Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3686B65/C5F0BEB29A8411EEA702E730D25BE465/42D0D7C0C21F11EEA3DB2792775412E6.roa
File: 42D0D7C0C21F11EEA3DB2792775412E6.roa (raw, json)
Hash identifier: bNjH5/uNTLunlqjgynvQIwyx2+dES6zX/KYw0eaoeG8=
Subject key identifier: AD:9F:74:7F:96:06:9D:D9:7B:35:8E:CD:6B:25:2E:2C:50:5B:A4:7A
Certificate issuer: /CN=F3686B65AF/serialNumber=B8AD9011EF3B28987B5CE230F1E275547330396A
Certificate serial: 3F
Authority key identifier: B8:AD:90:11:EF:3B:28:98:7B:5C:E2:30:F1:E2:75:54:73:30:39:6A
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/uK2QEe87KJh7XOIw8eJ1VHMwOWo.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3686B65/C5F0BEB29A8411EEA702E730D25BE465/42D0D7C0C21F11EEA3DB2792775412E6.roa
Signing time: Fri 02 Feb 2024 23:03:22 +0000
ROA not before: Sat 03 Feb 2024 23:03:17 +0000
ROA not after: Sun 31 Dec 2034 23:03:17 +0000
asID: 329057
IP address blocks: 102.216.8.0/24 maxlen: 24
102.216.9.0/24 maxlen: 24
102.216.10.0/24 maxlen: 24
102.216.11.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3686B65/C5F0BEB29A8411EEA702E730D25BE465/uK2QEe87KJh7XOIw8eJ1VHMwOWo.crl
rsync://rpki.afrinic.net/repository/member_repository/F3686B65/C5F0BEB29A8411EEA702E730D25BE465/uK2QEe87KJh7XOIw8eJ1VHMwOWo.mft
rsync://rpki.afrinic.net/repository/afrinic/uK2QEe87KJh7XOIw8eJ1VHMwOWo.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 04 Jun 2024 00:04:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63 (0x3f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3686B65AF/serialNumber=B8AD9011EF3B28987B5CE230F1E275547330396A
Validity
Not Before: Feb 3 23:03:17 2024 GMT
Not After : Dec 31 23:03:17 2034 GMT
Subject: CN=65bd74b9-436b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:b1:24:09:fb:9d:1a:49:24:f6:ac:0b:b3:2a:
23:6d:c7:c8:dd:40:da:09:f6:3f:cb:3c:ce:82:c0:
d4:ff:b8:86:fd:57:53:7d:10:03:4d:a9:c9:86:e6:
94:94:87:09:f5:39:1e:87:00:41:45:77:a3:39:42:
d2:6f:c7:01:58:c9:25:cd:73:60:1f:65:00:12:dd:
4e:a5:3c:76:ae:ff:b9:a0:ce:ad:57:fd:a6:bb:c7:
75:a4:c8:b5:3a:87:b4:42:a6:ca:0b:e5:af:6e:cd:
6a:ca:be:d0:1b:c4:e3:63:5b:c5:74:7b:9f:70:23:
fc:43:fd:1b:6b:cb:d5:01:b9:07:7f:ef:d2:f4:26:
f5:a6:06:15:e3:ea:07:a6:61:bb:3b:e5:87:26:37:
ad:c2:8d:7b:ac:4d:47:86:5d:0d:af:0a:8c:d5:31:
8a:98:86:35:d3:d5:e9:d0:8d:02:e6:dc:1a:0a:33:
39:f0:27:76:e1:c1:f0:ab:b3:a9:f5:5a:35:54:0f:
61:84:41:a1:ec:77:4d:0e:44:cd:2d:12:56:be:78:
e4:eb:8f:61:79:f5:00:80:41:8c:38:51:39:99:04:
0b:12:16:66:26:64:4f:40:c4:e0:a4:cd:93:19:ea:
20:0a:28:4e:03:b9:03:c4:1d:6b:74:9c:f1:c3:ec:
a9:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:9F:74:7F:96:06:9D:D9:7B:35:8E:CD:6B:25:2E:2C:50:5B:A4:7A
X509v3 Authority Key Identifier:
