Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3680C14/64AB2F2A5AE011E69FCD5032F8AEA228/F7CE05E67D7A11EF88A9F065762E951A.roa
File: F7CE05E67D7A11EF88A9F065762E951A.roa (raw, json)
Hash identifier: CO1sEd4b6tDHp7VX2OHYT+QzzDJimiXxpvi4W3VBGpA=
Subject key identifier: 7A:13:A3:41:2B:BC:04:FD:C4:9B:42:7F:4B:4B:13:EF:68:FF:A5:79
Certificate issuer: /CN=F3680C14AF/serialNumber=BCDFF0C9D28F1AB45062F493BB3566CAC142646D
Certificate serial: 0BE2
Authority key identifier: BC:DF:F0:C9:D2:8F:1A:B4:50:62:F4:93:BB:35:66:CA:C1:42:64:6D
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/vN_wydKPGrRQYvSTuzVmysFCZG0.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3680C14/64AB2F2A5AE011E69FCD5032F8AEA228/F7CE05E67D7A11EF88A9F065762E951A.roa
Signing time: Sat 28 Sep 2024 09:20:57 +0000
ROA not before: Sat 28 Sep 2024 09:20:47 +0000
ROA not after: Sun 31 Dec 2034 09:20:47 +0000
asID: 327966
IP address blocks: 102.207.184.0/22 maxlen: 24
102.217.160.0/22 maxlen: 24
197.159.88.0/21 maxlen: 24
2c0f:f588::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3680C14/64AB2F2A5AE011E69FCD5032F8AEA228/vN_wydKPGrRQYvSTuzVmysFCZG0.crl
rsync://rpki.afrinic.net/repository/member_repository/F3680C14/64AB2F2A5AE011E69FCD5032F8AEA228/vN_wydKPGrRQYvSTuzVmysFCZG0.mft
rsync://rpki.afrinic.net/repository/afrinic/vN_wydKPGrRQYvSTuzVmysFCZG0.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3042 (0xbe2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3680C14AF/serialNumber=BCDFF0C9D28F1AB45062F493BB3566CAC142646D
Validity
Not Before: Sep 28 09:20:47 2024 GMT
Not After : Dec 31 09:20:47 2034 GMT
Subject: CN=66f7ca79-186c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:20:e6:3b:75:0f:2f:28:a7:dc:2d:5b:2e:23:
97:8b:32:dc:a6:13:2b:2d:60:ca:b9:70:0c:99:4a:
b1:d3:09:fb:3e:2f:2b:8a:97:58:89:5d:dc:10:a1:
a0:9b:31:87:52:e6:c6:05:34:85:d1:2e:3b:cb:89:
81:c7:e3:50:5e:ff:65:80:84:96:fe:47:59:e0:41:
62:aa:b8:43:31:8a:2a:00:39:dd:d2:96:a4:9d:4c:
33:bd:5f:94:6a:5d:5d:73:77:49:0b:85:b4:03:8d:
1a:04:1f:e2:81:73:f9:4f:0a:cc:8d:2b:c2:f8:fe:
16:39:f8:13:a5:ac:4a:5a:f5:fc:82:30:63:68:10:
be:b0:47:9b:ab:b7:f8:80:58:60:88:62:20:41:33:
42:6d:66:50:87:9b:d9:36:82:5e:98:06:c4:b7:86:
cf:90:bb:3c:63:ec:7d:76:ae:a6:20:57:48:1e:75:
47:21:fd:6a:3c:78:08:61:6d:9f:a7:a1:fa:ed:86:
fa:9d:25:08:bd:ee:7b:69:ae:b8:c1:8d:4e:a2:5f:
4a:c4:1b:86:a8:7f:e6:b0:41:a4:ba:4e:c9:98:f4:
2f:7e:bc:dc:38:23:e3:e1:4d:ec:af:a0:3d:6e:0d:
39:6d:25:ba:4f:22:6c:cc:e4:a4:6b:aa:04:0e:59:
cc:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:13:A3:41:2B:BC:04:FD:C4:9B:42:7F:4B:4B:13:EF:68:FF:A5:79
X509v3 Authority Key Identifier:
keyid:BC:DF:F0:C9:D2:8F:1A:B4:50:62:F4:93:BB:35:66:CA:C1:42:64:6D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3680C14/64AB2F2A5AE011E69FCD5032F8AEA228/vN_wydKPGrRQYvSTuzVmysFCZG0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/vN_wydKPGrRQYvSTuzVmysFCZG0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3680C14/64AB2F2A5AE011E69FCD5032F8AEA228/F7CE05E67D7A11EF88A9F065762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.207.184.0/22
