Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3696E5F/3DA3D320189711ED8C936BD2F1222468/19101AA867DF11EE812DA3634AD9E6FC.roa
File: 19101AA867DF11EE812DA3634AD9E6FC.roa (raw, json)
Hash identifier: 4JOsUwrnmGuB0KN0k80QhIMQJpbGvmUfXPMXU6YnDiE=
Subject key identifier: 01:4A:4A:57:97:D9:D7:7E:5E:C0:DE:EA:D8:AC:A3:40:75:A5:B1:34
Certificate issuer: /CN=F3696E5FAF/serialNumber=5375CF4CA1643B08C341BDA79D8BE105BDC3C48B
Certificate serial: 01D3
Authority key identifier: 53:75:CF:4C:A1:64:3B:08:C3:41:BD:A7:9D:8B:E1:05:BD:C3:C4:8B
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/U3XPTKFkOwjDQb2nnYvhBb3DxIs.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3696E5F/3DA3D320189711ED8C936BD2F1222468/19101AA867DF11EE812DA3634AD9E6FC.roa
Signing time: Wed 11 Oct 2023 02:37:19 +0000
ROA not before: Wed 11 Oct 2023 02:37:16 +0000
ROA not after: Sat 11 Oct 2025 02:37:16 +0000
asID: 25818
IP address blocks: 102.177.112.0/24 maxlen: 24
2001:4210:200::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3696E5F/3DA3D320189711ED8C936BD2F1222468/U3XPTKFkOwjDQb2nnYvhBb3DxIs.crl
rsync://rpki.afrinic.net/repository/member_repository/F3696E5F/3DA3D320189711ED8C936BD2F1222468/U3XPTKFkOwjDQb2nnYvhBb3DxIs.mft
rsync://rpki.afrinic.net/repository/afrinic/U3XPTKFkOwjDQb2nnYvhBb3DxIs.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 467 (0x1d3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3696E5FAF/serialNumber=5375CF4CA1643B08C341BDA79D8BE105BDC3C48B
Validity
Not Before: Oct 11 02:37:16 2023 GMT
Not After : Oct 11 02:37:16 2025 GMT
Subject: CN=65260a5f-12f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:39:45:05:5c:c7:2a:24:88:f8:a8:42:28:84:
a9:d6:5b:25:67:e5:88:f1:23:05:76:bf:68:79:da:
d8:c3:15:6a:be:6d:a9:8b:54:17:d7:fb:ab:ea:0f:
d9:a3:5a:2d:f3:fc:45:3f:f4:55:21:18:d9:a8:d7:
31:0a:5c:cf:d5:ca:5e:6d:7e:e1:85:78:ec:1b:86:
f4:b6:36:fc:1a:b0:78:96:59:76:65:71:c2:3b:c5:
0b:36:28:3c:3e:c8:52:d3:c0:02:ba:d2:47:ba:fd:
9f:26:bb:7d:62:09:2e:11:66:ab:21:70:b4:8e:df:
1e:4a:2b:87:e2:2f:c9:3d:59:bf:fc:94:cd:52:54:
05:41:ae:53:24:9d:20:51:35:0d:29:15:aa:8f:01:
92:14:46:eb:cb:d3:7a:65:c3:4d:0c:8e:9e:00:6a:
f7:a3:66:92:1a:fc:85:37:87:30:dc:65:7b:b7:a8:
b2:96:83:20:9a:83:88:15:e2:bf:00:1c:0c:a2:63:
22:7a:7b:c9:cc:51:4e:ad:95:37:a7:8b:71:a5:0f:
b5:66:6d:b3:cb:79:92:f7:10:bc:e4:ae:81:87:86:
c2:ad:a2:c9:9c:17:28:e6:ea:9b:32:0d:89:ca:d0:
0d:af:1d:39:63:48:70:c0:e1:01:65:b8:45:61:1e:
6e:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:4A:4A:57:97:D9:D7:7E:5E:C0:DE:EA:D8:AC:A3:40:75:A5:B1:34
X509v3 Authority Key Identifier:
keyid:53:75:CF:4C:A1:64:3B:08:C3:41:BD:A7:9D:8B:E1:05:BD:C3:C4:8B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3696E5F/3DA3D320189711ED8C936BD2F1222468/U3XPTKFkOwjDQb2nnYvhBb3DxIs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/U3XPTKFkOwjDQb2nnYvhBb3DxIs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3696E5F/3DA3D320189711ED8C936BD2F1222468/19101AA867DF11EE812DA3634AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.177.112.0/24
