Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3679680/67101F50E29111EEBC9A7258775412E6/2F6023ECE29211EEB2E4FA5C775412E6.roa
File: 2F6023ECE29211EEB2E4FA5C775412E6.roa (raw, json)
Hash identifier: q7jNd1y1Y6KLB0N5MRMBr1m0H8I9Vdkf0cqM9mEbDLA=
Subject key identifier: 74:BB:6A:1D:22:64:1E:4F:55:4B:D9:76:4D:A7:0A:8A:5E:54:99:C0
Certificate issuer: /CN=F3679680AF/serialNumber=BA2FFD5CE37C01C6ED94FB95C358D70A298DC974
Certificate serial: 02
Authority key identifier: BA:2F:FD:5C:E3:7C:01:C6:ED:94:FB:95:C3:58:D7:0A:29:8D:C9:74
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/ui_9XON8AcbtlPuVw1jXCimNyXQ.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3679680/67101F50E29111EEBC9A7258775412E6/2F6023ECE29211EEB2E4FA5C775412E6.roa
Signing time: Fri 15 Mar 2024 06:06:38 +0000
ROA not before: Fri 15 Mar 2024 06:06:35 +0000
ROA not after: Tue 31 Dec 2030 06:06:35 +0000
asID: 329371
IP address blocks: 102.209.144.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3679680/67101F50E29111EEBC9A7258775412E6/ui_9XON8AcbtlPuVw1jXCimNyXQ.crl
rsync://rpki.afrinic.net/repository/member_repository/F3679680/67101F50E29111EEBC9A7258775412E6/ui_9XON8AcbtlPuVw1jXCimNyXQ.mft
rsync://rpki.afrinic.net/repository/afrinic/ui_9XON8AcbtlPuVw1jXCimNyXQ.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3679680AF/serialNumber=BA2FFD5CE37C01C6ED94FB95C358D70A298DC974
Validity
Not Before: Mar 15 06:06:35 2024 GMT
Not After : Dec 31 06:06:35 2030 GMT
Subject: CN=65f3e56e-37c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:59:0b:80:4d:c2:3a:9b:da:5d:dc:ca:85:0d:
aa:13:1b:15:e2:75:3d:f5:9d:98:de:a7:9e:99:63:
50:66:77:2d:6f:8b:08:d4:38:11:7c:18:a5:e2:28:
2a:f6:bc:7d:d9:b8:44:e9:25:f1:1c:07:86:3c:c3:
77:2b:f9:94:ba:f2:cf:81:35:80:6f:75:d2:e8:e7:
82:e0:be:e6:79:90:0b:3d:ca:ce:8d:54:b6:30:cb:
78:17:43:c0:59:c9:16:d3:0d:f5:22:ca:69:c1:10:
8a:49:9b:41:0e:2d:ba:7d:37:57:e7:a1:57:d2:7d:
aa:04:3b:e3:72:91:d9:03:74:dc:74:01:d8:08:a1:
b5:99:fc:d9:dc:21:3b:14:0f:a5:d9:01:e6:ef:4c:
92:76:75:5f:11:64:9b:31:09:32:a4:20:f0:6a:3d:
84:aa:78:65:3f:d1:23:59:64:09:83:38:12:6a:1e:
92:b1:75:a0:b7:37:53:b4:6d:40:79:2b:c1:58:10:
f5:ce:fd:fe:b9:05:c4:c9:8d:6b:2a:aa:0f:16:a2:
e3:91:32:12:da:f2:6e:8a:f5:0e:03:85:ab:db:fd:
b3:81:f2:9b:50:99:51:49:83:50:e6:48:db:f5:d4:
5f:d2:42:59:b5:17:0e:3d:cf:53:7d:2f:a1:cb:7d:
7f:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:BB:6A:1D:22:64:1E:4F:55:4B:D9:76:4D:A7:0A:8A:5E:54:99:C0
X509v3 Authority Key Identifier:
keyid:BA:2F:FD:5C:E3:7C:01:C6:ED:94:FB:95:C3:58:D7:0A:29:8D:C9:74
