Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36877BB/3887CD041CF711EFAEF87C1E7DDC24C2/C7E9990E1D1B11EFB3D640017DDC24C2.roa
File: C7E9990E1D1B11EFB3D640017DDC24C2.roa (raw, json)
Hash identifier: RZ9aSwydLL8JwSefrN0WkAJyJ43glRW8ONxAQLmHllo=
Subject key identifier: B9:4B:6A:21:6A:63:A5:06:F8:79:7F:E9:CB:62:A7:7D:58:1C:91:20
Certificate issuer: /CN=F36877BBAF/serialNumber=0DC6A4C82109FF2CB39C1D1A58C38E3033C5A0FE
Certificate serial: 04
Authority key identifier: 0D:C6:A4:C8:21:09:FF:2C:B3:9C:1D:1A:58:C3:8E:30:33:C5:A0:FE
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/DcakyCEJ_yyznB0aWMOOMDPFoP4.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36877BB/3887CD041CF711EFAEF87C1E7DDC24C2/C7E9990E1D1B11EFB3D640017DDC24C2.roa
Signing time: Tue 28 May 2024 17:57:43 +0000
ROA not before: Tue 28 May 2024 17:57:39 +0000
ROA not after: Tue 01 Jun 2027 17:57:39 +0000
asID: 328721
IP address blocks: 102.222.56.0/24 maxlen: 32
102.222.57.0/24 maxlen: 32
102.222.58.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36877BB/3887CD041CF711EFAEF87C1E7DDC24C2/DcakyCEJ_yyznB0aWMOOMDPFoP4.crl
rsync://rpki.afrinic.net/repository/member_repository/F36877BB/3887CD041CF711EFAEF87C1E7DDC24C2/DcakyCEJ_yyznB0aWMOOMDPFoP4.mft
rsync://rpki.afrinic.net/repository/afrinic/DcakyCEJ_yyznB0aWMOOMDPFoP4.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 26 Oct 2024 00:05:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4 (0x4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36877BBAF/serialNumber=0DC6A4C82109FF2CB39C1D1A58C38E3033C5A0FE
Validity
Not Before: May 28 17:57:39 2024 GMT
Not After : Jun 1 17:57:39 2027 GMT
Subject: CN=66561b17-5c5b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:99:5a:88:a8:a7:17:27:18:92:b6:eb:ab:3b:
af:9e:59:c8:62:c5:27:6e:ac:c2:8e:d5:b9:48:30:
90:f4:75:a6:a2:b7:8a:07:3e:97:09:31:1d:f8:5f:
e2:f5:0f:2a:8b:5d:7b:bb:c8:da:f5:34:92:dc:41:
17:5b:d2:95:3f:28:5a:07:e6:8c:eb:44:c2:aa:c4:
f6:8c:af:b5:24:bd:4f:05:de:2c:64:c7:4f:80:e1:
95:9c:f1:6c:f1:0d:1a:47:37:1b:37:07:9f:8f:43:
fb:95:ec:8f:ca:f0:d0:bd:0f:7f:af:6d:fd:c5:8d:
e5:75:fc:2e:5c:02:ef:c9:a5:bd:bf:21:b0:d7:3b:
af:b6:00:f9:9b:a1:69:7e:63:ac:99:d9:77:58:64:
c8:ad:25:9a:e3:76:66:e8:42:10:dd:74:ef:b4:de:
23:71:61:d0:54:98:da:60:e7:c1:e2:7b:ac:f5:45:
27:08:0e:f4:33:bc:e5:28:61:fc:da:f6:a0:a7:e3:
ba:5a:17:7f:ca:7d:e4:f0:ae:9f:ce:bb:5e:3e:c3:
50:d8:60:e0:71:b2:3e:a5:32:4d:76:17:14:3d:4d:
84:d3:5a:a7:24:40:d7:43:dd:06:4c:ef:1a:ef:25:
c8:29:46:76:49:8f:b9:0e:27:f1:ea:c5:8b:60:f3:
d7:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:4B:6A:21:6A:63:A5:06:F8:79:7F:E9:CB:62:A7:7D:58:1C:91:20
X509v3 Authority Key Identifier:
keyid:0D:C6:A4:C8:21:09:FF:2C:B3:9C:1D:1A:58:C3:8E:30:33:C5:A0:FE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36877BB/3887CD041CF711EFAEF87C1E7DDC24C2/DcakyCEJ_yyznB0aWMOOMDPFoP4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/DcakyCEJ_yyznB0aWMOOMDPFoP4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36877BB/3887CD041CF711EFAEF87C1E7DDC24C2/C7E9990E1D1B11EFB3D640017DDC24C2.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.222.56.0-102.222.58.255
Signature Algorithm: sha256WithRSAEncryption
66:ca:b0:3b:fa:dc:87:d8:7b:4e:e9:5b:4b:59:0e:a3:4a:16:
fd:1e:b2:b5:28:78:da:72:ed:93:13:54:ad:9d:bb:5b:0c:8c:
89:9c:92:b1:8b:c6:67:f9:49:d7:f1:bb:d8:9c:57:b3:bc:1a:
8f:d0:f6:aa:e3:ae:8d:aa:88:c2:a8:38:ac:a1:5d:1e:e2:55:
c8:ff:63:9f:cd:fa:b3:10:18:15:22:bc:9b:3c:2b:09:d7:28:
b7:2a:21:0b:be:79:e3:28:4b:3e:b9:75:e3:7c:c2:fa:96:a5:
b7:d6:de:58:d0:ae:17:3b:34:ee:11:c8:3c:ed:66:28:a8:86:
6e:30:9a:e4:86:35:f1:fd:1b:90:3f:0b:40:82:71:b1:84:e0:
ef:ab:a0:85:72:f3:30:fe:a5:89:fb:2a:e2:6c:16:b3:7c:c9:
3b:a2:db:87:eb:06:a1:20:f4:a0:64:14:b3:19:59:b2:c7:ea:
e6:16:a2:3d:86:6e:64:b6:8d:69:3f:71:dd:8f:c6:cd:62:c5:
b3:52:f6:cf:fa:ee:27:25:f0:ab:a8:eb:4d:30:ee:5b:07:21:
34:4c:74:93:65:fc:9f:bf:e9:38:94:fc:51:38:f7:21:48:18:
28:84:83:d0:d0:e7:2e:04:69:4b:48:35:e8:f0:ff:ab:17:86:
ee:d4:64:6b
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIBBDANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY4
NzdCQkFGMTEwLwYDVQQFEygwREM2QTRDODIxMDlGRjJDQjM5QzFEMUE1OEMzOEUz
MDMzQzVBMEZFMB4XDTI0MDUyODE3NTczOVoXDTI3MDYwMTE3NTczOVowGDEWMBQG
A1UEAxMNNjY1NjFiMTctNWM1YjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM+ZWoiopxcnGJK266s7r55ZyGLFJ26swo7VuUgwkPR1pqK3igc+lwkxHfhf
4vUPKotde7vI2vU0ktxBF1vSlT8oWgfmjOtEwqrE9oyvtSS9TwXeLGTHT4DhlZzx
bPENGkc3GzcHn49D+5Xsj8rw0L0Pf69t/cWN5XX8LlwC78mlvb8hsNc7r7YA+Zuh
aX5jrJnZd1hkyK0lmuN2ZuhCEN1077TeI3Fh0FSY2mDnweJ7rPVFJwgO9DO85Shh
/Nr2oKfjuloXf8p95PCun867Xj7DUNhg4HGyPqUyTXYXFD1NhNNapyRA10PdBkzv
Gu8lyClGdkmPuQ4n8erFi2Dz148CAwEAAaOCAq0wggKpMB0GA1UdDgQWBBS5S2oh
amOlBvh5f+nLYqd9WByRIDAfBgNVHSMEGDAWgBQNxqTIIQn/LLOcHRpYw44wM8Wg
/jAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2ODc3QkIvMzg4N0NEMDQxQ0Y3MTFFRkFFRjg3QzFFN0REQzI0QzIvRGNha3lD
RUpfeXl6bkIwYVdNT09NRFBGb1A0LmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvRGNha3lDRUpfeXl6bkIwYVdNT09NRFBGb1A0LmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2ODc3QkIvMzg4N0NEMDQxQ0Y3MTFFRkFFRjg3QzFFN0RE
QzI0QzIvQzdFOTk5MEUxRDFCMTFFRkIzRDY0MDAxN0REQzI0QzIucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAnBggrBgEFBQcBBwEB/wQYMBYwFAQCAAEwDjAMAwQDZt44AwQAZt46MA0GCSqG
SIb3DQEBCwUAA4IBAQBmyrA7+tyH2HtO6VtLWQ6jShb9HrK1KHjacu2TE1Stnbtb
DIyJnJKxi8Zn+UnX8bvYnFezvBqP0Paq466NqojCqDisoV0e4lXI/2OfzfqzEBgV
IrybPCsJ1yi3KiELvnnjKEs+uXXjfML6lqW31t5Y0K4XOzTuEcg87WYoqIZuMJrk
hjXx/RuQPwtAgnGxhODvq6CFcvMw/qWJ+yribBazfMk7otuH6wahIPSgZBSzGVmy
x+rmFqI9hm5kto1pP3Hdj8bNYsWzUvbP+u4nJfCrqOtNMO5bByE0THSTZfyfv+k4
lPxROPchSBgohIPQ0OcuBGlLSDXo8P+rF4bu1GRr
-----END CERTIFICATE-----
Generated at Thu Oct 24 06:47:48 2024 by rpki-client on console-fra.rpki-client.org