Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F367C8F5/FB11026A016C11EF98CC2F01017001B1/413DAB9E016D11EF96EEF801017001B1.roa
File: 413DAB9E016D11EF96EEF801017001B1.roa (raw, json)
Hash identifier: jxX0GLnr3IIAZJTvWYu2iEdMlTQUIBwAJ3Bou1um83I=
Subject key identifier: A8:87:6B:31:35:92:B6:08:06:9D:13:E0:87:EA:1B:BB:36:8C:3D:6F
Certificate issuer: /CN=F367C8F5AF/serialNumber=33F6581A98AC954F373A47098050D8FE2BF47E3D
Certificate serial: 02
Authority key identifier: 33:F6:58:1A:98:AC:95:4F:37:3A:47:09:80:50:D8:FE:2B:F4:7E:3D
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/M_ZYGpislU83OkcJgFDY_iv0fj0.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F367C8F5/FB11026A016C11EF98CC2F01017001B1/413DAB9E016D11EF96EEF801017001B1.roa
Signing time: Tue 23 Apr 2024 12:30:23 +0000
ROA not before: Tue 23 Apr 2024 12:30:19 +0000
ROA not after: Thu 23 Mar 2034 12:30:19 +0000
asID: 329421
IP address blocks: 102.209.90.0/23 maxlen: 23
102.209.90.0/24 maxlen: 24
102.209.91.0/24 maxlen: 24
2c0f:7340::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F367C8F5/FB11026A016C11EF98CC2F01017001B1/M_ZYGpislU83OkcJgFDY_iv0fj0.crl
rsync://rpki.afrinic.net/repository/member_repository/F367C8F5/FB11026A016C11EF98CC2F01017001B1/M_ZYGpislU83OkcJgFDY_iv0fj0.mft
rsync://rpki.afrinic.net/repository/afrinic/M_ZYGpislU83OkcJgFDY_iv0fj0.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F367C8F5AF/serialNumber=33F6581A98AC954F373A47098050D8FE2BF47E3D
Validity
Not Before: Apr 23 12:30:19 2024 GMT
Not After : Mar 23 12:30:19 2034 GMT
Subject: CN=6627a9df-3c81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:2a:de:1a:0d:ca:f1:64:37:d1:28:ad:b6:e3:
c9:c8:f2:9f:79:72:d4:9f:3a:49:81:64:d2:94:d7:
5d:62:3f:e8:ed:64:07:27:94:56:eb:41:a1:90:b7:
27:3b:0c:15:a2:04:f2:36:f3:c5:af:31:45:40:31:
55:43:dd:2c:b2:a1:c9:d1:83:d2:48:9c:1f:66:1c:
a0:6d:dd:95:cc:7c:88:4b:83:1e:62:03:fe:86:79:
2c:e1:d5:56:48:78:06:d0:6c:91:38:1b:90:10:c9:
9f:cd:5d:ef:d5:b4:0e:a5:88:9a:f7:31:03:6a:cd:
51:0f:f5:63:a1:6a:92:87:51:9c:92:59:b1:f2:b9:
9a:40:54:4b:c6:93:60:3b:38:37:7b:d9:e8:7b:69:
38:10:bc:ab:23:91:42:91:c8:b2:b7:e5:bf:47:77:
ee:95:1b:d5:0a:2a:ea:75:f8:06:3d:57:c3:dc:7e:
4f:96:d2:94:ad:21:67:e2:fd:24:84:a1:3c:08:81:
76:49:f3:c3:d7:98:4b:a9:e7:3f:19:0b:43:ca:c6:
96:5d:f4:ea:dd:aa:2c:19:55:6f:98:ef:7e:6a:35:
a2:42:6d:9c:6e:18:58:85:e9:95:94:82:62:6f:49:
f2:79:ce:6a:25:cc:7d:3d:de:c1:98:22:88:68:3d:
4a:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:87:6B:31:35:92:B6:08:06:9D:13:E0:87:EA:1B:BB:36:8C:3D:6F
X509v3 Authority Key Identifier:
keyid:33:F6:58:1A:98:AC:95:4F:37:3A:47:09:80:50:D8:FE:2B:F4:7E:3D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F367C8F5/FB11026A016C11EF98CC2F01017001B1/M_ZYGpislU83OkcJgFDY_iv0fj0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/M_ZYGpislU83OkcJgFDY_iv0fj0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F367C8F5/FB11026A016C11EF98CC2F01017001B1/413DAB9E016D11EF96EEF801017001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.209.90.0/23
IPv6:
2c0f:7340::/32
Signature Algorithm: sha256WithRSAEncryption
d4:06:d6:c9:54:65:49:84:ca:89:c1:1e:8a:9a:50:66:b2:63:
42:4f:5b:69:5f:af:f7:d2:4b:61:ec:d7:94:4d:18:7a:1a:b3:
1d:3b:01:36:17:92:dd:12:30:a4:09:35:1a:1d:f7:7e:cc:0a:
37:ff:ef:f4:13:d6:92:59:11:bc:02:9a:b6:a3:a1:43:11:b1:
7f:21:fb:a0:d3:3b:21:fc:b6:76:73:59:5b:7a:81:01:4c:8f:
62:32:9a:3e:8c:43:8e:d0:97:d2:ef:96:30:b5:ec:a3:d1:e3:
7d:4e:97:b0:01:c3:c5:95:c7:b7:87:1f:3b:08:d7:d4:74:c6:
20:f7:e7:6c:d8:c9:9b:24:0d:49:72:dc:dd:5f:b1:70:2f:90:
4a:05:a6:fb:91:26:ce:af:a5:7b:2d:0b:06:35:3d:1e:34:0a:
f1:29:69:5b:95:7d:3f:c5:1d:a8:20:f7:2b:2f:3b:18:a8:9a:
86:70:ba:69:8c:4f:c0:44:55:a4:7a:ca:00:3f:e2:e9:06:97:
3f:fd:a2:a9:f2:30:74:4f:44:63:b9:2b:ea:ff:62:05:ae:e1:
8f:be:1a:44:a5:25:a2:8a:05:b0:23:94:8f:20:02:8a:3b:34:
57:18:eb:0d:ae:9f:84:41:bb:ce:5f:93:1b:ac:20:8d:6e:b3:
a9:ed:33:f7
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY3
QzhGNUFGMTEwLwYDVQQFEygzM0Y2NTgxQTk4QUM5NTRGMzczQTQ3MDk4MDUwRDhG
RTJCRjQ3RTNEMB4XDTI0MDQyMzEyMzAxOVoXDTM0MDMyMzEyMzAxOVowGDEWMBQG
A1UEAxMNNjYyN2E5ZGYtM2M4MTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANcq3hoNyvFkN9Eorbbjycjyn3ly1J86SYFk0pTXXWI/6O1kByeUVutBoZC3
JzsMFaIE8jbzxa8xRUAxVUPdLLKhydGD0kicH2YcoG3dlcx8iEuDHmID/oZ5LOHV
Vkh4BtBskTgbkBDJn81d79W0DqWImvcxA2rNUQ/1Y6FqkodRnJJZsfK5mkBUS8aT
YDs4N3vZ6HtpOBC8qyORQpHIsrflv0d37pUb1Qoq6nX4Bj1Xw9x+T5bSlK0hZ+L9
JIShPAiBdknzw9eYS6nnPxkLQ8rGll306t2qLBlVb5jvfmo1okJtnG4YWIXplZSC
Ym9J8nnOaiXMfT3ewZgiiGg9SuUCAwEAAaOCArQwggKwMB0GA1UdDgQWBBSoh2sx
NZK2CAadE+CH6hu7Now9bzAfBgNVHSMEGDAWgBQz9lgamKyVTzc6RwmAUNj+K/R+
PTAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2N0M4RjUvRkIxMTAyNkEwMTZDMTFFRjk4Q0MyRjAxMDE3MDAxQjEvTV9aWUdw
aXNsVTgzT2tjSmdGRFlfaXYwZmowLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvTV9aWUdwaXNsVTgzT2tjSmdGRFlfaXYwZmowLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2N0M4RjUvRkIxMTAyNkEwMTZDMTFFRjk4Q0MyRjAxMDE3
MDAxQjEvNDEzREFCOUUwMTZEMTFFRjk2RUVGODAxMDE3MDAxQjEucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAWbRWjANBAIAAjAHAwUALA9z
QDANBgkqhkiG9w0BAQsFAAOCAQEA1AbWyVRlSYTKicEeippQZrJjQk9baV+v99JL
YezXlE0YehqzHTsBNheS3RIwpAk1Gh33fswKN//v9BPWklkRvAKatqOhQxGxfyH7
oNM7Ify2dnNZW3qBAUyPYjKaPoxDjtCX0u+WMLXso9HjfU6XsAHDxZXHt4cfOwjX
1HTGIPfnbNjJmyQNSXLc3V+xcC+QSgWm+5Emzq+ley0LBjU9HjQK8SlpW5V9P8Ud
qCD3Ky87GKiahnC6aYxPwERVpHrKAD/i6QaXP/2iqfIwdE9EY7kr6v9iBa7hj74a
RKUloooFsCOUjyACijs0VxjrDa6fhEG7zl+TG6wgjW6zqe0z9w==
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:03:45 2024 by rpki-client on console-ams.rpki-client.org