Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368A3D1/73732E56702811EBB2F96825F8AEA228/A0FB2C7A702811EBBEEF8C25F8AEA228.roa
File: A0FB2C7A702811EBBEEF8C25F8AEA228.roa (raw, json)
Hash identifier: WRA7vUkmweseystfPnsoSmxUQdjwHDtXfkHr1rmgxF8=
Subject key identifier: F6:5F:81:1F:BA:3D:B5:4B:8A:F5:BA:5E:39:9A:35:0D:0D:B5:46:BC
Certificate issuer: /CN=F368A3D1AF/serialNumber=AE51D25716DDB4CCA31B2E985E0A7525F7F4B9C6
Certificate serial: 02
Authority key identifier: AE:51:D2:57:16:DD:B4:CC:A3:1B:2E:98:5E:0A:75:25:F7:F4:B9:C6
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/rlHSVxbdtMyjGy6YXgp1Jff0ucY.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368A3D1/73732E56702811EBB2F96825F8AEA228/A0FB2C7A702811EBBEEF8C25F8AEA228.roa
Signing time: Tue 16 Feb 2021 07:28:57 +0000
ROA not before: Tue 16 Feb 2021 07:28:51 +0000
ROA not after: Fri 01 Feb 2030 07:28:51 +0000
asID: 328795
IP address blocks: 102.220.252.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368A3D1/73732E56702811EBB2F96825F8AEA228/rlHSVxbdtMyjGy6YXgp1Jff0ucY.crl
rsync://rpki.afrinic.net/repository/member_repository/F368A3D1/73732E56702811EBB2F96825F8AEA228/rlHSVxbdtMyjGy6YXgp1Jff0ucY.mft
rsync://rpki.afrinic.net/repository/afrinic/rlHSVxbdtMyjGy6YXgp1Jff0ucY.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368A3D1AF/serialNumber=AE51D25716DDB4CCA31B2E985E0A7525F7F4B9C6
Validity
Not Before: Feb 16 07:28:51 2021 GMT
Not After : Feb 1 07:28:51 2030 GMT
Subject: CN=602b7439-fd8b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:9a:01:59:77:c0:c4:90:79:fc:ab:1d:14:21:
c5:42:8f:36:9a:77:68:c7:3a:f1:b1:ac:43:9d:38:
03:3f:f6:d3:e3:a7:49:b9:de:b2:4a:a4:1a:3a:87:
b9:7c:39:e1:01:4b:72:58:15:d0:dd:fd:a6:f0:d0:
80:ad:c8:ad:39:7b:53:d9:35:d3:b0:48:f5:08:34:
f0:fc:f5:b8:16:3a:92:da:58:13:79:ed:78:cd:72:
71:33:06:37:71:6b:0a:2c:42:35:49:96:13:d8:0e:
2a:6e:44:a9:80:f2:c5:85:7b:93:1e:29:04:8e:27:
0a:70:c6:b4:51:2b:9c:8f:b6:52:69:b9:54:bb:3b:
86:bd:70:ba:ea:66:22:bc:89:02:44:bd:33:55:55:
a7:0d:9a:ec:63:7c:ea:de:98:87:db:12:f1:e3:5b:
7c:c9:56:6c:80:69:21:7b:64:cb:70:a6:11:cb:e7:
54:b6:88:9b:9b:53:41:a3:e6:67:77:8e:95:43:1e:
81:a6:7e:d7:4f:1c:02:27:24:ab:32:d7:5b:89:63:
5a:27:f9:23:5d:4e:fe:af:4f:5d:b4:7c:27:16:87:
bd:67:72:d4:d0:b5:37:0b:99:8a:2b:c5:4c:4a:7e:
a8:45:6f:6d:34:3e:50:11:3c:6d:b8:1d:86:f0:df:
8c:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:5F:81:1F:BA:3D:B5:4B:8A:F5:BA:5E:39:9A:35:0D:0D:B5:46:BC
X509v3 Authority Key Identifier:
keyid:AE:51:D2:57:16:DD:B4:CC:A3:1B:2E:98:5E:0A:75:25:F7:F4:B9:C6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368A3D1/73732E56702811EBB2F96825F8AEA228/rlHSVxbdtMyjGy6YXgp1Jff0ucY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/rlHSVxbdtMyjGy6YXgp1Jff0ucY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368A3D1/73732E56702811EBB2F96825F8AEA228/A0FB2C7A702811EBBEEF8C25F8AEA228.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.220.252.0/22
