Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3680C14/64AB2F2A5AE011E69FCD5032F8AEA228/B33457F859DA11EC856F77BD5A40D577.roa
File: B33457F859DA11EC856F77BD5A40D577.roa (raw, json)
Hash identifier: agjY6LUdCjwnZ2M4yw1LKIU5MO1B5MHNkAfCnRIca5I=
Subject key identifier: 6A:75:59:C8:02:A1:9A:F4:03:A0:03:39:60:29:C8:A4:9F:60:D0:BF
Certificate issuer: /CN=F3680C14AF/serialNumber=BCDFF0C9D28F1AB45062F493BB3566CAC142646D
Certificate serial: 07C8
Authority key identifier: BC:DF:F0:C9:D2:8F:1A:B4:50:62:F4:93:BB:35:66:CA:C1:42:64:6D
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/vN_wydKPGrRQYvSTuzVmysFCZG0.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3680C14/64AB2F2A5AE011E69FCD5032F8AEA228/B33457F859DA11EC856F77BD5A40D577.roa
Signing time: Fri 10 Dec 2021 17:00:39 +0000
ROA not before: Fri 10 Dec 2021 17:00:34 +0000
ROA not after: Fri 31 Dec 2032 17:00:34 +0000
asID: 327966
IP address blocks: 102.217.160.0/22 maxlen: 24
197.159.88.0/21 maxlen: 24
2c0f:f588::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3680C14/64AB2F2A5AE011E69FCD5032F8AEA228/vN_wydKPGrRQYvSTuzVmysFCZG0.crl
rsync://rpki.afrinic.net/repository/member_repository/F3680C14/64AB2F2A5AE011E69FCD5032F8AEA228/vN_wydKPGrRQYvSTuzVmysFCZG0.mft
rsync://rpki.afrinic.net/repository/afrinic/vN_wydKPGrRQYvSTuzVmysFCZG0.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 28 Apr 2024 00:04:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1992 (0x7c8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3680C14AF/serialNumber=BCDFF0C9D28F1AB45062F493BB3566CAC142646D
Validity
Not Before: Dec 10 17:00:34 2021 GMT
Not After : Dec 31 17:00:34 2032 GMT
Subject: CN=61b387b7-fec2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:08:48:d9:7b:ba:2b:43:9e:d1:ad:38:65:29:
15:85:05:c7:6a:53:f1:0f:50:38:7b:26:8c:61:54:
c0:e0:f7:d7:4e:3b:ab:6e:9e:56:34:69:99:a6:9a:
2c:e0:97:cc:80:c7:04:85:22:2b:63:0a:e1:e4:57:
dd:86:9a:a4:62:cf:07:ae:3a:ab:c3:19:5b:94:91:
8a:6e:c1:fe:c6:44:96:97:46:61:e7:21:0e:aa:ba:
f3:e2:65:32:2d:f5:da:94:e7:7c:99:09:d0:47:5f:
26:33:86:b5:7f:14:e7:16:2c:7f:c2:67:ca:db:32:
c6:52:8f:0a:9d:e8:4f:ae:64:8e:1d:29:34:c6:e0:
c0:49:c3:55:33:92:df:1d:2a:b0:78:b2:b9:6c:f5:
63:ff:ac:c4:dc:2d:f1:56:a6:bd:cc:c8:ad:b2:f7:
cb:72:83:c9:f9:18:b1:25:b2:34:89:eb:3a:06:7e:
b5:9a:c9:3c:03:6d:55:09:55:7b:af:9f:dd:28:41:
14:38:b0:f5:0d:45:c6:a8:46:81:2d:f7:08:fa:e5:
77:11:32:b1:42:15:a1:70:94:35:47:6b:a4:bf:64:
4d:a4:35:25:00:6f:6e:11:6b:5a:ce:d1:9f:b9:6b:
3e:f9:1c:1c:94:de:14:97:4d:8e:95:68:e8:c0:50:
fd:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:75:59:C8:02:A1:9A:F4:03:A0:03:39:60:29:C8:A4:9F:60:D0:BF
X509v3 Authority Key Identifier:
