Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3676F2F/53EB8D7C4BC211ED9C557CAAF1222468/3BBFB47A4BC311ED9F58BEACF1222468.roa
File: 3BBFB47A4BC311ED9F58BEACF1222468.roa (raw, json)
Hash identifier: Bo9mawZxkmKbqi5DFrR6q3VVhH05Go5EaTiUlVdrV5Y=
Subject key identifier: BD:2C:33:C6:23:65:E7:4C:BF:6A:A6:F5:D5:8E:6E:69:85:17:12:B0
Certificate issuer: /CN=F3676F2FAF/serialNumber=6C9B2B372AC09D2BA92448215A9A5E1F4CEC4BE8
Certificate serial: 02
Authority key identifier: 6C:9B:2B:37:2A:C0:9D:2B:A9:24:48:21:5A:9A:5E:1F:4C:EC:4B:E8
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/bJsrNyrAnSupJEghWppeH0zsS-g.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3676F2F/53EB8D7C4BC211ED9C557CAAF1222468/3BBFB47A4BC311ED9F58BEACF1222468.roa
Signing time: Fri 14 Oct 2022 13:22:21 +0000
ROA not before: Fri 14 Oct 2022 13:22:18 +0000
ROA not after: Sun 31 Oct 2032 13:22:18 +0000
asID: 328996
IP address blocks: 102.219.75.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3676F2F/53EB8D7C4BC211ED9C557CAAF1222468/bJsrNyrAnSupJEghWppeH0zsS-g.crl
rsync://rpki.afrinic.net/repository/member_repository/F3676F2F/53EB8D7C4BC211ED9C557CAAF1222468/bJsrNyrAnSupJEghWppeH0zsS-g.mft
rsync://rpki.afrinic.net/repository/afrinic/bJsrNyrAnSupJEghWppeH0zsS-g.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 20 May 2024 00:04:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3676F2FAF/serialNumber=6C9B2B372AC09D2BA92448215A9A5E1F4CEC4BE8
Validity
Not Before: Oct 14 13:22:18 2022 GMT
Not After : Oct 31 13:22:18 2032 GMT
Subject: CN=6349628d-90c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:66:cd:cb:a8:bf:79:e0:f1:b2:88:cf:a5:55:
5a:81:73:78:d9:55:06:23:91:30:c8:48:89:bd:e2:
04:30:9a:5a:cc:d6:9a:f6:78:db:3c:a9:e7:74:00:
f6:d4:c4:43:1f:9e:89:d9:e5:32:b8:0c:92:d8:8e:
63:b8:e7:a4:ab:cc:e6:69:54:a7:f4:e9:c0:6f:52:
ba:3d:47:65:95:71:9a:91:5e:eb:a8:e3:24:73:41:
c4:22:bd:53:e4:67:e8:1a:17:4e:57:43:bc:df:b9:
41:de:ce:05:18:d7:97:14:18:04:76:54:17:c5:7d:
a5:31:ef:90:dd:3a:16:83:b9:36:02:c7:e6:61:d2:
4f:08:f1:d6:6a:65:e5:ba:6c:70:7f:87:e8:91:86:
48:78:0e:0d:16:30:28:72:d4:60:ab:51:d7:25:8c:
bb:4d:be:d7:09:17:04:ad:01:01:a4:ae:8d:3b:a4:
50:fe:95:cd:da:2a:07:54:7a:a0:6f:cb:a2:76:1b:
8e:8c:66:ca:ed:e7:27:cc:3e:0c:32:2e:98:14:d7:
f3:e2:d7:26:b4:16:40:a6:78:79:85:8e:e0:93:03:
b1:a1:4d:7b:9e:46:82:f7:5e:a0:7e:b7:e0:89:ab:
8d:13:99:19:3d:d9:7d:2b:ca:6f:6a:29:55:1f:79:
7e:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:2C:33:C6:23:65:E7:4C:BF:6A:A6:F5:D5:8E:6E:69:85:17:12:B0
X509v3 Authority Key Identifier:
keyid:6C:9B:2B:37:2A:C0:9D:2B:A9:24:48:21:5A:9A:5E:1F:4C:EC:4B:E8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3676F2F/53EB8D7C4BC211ED9C557CAAF1222468/bJsrNyrAnSupJEghWppeH0zsS-g.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/bJsrNyrAnSupJEghWppeH0zsS-g.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3676F2F/53EB8D7C4BC211ED9C557CAAF1222468/3BBFB47A4BC311ED9F58BEACF1222468.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.219.75.0/24
Signature Algorithm: sha256WithRSAEncryption
a2:7d:77:ce:01:34:8c:d5:98:b4:74:c7:9e:d5:31:15:08:32:
1d:01:34:0a:14:b1:00:cb:90:15:b5:94:29:c6:59:59:b5:a0:
c8:38:3a:ad:13:16:04:26:1e:8a:46:4e:08:4c:89:4c:f8:2a:
22:8a:8f:ac:89:fc:83:b8:49:a2:59:ff:dc:c4:5b:4d:86:ba:
bb:50:cf:69:26:1c:72:d0:9b:ec:97:6c:fd:00:58:63:0c:b8:
12:2b:3e:e8:84:cb:91:13:4a:5d:52:57:99:0d:70:f4:bc:dd:
a0:0c:51:7d:63:aa:23:48:eb:be:8f:b2:df:a7:c9:8a:e9:49:
20:d3:42:e1:b3:a5:bf:e5:88:60:b0:6b:36:b6:fe:cc:89:e7:
f1:be:e5:b0:9a:d1:eb:4a:01:28:6a:67:4a:67:29:89:c5:ba:
dc:c1:35:81:eb:ef:f8:ab:89:e2:1e:c2:f8:b3:68:04:78:43:
99:aa:10:6f:d2:c2:3d:a5:43:eb:d5:e5:56:cd:24:a5:8a:8c:
00:17:34:80:60:2d:c2:02:0a:92:96:93:d7:e3:9d:7c:8d:5c:
4f:18:ac:62:e9:c9:5d:76:40:5f:fc:79:7d:43:6f:db:ea:2c:
67:9c:1b:d7:d2:4a:38:6f:1f:f7:b2:2e:b8:6e:e6:d9:97:45:
69:3f:93:e0
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDDApGMzY3
NkYyRkFGMTEwLwYDVQQFEyg2QzlCMkIzNzJBQzA5RDJCQTkyNDQ4MjE1QTlBNUUx
RjRDRUM0QkU4MB4XDTIyMTAxNDEzMjIxOFoXDTMyMTAzMTEzMjIxOFowGDEWMBQG
A1UEAwwNNjM0OTYyOGQtOTBjNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANhmzcuov3ng8bKIz6VVWoFzeNlVBiORMMhIib3iBDCaWszWmvZ42zyp53QA
9tTEQx+eidnlMrgMktiOY7jnpKvM5mlUp/TpwG9Suj1HZZVxmpFe66jjJHNBxCK9
U+Rn6BoXTldDvN+5Qd7OBRjXlxQYBHZUF8V9pTHvkN06FoO5NgLH5mHSTwjx1mpl
5bpscH+H6JGGSHgODRYwKHLUYKtR1yWMu02+1wkXBK0BAaSujTukUP6VzdoqB1R6
oG/LonYbjoxmyu3nJ8w+DDIumBTX8+LXJrQWQKZ4eYWO4JMDsaFNe55GgvdeoH63
4ImrjROZGT3ZfSvKb2opVR95fksCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBS9LDPG
I2XnTL9qpvXVjm5phRcSsDAfBgNVHSMEGDAWgBRsmys3KsCdK6kkSCFaml4fTOxL
6DAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NzZGMkYvNTNFQjhEN0M0QkMyMTFFRDlDNTU3Q0FBRjEyMjI0NjgvYkpzck55
ckFuU3VwSkVnaFdwcGVIMHpzUy1nLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvYkpzck55ckFuU3VwSkVnaFdwcGVIMHpzUy1nLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2NzZGMkYvNTNFQjhEN0M0QkMyMTFFRDlDNTU3Q0FBRjEy
MjI0NjgvM0JCRkI0N0E0QkMzMTFFRDlGNThCRUFDRjEyMjI0Njgucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAGbbSzANBgkqhkiG9w0BAQsF
AAOCAQEAon13zgE0jNWYtHTHntUxFQgyHQE0ChSxAMuQFbWUKcZZWbWgyDg6rRMW
BCYeikZOCEyJTPgqIoqPrIn8g7hJoln/3MRbTYa6u1DPaSYcctCb7Jds/QBYYwy4
Eis+6ITLkRNKXVJXmQ1w9LzdoAxRfWOqI0jrvo+y36fJiulJINNC4bOlv+WIYLBr
Nrb+zInn8b7lsJrR60oBKGpnSmcpicW63ME1gevv+KuJ4h7C+LNoBHhDmaoQb9LC
PaVD69XlVs0kpYqMABc0gGAtwgIKkpaT1+OdfI1cTxisYunJXXZAX/x5fUNv2+os
Z5wb19JKOG8f97IuuG7m2ZdFaT+T4A==
-----END CERTIFICATE-----
Generated at Sat May 18 04:03:38 2024 by rpki-client on console-ams.rpki-client.org