Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3696E5F/3DA3D320189711ED8C936BD2F1222468/C21B651267DF11EE943796654AD9E6FC.roa
File: C21B651267DF11EE943796654AD9E6FC.roa (raw, json)
Hash identifier: JoM2f/YVd2Hwzfl86NLf3bbIUBYiG9ZjBtv9OLitU2w=
Subject key identifier: E1:36:3F:28:6E:32:AF:11:84:E5:7C:12:D5:FB:41:80:18:48:87:3B
Certificate issuer: /CN=F3696E5FAF/serialNumber=5375CF4CA1643B08C341BDA79D8BE105BDC3C48B
Certificate serial: 01D5
Authority key identifier: 53:75:CF:4C:A1:64:3B:08:C3:41:BD:A7:9D:8B:E1:05:BD:C3:C4:8B
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/U3XPTKFkOwjDQb2nnYvhBb3DxIs.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3696E5F/3DA3D320189711ED8C936BD2F1222468/C21B651267DF11EE943796654AD9E6FC.roa
Signing time: Wed 11 Oct 2023 02:42:03 +0000
ROA not before: Wed 11 Oct 2023 02:41:59 +0000
ROA not after: Fri 11 Oct 2030 02:41:59 +0000
asID: 25818
IP address blocks: 102.64.104.0/24 maxlen: 24
2001:4210:e00::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3696E5F/3DA3D320189711ED8C936BD2F1222468/U3XPTKFkOwjDQb2nnYvhBb3DxIs.crl
rsync://rpki.afrinic.net/repository/member_repository/F3696E5F/3DA3D320189711ED8C936BD2F1222468/U3XPTKFkOwjDQb2nnYvhBb3DxIs.mft
rsync://rpki.afrinic.net/repository/afrinic/U3XPTKFkOwjDQb2nnYvhBb3DxIs.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 469 (0x1d5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3696E5FAF/serialNumber=5375CF4CA1643B08C341BDA79D8BE105BDC3C48B
Validity
Not Before: Oct 11 02:41:59 2023 GMT
Not After : Oct 11 02:41:59 2030 GMT
Subject: CN=65260b7b-78b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:47:f7:31:22:ad:8a:1b:cc:4e:a9:76:2f:4d:
4f:ec:b5:0d:c5:cf:e5:ed:5b:0e:1d:f0:4a:29:54:
03:05:74:22:60:c2:e6:8e:12:de:37:b9:d3:08:08:
14:4c:31:01:eb:de:2d:13:b2:9e:5c:c0:87:e8:64:
2a:0a:89:e3:bd:a7:4f:5c:82:f0:e7:ed:65:dc:bc:
81:95:21:2d:d4:da:d2:c1:4d:74:bf:54:d5:99:cc:
2c:68:40:35:83:fe:4b:d5:87:d9:5f:da:34:17:69:
30:59:7a:5d:9a:3f:fc:48:8c:62:43:b2:13:06:49:
aa:c8:c7:ce:70:0d:03:52:0c:29:66:0d:27:02:d5:
55:4a:52:ec:50:af:98:8a:19:b5:04:1f:30:f7:04:
9c:eb:3b:e8:d0:78:ca:7b:2c:8f:74:46:55:fa:b3:
56:c5:96:ac:85:07:07:ed:ac:3c:a6:59:50:cf:15:
ad:e4:8d:00:4d:c4:43:0e:0a:29:7e:e5:ec:41:bd:
99:99:51:85:d4:9e:ba:6f:f6:6c:7b:2e:22:a5:24:
78:a9:8c:67:be:8b:81:e7:0c:03:26:48:32:56:e5:
57:32:b5:ae:31:fb:de:1f:01:01:aa:9a:83:84:60:
13:5b:93:f9:71:ff:7f:b0:21:86:c3:79:06:20:cc:
d8:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:36:3F:28:6E:32:AF:11:84:E5:7C:12:D5:FB:41:80:18:48:87:3B
X509v3 Authority Key Identifier:
keyid:53:75:CF:4C:A1:64:3B:08:C3:41:BD:A7:9D:8B:E1:05:BD:C3:C4:8B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3696E5F/3DA3D320189711ED8C936BD2F1222468/U3XPTKFkOwjDQb2nnYvhBb3DxIs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/U3XPTKFkOwjDQb2nnYvhBb3DxIs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3696E5F/3DA3D320189711ED8C936BD2F1222468/C21B651267DF11EE943796654AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.64.104.0/24