keyid:BC:DF:F0:C9:D2:8F:1A:B4:50:62:F4:93:BB:35:66:CA:C1:42:64:6D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3680C14/64AB2F2A5AE011E69FCD5032F8AEA228/vN_wydKPGrRQYvSTuzVmysFCZG0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/vN_wydKPGrRQYvSTuzVmysFCZG0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3680C14/64AB2F2A5AE011E69FCD5032F8AEA228/B33457F859DA11EC856F77BD5A40D577.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.217.160.0/22
197.159.88.0/21
IPv6:
2c0f:f588::/32
Signature Algorithm: sha256WithRSAEncryption
60:af:89:99:55:b1:c7:68:73:13:eb:a7:b0:2f:fd:a4:4e:06:
db:dd:b7:2e:3e:a3:32:a7:05:d2:a9:32:84:1b:05:bb:db:bf:
da:d0:e9:44:b6:bb:c3:d8:da:f1:79:9f:0d:23:ed:85:b1:47:
5a:cc:6e:19:65:81:fe:c7:d8:a6:bd:39:37:00:7c:c6:ce:d1:
e4:bf:77:52:c8:99:bd:6c:63:14:26:09:15:86:d4:7f:ad:44:
3f:a7:d0:2f:f7:4b:53:7d:87:bb:2b:4e:80:c7:a3:20:c7:4a:
31:1c:e8:e9:46:93:07:91:53:97:4d:8e:6c:b2:65:2d:32:ee:
22:2b:cd:d2:5a:dc:34:66:2c:51:66:cd:b3:a9:fc:f8:86:df:
c5:9f:bb:d0:66:9f:49:33:a4:ec:d9:b1:db:91:2b:6d:3f:96:
8f:76:71:40:91:0b:e6:97:36:b1:d2:5a:8a:74:f5:d1:92:c3:
d6:2f:be:c4:e8:c7:ee:2d:20:e9:10:8f:4a:5f:b4:3e:df:13:
ef:cb:b5:ae:fb:40:b0:01:bb:21:c7:fe:49:b6:ed:b6:20:c5:
29:6b:25:d6:b1:34:4e:2e:59:dc:6b:23:a6:36:c3:9b:95:7c:
94:ac:b9:68:a6:47:fd:33:f0:a8:fa:0b:28:3d:ee:ec:e4:cf:
d6:19:c7:bd
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgICB8gwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODBDMTRBRjExMC8GA1UEBRMoQkNERkYwQzlEMjhGMUFCNDUwNjJGNDkzQkIzNTY2
Q0FDMTQyNjQ2RDAeFw0yMTEyMTAxNzAwMzRaFw0zMjEyMzExNzAwMzRaMBgxFjAU
BgNVBAMMDTYxYjM4N2I3LWZlYzIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC4CEjZe7orQ57RrThlKRWFBcdqU/EPUDh7JoxhVMDg99dOO6tunlY0aZmm
mizgl8yAxwSFIitjCuHkV92GmqRizweuOqvDGVuUkYpuwf7GRJaXRmHnIQ6quvPi
ZTIt9dqU53yZCdBHXyYzhrV/FOcWLH/CZ8rbMsZSjwqd6E+uZI4dKTTG4MBJw1Uz
kt8dKrB4srls9WP/rMTcLfFWpr3MyK2y98tyg8n5GLElsjSJ6zoGfrWayTwDbVUJ
VXuvn90oQRQ4sPUNRcaoRoEt9wj65XcRMrFCFaFwlDVHa6S/ZE2kNSUAb24Ra1rO
0Z+5az75HByU3hSXTY6VaOjAUP1LAgMBAAGjggK6MIICtjAdBgNVHQ4EFgQUanVZ
yAKhmvQDoAM5YCnIpJ9g0L8wHwYDVR0jBBgwFoAUvN/wydKPGrRQYvSTuzVmysFC
ZG0wDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgwQzE0LzY0QUIyRjJBNUFFMDExRTY5RkNENTAzMkY4QUVBMjI4L3ZOX3d5
ZEtQR3JSUVl2U1R1elZteXNGQ1pHMC5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL3ZOX3d5ZEtQR3JSUVl2U1R1elZteXNGQ1pHMC5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgwQzE0LzY0QUIyRjJBNUFFMDExRTY5RkNENTAzMkY4
QUVBMjI4L0IzMzQ1N0Y4NTlEQTExRUM4NTZGNzdCRDVBNDBENTc3LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwNAYIKwYBBQUHAQcBAf8EJTAjMBIEAgABMAwDBAJm2aADBAPFn1gwDQQCAAIw
BwMFACwP9YgwDQYJKoZIhvcNAQELBQADggEBAGCviZlVscdocxPrp7Av/aROBtvd
ty4+ozKnBdKpMoQbBbvbv9rQ6US2u8PY2vF5nw0j7YWxR1rMbhllgf7H2Ka9OTcA
fMbO0eS/d1LImb1sYxQmCRWG1H+tRD+n0C/3S1N9h7srToDHoyDHSjEc6OlGkweR
U5dNjmyyZS0y7iIrzdJa3DRmLFFmzbOp/PiG38Wfu9Bmn0kzpOzZsduRK20/lo92
cUCRC+aXNrHSWop09dGSw9YvvsTox+4tIOkQj0pftD7fE+/Lta77QLABuyHH/km2
7bYgxSlrJdaxNE4uWdxrI6Y2w5uVfJSsuWimR/0z8Kj6Cyg97uzkz9YZx70=
-----END CERTIFICATE-----
Generated at Fri Apr 26 01:39:16 2024 by rpki-client on console-ams.rpki-client.org