keyid:B8:AD:90:11:EF:3B:28:98:7B:5C:E2:30:F1:E2:75:54:73:30:39:6A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3686B65/C5F0BEB29A8411EEA702E730D25BE465/uK2QEe87KJh7XOIw8eJ1VHMwOWo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/uK2QEe87KJh7XOIw8eJ1VHMwOWo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3686B65/C5F0BEB29A8411EEA702E730D25BE465/42D0D7C0C21F11EEA3DB2792775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.216.8.0/22
Signature Algorithm: sha256WithRSAEncryption
66:69:73:68:c3:46:5d:6e:08:58:12:ca:41:cd:3a:65:e6:7c:
82:d3:7b:e9:2a:34:28:4d:e5:3b:45:63:a6:34:58:b5:1a:fa:
e0:99:ab:14:a6:70:50:ac:4f:19:c2:6f:71:55:c9:68:d4:c8:
20:4f:1c:d2:8b:6a:f2:35:fa:ab:61:fa:d2:5c:af:dd:e3:ed:
9d:f9:10:18:68:ac:be:4b:f0:31:b2:db:b2:2c:c4:ce:42:09:
61:ed:cb:42:17:ee:22:6a:45:55:71:c1:86:50:fa:eb:30:7c:
60:ab:17:99:19:26:a6:1d:3f:3a:02:da:91:d7:09:57:9c:e1:
14:73:2e:05:70:22:a5:aa:cb:7a:b7:b7:7e:d5:a5:53:b4:17:
86:24:41:d1:0f:d0:ef:66:9d:8f:8b:c3:a2:5a:b9:3d:a1:2c:
5b:60:7b:a5:d7:bd:cb:80:8c:06:7a:0e:5a:a5:5a:40:08:e1:
df:9a:82:19:8a:48:df:f6:e6:0e:31:aa:23:15:b1:8b:ec:48:
a7:d9:d2:7d:a1:87:56:32:e8:d3:c0:5a:71:11:5f:08:b9:fc:
a5:48:88:3b:36:56:57:96:84:8a:25:bd:a9:4f:d9:3b:61:27:
e0:ca:49:b1:92:bd:fd:b5:09:42:c4:7e:da:72:83:26:08:41:
82:2f:02:85
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBPzANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY4
NkI2NUFGMTEwLwYDVQQFEyhCOEFEOTAxMUVGM0IyODk4N0I1Q0UyMzBGMUUyNzU1
NDczMzAzOTZBMB4XDTI0MDIwMzIzMDMxN1oXDTM0MTIzMTIzMDMxN1owGDEWMBQG
A1UEAxMNNjViZDc0YjktNDM2YjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK2xJAn7nRpJJPasC7MqI23HyN1A2gn2P8s8zoLA1P+4hv1XU30QA02pyYbm
lJSHCfU5HocAQUV3ozlC0m/HAVjJJc1zYB9lABLdTqU8dq7/uaDOrVf9prvHdaTI
tTqHtEKmygvlr27Nasq+0BvE42NbxXR7n3Aj/EP9G2vL1QG5B3/v0vQm9aYGFePq
B6ZhuzvlhyY3rcKNe6xNR4ZdDa8KjNUxipiGNdPV6dCNAubcGgozOfAnduHB8Kuz
qfVaNVQPYYRBoex3TQ5EzS0SVr545OuPYXn1AIBBjDhROZkECxIWZiZkT0DE4KTN
kxnqIAooTgO5A8Qda3Sc8cPsqekCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBStn3R/
lgad2Xs1js1rJS4sUFukejAfBgNVHSMEGDAWgBS4rZAR7zsomHtc4jDx4nVUczA5
ajAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2ODZCNjUvQzVGMEJFQjI5QTg0MTFFRUE3MDJFNzMwRDI1QkU0NjUvdUsyUUVl
ODdLSmg3WE9JdzhlSjFWSE13T1dvLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvdUsyUUVlODdLSmg3WE9JdzhlSjFWSE13T1dvLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2ODZCNjUvQzVGMEJFQjI5QTg0MTFFRUE3MDJFNzMwRDI1
QkU0NjUvNDJEMEQ3QzBDMjFGMTFFRUEzREIyNzkyNzc1NDEyRTYucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAmbYCDANBgkqhkiG9w0BAQsF
AAOCAQEAZmlzaMNGXW4IWBLKQc06ZeZ8gtN76So0KE3lO0VjpjRYtRr64JmrFKZw
UKxPGcJvcVXJaNTIIE8c0otq8jX6q2H60lyv3ePtnfkQGGisvkvwMbLbsizEzkIJ
Ye3LQhfuImpFVXHBhlD66zB8YKsXmRkmph0/OgLakdcJV5zhFHMuBXAiparLere3
ftWlU7QXhiRB0Q/Q72adj4vDolq5PaEsW2B7pde9y4CMBnoOWqVaQAjh35qCGYpI
3/bmDjGqIxWxi+xIp9nSfaGHVjLo08BacRFfCLn8pUiIOzZWV5aEiiW9qU/ZO2En
4MpJsZK9/bUJQsR+2nKDJghBgi8ChQ==
-----END CERTIFICATE-----
Generated at Sun Jun 2 03:35:34 2024 by rpki-client on console-fra.rpki-client.org