Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3697B99/11FE3600376011EEA28A212C4AD9E6FC/F8EEFF3A376611EE889CDB3C4AD9E6FC.roa
File: F8EEFF3A376611EE889CDB3C4AD9E6FC.roa (raw, json)
Hash identifier: c3SWIThhr/4Nh4YdojbRz5///xELn2rF8i4ptv6E9tA=
Subject key identifier: 14:A4:D0:F4:B8:04:E6:09:BD:29:5C:A9:D1:B1:B7:BF:7A:AC:A9:E1
Certificate issuer: /CN=F3697B99AF/serialNumber=B4109BEDC4778727E24E9A377CC617BC07C0A735
Certificate serial: 04
Authority key identifier: B4:10:9B:ED:C4:77:87:27:E2:4E:9A:37:7C:C6:17:BC:07:C0:A7:35
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/tBCb7cR3hyfiTpo3fMYXvAfApzU.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3697B99/11FE3600376011EEA28A212C4AD9E6FC/F8EEFF3A376611EE889CDB3C4AD9E6FC.roa
Signing time: Thu 10 Aug 2023 10:16:30 +0000
ROA not before: Thu 10 Aug 2023 10:16:27 +0000
ROA not after: Wed 10 Aug 2033 10:16:27 +0000
asID: 328792
IP address blocks: 102.221.55.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3697B99/11FE3600376011EEA28A212C4AD9E6FC/tBCb7cR3hyfiTpo3fMYXvAfApzU.crl
rsync://rpki.afrinic.net/repository/member_repository/F3697B99/11FE3600376011EEA28A212C4AD9E6FC/tBCb7cR3hyfiTpo3fMYXvAfApzU.mft
rsync://rpki.afrinic.net/repository/afrinic/tBCb7cR3hyfiTpo3fMYXvAfApzU.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4 (0x4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3697B99AF/serialNumber=B4109BEDC4778727E24E9A377CC617BC07C0A735
Validity
Not Before: Aug 10 10:16:27 2023 GMT
Not After : Aug 10 10:16:27 2033 GMT
Subject: CN=64d4b8fe-3b0f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:ce:e3:a4:4a:d4:75:c2:2c:7a:03:9c:dc:c2:
b9:4c:ee:cd:4b:21:e8:b7:4d:ab:ee:55:3c:46:54:
93:ef:3f:90:a1:6b:18:d4:ae:6e:75:e9:38:8d:d0:
70:db:45:fa:d1:56:f2:33:7f:6b:cd:6b:b0:89:94:
1d:f2:1c:15:32:1f:e6:2b:4d:28:b1:85:2c:f5:43:
c2:28:bf:3e:22:54:cc:d6:35:8b:d8:db:60:a7:55:
00:e8:de:37:3c:a1:ed:1a:79:86:4a:c0:66:64:e8:
eb:8c:dd:0c:36:08:91:d7:4d:84:07:13:fd:72:47:
2c:0b:51:88:20:6d:63:b1:a1:6b:e7:21:f0:a0:19:
02:6b:94:9c:6a:89:59:4c:e2:37:bd:2f:e1:e2:b8:
f8:2f:e5:63:e3:51:9a:f4:67:84:c6:d3:78:0e:1b:
22:1e:06:82:a2:89:7b:12:c5:55:da:10:ef:99:8e:
83:a5:bb:0f:cd:aa:3e:73:6c:2b:8c:ae:51:24:49:
c4:4b:86:01:63:1c:67:04:26:4b:56:ff:eb:66:78:
b6:30:fe:b5:c7:a9:ea:ae:dd:d0:e0:da:aa:88:77:
db:3c:64:4d:42:7b:91:ac:e7:75:f4:2a:a0:11:40:
18:b4:2f:42:20:46:88:94:42:1f:21:93:31:62:8e:
39:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:A4:D0:F4:B8:04:E6:09:BD:29:5C:A9:D1:B1:B7:BF:7A:AC:A9:E1
X509v3 Authority Key Identifier:
keyid:B4:10:9B:ED:C4:77:87:27:E2:4E:9A:37:7C:C6:17:BC:07:C0:A7:35