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3679680/67101F50E29111EEBC9A7258775412E6/ui_9XON8AcbtlPuVw1jXCimNyXQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/ui_9XON8AcbtlPuVw1jXCimNyXQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3679680/67101F50E29111EEBC9A7258775412E6/2F6023ECE29211EEB2E4FA5C775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.209.144.0/22
Signature Algorithm: sha256WithRSAEncryption
38:4c:83:5b:de:ad:f3:05:2e:57:1d:fb:2f:cb:0c:8d:40:70:
b2:e7:c2:3c:24:21:36:8c:ad:de:84:58:4b:34:71:0b:52:bb:
04:0c:42:3b:da:d7:0b:b9:34:e4:fb:9c:fa:48:1f:8c:a6:01:
99:b2:c0:03:2c:94:3e:29:c7:53:66:dd:08:a5:0c:51:24:00:
33:d5:2f:a5:34:2e:5a:59:6e:89:28:89:02:af:97:43:86:82:
00:52:4c:95:9b:db:4a:2e:37:37:bd:f4:15:22:e7:bc:64:5e:
de:fb:d6:82:83:3f:ac:fa:63:72:fc:b4:5d:58:df:c6:6d:7b:
08:d0:48:ad:46:9b:9c:ce:ad:e0:cc:cf:7b:85:b2:4e:af:c3:
21:8f:07:00:bc:b6:15:ec:1d:87:0f:b6:04:e1:2e:20:54:fe:
7c:07:2b:08:66:d2:db:eb:c2:58:0b:b5:3f:83:ff:09:74:77:
d8:60:dc:86:62:72:36:a1:d0:03:2e:05:68:62:f5:92:6b:36:
96:a3:23:b2:11:8d:59:c1:37:70:4d:df:79:c0:c2:a2:06:91:
d1:00:46:25:95:58:72:e0:f1:6f:1b:e7:2c:7c:7b:18:de:e8:
b7:f2:e1:50:cb:13:03:7a:26:d6:6c:c3:31:38:eb:97:65:c9:
4a:88:45:e5
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY3
OTY4MEFGMTEwLwYDVQQFEyhCQTJGRkQ1Q0UzN0MwMUM2RUQ5NEZCOTVDMzU4RDcw
QTI5OERDOTc0MB4XDTI0MDMxNTA2MDYzNVoXDTMwMTIzMTA2MDYzNVowGDEWMBQG
A1UEAxMNNjVmM2U1NmUtMzdjNTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALxZC4BNwjqb2l3cyoUNqhMbFeJ1PfWdmN6nnpljUGZ3LW+LCNQ4EXwYpeIo
Kva8fdm4ROkl8RwHhjzDdyv5lLryz4E1gG910ujnguC+5nmQCz3Kzo1UtjDLeBdD
wFnJFtMN9SLKacEQikmbQQ4tun03V+ehV9J9qgQ743KR2QN03HQB2AihtZn82dwh
OxQPpdkB5u9MknZ1XxFkmzEJMqQg8Go9hKp4ZT/RI1lkCYM4EmoekrF1oLc3U7Rt
QHkrwVgQ9c79/rkFxMmNayqqDxai45EyEtrybor1DgOFq9v9s4Hym1CZUUmDUOZI
2/XUX9JCWbUXDj3PU30voct9fzkCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBR0u2od
ImQeT1VL2XZNpwqKXlSZwDAfBgNVHSMEGDAWgBS6L/1c43wBxu2U+5XDWNcKKY3J
dDAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2Nzk2ODAvNjcxMDFGNTBFMjkxMTFFRUJDOUE3MjU4Nzc1NDEyRTYvdWlfOVhP
TjhBY2J0bFB1VncxalhDaW1OeVhRLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvdWlfOVhPTjhBY2J0bFB1VncxalhDaW1OeVhRLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2Nzk2ODAvNjcxMDFGNTBFMjkxMTFFRUJDOUE3MjU4Nzc1
NDEyRTYvMkY2MDIzRUNFMjkyMTFFRUIyRTRGQTVDNzc1NDEyRTYucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAmbRkDANBgkqhkiG9w0BAQsF
AAOCAQEAOEyDW96t8wUuVx37L8sMjUBwsufCPCQhNoyt3oRYSzRxC1K7BAxCO9rX
C7k05Puc+kgfjKYBmbLAAyyUPinHU2bdCKUMUSQAM9UvpTQuWlluiSiJAq+XQ4aC
AFJMlZvbSi43N730FSLnvGRe3vvWgoM/rPpjcvy0XVjfxm17CNBIrUabnM6t4MzP
e4WyTq/DIY8HALy2Fewdhw+2BOEuIFT+fAcrCGbS2+vCWAu1P4P/CXR32GDchmJy
NqHQAy4FaGL1kms2lqMjshGNWcE3cE3fecDCogaR0QBGJZVYcuDxbxvnLHx7GN7o
t/LhUMsTA3om1mzDMTjrl2XJSohF5Q==
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:52:56 2024 by rpki-client on console-fra.rpki-client.org