:3A:E8:C4:CE:9E:7B:93:C9:F7:D4:5B:A9:2E:B1:4E:8C
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/79LD3jroxM6ee5PJ99RbqS6xTow.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3676EF0/6E8128646AAA11EF9DAC8CA5762E951A/20A5B5426AAF11EF9EC3AA42762E951A.roa
Signing time: Wed 04 Sep 2024 11:16:27 +0000
ROA not before: Wed 04 Sep 2024 11:16:23 +0000
ROA not after: Mon 31 Mar 2025 11:16:23 +0000
asID: 37542
IP address blocks: 102.222.128.0/22 maxlen: 24
102.223.132.0/22 maxlen: 24
197.255.240.0/22 maxlen: 24
2c0f:fbd8::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3676EF0/6E8128646AAA11EF9DAC8CA5762E951A/79LD3jroxM6ee5PJ99RbqS6xTow.crl
rsync://rpki.afrinic.net/repository/member_repository/F3676EF0/6E8128646AAA11EF9DAC8CA5762E951A/79LD3jroxM6ee5PJ99RbqS6xTow.mft
rsync://rpki.afrinic.net/repository/afrinic/79LD3jroxM6ee5PJ99RbqS6xTow.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 26 Oct 2024 00:05:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3676EF0AF/serialNumber=EFD2C3DE3AE8C4CE9E7B93C9F7D45BA92EB14E8C
Validity
Not Before: Sep 4 11:16:23 2024 GMT
Not After : Mar 31 11:16:23 2025 GMT
Subject: CN=66d8418b-c9e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:5b:a7:1f:c9:c1:dc:a1:b3:99:3e:23:69:de:
40:55:fc:e6:b2:ee:9b:36:0e:e0:60:0e:2d:a3:a7:
84:dd:58:2e:06:6b:cd:dd:63:46:00:42:db:8c:55:
cb:cf:d8:2d:87:2e:2e:a2:f2:42:c0:aa:b4:ca:84:
d3:eb:27:3a:8c:1b:28:26:05:fb:1d:cb:aa:54:39:
3e:08:f8:16:60:f2:35:9a:bb:96:1b:40:a6:3b:98:
d0:69:27:aa:4a:52:6c:a6:8f:cb:fd:53:1e:56:4f:
b4:5b:30:16:6e:96:70:13:ae:fd:ed:d5:30:cb:09:
c4:91:ee:ac:aa:87:2e:72:df:8b:ed:95:93:18:ca:
70:6e:ca:cd:65:74:ef:1d:22:ba:06:1a:f9:ab:6a:
a4:c9:a1:ea:f9:c3:25:8e:7c:8e:5a:09:41:df:ff:
9d:ee:06:4f:b5:9a:eb:3e:a2:c1:50:aa:3b:88:40:
56:b4:61:00:df:b4:fe:f6:40:a8:28:62:7b:e6:cc:
97:3a:7e:92:ae:97:92:63:41:25:a8:ef:70:6c:2a:
3a:8e:bc:5e:89:ca:02:65:60:16:0d:cb:d9:84:c7:
ec:07:81:2c:ed:cd:2e:77:8e:25:58:90:93:bc:05:
4b:4b:bc:40:1c:59:e9:65:0e:de:60:96:7a:39:cf:
a5:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:F3:BC:BD:62:9E:A7:E9:2C:F9:41:D7:E0:D5:63:D4:3B:03:FA:4E
X509v3 Authority Key Identifier:
keyid:EF:D2:C3:DE:3A:E8:C4:CE:9E:7B:93:C9:F7:D4:5B:A9:2E:B1:4E:8C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3676EF0/6E8128646AAA11EF9DAC8CA5762E951A/79LD3jroxM6ee5PJ99RbqS6xTow.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/79LD3jroxM6ee5PJ99RbqS6xTow.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3676EF0/6E8128646AAA11EF9DAC8CA5762E951A/20A5B5426AAF11EF9EC3AA42762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.222.128.0/22
102.223.132.0/22
197.255.240.0/22
IPv6:
2c0f:fbd8::/32
Signature Algorithm: sha256WithRSAEncryption
b3:cc:33:ce:bf:02:18:24:40:ba:4d:2c:1d:68:db:b3:8c:8e:
30:95:bf:39:c6:28:65:58:9c:0b:dc:f7:ef:25:54:86:69:2f:
1e:a2:e1:e4:90:23:e2:bc:55:96:f1:dc:72:b2:97:96:59:8a:
5a:8a:6b:1f:dd:4f:29:23:7b:fc:f5:3c:14:33:2e:5e:27:78:
d7:97:cc:f7:ac:65:da:f7:6c:a8:6d:33:e0:c0:a0:90:37:71:
2b:7f:87:28:50:82:05:80:14:31:46:a2:e9:f4:62:21:2c:2f:
91:3f:3e:09:11:b8:47:97:c7:1a:a7:e7:f0:1f:c7:99:ee:8a:
50:b5:f8:ab:64:e0:8c:f4:2b:43:22:af:88:1e:0b:77:62:c6:
05:d7:80:1c:4a:08:57:14:d4:49:5b:dd:bc:cd:c5:bd:06:44:
d2:5c:8b:11:ac:5d:16:7f:12:5d:2e:3e:38:ae:5f:63:fc:9e:
6b:4c:d4:f5:25:cd:0d:e0:ae:23:1a:c0:57:fd:73:35:10:c3:
d3:32:01:05:5e:e0:01:5d:f5:01:70:f2:28:bb:9d:7f:a0:de:
1b:2a:84:1a:3a:73:c4:40:8e:3b:21:4a:88:88:89:b5:21:52:
e6:6e:e0:fd:7d:5b:c9:24:41:81:f4:14:ea:3e:6a:c5:53:c4:
9a:e1:3a:14
-----BEGIN CERTIFICATE-----
MIIFnTCCBIWgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY3
NkVGMEFGMTEwLwYDVQQFEyhFRkQyQzNERTNBRThDNENFOUU3QjkzQzlGN0Q0NUJB
OTJFQjE0RThDMB4XDTI0MDkwNDExMTYyM1oXDTI1MDMzMTExMTYyM1owGDEWMBQG
A1UEAxMNNjZkODQxOGItYzllMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANpbpx/Jwdyhs5k+I2neQFX85rLumzYO4GAOLaOnhN1YLgZrzd1jRgBC24xV
y8/YLYcuLqLyQsCqtMqE0+snOowbKCYF+x3LqlQ5Pgj4FmDyNZq7lhtApjuY0Gkn
qkpSbKaPy/1THlZPtFswFm6WcBOu/e3VMMsJxJHurKqHLnLfi+2VkxjKcG7KzWV0
7x0iugYa+atqpMmh6vnDJY58jloJQd//ne4GT7Wa6z6iwVCqO4hAVrRhAN+0/vZA
qChie+bMlzp+kq6XkmNBJajvcGwqOo68XonKAmVgFg3L2YTH7AeBLO3NLneOJViQ
k7wFS0u8QBxZ6WUO3mCWejnPpb8CAwEAAaOCAsAwggK8MB0GA1UdDgQWBBT287y9
Yp6n6Sz5Qdfg1WPUOwP6TjAfBgNVHSMEGDAWgBTv0sPeOujEzp57k8n31FupLrFO
jDAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NzZFRjAvNkU4MTI4NjQ2QUFBMTFFRjlEQUM4Q0E1NzYyRTk1MUEvNzlMRDNq
cm94TTZlZTVQSjk5UmJxUzZ4VG93LmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvNzlMRDNqcm94TTZlZTVQSjk5UmJxUzZ4VG93LmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2NzZFRjAvNkU4MTI4NjQ2QUFBMTFFRjlEQUM4Q0E1NzYy
RTk1MUEvMjBBNUI1NDI2QUFGMTFFRjlFQzNBQTQyNzYyRTk1MUEucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDA6BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEAmbegAMEAmbfhAMEAsX/8DAN
BAIAAjAHAwUALA/72DANBgkqhkiG9w0BAQsFAAOCAQEAs8wzzr8CGCRAuk0sHWjb
s4yOMJW/OcYoZVicC9z37yVUhmkvHqLh5JAj4rxVlvHccrKXllmKWoprH91PKSN7
/PU8FDMuXid415fM96xl2vdsqG0z4MCgkDdxK3+HKFCCBYAUMUai6fRiISwvkT8+
CRG4R5fHGqfn8B/Hme6KULX4q2TgjPQrQyKviB4Ld2LGBdeAHEoIVxTUSVvdvM3F
vQZE0lyLEaxdFn8SXS4+OK5fY/yea0zU9SXNDeCuIxrAV/1zNRDD0zIBBV7gAV31
AXDyKLudf6DeGyqEGjpzxECOOyFKiIiJtSFS5m7g/X1bySRBgfQU6j5qxVPEmuE6
FA==
-----END CERTIFICATE-----
Generated at Thu Oct 24 06:47:48 2024 by rpki-client on console-fra.rpki-client.org