Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3695C0A/4F556FEAAB7511ED93E656AFF1222468/CBC1D6C0BD9211EDB6D226DDF1222468.roa
File: CBC1D6C0BD9211EDB6D226DDF1222468.roa (raw, json)
Hash identifier: qTwXULSySx53cW1Nc4h52dh7OSZyRV1CiS+RYF1a1tQ=
Subject key identifier: 0B:4E:0D:30:45:AC:8D:5F:11:7B:A8:C5:14:C4:FA:AD:5C:DE:A8:1F
Certificate issuer: /CN=F3695C0AAF/serialNumber=E4817CF6E3DA05025019FFD5AABBB7838475F29B
Certificate serial: 1A
Authority key identifier: E4:81:7C:F6:E3:DA:05:02:50:19:FF:D5:AA:BB:B7:83:84:75:F2:9B
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/5IF89uPaBQJQGf_Vqru3g4R18ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3695C0A/4F556FEAAB7511ED93E656AFF1222468/CBC1D6C0BD9211EDB6D226DDF1222468.roa
Signing time: Wed 08 Mar 2023 09:22:50 +0000
ROA not before: Wed 08 Mar 2023 09:22:46 +0000
ROA not after: Tue 08 Mar 2033 09:22:46 +0000
asID: 328631
IP address blocks: 102.212.148.0/22 maxlen: 24
2c0f:5880::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3695C0A/4F556FEAAB7511ED93E656AFF1222468/5IF89uPaBQJQGf_Vqru3g4R18ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F3695C0A/4F556FEAAB7511ED93E656AFF1222468/5IF89uPaBQJQGf_Vqru3g4R18ps.mft
rsync://rpki.afrinic.net/repository/afrinic/5IF89uPaBQJQGf_Vqru3g4R18ps.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 09 May 2024 00:04:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 26 (0x1a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3695C0AAF/serialNumber=E4817CF6E3DA05025019FFD5AABBB7838475F29B
Validity
Not Before: Mar 8 09:22:46 2023 GMT
Not After : Mar 8 09:22:46 2033 GMT
Subject: CN=640853ea-667f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:f4:ab:e0:bb:74:89:7b:f6:49:e7:6b:11:3d:
20:33:0f:b7:9d:05:72:46:a3:dd:3a:fb:01:3b:9a:
24:84:ce:a1:a9:72:2e:5a:91:f2:59:7e:66:fb:db:
c5:46:96:cc:46:3e:2b:ce:ba:80:fc:47:58:62:3b:
59:fd:f0:a2:0b:ab:36:74:30:68:a5:fe:77:05:fe:
e2:8a:14:90:52:57:03:c2:d1:d6:ae:b4:38:77:1f:
53:14:e7:2d:5f:ba:76:e3:03:3c:df:6d:2d:fb:de:
68:d2:6d:db:b3:3b:33:79:a8:7a:83:17:95:ca:66:
f7:8f:97:8b:c5:a6:10:f0:1d:9e:bf:da:c7:c4:53:
4f:b3:74:ef:1b:de:e0:0d:af:94:7d:38:2f:57:48:
39:b8:8c:6e:fd:7b:16:89:a1:64:44:7d:7c:0f:cf:
c1:f3:af:ed:19:6e:ab:24:f2:9b:83:52:ae:3e:18:
f3:e4:95:90:df:d4:dd:6a:41:65:45:e5:f4:9a:f2:
87:26:2e:7d:fb:5c:fa:4f:8e:94:9a:35:73:bc:c7:
84:c1:53:2d:95:39:15:48:70:83:11:9c:6c:de:cf:
5c:73:87:2a:16:1b:47:d3:bc:4c:69:53:1d:1f:e4:
d0:7b:3a:b7:61:76:2c:f4:18:4b:89:1a:04:6f:c6:
e3:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:4E:0D:30:45:AC:8D:5F:11:7B:A8:C5:14:C4:FA:AD:5C:DE:A8:1F
X509v3 Authority Key Identifier:
keyid:E4:81:7C:F6:E3:DA:05:02:50:19:FF:D5:AA:BB:B7:83:84:75:F2:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3695C0A/4F556FEAAB7511ED93E656AFF1222468/5IF89uPaBQJQGf_Vqru3g4R18ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/5IF89uPaBQJQGf_Vqru3g4R18ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3695C0A/4F556FEAAB7511ED93E656AFF1222468/CBC1D6C0BD9211EDB6D226DDF1222468.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.212.148.0/22
IPv6:
2c0f:5880::/32
Signature Algorithm: sha256WithRSAEncryption
56:67:45:a5:9c:3b:f4:46:89:ba:41:5c:0d:bd:89:2b:8a:bf:
df:de:a6:8e:c9:01:ff:8b:77:1f:b5:ed:3b:fc:46:a4:b5:30:
b5:c8:21:65:95:c1:52:15:b3:5a:ee:c0:b1:2c:24:81:bf:24:
2d:73:3b:ff:ce:21:a5:1d:02:b2:1a:da:8c:f2:8c:05:13:e7:
60:e4:95:5e:66:0b:d3:0a:4c:ab:ad:66:99:cf:c2:0e:39:09:
f5:d7:ca:50:8e:75:67:84:68:4e:16:c4:6b:c2:a5:40:f1:de:
92:d0:83:ea:b3:a6:00:58:af:4b:2a:9f:04:ad:6d:7a:7e:b5:
05:09:6e:8a:d8:3b:56:f8:2d:4e:29:5a:2c:ad:90:2a:9c:7f:
f6:85:67:14:8f:29:8e:43:d2:51:c0:30:36:9a:e3:e5:7c:06:
8f:ca:c5:cf:76:db:3d:29:ef:88:06:90:ed:f8:b5:4e:50:7e:
5a:ee:a4:59:7a:3c:c7:30:4e:60:54:06:bf:12:f1:ef:cf:6c:
d3:41:66:45:b4:bf:31:14:3b:65:ec:a4:5b:69:36:75:65:68:
db:22:88:13:75:5b:3a:46:b2:11:ea:fe:e4:ce:35:94:03:72:
36:62:5d:16:dc:bf:0f:6f:c6:80:dd:8f:46:d1:88:cc:9d:14:
2c:b1:83:7b
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgIBGjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDDApGMzY5
NUMwQUFGMTEwLwYDVQQFEyhFNDgxN0NGNkUzREEwNTAyNTAxOUZGRDVBQUJCQjc4
Mzg0NzVGMjlCMB4XDTIzMDMwODA5MjI0NloXDTMzMDMwODA5MjI0NlowGDEWMBQG
A1UEAwwNNjQwODUzZWEtNjY3ZjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMf0q+C7dIl79knnaxE9IDMPt50Fckaj3Tr7ATuaJITOoalyLlqR8ll+Zvvb
xUaWzEY+K866gPxHWGI7Wf3wogurNnQwaKX+dwX+4ooUkFJXA8LR1q60OHcfUxTn
LV+6duMDPN9tLfveaNJt27M7M3moeoMXlcpm94+Xi8WmEPAdnr/ax8RTT7N07xve
4A2vlH04L1dIObiMbv17FomhZER9fA/PwfOv7RluqyTym4NSrj4Y8+SVkN/U3WpB
ZUXl9JryhyYufftc+k+OlJo1c7zHhMFTLZU5FUhwgxGcbN7PXHOHKhYbR9O8TGlT
HR/k0Hs6t2F2LPQYS4kaBG/G49cCAwEAAaOCArQwggKwMB0GA1UdDgQWBBQLTg0w
RayNXxF7qMUUxPqtXN6oHzAfBgNVHSMEGDAWgBTkgXz249oFAlAZ/9Wqu7eDhHXy
mzAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2OTVDMEEvNEY1NTZGRUFBQjc1MTFFRDkzRTY1NkFGRjEyMjI0NjgvNUlGODl1
UGFCUUpRR2ZfVnFydTNnNFIxOHBzLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvNUlGODl1UGFCUUpRR2ZfVnFydTNnNFIxOHBzLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2OTVDMEEvNEY1NTZGRUFBQjc1MTFFRDkzRTY1NkFGRjEy
MjI0NjgvQ0JDMUQ2QzBCRDkyMTFFREI2RDIyNkRERjEyMjI0Njgucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAmbUlDANBAIAAjAHAwUALA9Y
gDANBgkqhkiG9w0BAQsFAAOCAQEAVmdFpZw79EaJukFcDb2JK4q/396mjskB/4t3
H7XtO/xGpLUwtcghZZXBUhWzWu7AsSwkgb8kLXM7/84hpR0CshrajPKMBRPnYOSV
XmYL0wpMq61mmc/CDjkJ9dfKUI51Z4RoThbEa8KlQPHektCD6rOmAFivSyqfBK1t
en61BQluitg7VvgtTilaLK2QKpx/9oVnFI8pjkPSUcAwNprj5XwGj8rFz3bbPSnv
iAaQ7fi1TlB+Wu6kWXo8xzBOYFQGvxLx789s00FmRbS/MRQ7ZeykW2k2dWVo2yKI
E3VbOkayEer+5M41lANyNmJdFty/D2/GgN2PRtGIzJ0ULLGDew==
-----END CERTIFICATE-----
Generated at Tue May 7 03:10:14 2024 by rpki-client on console-ams.rpki-client.org