IPv6:
2001:4210:e00::/40
Signature Algorithm: sha256WithRSAEncryption
18:b0:87:f9:1c:30:38:9d:96:43:26:6b:21:5c:21:c3:b3:d0:
58:49:1d:2e:f9:80:b6:e5:26:3a:ab:20:48:e7:4a:a6:13:71:
b9:8d:6a:39:37:64:40:9a:c3:88:e1:7b:c1:45:ed:e9:80:f4:
ac:48:67:27:0a:e3:ba:73:8d:df:3f:d9:b3:79:f4:d3:4d:a6:
3f:b4:d3:50:9c:02:8c:3f:72:91:79:4c:bc:66:75:20:24:f4:
b0:a0:52:66:2d:a1:e0:b7:0f:0c:42:9c:b1:ea:cf:4f:9d:2a:
c7:43:fc:69:ed:85:3b:7a:41:aa:62:6e:4e:dd:cb:5c:93:bb:
cb:d2:24:c2:56:80:f6:ba:5f:9c:14:dd:e7:8c:b8:7b:c6:61:
c4:bd:5e:f0:8b:be:77:61:88:9c:c1:df:7f:5e:77:e9:8b:a4:
d6:20:40:0d:6a:ca:34:7c:32:f6:ff:0d:09:59:76:77:7a:37:
1b:41:ce:e0:72:6f:a0:4c:de:9d:3b:f3:36:d9:bb:cd:eb:64:
30:53:76:a6:9f:f5:3e:4b:b5:a8:58:1f:03:0b:30:e6:8c:51:
a0:03:65:d7:c7:e4:2c:f4:0f:35:37:64:f4:4b:27:84:09:74:
08:6e:9e:01:19:e4:1a:d7:a8:25:0b:9a:8b:1a:07:37:8e:4c:
01:43:b7:53
-----BEGIN CERTIFICATE-----
MIIFkzCCBHugAwIBAgICAdUwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
OTZFNUZBRjExMC8GA1UEBRMoNTM3NUNGNENBMTY0M0IwOEMzNDFCREE3OUQ4QkUx
MDVCREMzQzQ4QjAeFw0yMzEwMTEwMjQxNTlaFw0zMDEwMTEwMjQxNTlaMBgxFjAU
BgNVBAMTDTY1MjYwYjdiLTc4YjQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDMR/cxIq2KG8xOqXYvTU/stQ3Fz+XtWw4d8EopVAMFdCJgwuaOEt43udMI
CBRMMQHr3i0Tsp5cwIfoZCoKieO9p09cgvDn7WXcvIGVIS3U2tLBTXS/VNWZzCxo
QDWD/kvVh9lf2jQXaTBZel2aP/xIjGJDshMGSarIx85wDQNSDClmDScC1VVKUuxQ
r5iKGbUEHzD3BJzrO+jQeMp7LI90RlX6s1bFlqyFBwftrDymWVDPFa3kjQBNxEMO
Cil+5exBvZmZUYXUnrpv9mx7LiKlJHipjGe+i4HnDAMmSDJW5Vcyta4x+94fAQGq
moOEYBNbk/lx/3+wIYbDeQYgzNh9AgMBAAGjggK1MIICsTAdBgNVHQ4EFgQU4TY/
KG4yrxGE5XwS1ftBgBhIhzswHwYDVR0jBBgwFoAUU3XPTKFkOwjDQb2nnYvhBb3D
xIswDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjk2RTVGLzNEQTNEMzIwMTg5NzExRUQ4QzkzNkJEMkYxMjIyNDY4L1UzWFBU
S0ZrT3dqRFFiMm5uWXZoQmIzRHhJcy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL1UzWFBUS0ZrT3dqRFFiMm5uWXZoQmIzRHhJcy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjk2RTVGLzNEQTNEMzIwMTg5NzExRUQ4QzkzNkJEMkYx
MjIyNDY4L0MyMUI2NTEyNjdERjExRUU5NDM3OTY2NTRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwLwYIKwYBBQUHAQcBAf8EIDAeMAwEAgABMAYDBABmQGgwDgQCAAIwCAMGACAB
QhAOMA0GCSqGSIb3DQEBCwUAA4IBAQAYsIf5HDA4nZZDJmshXCHDs9BYSR0u+YC2
5SY6qyBI50qmE3G5jWo5N2RAmsOI4XvBRe3pgPSsSGcnCuO6c43fP9mzefTTTaY/
tNNQnAKMP3KReUy8ZnUgJPSwoFJmLaHgtw8MQpyx6s9PnSrHQ/xp7YU7ekGqYm5O
3ctck7vL0iTCVoD2ul+cFN3njLh7xmHEvV7wi753YYicwd9/Xnfpi6TWIEANaso0
fDL2/w0JWXZ3ejcbQc7gcm+gTN6dO/M22bvN62QwU3amn/U+S7WoWB8DCzDmjFGg
A2XXx+Qs9A81N2T0SyeECXQIbp4BGeQa16glC5qLGgc3jkwBQ7dT
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:05:15 2024 by rpki-client on console-ams.rpki-client.org