Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3688163/3982A74ECBC911EEA7F5F576775412E6/E8A5A2BCCBC911EE8E9BEF77775412E6.roa
File: E8A5A2BCCBC911EE8E9BEF77775412E6.roa (raw, json)
Hash identifier: uW1ZZtqf2li8jzBd7IN42gC/xPbqnD5CcVOfHA/YQtE=
Subject key identifier: A2:31:CF:A1:78:AA:04:53:F5:04:50:ED:B1:A1:F2:41:7A:DA:05:21
Certificate issuer: /CN=F3688163AF/serialNumber=79147D3D6E537ED687D0857BAF84928118FDA4E5
Certificate serial: 02
Authority key identifier: 79:14:7D:3D:6E:53:7E:D6:87:D0:85:7B:AF:84:92:81:18:FD:A4:E5
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/eRR9PW5TftaH0IV7r4SSgRj9pOU.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3688163/3982A74ECBC911EEA7F5F576775412E6/E8A5A2BCCBC911EE8E9BEF77775412E6.roa
Signing time: Thu 15 Feb 2024 06:17:35 +0000
ROA not before: Thu 15 Feb 2024 06:17:31 +0000
ROA not after: Wed 15 Feb 2034 06:17:31 +0000
asID: 329395
IP address blocks: 102.209.244.0/22 maxlen: 24
2c0f:6b40::/32 maxlen: 36
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3688163/3982A74ECBC911EEA7F5F576775412E6/eRR9PW5TftaH0IV7r4SSgRj9pOU.crl
rsync://rpki.afrinic.net/repository/member_repository/F3688163/3982A74ECBC911EEA7F5F576775412E6/eRR9PW5TftaH0IV7r4SSgRj9pOU.mft
rsync://rpki.afrinic.net/repository/afrinic/eRR9PW5TftaH0IV7r4SSgRj9pOU.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 27 Jun 2024 00:05:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3688163AF/serialNumber=79147D3D6E537ED687D0857BAF84928118FDA4E5
Validity
Not Before: Feb 15 06:17:31 2024 GMT
Not After : Feb 15 06:17:31 2034 GMT
Subject: CN=65cdac7f-52c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:64:32:81:fc:9c:64:99:41:ad:0b:da:40:72:
e6:f4:45:63:63:3d:18:d9:32:83:22:8a:67:f3:7e:
a5:2d:44:41:01:ef:a8:3b:24:6a:9a:b6:30:91:96:
b0:e9:71:e4:06:02:79:fa:22:89:bb:dc:a9:26:58:
39:fd:a6:35:58:55:4f:9f:45:ed:c9:85:e4:76:1b:
fc:90:e5:c6:f8:c3:22:96:8a:7b:85:84:53:e8:28:
51:6c:7c:20:7f:1a:05:b5:b1:d7:73:df:b9:10:ef:
42:c5:e2:48:f4:bc:2b:f4:c1:0c:ba:9d:23:cb:76:
7e:b2:c0:9a:2b:ef:52:15:0e:d1:39:d5:5c:7d:c0:
85:d5:8c:48:c8:12:8d:af:13:c3:bd:05:93:0f:a1:
bc:df:ae:59:aa:84:a7:2e:6c:a7:70:89:c2:ee:74:
c1:12:5a:e8:1e:c1:be:fa:aa:ae:9b:6a:ba:7b:f4:
d2:93:7d:30:44:9c:30:5f:0e:9a:e5:bf:9e:bf:f5:
fd:85:5b:3f:36:d2:f7:a7:c3:40:68:72:3e:69:00:
1f:51:e4:c4:83:88:8c:00:7d:0e:cf:68:e9:a6:fd:
50:71:f3:4e:e2:e3:db:0f:26:f5:87:4f:35:39:47:
db:f4:5d:c7:fe:49:f8:64:ea:ad:bb:aa:e4:60:8e:
5d:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:31:CF:A1:78:AA:04:53:F5:04:50:ED:B1:A1:F2:41:7A:DA:05:21
X509v3 Authority Key Identifier:
keyid:79:14:7D:3D:6E:53:7E:D6:87:D0:85:7B:AF:84:92:81:18:FD:A4:E5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3688163/3982A74ECBC911EEA7F5F576775412E6/eRR9PW5TftaH0IV7r4SSgRj9pOU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/eRR9PW5TftaH0IV7r4SSgRj9pOU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3688163/3982A74ECBC911EEA7F5F576775412E6/E8A5A2BCCBC911EE8E9BEF77775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.209.244.0/22
IPv6:
2c0f:6b40::/32
Signature Algorithm: sha256WithRSAEncryption
2e:b8:3c:f7:59:9f:96:a3:42:d7:f4:6b:12:68:a5:22:ae:28:
4b:82:b9:47:d1:39:ad:74:0d:93:ba:11:bc:c0:f1:b3:ff:68:
f2:c1:d5:ce:02:4f:cf:53:4f:04:d4:73:96:f0:e1:7d:36:79:
0d:aa:f1:58:ef:da:f3:64:96:d4:39:54:7b:00:f3:4f:2e:bb:
50:91:d7:60:82:b1:f3:2d:af:e1:52:3d:23:70:71:d0:20:db:
d9:01:21:7d:da:9a:25:c4:16:98:61:d5:e1:d0:7d:84:b5:72:
f3:6a:fe:4e:6d:c6:8e:f8:80:6f:44:8d:8f:9d:31:f5:3c:11:
5d:c0:0d:21:3d:56:16:d0:ce:f9:75:2b:88:3e:f0:70:35:c9:
5b:35:6e:c1:bc:da:6d:2c:9a:2c:59:43:7c:e4:63:63:0a:69:
73:82:61:f1:d6:39:82:7a:27:a2:39:8b:ef:b0:e0:58:0f:c2:
78:fc:9a:e6:2b:cc:d6:1c:33:2e:e1:c9:bf:25:91:26:84:cc:
65:68:ae:a5:fa:3b:d5:70:55:fe:ac:3d:76:21:18:cd:0a:a3:
6a:74:8b:58:62:80:e7:22:03:a9:c8:ab:a0:c6:ef:82:12:c5:
8d:40:27:fc:6a:c4:76:36:d1:60:0e:32:12:d3:61:47:f6:5f:
5f:22:d3:14
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY4
ODE2M0FGMTEwLwYDVQQFEyg3OTE0N0QzRDZFNTM3RUQ2ODdEMDg1N0JBRjg0OTI4
MTE4RkRBNEU1MB4XDTI0MDIxNTA2MTczMVoXDTM0MDIxNTA2MTczMVowGDEWMBQG
A1UEAxMNNjVjZGFjN2YtNTJjOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALxkMoH8nGSZQa0L2kBy5vRFY2M9GNkygyKKZ/N+pS1EQQHvqDskapq2MJGW
sOlx5AYCefoiibvcqSZYOf2mNVhVT59F7cmF5HYb/JDlxvjDIpaKe4WEU+goUWx8
IH8aBbWx13PfuRDvQsXiSPS8K/TBDLqdI8t2frLAmivvUhUO0TnVXH3AhdWMSMgS
ja8Tw70Fkw+hvN+uWaqEpy5sp3CJwu50wRJa6B7Bvvqqrptqunv00pN9MEScMF8O
muW/nr/1/YVbPzbS96fDQGhyPmkAH1HkxIOIjAB9Ds9o6ab9UHHzTuLj2w8m9YdP
NTlH2/Rdx/5J+GTqrbuq5GCOXY8CAwEAAaOCArQwggKwMB0GA1UdDgQWBBSiMc+h
eKoEU/UEUO2xofJBetoFITAfBgNVHSMEGDAWgBR5FH09blN+1ofQhXuvhJKBGP2k
5TAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2ODgxNjMvMzk4MkE3NEVDQkM5MTFFRUE3RjVGNTc2Nzc1NDEyRTYvZVJSOVBX
NVRmdGFIMElWN3I0U1NnUmo5cE9VLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvZVJSOVBXNVRmdGFIMElWN3I0U1NnUmo5cE9VLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2ODgxNjMvMzk4MkE3NEVDQkM5MTFFRUE3RjVGNTc2Nzc1
NDEyRTYvRThBNUEyQkNDQkM5MTFFRThFOUJFRjc3Nzc1NDEyRTYucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAmbR9DANBAIAAjAHAwUALA9r
QDANBgkqhkiG9w0BAQsFAAOCAQEALrg891mflqNC1/RrEmilIq4oS4K5R9E5rXQN
k7oRvMDxs/9o8sHVzgJPz1NPBNRzlvDhfTZ5DarxWO/a82SW1DlUewDzTy67UJHX
YIKx8y2v4VI9I3Bx0CDb2QEhfdqaJcQWmGHV4dB9hLVy82r+Tm3GjviAb0SNj50x
9TwRXcANIT1WFtDO+XUriD7wcDXJWzVuwbzabSyaLFlDfORjYwppc4Jh8dY5gnon
ojmL77DgWA/CePya5ivM1hwzLuHJvyWRJoTMZWiupfo71XBV/qw9diEYzQqjanSL
WGKA5yIDqciroMbvghLFjUAn/GrEdjbRYA4yEtNhR/ZfXyLTFA==
-----END CERTIFICATE-----
Generated at Tue Jun 25 04:12:25 2024 by rpki-client on console-ams.rpki-client.org