Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36828EE/939823AA53F311EF8EE58446762E951A/43556232564A11EF9942095B762E951A.roa
File: 43556232564A11EF9942095B762E951A.roa (raw, json)
Hash identifier: k0gU6QmfsEjV/HHlrAtYyJc8G8bTw7CikYjZpypK4Wk=
Subject key identifier: 53:5D:FF:58:6F:32:86:1B:79:6D:DA:B4:55:D9:81:71:1B:16:90:BD
Certificate issuer: /CN=F36828EEAF/serialNumber=F210D1127B41A8067E8AE5707F43D22E081DC665
Certificate serial: 06
Authority key identifier: F2:10:D1:12:7B:41:A8:06:7E:8A:E5:70:7F:43:D2:2E:08:1D:C6:65
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/8hDREntBqAZ-iuVwf0PSLggdxmU.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36828EE/939823AA53F311EF8EE58446762E951A/43556232564A11EF9942095B762E951A.roa
Signing time: Fri 09 Aug 2024 12:24:03 +0000
ROA not before: Fri 09 Aug 2024 12:24:00 +0000
ROA not after: Thu 31 Oct 2030 12:24:00 +0000
asID: 328979
IP address blocks: 102.217.116.0/22 maxlen: 24
2c0f:2700::/32 maxlen: 36
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36828EE/939823AA53F311EF8EE58446762E951A/8hDREntBqAZ-iuVwf0PSLggdxmU.crl
rsync://rpki.afrinic.net/repository/member_repository/F36828EE/939823AA53F311EF8EE58446762E951A/8hDREntBqAZ-iuVwf0PSLggdxmU.mft
rsync://rpki.afrinic.net/repository/afrinic/8hDREntBqAZ-iuVwf0PSLggdxmU.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 26 Oct 2024 00:05:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6 (0x6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36828EEAF/serialNumber=F210D1127B41A8067E8AE5707F43D22E081DC665
Validity
Not Before: Aug 9 12:24:00 2024 GMT
Not After : Oct 31 12:24:00 2030 GMT
Subject: CN=66b60a63-56c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:57:83:11:f1:30:2a:d5:9c:6a:93:e8:6d:90:
be:fd:4a:a8:02:e5:f8:b6:f9:ca:a0:8f:f8:e9:69:
4d:e3:f0:05:61:e2:e5:14:4b:e7:64:6b:e2:4c:13:
c4:bc:61:e3:b0:10:01:d2:42:c7:30:5d:e9:36:7a:
33:97:ea:cb:55:9d:38:e2:a3:5f:b7:7b:f3:d2:1d:
70:ab:c4:ea:1e:92:11:76:2b:b7:8a:19:91:23:23:
0f:72:13:75:6d:5d:d9:52:01:ca:ec:53:49:cf:cf:
1e:b2:7b:7a:0e:36:3e:98:2e:e5:27:68:fa:10:b1:
1d:65:04:33:89:58:d6:6f:f0:cb:5c:db:11:78:b2:
8d:c7:23:d2:2f:6a:22:f6:1f:d1:23:ee:ea:58:52:
56:f5:5f:4f:91:b7:63:ae:b5:6f:a3:5d:2c:40:5a:
90:82:02:6b:df:b6:a3:73:83:de:5e:17:f6:09:d8:
df:ee:6c:37:5a:16:2f:98:a0:70:90:af:a9:b5:15:
90:ae:48:2f:1e:d3:d2:6d:2b:12:a6:f5:04:6a:c0:
8c:b5:e1:af:65:4b:a9:df:d9:30:1d:8a:fd:cd:44:
ae:15:7e:76:61:30:fa:35:10:bf:c7:69:89:53:55:
fe:da:75:64:dc:40:9c:58:05:94:e6:44:39:a5:88:
4f:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:5D:FF:58:6F:32:86:1B:79:6D:DA:B4:55:D9:81:71:1B:16:90:BD
X509v3 Authority Key Identifier:
keyid:F2:10:D1:12:7B:41:A8:06:7E:8A:E5:70:7F:43:D2:2E:08:1D:C6:65
