Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3688321/894DD8A00DFC11EF94AA185B017001B1/BCE5E01A0DFF11EFA7C0A7F8007001B1.roa
File: BCE5E01A0DFF11EFA7C0A7F8007001B1.roa (raw, json)
Hash identifier: m39T3fuh7q5xXJaI34cgegPgwSRYyjf0xq3cmG1FBwE=
Subject key identifier: AF:B3:3C:DA:94:A3:01:2E:19:36:A2:ED:50:1A:7F:12:52:D1:AE:FF
Certificate issuer: /CN=F3688321AF/serialNumber=39BE76B87657B097DCEEA3B40D4452A24E560382
Certificate serial: 02
Authority key identifier: 39:BE:76:B8:76:57:B0:97:DC:EE:A3:B4:0D:44:52:A2:4E:56:03:82
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/Ob52uHZXsJfc7qO0DURSok5WA4I.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3688321/894DD8A00DFC11EF94AA185B017001B1/BCE5E01A0DFF11EFA7C0A7F8007001B1.roa
Signing time: Thu 09 May 2024 12:29:11 +0000
ROA not before: Fri 10 May 2024 12:29:08 +0000
ROA not after: Tue 09 May 2034 12:29:08 +0000
asID: 328019
IP address blocks: 102.209.96.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3688321/894DD8A00DFC11EF94AA185B017001B1/Ob52uHZXsJfc7qO0DURSok5WA4I.crl
rsync://rpki.afrinic.net/repository/member_repository/F3688321/894DD8A00DFC11EF94AA185B017001B1/Ob52uHZXsJfc7qO0DURSok5WA4I.mft
rsync://rpki.afrinic.net/repository/afrinic/Ob52uHZXsJfc7qO0DURSok5WA4I.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3688321AF/serialNumber=39BE76B87657B097DCEEA3B40D4452A24E560382
Validity
Not Before: May 10 12:29:08 2024 GMT
Not After : May 9 12:29:08 2034 GMT
Subject: CN=663cc197-c51f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:c0:27:97:57:ec:a9:4c:99:bc:6a:64:d5:2b:
36:90:9b:bb:d6:fa:02:09:f4:2d:81:cd:b4:21:8d:
18:96:71:29:52:3d:61:64:a7:f9:db:7f:f8:c0:08:
a9:3e:62:d1:c2:d9:96:dd:65:fb:1e:cb:48:47:2d:
e8:43:95:f5:76:81:55:20:85:82:ff:b7:9b:8b:95:
b8:8d:98:11:ed:ff:ff:4b:bf:79:29:76:81:ee:ae:
5f:df:65:c9:1b:ed:6a:a0:95:93:d1:3a:db:ee:0a:
9f:8d:12:87:e1:69:ed:f2:08:86:fb:cd:c9:7d:44:
2e:1b:81:a8:d0:7a:ff:de:f8:21:2e:8c:89:ea:04:
60:c4:d1:71:59:ae:8d:d4:33:5b:8d:c4:87:d3:66:
ca:f0:ff:21:4b:90:87:70:f2:fc:84:db:f9:c8:07:
e4:cc:87:3c:a8:98:36:fa:47:27:34:e5:45:64:62:
4d:4e:1d:d5:2f:da:d9:1a:51:38:e2:27:37:6e:fa:
54:e3:ac:18:88:ec:e0:b9:7b:6f:0f:86:95:60:19:
5e:d4:ce:79:e2:93:ca:39:e6:b6:fd:38:21:c7:af:
e3:3a:9d:af:fc:f8:54:f2:ab:e6:e1:f9:d0:75:86:
12:b1:4e:a7:25:5f:62:d3:df:2a:e8:74:69:fc:b9:
9f:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:B3:3C:DA:94:A3:01:2E:19:36:A2:ED:50:1A:7F:12:52:D1:AE:FF
X509v3 Authority Key Identifier:
keyid:39:BE:76:B8:76:57:B0:97:DC:EE:A3:B4:0D:44:52:A2:4E:56:03:82