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3697B99/11FE3600376011EEA28A212C4AD9E6FC/tBCb7cR3hyfiTpo3fMYXvAfApzU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/tBCb7cR3hyfiTpo3fMYXvAfApzU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3697B99/11FE3600376011EEA28A212C4AD9E6FC/F8EEFF3A376611EE889CDB3C4AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.221.55.0/24
Signature Algorithm: sha256WithRSAEncryption
45:0b:5d:45:d5:d7:13:55:50:70:59:bd:02:6d:a3:9f:52:a8:
39:61:49:81:0b:0b:ec:9c:69:a6:d8:0b:de:24:65:eb:de:ba:
b7:79:3a:8f:9a:82:a8:1a:69:ec:04:6c:d2:34:d1:23:7c:2a:
d1:ff:25:6b:a4:fd:c9:e2:cf:02:ef:a7:1a:27:11:69:1e:98:
55:c2:57:52:a5:a7:ee:aa:15:dd:c1:8d:d1:40:9a:7e:5f:12:
8f:d4:b7:09:40:58:bb:1e:29:29:da:b5:ff:32:32:85:3b:c0:
e4:b3:17:fe:cd:a5:d8:0f:da:d1:f9:b4:e2:20:ea:c8:53:83:
1e:dd:49:37:c0:20:2a:38:8b:35:91:43:88:81:3b:c4:20:d0:
62:ae:93:6f:04:ed:ae:fa:ce:87:af:33:f8:be:6b:1a:c5:1f:
b2:be:33:ce:4c:c9:d5:f7:51:41:54:6d:6e:ae:9a:e8:0b:da:
d3:08:bf:46:c4:27:22:fb:4b:57:7c:0b:00:cc:c6:84:48:40:
5e:8c:1d:ce:8d:22:36:af:a0:4e:29:b9:2b:25:bd:b6:86:63:
62:6a:2d:75:4d:ed:38:1d:16:f3:e3:dd:1d:66:32:93:d5:70:
54:02:ac:7c:c1:0f:46:02:43:5c:11:d2:ca:9f:19:87:e0:20:
bb:bc:83:7f
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBBDANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY5
N0I5OUFGMTEwLwYDVQQFEyhCNDEwOUJFREM0Nzc4NzI3RTI0RTlBMzc3Q0M2MTdC
QzA3QzBBNzM1MB4XDTIzMDgxMDEwMTYyN1oXDTMzMDgxMDEwMTYyN1owGDEWMBQG
A1UEAxMNNjRkNGI4ZmUtM2IwZjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALTO46RK1HXCLHoDnNzCuUzuzUsh6LdNq+5VPEZUk+8/kKFrGNSubnXpOI3Q
cNtF+tFW8jN/a81rsImUHfIcFTIf5itNKLGFLPVDwii/PiJUzNY1i9jbYKdVAOje
Nzyh7Rp5hkrAZmTo64zdDDYIkddNhAcT/XJHLAtRiCBtY7Gha+ch8KAZAmuUnGqJ
WUziN70v4eK4+C/lY+NRmvRnhMbTeA4bIh4GgqKJexLFVdoQ75mOg6W7D82qPnNs
K4yuUSRJxEuGAWMcZwQmS1b/62Z4tjD+tcep6q7d0ODaqoh32zxkTUJ7kazndfQq
oBFAGLQvQiBGiJRCHyGTMWKOOZECAwEAAaOCAqUwggKhMB0GA1UdDgQWBBQUpND0
uATmCb0pXKnRsbe/eqyp4TAfBgNVHSMEGDAWgBS0EJvtxHeHJ+JOmjd8xhe8B8Cn
NTAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2OTdCOTkvMTFGRTM2MDAzNzYwMTFFRUEyOEEyMTJDNEFEOUU2RkMvdEJDYjdj
UjNoeWZpVHBvM2ZNWVh2QWZBcHpVLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvdEJDYjdjUjNoeWZpVHBvM2ZNWVh2QWZBcHpVLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2OTdCOTkvMTFGRTM2MDAzNzYwMTFFRUEyOEEyMTJDNEFE
OUU2RkMvRjhFRUZGM0EzNzY2MTFFRTg4OUNEQjNDNEFEOUU2RkMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAGbdNzANBgkqhkiG9w0BAQsF
AAOCAQEARQtdRdXXE1VQcFm9Am2jn1KoOWFJgQsL7JxpptgL3iRl6966t3k6j5qC
qBpp7ARs0jTRI3wq0f8la6T9yeLPAu+nGicRaR6YVcJXUqWn7qoV3cGN0UCafl8S
j9S3CUBYux4pKdq1/zIyhTvA5LMX/s2l2A/a0fm04iDqyFODHt1JN8AgKjiLNZFD
iIE7xCDQYq6TbwTtrvrOh68z+L5rGsUfsr4zzkzJ1fdRQVRtbq6a6Ava0wi/RsQn
IvtLV3wLAMzGhEhAXowdzo0iNq+gTim5KyW9toZjYmotdU3tOB0W8+PdHWYyk9Vw
VAKsfMEPRgJDXBHSyp8Zh+Agu7yDfw==
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:05:15 2024 by rpki-client on console-ams.rpki-client.org