Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36960E7/1C0AE63EEB7711EB80DE7C1ED8A014CE/873E69A426D411EE808251234AD9E6FC.roa
File: 873E69A426D411EE808251234AD9E6FC.roa (raw, json)
Hash identifier: aoo+0TPZ+18QyH80oIAYV8B61S0zAuLxyHBVzKd8FOQ=
Subject key identifier: 06:5A:C4:EA:51:83:9A:91:52:D7:DA:84:00:88:2D:36:14:11:63:C6
Certificate issuer: /CN=F36960E7AF/serialNumber=1F4DB9AC6B63108A19BDCDBEECFF449842C8D6A0
Certificate serial: 030B
Authority key identifier: 1F:4D:B9:AC:6B:63:10:8A:19:BD:CD:BE:EC:FF:44:98:42:C8:D6:A0
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/H025rGtjEIoZvc2-7P9EmELI1qA.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36960E7/1C0AE63EEB7711EB80DE7C1ED8A014CE/873E69A426D411EE808251234AD9E6FC.roa
Signing time: Thu 20 Jul 2023 08:07:54 +0000
ROA not before: Thu 20 Jul 2023 08:07:50 +0000
ROA not after: Fri 31 Jul 2026 08:07:50 +0000
asID: 328840
IP address blocks: 102.220.16.0/22 maxlen: 22
2c0f:4e00::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36960E7/1C0AE63EEB7711EB80DE7C1ED8A014CE/H025rGtjEIoZvc2-7P9EmELI1qA.crl
rsync://rpki.afrinic.net/repository/member_repository/F36960E7/1C0AE63EEB7711EB80DE7C1ED8A014CE/H025rGtjEIoZvc2-7P9EmELI1qA.mft
rsync://rpki.afrinic.net/repository/afrinic/H025rGtjEIoZvc2-7P9EmELI1qA.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 27 Nov 2024 00:05:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 779 (0x30b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36960E7AF/serialNumber=1F4DB9AC6B63108A19BDCDBEECFF449842C8D6A0
Validity
Not Before: Jul 20 08:07:50 2023 GMT
Not After : Jul 31 08:07:50 2026 GMT
Subject: CN=64b8eb5a-a8cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:9b:fd:cf:2b:05:cd:45:74:fb:fe:ad:bf:1c:
93:e3:fa:ed:07:57:63:09:c3:f5:71:7a:5b:e2:f4:
6f:84:f3:cb:af:0e:37:d6:38:10:a9:ba:18:74:01:
6a:85:ef:26:e4:0b:0b:76:f0:d0:20:1b:be:e5:bf:
7d:de:cc:29:3c:61:cb:ee:27:e9:c5:9d:cf:3d:a2:
c4:ba:3c:cc:a1:0a:02:6b:26:e0:65:e4:e0:ea:91:
59:8c:7a:34:83:a8:4c:9f:97:e0:3d:69:57:e5:ef:
bb:d9:9b:7b:3c:67:13:3c:2e:00:58:94:3e:18:02:
b1:85:48:45:4f:ea:e0:32:3e:6e:9d:0c:f2:65:97:
8d:bf:7d:ac:72:f1:18:07:91:36:5c:ac:10:73:4f:
61:9d:e9:ba:d4:7a:6f:0b:ae:1f:ca:a4:db:9d:a4:
f6:ce:05:77:94:d1:dd:8c:23:99:be:73:f9:05:99:
21:5a:ea:d7:90:6b:34:df:a8:c6:a3:ca:db:f7:4c:
f9:b3:07:0a:86:df:7b:ba:93:a3:0f:e2:e5:b9:b9:
26:dc:20:81:ef:18:c5:a6:8d:be:6d:76:89:21:6e:
12:a0:a3:7a:bc:9e:fd:94:db:fd:ff:6c:6a:4e:35:
25:ee:59:f4:b9:56:e8:1b:a3:c3:3b:d2:06:63:f2:
18:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:5A:C4:EA:51:83:9A:91:52:D7:DA:84:00:88:2D:36:14:11:63:C6
X509v3 Authority Key Identifier:
keyid:1F:4D:B9:AC:6B:63:10:8A:19:BD:CD:BE:EC:FF:44:98:42:C8:D6:A0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36960E7/1C0AE63EEB7711EB80DE7C1ED8A014CE/H025rGtjEIoZvc2-7P9EmELI1qA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/H025rGtjEIoZvc2-7P9EmELI1qA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36960E7/1C0AE63EEB7711EB80DE7C1ED8A014CE/873E69A426D411EE808251234AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.220.16.0/22
IPv6:
2c0f:4e00::/32
Signature Algorithm: sha256WithRSAEncryption
95:b3:d2:05:9b:a8:17:0d:0e:ee:b8:93:c5:4d:aa:dd:6e:5e:
9b:2a:19:67:62:92:11:1a:e4:52:bb:e9:4f:49:ff:dd:38:e5:
2f:5c:3e:f1:a4:65:b0:af:10:2e:dd:2c:cd:18:75:90:85:bf:
66:5a:c6:7b:c7:90:12:08:66:8d:17:2a:8f:75:0f:9b:c5:7c:
62:0e:f0:30:ee:97:82:27:a7:25:ca:1d:ec:af:2b:a9:6b:7b:
68:bd:f9:7a:18:4c:87:0b:db:db:9e:52:ee:23:91:89:6d:c6:
75:ad:8e:df:d9:b0:b5:72:a5:2b:a8:85:e0:9d:79:59:7b:71:
69:65:52:71:a6:20:f7:ff:22:67:1f:03:96:25:81:2f:e6:ef:
9b:1f:0b:bf:f2:f0:85:ec:fc:47:52:23:80:cb:28:04:19:6f:
90:4e:0d:30:ea:03:a1:6a:40:b8:5a:1b:cd:97:60:b6:68:6d:
9f:88:53:83:46:4f:ad:33:00:6c:41:1c:63:80:f1:22:33:ae:
4d:3d:59:ef:cb:bd:b7:eb:8f:4e:c2:8b:c9:5e:d3:08:de:29:
dd:09:e3:c9:86:db:07:5b:d9:fb:b3:b6:af:3a:57:df:b7:f0:
b1:70:fc:25:13:63:c0:85:94:73:64:d5:1d:3a:b8:ef:94:4d:
65:72:d1:fe
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgICAwswDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
OTYwRTdBRjExMC8GA1UEBRMoMUY0REI5QUM2QjYzMTA4QTE5QkRDREJFRUNGRjQ0
OTg0MkM4RDZBMDAeFw0yMzA3MjAwODA3NTBaFw0yNjA3MzEwODA3NTBaMBgxFjAU
BgNVBAMTDTY0YjhlYjVhLWE4Y2QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDqm/3PKwXNRXT7/q2/HJPj+u0HV2MJw/Vxelvi9G+E88uvDjfWOBCpuhh0
AWqF7ybkCwt28NAgG77lv33ezCk8YcvuJ+nFnc89osS6PMyhCgJrJuBl5ODqkVmM
ejSDqEyfl+A9aVfl77vZm3s8ZxM8LgBYlD4YArGFSEVP6uAyPm6dDPJll42/faxy
8RgHkTZcrBBzT2Gd6brUem8Lrh/KpNudpPbOBXeU0d2MI5m+c/kFmSFa6teQazTf
qMajytv3TPmzBwqG33u6k6MP4uW5uSbcIIHvGMWmjb5tdokhbhKgo3q8nv2U2/3/
bGpONSXuWfS5Vugbo8M70gZj8hjdAgMBAAGjggK0MIICsDAdBgNVHQ4EFgQUBlrE
6lGDmpFS19qEAIgtNhQRY8YwHwYDVR0jBBgwFoAUH025rGtjEIoZvc2+7P9EmELI
1qAwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjk2MEU3LzFDMEFFNjNFRUI3NzExRUI4MERFN0MxRUQ4QTAxNENFL0gwMjVy
R3RqRUlvWnZjMi03UDlFbUVMSTFxQS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0gwMjVyR3RqRUlvWnZjMi03UDlFbUVMSTFxQS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjk2MEU3LzFDMEFFNjNFRUI3NzExRUI4MERFN0MxRUQ4
QTAxNENFLzg3M0U2OUE0MjZENDExRUU4MDgyNTEyMzRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBAJm3BAwDQQCAAIwBwMFACwP
TgAwDQYJKoZIhvcNAQELBQADggEBAJWz0gWbqBcNDu64k8VNqt1uXpsqGWdikhEa
5FK76U9J/9045S9cPvGkZbCvEC7dLM0YdZCFv2ZaxnvHkBIIZo0XKo91D5vFfGIO
8DDul4InpyXKHeyvK6lre2i9+XoYTIcL29ueUu4jkYltxnWtjt/ZsLVypSuoheCd
eVl7cWllUnGmIPf/ImcfA5YlgS/m75sfC7/y8IXs/EdSI4DLKAQZb5BODTDqA6Fq
QLhaG82XYLZobZ+IU4NGT60zAGxBHGOA8SIzrk09We/Lvbfrj07Ci8le0wjeKd0J
48mG2wdb2fuztq86V9+38LFw/CUTY8CFlHNk1R06uO+UTWVy0f4=
-----END CERTIFICATE-----
Generated at Mon Nov 25 03:00:08 2024 by rpki-client on console-fra.rpki-client.org