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3688321/894DD8A00DFC11EF94AA185B017001B1/Ob52uHZXsJfc7qO0DURSok5WA4I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/Ob52uHZXsJfc7qO0DURSok5WA4I.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3688321/894DD8A00DFC11EF94AA185B017001B1/BCE5E01A0DFF11EFA7C0A7F8007001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.209.96.0/22
Signature Algorithm: sha256WithRSAEncryption
68:be:9c:b2:3d:d3:d4:81:b2:39:df:c4:38:80:2c:41:67:ea:
53:6d:e5:22:81:5e:5f:8d:c5:e0:ae:a0:00:81:88:be:62:94:
c4:be:03:25:e1:3f:08:69:b4:2a:e9:d3:d2:0a:91:f7:d7:79:
9a:01:4c:0d:89:54:30:86:8d:32:5d:4f:10:85:bc:77:df:00:
86:47:dd:62:2d:f4:20:fd:ef:16:09:17:6d:36:9a:39:7c:e8:
22:9f:25:a7:3b:10:7b:25:bc:df:72:86:cc:7f:a5:be:82:86:
09:bf:79:6f:b1:17:10:8f:a6:11:c0:63:6d:5b:72:3e:f7:ed:
c4:b5:ae:76:ad:d2:f2:3c:00:07:2f:ea:9f:80:f8:f6:eb:04:
f9:6e:cd:92:33:20:d9:90:d0:f7:d8:51:80:8d:64:5d:6c:e8:
8e:5e:fe:eb:24:01:07:0b:01:43:e9:a1:cb:aa:d0:e8:93:15:
fa:ed:d2:d3:a6:7a:99:1a:20:fa:ea:69:9f:4e:77:51:a4:f2:
7d:db:90:9c:6b:a3:f3:d4:c7:6d:2a:9b:2c:64:c9:6e:2b:b8:
d6:e1:5a:3d:82:af:8a:e9:e0:5b:31:fc:ea:53:af:c4:91:9b:
5a:18:85:6f:de:48:d3:74:78:14:52:49:90:e2:23:8c:fa:4d:
e0:ea:c7:66
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY4
ODMyMUFGMTEwLwYDVQQFEygzOUJFNzZCODc2NTdCMDk3RENFRUEzQjQwRDQ0NTJB
MjRFNTYwMzgyMB4XDTI0MDUxMDEyMjkwOFoXDTM0MDUwOTEyMjkwOFowGDEWMBQG
A1UEAxMNNjYzY2MxOTctYzUxZjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAO7AJ5dX7KlMmbxqZNUrNpCbu9b6Agn0LYHNtCGNGJZxKVI9YWSn+dt/+MAI
qT5i0cLZlt1l+x7LSEct6EOV9XaBVSCFgv+3m4uVuI2YEe3//0u/eSl2ge6uX99l
yRvtaqCVk9E62+4Kn40Sh+Fp7fIIhvvNyX1ELhuBqNB6/974IS6MieoEYMTRcVmu
jdQzW43Eh9NmyvD/IUuQh3Dy/ITb+cgH5MyHPKiYNvpHJzTlRWRiTU4d1S/a2RpR
OOInN276VOOsGIjs4Ll7bw+GlWAZXtTOeeKTyjnmtv04Icev4zqdr/z4VPKr5uH5
0HWGErFOpyVfYtPfKuh0afy5n2UCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBSvszza
lKMBLhk2ou1QGn8SUtGu/zAfBgNVHSMEGDAWgBQ5vna4dlewl9zuo7QNRFKiTlYD
gjAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2ODgzMjEvODk0REQ4QTAwREZDMTFFRjk0QUExODVCMDE3MDAxQjEvT2I1MnVI
WlhzSmZjN3FPMERVUlNvazVXQTRJLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvT2I1MnVIWlhzSmZjN3FPMERVUlNvazVXQTRJLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2ODgzMjEvODk0REQ4QTAwREZDMTFFRjk0QUExODVCMDE3
MDAxQjEvQkNFNUUwMUEwREZGMTFFRkE3QzBBN0Y4MDA3MDAxQjEucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAmbRYDANBgkqhkiG9w0BAQsF
AAOCAQEAaL6csj3T1IGyOd/EOIAsQWfqU23lIoFeX43F4K6gAIGIvmKUxL4DJeE/
CGm0KunT0gqR99d5mgFMDYlUMIaNMl1PEIW8d98AhkfdYi30IP3vFgkXbTaaOXzo
Ip8lpzsQeyW833KGzH+lvoKGCb95b7EXEI+mEcBjbVtyPvftxLWudq3S8jwABy/q
n4D49usE+W7NkjMg2ZDQ99hRgI1kXWzojl7+6yQBBwsBQ+mhy6rQ6JMV+u3S06Z6
mRog+uppn053UaTyfduQnGuj89THbSqbLGTJbiu41uFaPYKviungWzH86lOvxJGb
WhiFb95I03R4FFJJkOIjjPpN4OrHZg==
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:52:56 2024 by rpki-client on console-fra.rpki-client.org