Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3693AE0/BBE52FF200E111EFAF84D607017001B1/109E9816058E11EF9F2E082A017001B1.roa
File: 109E9816058E11EF9F2E082A017001B1.roa (raw, json)
Hash identifier: awGoqbBSAx/fCGhKKOOxrJpeJJgZ+sWJhXA1UCAvdvs=
Subject key identifier: 3D:F7:A7:AB:79:D3:F2:E2:AA:8B:71:83:C5:69:3B:B8:DF:2B:0B:48
Certificate issuer: /CN=F3693AE0AF/serialNumber=09B34E133639D3B4EE351613B8A60D6B1902AD63
Certificate serial: 11
Authority key identifier: 09:B3:4E:13:36:39:D3:B4:EE:35:16:13:B8:A6:0D:6B:19:02:AD:63
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/CbNOEzY507TuNRYTuKYNaxkCrWM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3693AE0/BBE52FF200E111EFAF84D607017001B1/109E9816058E11EF9F2E082A017001B1.roa
Signing time: Sun 28 Apr 2024 18:35:19 +0000
ROA not before: Sun 28 Apr 2024 18:35:16 +0000
ROA not after: Tue 31 Dec 2030 18:35:16 +0000
asID: 328586
IP address blocks: 102.22.234.0/24 maxlen: 24
102.22.235.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3693AE0/BBE52FF200E111EFAF84D607017001B1/CbNOEzY507TuNRYTuKYNaxkCrWM.crl
rsync://rpki.afrinic.net/repository/member_repository/F3693AE0/BBE52FF200E111EFAF84D607017001B1/CbNOEzY507TuNRYTuKYNaxkCrWM.mft
rsync://rpki.afrinic.net/repository/afrinic/CbNOEzY507TuNRYTuKYNaxkCrWM.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 21 Feb 2025 02:59:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17 (0x11)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3693AE0AF
Validity
Not Before: Apr 28 18:35:16 2024 GMT
Not After : Dec 31 18:35:16 2030 GMT
Subject: CN=662e96e7-bc04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:5c:94:56:65:b3:a9:0e:d5:18:29:ce:20:53:
a1:f5:f6:f2:a5:ad:a9:e3:d3:b7:09:d3:9b:ed:6e:
bc:0e:e6:86:eb:d6:90:e9:6d:35:ee:68:92:16:36:
6b:49:09:d0:d1:49:d6:50:84:c1:d5:3d:50:cf:0e:
c4:46:71:55:57:e7:33:b4:58:4e:d6:ee:a7:63:19:
4c:a2:c8:74:30:d3:eb:e3:fc:fe:51:15:25:f3:9d:
7f:7d:06:d1:96:f1:d8:9d:26:25:67:16:8e:4c:9e:
0d:ed:36:d3:cb:e9:d6:ac:2a:07:c1:a5:ec:73:cd:
87:72:de:97:91:0b:25:20:f9:9f:c8:9a:fe:2c:01:
6d:47:87:19:ec:13:b0:05:96:ae:8b:d3:c1:cb:a5:
91:59:1b:79:c9:6b:cb:3a:8e:6a:da:ee:93:4e:ed:
ef:94:9c:eb:bc:a2:e7:4b:a4:97:0d:14:2c:4d:12:
5a:4a:cd:af:73:08:c9:7e:98:db:60:0e:b9:e5:57:
31:2f:46:2c:b9:01:5d:f1:1a:e5:c8:06:98:42:e7:
a3:28:e9:1f:a9:54:af:e7:84:4c:0c:33:23:e6:06:
db:52:9b:0e:79:f0:27:df:78:06:d8:a6:e9:5a:a3:
12:28:fa:6b:c4:b7:67:6b:bd:bc:b5:42:b1:21:bf:
a1:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:F7:A7:AB:79:D3:F2:E2:AA:8B:71:83:C5:69:3B:B8:DF:2B:0B:48
X509v3 Authority Key Identifier:
keyid:09:B3:4E:13:36:39:D3:B4:EE:35:16:13:B8:A6:0D:6B:19:02:AD:63
