Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3689E12/6C60968A6A3811EBA7C88C32F8AEA228/9A4E88A46A3811EBADA4CE32F8AEA228.roa
File: 9A4E88A46A3811EBADA4CE32F8AEA228.roa (raw, json)
Hash identifier: JNx7J58GczpcPwlSR22R5up1pCKZvY5JopK+aTD668U=
Subject key identifier: EC:3D:BE:45:20:3C:18:A1:53:76:A0:40:38:87:78:D4:51:F0:E4:93
Certificate issuer: /CN=F3689E12AF/serialNumber=129892B59BEE90BFA468E5445C4AD1D0169E11D9
Certificate serial: 02
Authority key identifier: 12:98:92:B5:9B:EE:90:BF:A4:68:E5:44:5C:4A:D1:D0:16:9E:11:D9
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/EpiStZvukL-kaOVEXErR0BaeEdk.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3689E12/6C60968A6A3811EBA7C88C32F8AEA228/9A4E88A46A3811EBADA4CE32F8AEA228.roa
Signing time: Mon 08 Feb 2021 18:08:11 +0000
ROA not before: Mon 08 Feb 2021 18:08:04 +0000
ROA not after: Fri 01 Feb 2030 18:08:04 +0000
asID: 328735
IP address blocks: 102.222.136.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3689E12/6C60968A6A3811EBA7C88C32F8AEA228/EpiStZvukL-kaOVEXErR0BaeEdk.crl
rsync://rpki.afrinic.net/repository/member_repository/F3689E12/6C60968A6A3811EBA7C88C32F8AEA228/EpiStZvukL-kaOVEXErR0BaeEdk.mft
rsync://rpki.afrinic.net/repository/afrinic/EpiStZvukL-kaOVEXErR0BaeEdk.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 09 May 2024 00:04:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3689E12AF/serialNumber=129892B59BEE90BFA468E5445C4AD1D0169E11D9
Validity
Not Before: Feb 8 18:08:04 2021 GMT
Not After : Feb 1 18:08:04 2030 GMT
Subject: CN=60217e0a-bd8f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:94:ff:d5:b3:8f:f9:97:03:2c:c3:3e:7c:4b:
d6:03:66:8a:b1:2a:1d:7d:e7:2f:bd:0c:db:05:a9:
2a:7e:de:19:5b:63:63:1d:77:b0:e7:e4:50:45:26:
17:b7:14:82:21:52:5a:7b:03:15:7e:89:26:f7:bb:
90:3f:cc:23:88:84:0a:0f:fd:80:75:6c:36:3e:7f:
1f:b8:f2:a2:5d:ab:f8:57:e5:74:3f:5f:d3:f5:6c:
18:74:cd:71:89:ec:28:d6:2c:7b:24:cb:f8:44:e2:
02:f1:7d:10:bf:a1:3d:c9:51:34:50:01:3c:0c:ff:
ab:a4:87:49:96:e6:85:9c:ec:01:a2:25:22:3a:71:
b9:ec:e8:e7:41:94:6a:59:81:32:b2:a4:2c:89:27:
20:1e:fb:2f:7c:32:27:2c:fa:4b:1b:47:11:70:86:
0f:d8:62:59:64:b9:7b:ec:e9:6f:6e:5a:91:09:23:
45:6c:0e:74:94:8d:3c:e7:22:84:6e:ba:76:59:32:
e9:80:b8:1b:31:cf:25:a6:71:6d:fc:df:41:68:1c:
57:b8:56:67:89:7c:80:7a:bc:94:85:81:8f:bf:dd:
0c:ea:18:0e:ef:ef:b2:6b:e6:f9:34:53:18:3b:80:
f2:ac:92:30:bc:ba:74:f1:b8:45:a6:a3:8c:0a:7a:
18:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:3D:BE:45:20:3C:18:A1:53:76:A0:40:38:87:78:D4:51:F0:E4:93
X509v3 Authority Key Identifier:
keyid:12:98:92:B5:9B:EE:90:BF:A4:68:E5:44:5C:4A:D1:D0:16:9E:11:D9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3689E12/6C60968A6A3811EBA7C88C32F8AEA228/EpiStZvukL-kaOVEXErR0BaeEdk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/EpiStZvukL-kaOVEXErR0BaeEdk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3689E12/6C60968A6A3811EBA7C88C32F8AEA228/9A4E88A46A3811EBADA4CE32F8AEA228.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.222.136.0/23
Signature Algorithm: sha256WithRSAEncryption
98:78:b1:52:fa:65:46:9e:a1:19:22:ff:22:78:d5:ec:92:6d:
fb:9a:45:a7:6e:0d:7a:5c:84:99:06:e8:03:ea:2e:eb:ef:a2:
1c:7e:05:d2:d0:97:1c:49:d9:d7:2f:0b:33:7f:8e:30:6e:06:
fa:02:11:a1:c2:78:88:d3:c5:17:e2:4e:a9:28:5e:bc:0f:53:
20:fa:36:de:05:48:31:16:a4:3f:72:b1:cc:28:f3:9e:1a:f1:
4e:ee:fd:67:46:b3:27:18:67:3e:b4:47:a2:c1:b5:2e:5e:79:
2d:92:14:fe:1d:f5:ac:fc:e4:71:c7:10:aa:f4:0f:08:f7:f3:
8c:a9:e0:19:17:80:bd:dc:83:b3:10:8b:ec:09:e8:e9:4a:53:
a3:8e:1d:7b:84:34:7e:34:09:82:8f:c5:38:2a:9c:c6:6c:94:
d7:3c:2e:02:e1:dd:d2:11:92:5b:3d:01:29:8d:e9:73:2b:91:
08:19:0c:90:59:b3:f9:91:81:b5:9c:f5:82:05:a1:da:53:33:
c6:0d:49:d4:8b:4a:9b:80:72:eb:e6:8f:96:c4:03:76:79:a1:
7c:cd:55:31:30:5f:dd:34:9f:c1:cf:3a:a9:8e:e7:f8:b6:9b:
b2:a9:f2:62:a9:fe:14:06:68:28:31:93:d0:ac:3a:c8:ec:97:
4b:91:a7:6a
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY4
OUUxMkFGMTEwLwYDVQQFEygxMjk4OTJCNTlCRUU5MEJGQTQ2OEU1NDQ1QzRBRDFE
MDE2OUUxMUQ5MB4XDTIxMDIwODE4MDgwNFoXDTMwMDIwMTE4MDgwNFowGDEWMBQG
A1UEAxMNNjAyMTdlMGEtYmQ4ZjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANyU/9Wzj/mXAyzDPnxL1gNmirEqHX3nL70M2wWpKn7eGVtjYx13sOfkUEUm
F7cUgiFSWnsDFX6JJve7kD/MI4iECg/9gHVsNj5/H7jyol2r+FfldD9f0/VsGHTN
cYnsKNYseyTL+ETiAvF9EL+hPclRNFABPAz/q6SHSZbmhZzsAaIlIjpxuezo50GU
almBMrKkLIknIB77L3wyJyz6SxtHEXCGD9hiWWS5e+zpb25akQkjRWwOdJSNPOci
hG66dlky6YC4GzHPJaZxbfzfQWgcV7hWZ4l8gHq8lIWBj7/dDOoYDu/vsmvm+TRT
GDuA8qySMLy6dPG4RaajjAp6GNMCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBTsPb5F
IDwYoVN2oEA4h3jUUfDkkzAfBgNVHSMEGDAWgBQSmJK1m+6Qv6Ro5URcStHQFp4R
2TAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2ODlFMTIvNkM2MDk2OEE2QTM4MTFFQkE3Qzg4QzMyRjhBRUEyMjgvRXBpU3Ra
dnVrTC1rYU9WRVhFclIwQmFlRWRrLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvRXBpU3RadnVrTC1rYU9WRVhFclIwQmFlRWRrLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2ODlFMTIvNkM2MDk2OEE2QTM4MTFFQkE3Qzg4QzMyRjhB
RUEyMjgvOUE0RTg4QTQ2QTM4MTFFQkFEQTRDRTMyRjhBRUEyMjgucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAWbeiDANBgkqhkiG9w0BAQsF
AAOCAQEAmHixUvplRp6hGSL/InjV7JJt+5pFp24NelyEmQboA+ou6++iHH4F0tCX
HEnZ1y8LM3+OMG4G+gIRocJ4iNPFF+JOqShevA9TIPo23gVIMRakP3KxzCjznhrx
Tu79Z0azJxhnPrRHosG1Ll55LZIU/h31rPzkcccQqvQPCPfzjKngGReAvdyDsxCL
7Ano6UpTo44de4Q0fjQJgo/FOCqcxmyU1zwuAuHd0hGSWz0BKY3pcyuRCBkMkFmz
+ZGBtZz1ggWh2lMzxg1J1ItKm4By6+aPlsQDdnmhfM1VMTBf3TSfwc86qY7n+Lab
sqnyYqn+FAZoKDGT0Kw6yOyXS5Gnag==
-----END CERTIFICATE-----
Generated at Tue May 7 01:57:35 2024 by rpki-client on console-fra.rpki-client.org