Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3697B99/11FE3600376011EEA28A212C4AD9E6FC/8331CC34376911EEAA8EFF424AD9E6FC.roa
File: 8331CC34376911EEAA8EFF424AD9E6FC.roa (raw, json)
Hash identifier: 0/Dh/phm1Ej6zfuxxZR9ocsLV8tECuhD2Hfk/8sF7Vo=
Subject key identifier: 10:27:F4:69:0A:55:52:18:91:02:A5:71:3B:50:83:1E:C8:66:53:53
Certificate issuer: /CN=F3697B99AF/serialNumber=B4109BEDC4778727E24E9A377CC617BC07C0A735
Certificate serial: 0D
Authority key identifier: B4:10:9B:ED:C4:77:87:27:E2:4E:9A:37:7C:C6:17:BC:07:C0:A7:35
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/tBCb7cR3hyfiTpo3fMYXvAfApzU.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3697B99/11FE3600376011EEA28A212C4AD9E6FC/8331CC34376911EEAA8EFF424AD9E6FC.roa
Signing time: Thu 10 Aug 2023 10:34:41 +0000
ROA not before: Thu 10 Aug 2023 10:34:37 +0000
ROA not after: Wed 10 Aug 2033 10:34:37 +0000
asID: 328792
IP address blocks: 102.221.52.0/22 maxlen: 22
2c0f:5600::/32 maxlen: 128
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3697B99/11FE3600376011EEA28A212C4AD9E6FC/tBCb7cR3hyfiTpo3fMYXvAfApzU.crl
rsync://rpki.afrinic.net/repository/member_repository/F3697B99/11FE3600376011EEA28A212C4AD9E6FC/tBCb7cR3hyfiTpo3fMYXvAfApzU.mft
rsync://rpki.afrinic.net/repository/afrinic/tBCb7cR3hyfiTpo3fMYXvAfApzU.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 03 Jun 2024 00:05:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13 (0xd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3697B99AF/serialNumber=B4109BEDC4778727E24E9A377CC617BC07C0A735
Validity
Not Before: Aug 10 10:34:37 2023 GMT
Not After : Aug 10 10:34:37 2033 GMT
Subject: CN=64d4bd41-2151
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:48:7d:d5:ca:6e:1d:41:c4:ac:4b:0f:10:fb:
6c:7a:e0:17:38:a6:4a:9c:1c:fb:3a:99:a8:59:13:
af:d9:01:15:18:5e:64:da:c8:6c:a4:c6:b1:99:2c:
d3:b3:83:94:99:af:97:1f:74:55:bb:33:dd:41:16:
68:79:1d:e5:40:28:e4:00:06:b6:c8:53:fb:a4:12:
3d:19:de:0d:bf:24:6e:51:24:e2:5b:aa:2a:4d:8b:
6a:2a:a6:b2:c0:0e:47:8d:4d:80:c8:fa:91:7c:bb:
fa:7e:7f:b1:34:45:d8:ee:6b:51:27:d4:f3:ab:84:
18:fd:f0:fe:e8:f5:e9:15:f7:d2:e9:23:af:ca:dd:
0d:00:a9:10:63:3e:71:b4:48:e2:dc:de:86:39:e4:
55:a3:7a:ea:53:4f:b8:2f:1f:aa:aa:b3:1b:7b:9b:
87:bf:61:66:80:36:6c:24:e8:d9:65:3c:70:7e:ee:
ad:4a:16:81:78:4c:d1:c3:16:18:bc:07:d3:4a:2f:
bd:72:f4:91:32:65:52:dc:00:35:8a:51:b1:dc:5d:
99:bc:c9:4b:4f:ba:33:14:55:b5:bd:64:e7:3a:9c:
aa:25:fe:8c:26:1c:21:a8:b7:c8:83:08:95:39:de:
11:8b:c2:c0:dc:eb:33:4e:4d:9f:71:c4:48:8b:b3:
df:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:27:F4:69:0A:55:52:18:91:02:A5:71:3B:50:83:1E:C8:66:53:53
X509v3 Authority Key Identifier:
keyid:B4:10:9B:ED:C4:77:87:27:E2:4E:9A:37:7C:C6:17:BC:07:C0:A7:35
