Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3678D2D/186D29CE12B111EA8C9E843AF8AEA228/5142A9C212B111EAAF53AF3AF8AEA228.roa
File: 5142A9C212B111EAAF53AF3AF8AEA228.roa (raw, json)
Hash identifier: xG/mwLzjMt/AD4VCyWzSqQgk/KYhEOItbq9UQDh1nvU=
Subject key identifier: 14:83:42:C2:45:5C:7C:4B:37:B7:78:67:44:96:7D:4F:D3:71:1C:9A
Certificate issuer: /CN=F3678D2DAF/serialNumber=ECA52ED6EB2B18B3AF19BA792CF33E00EFED77EA
Certificate serial: 02
Authority key identifier: EC:A5:2E:D6:EB:2B:18:B3:AF:19:BA:79:2C:F3:3E:00:EF:ED:77:EA
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/7KUu1usrGLOvGbp5LPM-AO_td-o.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3678D2D/186D29CE12B111EA8C9E843AF8AEA228/5142A9C212B111EAAF53AF3AF8AEA228.roa
Signing time: Fri 29 Nov 2019 14:05:37 +0000
ROA not before: Fri 29 Nov 2019 14:05:31 +0000
ROA not after: Tue 20 Nov 2029 14:05:31 +0000
asID: 36924
IP address blocks: 102.23.0.0/18 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3678D2D/186D29CE12B111EA8C9E843AF8AEA228/7KUu1usrGLOvGbp5LPM-AO_td-o.crl
rsync://rpki.afrinic.net/repository/member_repository/F3678D2D/186D29CE12B111EA8C9E843AF8AEA228/7KUu1usrGLOvGbp5LPM-AO_td-o.mft
rsync://rpki.afrinic.net/repository/afrinic/7KUu1usrGLOvGbp5LPM-AO_td-o.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3678D2DAF/serialNumber=ECA52ED6EB2B18B3AF19BA792CF33E00EFED77EA
Validity
Not Before: Nov 29 14:05:31 2019 GMT
Not After : Nov 20 14:05:31 2029 GMT
Subject: CN=5de125b1-7539
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:f6:1a:c9:e0:70:4d:73:e5:9d:05:12:68:f7:
31:dd:0f:f3:f6:1d:fe:ba:55:0e:67:cc:1a:04:ef:
79:f8:05:19:de:ad:d8:2d:31:2f:46:33:b9:b1:6f:
31:8e:5f:07:b3:53:c3:b2:17:54:14:ea:1d:d8:23:
ad:9a:08:27:99:aa:1c:70:d9:ff:3e:42:ac:37:cc:
37:71:d6:cf:4e:67:b3:20:ff:42:8c:c3:b4:6b:59:
00:29:e7:cc:c7:3f:8d:ac:2c:ff:63:fc:a3:d4:dd:
66:02:1d:32:6f:7f:44:69:c4:7b:ab:5d:7c:ae:77:
4a:46:11:23:2d:de:57:a4:36:6f:73:30:3b:3c:e0:
c0:90:20:0c:1a:b7:21:48:b5:0a:ae:5c:63:24:bf:
4a:06:63:34:ba:16:82:a3:72:9b:fb:9a:05:85:5e:
88:9b:db:88:58:3d:69:b3:24:01:b8:bd:b9:40:cd:
3b:27:4b:f2:e2:f7:05:ca:93:ea:fa:73:4b:d2:36:
2e:24:4d:94:08:cb:0f:98:86:1a:f9:81:de:73:0a:
ce:5a:e5:5d:15:3b:a3:a8:e9:da:7a:d2:a0:59:0d:
bf:ac:46:6b:38:cb:27:43:b6:4b:05:ef:9b:f8:10:
49:8d:7d:5e:54:27:38:b4:72:3d:1c:43:5a:9a:7e:
52:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:83:42:C2:45:5C:7C:4B:37:B7:78:67:44:96:7D:4F:D3:71:1C:9A
X509v3 Authority Key Identifier:
keyid:EC:A5:2E:D6:EB:2B:18:B3:AF:19:BA:79:2C:F3:3E:00:EF:ED:77:EA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3678D2D/186D29CE12B111EA8C9E843AF8AEA228/7KUu1usrGLOvGbp5LPM-AO_td-o.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/7KUu1usrGLOvGbp5LPM-AO_td-o.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3678D2D/186D29CE12B111EA8C9E843AF8AEA228/5142A9C212B111EAAF53AF3AF8AEA228.roa
