Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B3A/37E2767615B211EEB1F94D4A4AD9E6FC/55FD2498F36111EE8255797D775412E6.roa
File: 55FD2498F36111EE8255797D775412E6.roa (raw, json)
Hash identifier: 5+TRgE4Za1lP1tBhZLXfEbMvFbNLglwsyfdbD3gRLSM=
Subject key identifier: 08:6E:C2:F8:07:DB:8B:62:83:23:A0:B5:1A:94:4A:30:32:A4:4D:E3
Certificate issuer: /CN=F3682B3AAF/serialNumber=870C8E8FD43B42C5B51562D9B8944A84E43D3632
Certificate serial: 012C
Authority key identifier: 87:0C:8E:8F:D4:3B:42:C5:B5:15:62:D9:B8:94:4A:84:E4:3D:36:32
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/hwyOj9Q7QsW1FWLZuJRKhOQ9NjI.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3682B3A/37E2767615B211EEB1F94D4A4AD9E6FC/55FD2498F36111EE8255797D775412E6.roa
Signing time: Fri 05 Apr 2024 15:29:48 +0000
ROA not before: Fri 05 Apr 2024 15:29:44 +0000
ROA not after: Fri 09 Apr 2027 15:29:44 +0000
asID: 329276
IP address blocks: 102.212.60.0/22 maxlen: 24
2c0f:c40::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3682B3A/37E2767615B211EEB1F94D4A4AD9E6FC/hwyOj9Q7QsW1FWLZuJRKhOQ9NjI.crl
rsync://rpki.afrinic.net/repository/member_repository/F3682B3A/37E2767615B211EEB1F94D4A4AD9E6FC/hwyOj9Q7QsW1FWLZuJRKhOQ9NjI.mft
rsync://rpki.afrinic.net/repository/afrinic/hwyOj9Q7QsW1FWLZuJRKhOQ9NjI.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 300 (0x12c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3682B3AAF/serialNumber=870C8E8FD43B42C5B51562D9B8944A84E43D3632
Validity
Not Before: Apr 5 15:29:44 2024 GMT
Not After : Apr 9 15:29:44 2027 GMT
Subject: CN=661018eb-966e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:71:91:89:0f:e1:07:c9:ef:f1:03:18:f7:28:
cc:3e:b0:2c:df:67:57:03:b4:73:c8:1d:e3:ff:7f:
3e:c2:8c:ad:06:b9:e9:d4:ae:2a:3f:51:c0:2c:c5:
a6:45:7c:1c:3b:85:cc:eb:c7:e6:fa:95:c1:69:27:
b6:3c:99:d9:2e:39:b7:b7:25:b6:7e:9a:ca:a9:0d:
bb:44:64:d7:c0:95:b5:84:22:46:4c:07:d5:75:79:
a9:f4:c6:de:6f:40:d1:34:7a:5e:7d:f7:24:0f:59:
3b:80:3b:3a:9d:c9:18:f6:30:83:48:c6:81:e6:1c:
24:73:ef:84:46:c4:1e:04:b4:a6:d5:e2:5d:52:b6:
f3:06:a5:b4:d7:ec:41:03:f0:d4:d9:1c:eb:24:ae:
27:14:e3:fa:c5:ef:0e:73:23:93:c2:82:f6:0c:22:
36:a8:5e:10:60:17:0b:39:e8:62:cc:f8:0c:24:07:
31:de:e0:2c:4f:33:72:d2:d8:40:de:d7:91:b1:df:
48:1c:33:76:69:d7:7a:6e:13:dd:cc:0c:80:d3:a4:
80:e9:d4:d4:2d:48:41:61:95:dd:53:22:f8:48:0d:
6b:80:81:1c:19:f0:61:77:db:95:97:18:d3:47:5c:
90:4e:00:44:d7:b7:a1:df:be:65:b2:cc:95:01:db:
bd:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:6E:C2:F8:07:DB:8B:62:83:23:A0:B5:1A:94:4A:30:32:A4:4D:E3
X509v3 Authority Key Identifier:
keyid:87:0C:8E:8F:D4:3B:42:C5:B5:15:62:D9:B8:94:4A:84:E4:3D:36:32