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3697B99/11FE3600376011EEA28A212C4AD9E6FC/tBCb7cR3hyfiTpo3fMYXvAfApzU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/tBCb7cR3hyfiTpo3fMYXvAfApzU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3697B99/11FE3600376011EEA28A212C4AD9E6FC/8331CC34376911EEAA8EFF424AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.221.52.0/22
IPv6:
2c0f:5600::/32
Signature Algorithm: sha256WithRSAEncryption
04:48:cd:a6:06:ed:ff:b3:9d:32:37:ed:2c:ca:5e:ba:72:3c:
8e:38:95:3b:c0:6c:d9:16:5a:ec:30:24:30:41:27:cd:ab:ec:
f3:78:af:e8:4b:25:16:78:55:09:26:7a:4a:83:4b:23:07:cf:
8a:87:b0:52:bf:d6:98:7d:11:56:a6:8e:f1:d7:41:86:ca:70:
19:ba:1d:9d:e0:17:6f:55:8e:de:65:47:13:4e:56:3d:89:51:
51:a0:2f:15:47:74:17:71:6d:3e:0e:7c:fb:27:5d:9a:76:2c:
d3:82:2a:ac:8f:6b:cf:e6:4c:15:77:f7:3d:1f:1a:a9:7e:0a:
d2:f9:0d:50:35:96:df:d9:42:e1:39:4a:b4:88:60:c4:6c:a7:
dc:e0:05:cd:b4:45:47:fc:62:d1:21:96:80:8d:49:f8:aa:2c:
55:74:f7:d5:af:5c:33:ee:74:e7:d7:e8:e3:b2:f4:5a:69:36:
f6:a3:67:89:ee:c0:d6:a0:80:82:e6:2f:e4:55:65:a0:71:ed:
13:43:f4:cc:fd:d1:85:8a:3b:7c:e1:b1:e9:72:ff:a0:4d:f8:
f8:97:c3:4d:1a:40:a9:2d:78:b1:1f:82:32:66:35:ca:4f:ff:
20:31:4b:fe:e6:89:f6:90:9e:7f:37:da:75:c6:a9:4a:57:04:
f2:2f:45:17
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgIBDTANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY5
N0I5OUFGMTEwLwYDVQQFEyhCNDEwOUJFREM0Nzc4NzI3RTI0RTlBMzc3Q0M2MTdC
QzA3QzBBNzM1MB4XDTIzMDgxMDEwMzQzN1oXDTMzMDgxMDEwMzQzN1owGDEWMBQG
A1UEAxMNNjRkNGJkNDEtMjE1MTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALpIfdXKbh1BxKxLDxD7bHrgFzimSpwc+zqZqFkTr9kBFRheZNrIbKTGsZks
07ODlJmvlx90Vbsz3UEWaHkd5UAo5AAGtshT+6QSPRneDb8kblEk4luqKk2Laiqm
ssAOR41NgMj6kXy7+n5/sTRF2O5rUSfU86uEGP3w/uj16RX30ukjr8rdDQCpEGM+
cbRI4tzehjnkVaN66lNPuC8fqqqzG3ubh79hZoA2bCTo2WU8cH7urUoWgXhM0cMW
GLwH00ovvXL0kTJlUtwANYpRsdxdmbzJS0+6MxRVtb1k5zqcqiX+jCYcIai3yIMI
lTneEYvCwNzrM05Nn3HESIuz308CAwEAAaOCArQwggKwMB0GA1UdDgQWBBQQJ/Rp
ClVSGJECpXE7UIMeyGZTUzAfBgNVHSMEGDAWgBS0EJvtxHeHJ+JOmjd8xhe8B8Cn
NTAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2OTdCOTkvMTFGRTM2MDAzNzYwMTFFRUEyOEEyMTJDNEFEOUU2RkMvdEJDYjdj
UjNoeWZpVHBvM2ZNWVh2QWZBcHpVLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvdEJDYjdjUjNoeWZpVHBvM2ZNWVh2QWZBcHpVLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2OTdCOTkvMTFGRTM2MDAzNzYwMTFFRUEyOEEyMTJDNEFE
OUU2RkMvODMzMUNDMzQzNzY5MTFFRUFBOEVGRjQyNEFEOUU2RkMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAmbdNDANBAIAAjAHAwUALA9W
ADANBgkqhkiG9w0BAQsFAAOCAQEABEjNpgbt/7OdMjftLMpeunI8jjiVO8Bs2RZa
7DAkMEEnzavs83iv6EslFnhVCSZ6SoNLIwfPioewUr/WmH0RVqaO8ddBhspwGbod
neAXb1WO3mVHE05WPYlRUaAvFUd0F3FtPg58+yddmnYs04IqrI9rz+ZMFXf3PR8a
qX4K0vkNUDWW39lC4TlKtIhgxGyn3OAFzbRFR/xi0SGWgI1J+KosVXT31a9cM+50
59fo47L0Wmk29qNnie7A1qCAguYv5FVloHHtE0P0zP3RhYo7fOGx6XL/oE34+JfD
TRpAqS14sR+CMmY1yk//IDFL/uaJ9pCefzfadcapSlcE8i9FFw==
-----END CERTIFICATE-----
Generated at Sat Jun 1 04:07:16 2024 by rpki-client on console-ams.rpki-client.org