IPv6:
2001:4210:200::/40
Signature Algorithm: sha256WithRSAEncryption
05:89:15:35:33:f8:cb:fb:f1:9f:61:55:78:52:ae:7b:1f:90:
3b:ce:71:bb:73:5a:5f:68:64:f4:96:e4:5b:31:0e:7b:10:eb:
4d:13:63:37:d5:f8:a0:75:37:7b:6d:f1:7d:cd:02:99:06:0d:
db:26:e9:5b:f1:79:b5:39:9c:06:bd:54:79:bf:44:27:d2:1d:
be:ea:55:61:59:b7:0c:1c:8e:0a:fb:fb:e8:73:9d:87:ef:b7:
3a:d4:f4:a6:a4:af:10:19:d7:7d:a0:bb:57:c2:c0:96:11:1c:
30:66:47:70:08:d2:e6:d0:9c:2d:7d:19:b9:ac:4b:e2:ee:3a:
23:16:5b:ee:9e:29:f6:22:3f:91:1f:a5:9e:a9:eb:da:5a:eb:
bb:3a:ab:d1:63:fb:5f:0c:12:bf:e2:d2:45:16:5f:d8:6d:80:
3c:60:ce:88:ff:26:d9:de:d0:4f:32:39:4f:9a:c8:cc:3d:4a:
47:17:17:c9:90:60:06:6c:47:12:cc:7a:66:8d:90:54:e4:0b:
72:b8:67:48:d5:45:35:f8:6e:e3:d2:0b:80:21:1f:05:ee:4b:
c3:c3:75:a3:33:6a:f3:b9:9f:34:20:08:e3:b6:7b:6b:7f:e9:
50:9e:97:51:e0:f6:5b:35:2d:2a:03:df:5a:8d:79:c3:d7:57:
d9:20:41:b4
-----BEGIN CERTIFICATE-----
MIIFkzCCBHugAwIBAgICAdMwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
OTZFNUZBRjExMC8GA1UEBRMoNTM3NUNGNENBMTY0M0IwOEMzNDFCREE3OUQ4QkUx
MDVCREMzQzQ4QjAeFw0yMzEwMTEwMjM3MTZaFw0yNTEwMTEwMjM3MTZaMBgxFjAU
BgNVBAMTDTY1MjYwYTVmLTEyZjYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDjOUUFXMcqJIj4qEIohKnWWyVn5YjxIwV2v2h52tjDFWq+bamLVBfX+6vq
D9mjWi3z/EU/9FUhGNmo1zEKXM/Vyl5tfuGFeOwbhvS2NvwasHiWWXZlccI7xQs2
KDw+yFLTwAK60ke6/Z8mu31iCS4RZqshcLSO3x5KK4fiL8k9Wb/8lM1SVAVBrlMk
nSBRNQ0pFaqPAZIURuvL03plw00Mjp4AavejZpIa/IU3hzDcZXu3qLKWgyCag4gV
4r8AHAyiYyJ6e8nMUU6tlTeni3GlD7VmbbPLeZL3ELzkroGHhsKtosmcFyjm6psy
DYnK0A2vHTljSHDA4QFluEVhHm4FAgMBAAGjggK1MIICsTAdBgNVHQ4EFgQUAUpK
V5fZ135ewN7q2KyjQHWlsTQwHwYDVR0jBBgwFoAUU3XPTKFkOwjDQb2nnYvhBb3D
xIswDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjk2RTVGLzNEQTNEMzIwMTg5NzExRUQ4QzkzNkJEMkYxMjIyNDY4L1UzWFBU
S0ZrT3dqRFFiMm5uWXZoQmIzRHhJcy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL1UzWFBUS0ZrT3dqRFFiMm5uWXZoQmIzRHhJcy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjk2RTVGLzNEQTNEMzIwMTg5NzExRUQ4QzkzNkJEMkYx
MjIyNDY4LzE5MTAxQUE4NjdERjExRUU4MTJEQTM2MzRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwLwYIKwYBBQUHAQcBAf8EIDAeMAwEAgABMAYDBABmsXAwDgQCAAIwCAMGACAB
QhACMA0GCSqGSIb3DQEBCwUAA4IBAQAFiRU1M/jL+/GfYVV4Uq57H5A7znG7c1pf
aGT0luRbMQ57EOtNE2M31figdTd7bfF9zQKZBg3bJulb8Xm1OZwGvVR5v0Qn0h2+
6lVhWbcMHI4K+/voc52H77c61PSmpK8QGdd9oLtXwsCWERwwZkdwCNLm0JwtfRm5
rEvi7jojFlvunin2Ij+RH6WeqevaWuu7OqvRY/tfDBK/4tJFFl/YbYA8YM6I/ybZ
3tBPMjlPmsjMPUpHFxfJkGAGbEcSzHpmjZBU5AtyuGdI1UU1+G7j0guAIR8F7kvD
w3WjM2rzuZ80IAjjtntrf+lQnpdR4PZbNS0qA99ajXnD11fZIEG0
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:52:57 2024 by rpki-client on console-fra.rpki-client.org