sbgp-ipAddrBlock: critical
IPv4:
102.23.0.0/18
Signature Algorithm: sha256WithRSAEncryption
70:70:71:0b:68:c3:4f:98:e7:03:4c:d4:62:db:d9:3e:0b:e6:
e5:f9:63:ba:17:6a:4b:fc:eb:7c:82:f3:30:2c:24:22:79:90:
73:ea:39:16:38:f5:ad:61:5f:41:9f:e0:6a:da:8f:b1:c3:a4:
14:7c:ca:3f:e2:1f:ea:bc:84:3c:05:ec:08:cc:ed:a7:bb:4c:
a2:d2:cf:cb:70:b4:0b:ae:d4:59:db:af:74:00:9d:38:b4:ac:
45:14:60:51:a0:89:38:e1:fa:c8:05:d3:d6:ad:34:56:d8:37:
1c:97:ed:d6:e4:65:3a:0a:da:09:f8:94:e6:47:97:26:a7:8f:
d3:c4:4a:0c:c7:be:7b:cd:54:e9:69:bf:56:82:be:19:23:89:
b0:da:7c:ee:d9:d8:ba:7c:cb:50:f7:16:f2:87:94:e7:2b:41:
9e:b2:4a:a7:9b:e6:77:fb:22:dd:cf:f5:ae:b7:83:85:b3:09:
7b:28:c2:5d:8a:67:01:4f:dc:87:5e:5c:81:19:32:ef:e0:24:
da:78:c5:1b:de:24:ce:2a:04:9e:f7:cc:2b:30:0d:1a:a7:d2:
1b:04:86:c1:ac:eb:41:1e:39:d2:e7:a5:6b:7a:be:15:36:c6:
02:56:64:95:d1:50:1c:18:1e:bd:20:73:92:ba:a3:59:a5:d9:
02:6f:89:7b
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY3
OEQyREFGMTEwLwYDVQQFEyhFQ0E1MkVENkVCMkIxOEIzQUYxOUJBNzkyQ0YzM0Uw
MEVGRUQ3N0VBMB4XDTE5MTEyOTE0MDUzMVoXDTI5MTEyMDE0MDUzMVowGDEWMBQG
A1UEAxMNNWRlMTI1YjEtNzUzOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN/2GsngcE1z5Z0FEmj3Md0P8/Yd/rpVDmfMGgTvefgFGd6t2C0xL0YzubFv
MY5fB7NTw7IXVBTqHdgjrZoIJ5mqHHDZ/z5CrDfMN3HWz05nsyD/QozDtGtZACnn
zMc/jaws/2P8o9TdZgIdMm9/RGnEe6tdfK53SkYRIy3eV6Q2b3MwOzzgwJAgDBq3
IUi1Cq5cYyS/SgZjNLoWgqNym/uaBYVeiJvbiFg9abMkAbi9uUDNOydL8uL3BcqT
6vpzS9I2LiRNlAjLD5iGGvmB3nMKzlrlXRU7o6jp2nrSoFkNv6xGazjLJ0O2SwXv
m/gQSY19XlQnOLRyPRxDWpp+UjcCAwEAAaOCAm4wggJqMB0GA1UdDgQWBBQUg0LC
RVx8Sze3eGdEln1P03EcmjAfBgNVHSMEGDAWgBTspS7W6ysYs68Zunks8z4A7+13
6jAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NzhEMkQvMTg2RDI5Q0UxMkIxMTFFQThDOUU4NDNBRjhBRUEyMjgvN0tVdTF1
c3JHTE92R2JwNUxQTS1BT190ZC1vLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvN0tVdTF1c3JHTE92R2JwNUxQTS1BT190ZC1vLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCBpAYIKwYBBQUHAQsEgZcwgZQwgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2NzhEMkQvMTg2RDI5Q0UxMkIxMTFFQThDOUU4NDNBRjhB
RUEyMjgvNTE0MkE5QzIxMkIxMTFFQUFGNTNBRjNBRjhBRUEyMjgucm9hMB8GCCsG
AQUFBwEHAQH/BBAwDjAMBAIAATAGAwQGZhcAMA0GCSqGSIb3DQEBCwUAA4IBAQBw
cHELaMNPmOcDTNRi29k+C+bl+WO6F2pL/Ot8gvMwLCQieZBz6jkWOPWtYV9Bn+Bq
2o+xw6QUfMo/4h/qvIQ8BewIzO2nu0yi0s/LcLQLrtRZ2690AJ04tKxFFGBRoIk4
4frIBdPWrTRW2Dccl+3W5GU6CtoJ+JTmR5cmp4/TxEoMx757zVTpab9Wgr4ZI4mw
2nzu2di6fMtQ9xbyh5TnK0Geskqnm+Z3+yLdz/Wut4OFswl7KMJdimcBT9yHXlyB
GTLv4CTaeMUb3iTOKgSe98wrMA0ap9IbBIbBrOtBHjnS56Vrer4VNsYCVmSV0VAc
GB69IHOSuqNZpdkCb4l7
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:03:44 2024 by rpki-client on console-ams.rpki-client.org