Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3690D01/1C287B8C637E11EEB7B0817C4AD9E6FC/B5BAB51C637E11EEBB2D437E4AD9E6FC.roa
File: B5BAB51C637E11EEBB2D437E4AD9E6FC.roa (raw, json)
Hash identifier: lTgo88jgYIBRxqWVkQ/cnQHAMBRJfU2wE+z/YeI8Onc=
Subject key identifier: 70:26:D8:87:52:79:70:76:35:83:1D:2B:16:C2:28:EB:28:5E:A7:73
Certificate issuer: /CN=F3690D01AF/serialNumber=83D1D1576065E0501F2D74744D5145D34D6A72AA
Certificate serial: 02
Authority key identifier: 83:D1:D1:57:60:65:E0:50:1F:2D:74:74:4D:51:45:D3:4D:6A:72:AA
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/g9HRV2Bl4FAfLXR0TVFF001qcqo.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3690D01/1C287B8C637E11EEB7B0817C4AD9E6FC/B5BAB51C637E11EEBB2D437E4AD9E6FC.roa
Signing time: Thu 05 Oct 2023 12:57:16 +0000
ROA not before: Thu 05 Oct 2023 12:57:12 +0000
ROA not after: Wed 05 Oct 2033 12:57:12 +0000
asID: 329289
IP address blocks: 102.211.220.0/22 maxlen: 24
2c0f:f40::/32 maxlen: 64
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3690D01/1C287B8C637E11EEB7B0817C4AD9E6FC/g9HRV2Bl4FAfLXR0TVFF001qcqo.crl
rsync://rpki.afrinic.net/repository/member_repository/F3690D01/1C287B8C637E11EEB7B0817C4AD9E6FC/g9HRV2Bl4FAfLXR0TVFF001qcqo.mft
rsync://rpki.afrinic.net/repository/afrinic/g9HRV2Bl4FAfLXR0TVFF001qcqo.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3690D01AF/serialNumber=83D1D1576065E0501F2D74744D5145D34D6A72AA
Validity
Not Before: Oct 5 12:57:12 2023 GMT
Not After : Oct 5 12:57:12 2033 GMT
Subject: CN=651eb2ac-a2dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:a7:b5:10:2e:ed:34:1f:48:9f:a7:9d:14:87:
6a:90:1a:7e:65:39:87:f6:26:fc:fe:f6:9e:fb:31:
b1:d7:13:8b:b5:3d:46:0f:25:04:ce:d6:4e:80:eb:
6f:aa:fc:72:85:b3:53:9e:cf:aa:07:49:bd:58:70:
c3:be:54:ec:b7:33:96:b1:45:fe:75:e5:af:0a:f5:
e6:f9:9b:6c:eb:9c:7f:c8:e9:4c:78:3a:b2:1f:82:
1f:a4:9c:30:76:1e:77:02:8a:1b:37:3d:9a:2e:df:
e4:60:9c:e8:af:6c:e6:93:25:3b:22:6c:4d:5d:b3:
17:80:10:69:e9:c1:d1:8e:1b:b7:fb:37:bf:2d:d8:
21:2b:cc:2c:8f:87:9b:1f:ea:96:cd:26:f9:d9:27:
c7:9e:3b:2d:a5:07:0b:38:86:5c:91:df:6b:8b:58:
e0:e3:c1:03:62:55:34:68:de:74:15:32:59:3e:c0:
bf:41:86:be:03:91:11:86:08:f0:cf:1c:4f:66:50:
d7:2a:81:c7:68:0b:61:cd:81:ba:c2:e4:11:e7:56:
6d:9b:9d:df:c7:6b:46:0c:32:63:f7:41:df:76:4e:
5e:13:bd:b9:7f:79:28:8b:1b:6f:7e:86:d4:29:f7:
37:26:0b:16:89:42:26:96:4d:de:3d:87:65:df:a2:
61:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:26:D8:87:52:79:70:76:35:83:1D:2B:16:C2:28:EB:28:5E:A7:73
X509v3 Authority Key Identifier:
keyid:83:D1:D1:57:60:65:E0:50:1F:2D:74:74:4D:51:45:D3:4D:6A:72:AA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3690D01/1C287B8C637E11EEB7B0817C4AD9E6FC/g9HRV2Bl4FAfLXR0TVFF001qcqo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/g9HRV2Bl4FAfLXR0TVFF001qcqo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3690D01/1C287B8C637E11EEB7B0817C4AD9E6FC/B5BAB51C637E11EEBB2D437E4AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.211.220.0/22
