Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3678967/4AA442F478D911EA9A80955CF8AEA228/323F5EAC7AEF11EABF68BC13F8AEA228.roa
File: 323F5EAC7AEF11EABF68BC13F8AEA228.roa (raw, json)
Hash identifier: cAtHhpCyL7sXJPk4hLfJU0qk1+tqkF5Y8qrGns8hrrg=
Subject key identifier: 85:B9:42:A8:DB:D6:CA:0C:6D:8F:59:A2:5E:CD:F4:66:EC:4A:C8:5D
Certificate issuer: /CN=F3678967AF/serialNumber=5CAA982C03179326332D6B770A58E8795CB8459F
Certificate serial: 07
Authority key identifier: 5C:AA:98:2C:03:17:93:26:33:2D:6B:77:0A:58:E8:79:5C:B8:45:9F
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/XKqYLAMXkyYzLWt3CljoeVy4RZ8.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3678967/4AA442F478D911EA9A80955CF8AEA228/323F5EAC7AEF11EABF68BC13F8AEA228.roa
Signing time: Fri 10 Apr 2020 05:50:35 +0000
ROA not before: Fri 10 Apr 2020 05:50:29 +0000
ROA not after: Wed 10 Apr 2030 05:50:29 +0000
asID: 328633
IP address blocks: 102.223.104.0/22 maxlen: 23
2c0f:e848::/32 maxlen: 40
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3678967/4AA442F478D911EA9A80955CF8AEA228/XKqYLAMXkyYzLWt3CljoeVy4RZ8.crl
rsync://rpki.afrinic.net/repository/member_repository/F3678967/4AA442F478D911EA9A80955CF8AEA228/XKqYLAMXkyYzLWt3CljoeVy4RZ8.mft
rsync://rpki.afrinic.net/repository/afrinic/XKqYLAMXkyYzLWt3CljoeVy4RZ8.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 26 Apr 2024 00:05:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7 (0x7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3678967AF/serialNumber=5CAA982C03179326332D6B770A58E8795CB8459F
Validity
Not Before: Apr 10 05:50:29 2020 GMT
Not After : Apr 10 05:50:29 2030 GMT
Subject: CN=5e90092b-7f02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:f3:a4:d8:a0:34:28:3c:aa:f9:67:2b:33:cc:
50:3b:c1:ce:bd:15:4b:e8:7e:d6:25:75:c2:9d:b3:
9e:42:12:fe:1d:89:88:ea:ee:5e:16:a8:87:c3:8e:
a8:47:cb:d3:8b:86:5e:a2:17:37:fa:79:97:b2:da:
cc:66:3d:13:3c:e3:50:96:3f:ec:10:7f:c2:e3:ff:
1f:63:57:07:f5:c6:8f:af:fd:36:4d:2d:f8:a7:f3:
17:78:00:93:e3:3f:63:1f:e2:b1:5e:ff:1d:00:6e:
c2:62:fd:db:af:19:56:40:a6:58:06:4a:26:69:0b:
de:53:da:4f:2e:90:ec:d1:75:05:2e:9c:57:e3:fe:
f0:e7:d3:3a:82:c3:9c:aa:6f:ab:75:e5:9b:3b:e3:
8c:73:25:c0:7a:73:df:f7:88:84:e3:bb:63:77:05:
c6:6a:11:11:d4:fe:db:72:54:7e:ba:bb:c7:04:49:
4b:9d:c4:6a:04:02:82:45:c9:a1:71:08:ce:f3:a7:
66:07:04:e9:90:6c:c6:96:8d:7e:f7:bb:60:45:55:
f5:e3:cd:0c:40:84:3d:5b:3a:f2:4e:ca:e5:fe:e3:
89:7e:d2:6e:3a:ec:7e:9f:a3:50:69:2f:56:fc:fa:
94:5b:5f:bc:39:67:84:55:a3:b2:2d:ad:25:ff:19:
a0:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:B9:42:A8:DB:D6:CA:0C:6D:8F:59:A2:5E:CD:F4:66:EC:4A:C8:5D
X509v3 Authority Key Identifier:
keyid:5C:AA:98:2C:03:17:93:26:33:2D:6B:77:0A:58:E8:79:5C:B8:45:9F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3678967/4AA442F478D911EA9A80955CF8AEA228/XKqYLAMXkyYzLWt3CljoeVy4RZ8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/XKqYLAMXkyYzLWt3CljoeVy4RZ8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3678967/4AA442F478D911EA9A80955CF8AEA228/323F5EAC7AEF11EABF68BC13F8AEA228.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.223.104.0/22
IPv6:
2c0f:e848::/32
Signature Algorithm: sha256WithRSAEncryption
73:ed:59:8e:5b:4e:f8:ee:73:6f:fb:dd:e7:23:31:4f:78:b1:
c2:22:b5:a3:76:3b:62:f6:81:46:4c:9f:15:80:a1:f0:ab:6b:
68:aa:6f:c1:e8:b5:53:12:1b:d0:b3:cf:b1:2a:5e:1a:d9:86:
16:07:04:f0:40:c0:c9:00:14:59:f3:bb:39:d5:3f:51:85:00:
80:e4:31:24:14:5e:63:df:b2:1f:4c:8a:bd:77:51:de:43:9f:
02:6e:58:36:e7:66:c5:ed:a8:a4:6e:6a:f3:aa:54:2d:22:a1:
70:9d:da:8d:fa:3f:e9:5f:b0:f8:be:67:7c:9f:15:f1:d0:ee:
8c:62:6a:55:04:31:5d:c1:31:6e:15:a6:85:be:d4:b6:9d:c5:
5d:a0:da:c3:1f:7b:1c:63:d9:3d:b9:af:a1:aa:01:1e:1b:dd:
61:06:ce:ff:48:21:9d:33:04:11:80:ad:9f:15:0f:aa:c7:63:
d8:ec:0a:56:e9:32:2a:9d:23:cd:fb:dc:b9:44:d9:98:b8:d8:
b0:e3:92:d6:1c:67:c8:22:a0:2a:c7:3d:98:73:5a:2a:5c:b1:
b0:52:16:97:e0:69:ca:83:ca:87:be:91:64:32:ca:3c:4f:ac:
d8:03:6f:aa:e6:26:25:33:e8:53:aa:d2:fb:a1:29:e4:a7:f5:
b0:a3:0b:36
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgIBBzANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY3
ODk2N0FGMTEwLwYDVQQFEyg1Q0FBOTgyQzAzMTc5MzI2MzMyRDZCNzcwQTU4RTg3
OTVDQjg0NTlGMB4XDTIwMDQxMDA1NTAyOVoXDTMwMDQxMDA1NTAyOVowGDEWMBQG
A1UEAxMNNWU5MDA5MmItN2YwMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANHzpNigNCg8qvlnKzPMUDvBzr0VS+h+1iV1wp2znkIS/h2JiOruXhaoh8OO
qEfL04uGXqIXN/p5l7LazGY9EzzjUJY/7BB/wuP/H2NXB/XGj6/9Nk0t+KfzF3gA
k+M/Yx/isV7/HQBuwmL9268ZVkCmWAZKJmkL3lPaTy6Q7NF1BS6cV+P+8OfTOoLD
nKpvq3XlmzvjjHMlwHpz3/eIhOO7Y3cFxmoREdT+23JUfrq7xwRJS53EagQCgkXJ
oXEIzvOnZgcE6ZBsxpaNfve7YEVV9ePNDECEPVs68k7K5f7jiX7Sbjrsfp+jUGkv
Vvz6lFtfvDlnhFWjsi2tJf8ZoKUCAwEAAaOCArQwggKwMB0GA1UdDgQWBBSFuUKo
29bKDG2PWaJezfRm7ErIXTAfBgNVHSMEGDAWgBRcqpgsAxeTJjMta3cKWOh5XLhF
nzAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2Nzg5NjcvNEFBNDQyRjQ3OEQ5MTFFQTlBODA5NTVDRjhBRUEyMjgvWEtxWUxB
TVhreVl6TFd0M0Nsam9lVnk0Ulo4LmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvWEtxWUxBTVhreVl6TFd0M0Nsam9lVnk0Ulo4LmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2Nzg5NjcvNEFBNDQyRjQ3OEQ5MTFFQTlBODA5NTVDRjhB
RUEyMjgvMzIzRjVFQUM3QUVGMTFFQUJGNjhCQzEzRjhBRUEyMjgucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAmbfaDANBAIAAjAHAwUALA/o
SDANBgkqhkiG9w0BAQsFAAOCAQEAc+1ZjltO+O5zb/vd5yMxT3ixwiK1o3Y7YvaB
RkyfFYCh8KtraKpvwei1UxIb0LPPsSpeGtmGFgcE8EDAyQAUWfO7OdU/UYUAgOQx
JBReY9+yH0yKvXdR3kOfAm5YNudmxe2opG5q86pULSKhcJ3ajfo/6V+w+L5nfJ8V
8dDujGJqVQQxXcExbhWmhb7Utp3FXaDawx97HGPZPbmvoaoBHhvdYQbO/0ghnTME
EYCtnxUPqsdj2OwKVukyKp0jzfvcuUTZmLjYsOOS1hxnyCKgKsc9mHNaKlyxsFIW
l+BpyoPKh76RZDLKPE+s2ANvquYmJTPoU6rS+6Ep5Kf1sKMLNg==
-----END CERTIFICATE-----
Generated at Wed Apr 24 01:49:49 2024 by rpki-client on console-fra.rpki-client.org