102.217.160.0/22
197.159.88.0/21
IPv6:
2c0f:f588::/32
Signature Algorithm: sha256WithRSAEncryption
95:af:ab:9e:51:7b:bc:c7:1d:db:81:14:3e:64:84:aa:db:d2:
db:63:48:61:96:02:5c:b4:d3:71:57:27:88:78:d2:48:a7:82:
98:b8:73:0d:f9:49:24:2e:ca:63:fb:a1:6f:75:11:b6:62:24:
cc:d2:52:04:aa:2b:20:09:38:c2:a1:e0:a4:8a:3b:d7:4d:ad:
3b:51:16:ae:58:4e:8f:2f:a6:3c:f9:dd:6a:82:60:b3:36:00:
4d:76:a9:a6:3a:f3:ff:51:bb:15:9f:61:ae:9a:39:7c:8d:76:
ca:62:4f:4c:64:8c:68:36:20:12:ce:d0:e8:a4:a5:4d:b1:1f:
88:90:2f:a2:ad:f8:56:eb:9e:c0:d9:6c:7f:b2:2f:de:eb:6d:
c8:62:2d:aa:24:45:c6:fa:f8:f1:2f:25:bd:cd:80:22:17:cf:
56:42:d6:39:9f:8c:30:c2:66:22:33:b5:55:d2:6c:8a:cb:cc:
ae:84:7c:a5:e3:aa:d3:19:31:0f:2b:92:e6:a7:f6:42:54:35:
51:58:1d:92:d0:4b:5c:fb:b3:22:9f:f5:fe:8d:4f:49:43:f0:
e9:a9:78:d7:27:69:58:50:0f:9f:a0:78:ac:2d:a2:c8:e6:6b:
8a:ad:db:a2:cf:4c:c3:5c:f3:ad:e6:ea:38:7e:d5:70:b1:5f:
0e:8a:4e:44
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgICC+IwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODBDMTRBRjExMC8GA1UEBRMoQkNERkYwQzlEMjhGMUFCNDUwNjJGNDkzQkIzNTY2
Q0FDMTQyNjQ2RDAeFw0yNDA5MjgwOTIwNDdaFw0zNDEyMzEwOTIwNDdaMBgxFjAU
BgNVBAMTDTY2ZjdjYTc5LTE4NmMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDYIOY7dQ8vKKfcLVsuI5eLMtymEystYMq5cAyZSrHTCfs+LyuKl1iJXdwQ
oaCbMYdS5sYFNIXRLjvLiYHH41Be/2WAhJb+R1ngQWKquEMxiioAOd3SlqSdTDO9
X5RqXV1zd0kLhbQDjRoEH+KBc/lPCsyNK8L4/hY5+BOlrEpa9fyCMGNoEL6wR5ur
t/iAWGCIYiBBM0JtZlCHm9k2gl6YBsS3hs+Quzxj7H12rqYgV0gedUch/Wo8eAhh
bZ+nofrthvqdJQi97ntprrjBjU6iX0rEG4aof+awQaS6TsmY9C9+vNw4I+PhTeyv
oD1uDTltJbpPImzM5KRrqgQOWczvAgMBAAGjggLAMIICvDAdBgNVHQ4EFgQUehOj
QSu8BP3Em0J/S0sT72j/pXkwHwYDVR0jBBgwFoAUvN/wydKPGrRQYvSTuzVmysFC
ZG0wDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgwQzE0LzY0QUIyRjJBNUFFMDExRTY5RkNENTAzMkY4QUVBMjI4L3ZOX3d5
ZEtQR3JSUVl2U1R1elZteXNGQ1pHMC5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL3ZOX3d5ZEtQR3JSUVl2U1R1elZteXNGQ1pHMC5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgwQzE0LzY0QUIyRjJBNUFFMDExRTY5RkNENTAzMkY4
QUVBMjI4L0Y3Q0UwNUU2N0Q3QTExRUY4OEE5RjA2NTc2MkU5NTFBLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwOgYIKwYBBQUHAQcBAf8EKzApMBgEAgABMBIDBAJmz7gDBAJm2aADBAPFn1gw
DQQCAAIwBwMFACwP9YgwDQYJKoZIhvcNAQELBQADggEBAJWvq55Re7zHHduBFD5k
hKrb0ttjSGGWAly003FXJ4h40kingpi4cw35SSQuymP7oW91EbZiJMzSUgSqKyAJ
OMKh4KSKO9dNrTtRFq5YTo8vpjz53WqCYLM2AE12qaY68/9RuxWfYa6aOXyNdspi
T0xkjGg2IBLO0OikpU2xH4iQL6Kt+FbrnsDZbH+yL97rbchiLaokRcb6+PEvJb3N
gCIXz1ZC1jmfjDDCZiIztVXSbIrLzK6EfKXjqtMZMQ8rkuan9kJUNVFYHZLQS1z7
syKf9f6NT0lD8OmpeNcnaVhQD5+geKwtosjma4qt26LPTMNc863m6jh+1XCxXw6K
TkQ=
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:08:54 2024 by rpki-client on console-fra.rpki-client.org