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36828EE/939823AA53F311EF8EE58446762E951A/8hDREntBqAZ-iuVwf0PSLggdxmU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/8hDREntBqAZ-iuVwf0PSLggdxmU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36828EE/939823AA53F311EF8EE58446762E951A/43556232564A11EF9942095B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.217.116.0/22
IPv6:
2c0f:2700::/32
Signature Algorithm: sha256WithRSAEncryption
ac:74:aa:74:00:08:4d:bc:09:fa:6f:79:ad:5a:a1:b2:40:c3:
fb:43:10:92:c5:de:32:bb:63:8b:a6:38:94:bc:e2:ea:ce:28:
98:be:89:58:4b:88:e4:84:2a:a8:24:9e:1a:a3:e7:f4:68:77:
ce:d6:e0:d4:d7:fa:de:82:91:33:87:c0:db:e3:2f:07:d1:04:
1b:5f:a5:83:d5:a2:f6:2d:ac:62:37:d5:21:a0:25:68:0c:b2:
cc:12:ac:43:3c:56:15:f8:2b:f8:b9:b5:70:3b:0f:62:01:3b:
35:55:9c:d2:62:75:70:2e:2e:fa:e1:45:ec:aa:60:fb:62:1e:
2c:2a:c8:e1:02:cc:a3:38:a7:7e:29:52:4d:14:bd:c4:bc:6d:
a9:e6:51:4b:8c:54:27:a4:f1:3f:b9:dc:e1:aa:b9:97:5a:1d:
c6:af:8a:96:4a:3e:53:6f:4e:99:be:a0:76:31:32:c2:3b:18:
73:1a:dc:ec:8c:d3:f5:d6:49:b8:5b:44:a5:bf:86:03:ae:ee:
ed:f5:e0:11:8c:7e:2b:6f:80:1c:29:7f:44:61:f1:93:79:d1:
00:73:be:8a:14:7e:c6:87:f4:7b:25:21:4b:da:e5:53:a3:45:
12:87:7e:50:ae:fe:95:62:77:54:e4:cd:fd:37:61:b5:e3:8c:
36:6b:9b:7a
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgIBBjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY4
MjhFRUFGMTEwLwYDVQQFEyhGMjEwRDExMjdCNDFBODA2N0U4QUU1NzA3RjQzRDIy
RTA4MURDNjY1MB4XDTI0MDgwOTEyMjQwMFoXDTMwMTAzMTEyMjQwMFowGDEWMBQG
A1UEAxMNNjZiNjBhNjMtNTZjNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMpXgxHxMCrVnGqT6G2Qvv1KqALl+Lb5yqCP+OlpTePwBWHi5RRL52Rr4kwT
xLxh47AQAdJCxzBd6TZ6M5fqy1WdOOKjX7d789IdcKvE6h6SEXYrt4oZkSMjD3IT
dW1d2VIByuxTSc/PHrJ7eg42Ppgu5Sdo+hCxHWUEM4lY1m/wy1zbEXiyjccj0i9q
IvYf0SPu6lhSVvVfT5G3Y661b6NdLEBakIICa9+2o3OD3l4X9gnY3+5sN1oWL5ig
cJCvqbUVkK5ILx7T0m0rEqb1BGrAjLXhr2VLqd/ZMB2K/c1ErhV+dmEw+jUQv8dp
iVNV/tp1ZNxAnFgFlOZEOaWITy0CAwEAAaOCArQwggKwMB0GA1UdDgQWBBRTXf9Y
bzKGG3lt2rRV2YFxGxaQvTAfBgNVHSMEGDAWgBTyENESe0GoBn6K5XB/Q9IuCB3G
ZTAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2ODI4RUUvOTM5ODIzQUE1M0YzMTFFRjhFRTU4NDQ2NzYyRTk1MUEvOGhEUkVu
dEJxQVotaXVWd2YwUFNMZ2dkeG1VLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvOGhEUkVudEJxQVotaXVWd2YwUFNMZ2dkeG1VLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2ODI4RUUvOTM5ODIzQUE1M0YzMTFFRjhFRTU4NDQ2NzYy
RTk1MUEvNDM1NTYyMzI1NjRBMTFFRjk5NDIwOTVCNzYyRTk1MUEucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAmbZdDANBAIAAjAHAwUALA8n
ADANBgkqhkiG9w0BAQsFAAOCAQEArHSqdAAITbwJ+m95rVqhskDD+0MQksXeMrtj
i6Y4lLzi6s4omL6JWEuI5IQqqCSeGqPn9Gh3ztbg1Nf63oKRM4fA2+MvB9EEG1+l
g9Wi9i2sYjfVIaAlaAyyzBKsQzxWFfgr+Lm1cDsPYgE7NVWc0mJ1cC4u+uFF7Kpg
+2IeLCrI4QLMozinfilSTRS9xLxtqeZRS4xUJ6TxP7nc4aq5l1odxq+Klko+U29O
mb6gdjEywjsYcxrc7IzT9dZJuFtEpb+GA67u7fXgEYx+K2+AHCl/RGHxk3nRAHO+
ihR+xof0eyUhS9rlU6NFEod+UK7+lWJ3VOTN/TdhteOMNmubeg==
-----END CERTIFICATE-----
Generated at Thu Oct 24 06:47:48 2024 by rpki-client on console-fra.rpki-client.org