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B3A/37E2767615B211EEB1F94D4A4AD9E6FC/hwyOj9Q7QsW1FWLZuJRKhOQ9NjI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/hwyOj9Q7QsW1FWLZuJRKhOQ9NjI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B3A/37E2767615B211EEB1F94D4A4AD9E6FC/55FD2498F36111EE8255797D775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.212.60.0/22
IPv6:
2c0f:c40::/32
Signature Algorithm: sha256WithRSAEncryption
50:0e:7e:8e:94:2e:ec:18:df:5f:80:29:0b:da:13:d8:a6:72:
df:1d:8a:10:96:11:1a:13:cb:eb:6f:fa:83:0c:ce:67:74:ad:
ad:35:6a:dc:39:02:65:b5:97:95:aa:df:b2:73:c9:9d:5d:64:
ed:df:fd:06:14:44:71:3d:da:32:1d:6d:9c:65:79:1e:d0:ba:
a8:81:2c:4a:9b:d5:45:a4:0a:37:32:a9:75:28:cc:23:1f:02:
24:1f:52:57:42:2e:5c:80:88:80:9d:f0:38:b0:33:6e:af:45:
05:75:5b:d6:fb:9c:ca:11:e3:01:c3:e2:33:9c:35:5f:44:77:
db:23:99:7a:21:b8:97:5c:08:06:8f:da:06:1f:25:a6:12:34:
0d:78:bb:b9:a1:80:08:4b:41:b0:66:2c:f2:c6:75:3b:d3:d9:
a1:2a:13:a6:40:59:46:45:73:74:f1:dc:80:a7:cc:58:23:2c:
ab:7f:e3:7c:9d:18:92:68:db:03:01:d2:a6:26:51:e2:96:f0:
9f:4e:51:4b:37:22:9e:9c:42:e0:a7:60:81:99:d2:19:ff:9e:
03:d3:a3:86:5c:ec:58:a5:80:59:d6:73:c1:38:57:6d:dc:b1:
83:9a:30:2d:84:17:f1:ef:f8:6b:8d:aa:cf:3f:39:e1:31:74:
2c:f6:f3:96
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgICASwwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCM0FBRjExMC8GA1UEBRMoODcwQzhFOEZENDNCNDJDNUI1MTU2MkQ5Qjg5NDRB
ODRFNDNEMzYzMjAeFw0yNDA0MDUxNTI5NDRaFw0yNzA0MDkxNTI5NDRaMBgxFjAU
BgNVBAMTDTY2MTAxOGViLTk2NmUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDJcZGJD+EHye/xAxj3KMw+sCzfZ1cDtHPIHeP/fz7CjK0GuenUrio/UcAs
xaZFfBw7hczrx+b6lcFpJ7Y8mdkuObe3JbZ+msqpDbtEZNfAlbWEIkZMB9V1ean0
xt5vQNE0el599yQPWTuAOzqdyRj2MINIxoHmHCRz74RGxB4EtKbV4l1StvMGpbTX
7EED8NTZHOskricU4/rF7w5zI5PCgvYMIjaoXhBgFws56GLM+AwkBzHe4CxPM3LS
2EDe15Gx30gcM3Zp13puE93MDIDTpIDp1NQtSEFhld1TIvhIDWuAgRwZ8GF325WX
GNNHXJBOAETXt6HfvmWyzJUB2731AgMBAAGjggK0MIICsDAdBgNVHQ4EFgQUCG7C
+Afbi2KDI6C1GpRKMDKkTeMwHwYDVR0jBBgwFoAUhwyOj9Q7QsW1FWLZuJRKhOQ9
NjIwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjNBLzM3RTI3Njc2MTVCMjExRUVCMUY5NEQ0QTRBRDlFNkZDL2h3eU9q
OVE3UXNXMUZXTFp1SlJLaE9ROU5qSS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL2h3eU9qOVE3UXNXMUZXTFp1SlJLaE9ROU5qSS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjNBLzM3RTI3Njc2MTVCMjExRUVCMUY5NEQ0QTRB
RDlFNkZDLzU1RkQyNDk4RjM2MTExRUU4MjU1Nzk3RDc3NTQxMkU2LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBAJm1DwwDQQCAAIwBwMFACwP
DEAwDQYJKoZIhvcNAQELBQADggEBAFAOfo6ULuwY31+AKQvaE9imct8dihCWERoT
y+tv+oMMzmd0ra01atw5AmW1l5Wq37JzyZ1dZO3f/QYURHE92jIdbZxleR7QuqiB
LEqb1UWkCjcyqXUozCMfAiQfUldCLlyAiICd8DiwM26vRQV1W9b7nMoR4wHD4jOc
NV9Ed9sjmXohuJdcCAaP2gYfJaYSNA14u7mhgAhLQbBmLPLGdTvT2aEqE6ZAWUZF
c3Tx3ICnzFgjLKt/43ydGJJo2wMB0qYmUeKW8J9OUUs3Ip6cQuCnYIGZ0hn/ngPT
o4Zc7FilgFnWc8E4V23csYOaMC2EF/Hv+GuNqs8/OeExdCz285Y=
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:52:56 2024 by rpki-client on console-fra.rpki-client.org