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3693AE0/BBE52FF200E111EFAF84D607017001B1/CbNOEzY507TuNRYTuKYNaxkCrWM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CbNOEzY507TuNRYTuKYNaxkCrWM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3693AE0/BBE52FF200E111EFAF84D607017001B1/109E9816058E11EF9F2E082A017001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.22.234.0/23
Signature Algorithm: sha256WithRSAEncryption
63:03:4f:d4:5b:98:ef:a3:d6:3a:54:ed:1e:e9:9b:f5:ad:27:
09:22:94:ae:0a:4d:b4:fe:e8:2a:14:f6:46:6f:65:a9:fd:c2:
24:a6:0a:44:d3:0a:6e:77:05:6f:de:bc:74:f7:8b:2a:60:a1:
ef:55:74:6d:74:bc:4c:94:49:d0:cc:e1:77:ea:5b:90:b7:0c:
df:b0:7c:0e:1e:3a:20:ab:90:06:1e:30:06:17:f7:22:de:c4:
f3:60:bc:44:64:3f:51:8c:de:e3:d5:ee:54:69:62:b7:e0:93:
cb:49:52:a6:fd:4d:63:3b:22:70:19:64:ea:b4:7a:bb:1a:fa:
15:0b:73:e9:56:6f:f8:a1:34:d6:e8:68:94:c2:d2:83:74:ce:
e6:fa:40:dd:99:b8:4e:aa:7f:00:50:17:7e:5d:d3:dd:85:81:
f5:62:84:8d:d4:08:36:a9:08:6c:71:bd:bb:10:ac:1f:94:82:
4a:0e:33:36:ed:18:2e:c8:4e:10:b0:98:f9:e9:f2:95:3e:ff:
91:36:ad:c4:bb:8f:e2:87:7a:21:f5:93:65:7c:61:66:61:e4:
bd:28:9e:99:4e:91:8d:0f:78:5c:e4:22:ae:f4:d1:d3:e4:73:
00:43:ff:9d:d9:67:29:57:d4:79:64:d4:35:ed:3d:5e:8b:6f:
c9:37:2e:ec
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBETANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY5
M0FFMEFGMTEwLwYDVQQFEygwOUIzNEUxMzM2MzlEM0I0RUUzNTE2MTNCOEE2MEQ2
QjE5MDJBRDYzMB4XDTI0MDQyODE4MzUxNloXDTMwMTIzMTE4MzUxNlowGDEWMBQG
A1UEAxMNNjYyZTk2ZTctYmMwNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM5clFZls6kO1RgpziBTofX28qWtqePTtwnTm+1uvA7mhuvWkOltNe5okhY2
a0kJ0NFJ1lCEwdU9UM8OxEZxVVfnM7RYTtbup2MZTKLIdDDT6+P8/lEVJfOdf30G
0Zbx2J0mJWcWjkyeDe0208vp1qwqB8Gl7HPNh3Lel5ELJSD5n8ia/iwBbUeHGewT
sAWWrovTwculkVkbeclryzqOatruk07t75Sc67yi50uklw0ULE0SWkrNr3MIyX6Y
22AOueVXMS9GLLkBXfEa5cgGmELnoyjpH6lUr+eETAwzI+YG21KbDnnwJ994Btim
6VqjEij6a8S3Z2u9vLVCsSG/oTUCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBQ996er
edPy4qqLcYPFaTu43ysLSDAfBgNVHSMEGDAWgBQJs04TNjnTtO41FhO4pg1rGQKt
YzAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2OTNBRTAvQkJFNTJGRjIwMEUxMTFFRkFGODRENjA3MDE3MDAxQjEvQ2JOT0V6
WTUwN1R1TlJZVHVLWU5heGtDcldNLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvQ2JOT0V6WTUwN1R1TlJZVHVLWU5heGtDcldNLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2OTNBRTAvQkJFNTJGRjIwMEUxMTFFRkFGODRENjA3MDE3
MDAxQjEvMTA5RTk4MTYwNThFMTFFRjlGMkUwODJBMDE3MDAxQjEucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAWYW6jANBgkqhkiG9w0BAQsF
AAOCAQEAYwNP1FuY76PWOlTtHumb9a0nCSKUrgpNtP7oKhT2Rm9lqf3CJKYKRNMK
bncFb968dPeLKmCh71V0bXS8TJRJ0Mzhd+pbkLcM37B8Dh46IKuQBh4wBhf3It7E
82C8RGQ/UYze49XuVGlit+CTy0lSpv1NYzsicBlk6rR6uxr6FQtz6VZv+KE01uho
lMLSg3TO5vpA3Zm4Tqp/AFAXfl3T3YWB9WKEjdQINqkIbHG9uxCsH5SCSg4zNu0Y
LshOELCY+enylT7/kTatxLuP4od6IfWTZXxhZmHkvSiemU6RjQ94XOQirvTR0+Rz
AEP/ndlnKVfUeWTUNe09XotvyTcu7A==
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:46:09 2025 by rpki-client