Signature Algorithm: sha256WithRSAEncryption
83:9a:c9:46:89:0e:bd:c2:40:ce:2c:5f:6a:60:5e:17:ad:84:
10:92:c4:ce:b3:e7:9a:8e:d8:a3:bc:9e:e7:a6:a5:c0:20:9e:
4f:ce:6d:3c:4c:4c:85:b0:a8:33:0e:9b:4d:01:7a:b8:cf:a6:
da:e9:1a:8b:df:cf:d4:f8:78:5c:b6:aa:9d:dd:ee:9f:8f:a3:
1c:64:33:16:6a:e8:e8:82:4b:0f:3e:ac:17:64:78:0e:d7:07:
30:78:f0:ab:b2:23:9c:bb:86:d8:b5:d7:e9:0c:cf:47:40:5c:
38:3d:1e:3d:02:92:6d:24:5c:a3:dd:3c:85:62:95:27:e6:ab:
c8:78:fa:1c:47:87:42:41:51:fa:4d:72:cc:54:57:df:a2:b3:
49:fb:bd:ed:2c:3d:1a:9a:71:8c:81:3e:0f:09:2f:ef:86:6a:
31:8d:64:71:38:9b:af:6a:a2:93:f6:9c:08:d9:1c:e5:94:75:
62:a4:da:bc:5e:ae:02:6a:3d:93:cb:f2:f5:d1:ba:8c:32:a5:
aa:f4:fd:f8:05:f4:a2:52:c8:f7:3d:22:f0:6b:a3:d9:9c:0d:
6f:97:54:28:d3:de:02:c9:2c:4d:89:74:06:69:2a:2a:cc:85:
47:06:df:56:96:04:ba:b4:06:3f:b4:b2:c2:5b:f1:d9:dd:21:
25:e1:23:14
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY4
QTNEMUFGMTEwLwYDVQQFEyhBRTUxRDI1NzE2RERCNENDQTMxQjJFOTg1RTBBNzUy
NUY3RjRCOUM2MB4XDTIxMDIxNjA3Mjg1MVoXDTMwMDIwMTA3Mjg1MVowGDEWMBQG
A1UEAxMNNjAyYjc0MzktZmQ4YjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMmaAVl3wMSQefyrHRQhxUKPNpp3aMc68bGsQ504Az/20+OnSbneskqkGjqH
uXw54QFLclgV0N39pvDQgK3IrTl7U9k107BI9Qg08Pz1uBY6ktpYE3nteM1ycTMG
N3FrCixCNUmWE9gOKm5EqYDyxYV7kx4pBI4nCnDGtFErnI+2Umm5VLs7hr1wuupm
IryJAkS9M1VVpw2a7GN86t6Yh9sS8eNbfMlWbIBpIXtky3CmEcvnVLaIm5tTQaPm
Z3eOlUMegaZ+108cAickqzLXW4ljWif5I11O/q9PXbR8JxaHvWdy1NC1NwuZiivF
TEp+qEVvbTQ+UBE8bbgdhvDfjC0CAwEAAaOCAqUwggKhMB0GA1UdDgQWBBT2X4Ef
uj21S4r1ul45mjUNDbVGvDAfBgNVHSMEGDAWgBSuUdJXFt20zKMbLpheCnUl9/S5
xjAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2OEEzRDEvNzM3MzJFNTY3MDI4MTFFQkIyRjk2ODI1RjhBRUEyMjgvcmxIU1Z4
YmR0TXlqR3k2WVhncDFKZmYwdWNZLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvcmxIU1Z4YmR0TXlqR3k2WVhncDFKZmYwdWNZLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2OEEzRDEvNzM3MzJFNTY3MDI4MTFFQkIyRjk2ODI1RjhB
RUEyMjgvQTBGQjJDN0E3MDI4MTFFQkJFRUY4QzI1RjhBRUEyMjgucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAmbc/DANBgkqhkiG9w0BAQsF
AAOCAQEAg5rJRokOvcJAzixfamBeF62EEJLEzrPnmo7Yo7ye56alwCCeT85tPExM
hbCoMw6bTQF6uM+m2ukai9/P1Ph4XLaqnd3un4+jHGQzFmro6IJLDz6sF2R4DtcH
MHjwq7IjnLuG2LXX6QzPR0BcOD0ePQKSbSRco908hWKVJ+aryHj6HEeHQkFR+k1y
zFRX36KzSfu97Sw9GppxjIE+Dwkv74ZqMY1kcTibr2qik/acCNkc5ZR1YqTavF6u
Amo9k8vy9dG6jDKlqvT9+AX0olLI9z0i8Guj2ZwNb5dUKNPeAsksTYl0BmkqKsyF
RwbfVpYEurQGP7Sywlvx2d0hJeEjFA==
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:03:47 2024 by rpki-client on console-ams.rpki-client.org