IPv6:
2c0f:f40::/32
Signature Algorithm: sha256WithRSAEncryption
8d:71:b9:7c:ed:9b:b5:cc:b7:59:d4:86:bc:be:77:1f:22:a3:
67:d4:9b:d1:4d:8a:b2:8d:bf:5d:6f:b9:cc:35:c8:b9:88:4a:
bb:f5:ff:1e:d3:77:d1:2d:98:b5:85:b5:52:79:f4:20:ea:f0:
42:ad:6b:69:99:ef:1d:b1:f6:9b:99:c0:af:d9:28:72:5c:8c:
4b:3b:c7:18:29:10:dd:ac:c0:51:a5:f8:5b:8a:70:bc:90:43:
a7:f1:b3:49:2d:3d:44:b1:70:7e:65:04:89:9a:8b:4d:0e:3c:
1a:13:f8:92:06:0b:48:fa:2c:2b:a2:5e:e6:ab:bd:98:14:bb:
f4:6c:db:42:c5:b0:45:fb:c4:26:83:ae:35:44:56:97:7d:5b:
3b:3c:6f:81:c2:94:11:bc:fc:a3:a0:84:63:6b:27:f8:2a:c5:
bf:a8:b2:18:c2:91:9d:e7:c6:08:92:02:8e:2b:c9:13:6c:1d:
10:a9:9c:7a:e3:b5:9d:ed:4b:c6:36:5f:0d:0c:4e:9b:59:e5:
43:a0:32:86:be:e0:b7:4b:96:ad:9d:9c:a9:e9:2b:4f:c4:22:
7f:c5:cb:ee:11:8d:42:f1:00:86:96:5b:4d:32:23:d4:46:ee:
c5:6c:15:b5:48:72:43:aa:8a:f6:8b:20:61:ed:b4:13:7e:59:
da:05:b5:d4
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY5
MEQwMUFGMTEwLwYDVQQFEyg4M0QxRDE1NzYwNjVFMDUwMUYyRDc0NzQ0RDUxNDVE
MzRENkE3MkFBMB4XDTIzMTAwNTEyNTcxMloXDTMzMTAwNTEyNTcxMlowGDEWMBQG
A1UEAxMNNjUxZWIyYWMtYTJkZDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOyntRAu7TQfSJ+nnRSHapAafmU5h/Ym/P72nvsxsdcTi7U9Rg8lBM7WToDr
b6r8coWzU57PqgdJvVhww75U7LczlrFF/nXlrwr15vmbbOucf8jpTHg6sh+CH6Sc
MHYedwKKGzc9mi7f5GCc6K9s5pMlOyJsTV2zF4AQaenB0Y4bt/s3vy3YISvMLI+H
mx/qls0m+dknx547LaUHCziGXJHfa4tY4OPBA2JVNGjedBUyWT7Av0GGvgOREYYI
8M8cT2ZQ1yqBx2gLYc2BusLkEedWbZud38drRgwyY/dB33ZOXhO9uX95KIsbb36G
1Cn3NyYLFolCJpZN3j2HZd+iYSECAwEAAaOCArQwggKwMB0GA1UdDgQWBBRwJtiH
UnlwdjWDHSsWwijrKF6nczAfBgNVHSMEGDAWgBSD0dFXYGXgUB8tdHRNUUXTTWpy
qjAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2OTBEMDEvMUMyODdCOEM2MzdFMTFFRUI3QjA4MTdDNEFEOUU2RkMvZzlIUlYy
Qmw0RkFmTFhSMFRWRkYwMDFxY3FvLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvZzlIUlYyQmw0RkFmTFhSMFRWRkYwMDFxY3FvLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2OTBEMDEvMUMyODdCOEM2MzdFMTFFRUI3QjA4MTdDNEFE
OUU2RkMvQjVCQUI1MUM2MzdFMTFFRUJCMkQ0MzdFNEFEOUU2RkMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAmbT3DANBAIAAjAHAwUALA8P
QDANBgkqhkiG9w0BAQsFAAOCAQEAjXG5fO2btcy3WdSGvL53HyKjZ9Sb0U2Kso2/
XW+5zDXIuYhKu/X/HtN30S2YtYW1Unn0IOrwQq1raZnvHbH2m5nAr9koclyMSzvH
GCkQ3azAUaX4W4pwvJBDp/GzSS09RLFwfmUEiZqLTQ48GhP4kgYLSPosK6Je5qu9
mBS79GzbQsWwRfvEJoOuNURWl31bOzxvgcKUEbz8o6CEY2sn+CrFv6iyGMKRnefG
CJICjivJE2wdEKmceuO1ne1LxjZfDQxOm1nlQ6Ayhr7gt0uWrZ2cqekrT8Qif8XL
7hGNQvEAhpZbTTIj1EbuxWwVtUhyQ6qK9osgYe20E35Z2gW11A==
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:52:57 2024 by rpki-client on console-fra.rpki-client.org