Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36A18AF/B855BBE8628C11EE9EC0747F4AD9E6FC/0F7BCDCC62A111EEB45DC33F4AD9E6FC.roa
File: 0F7BCDCC62A111EEB45DC33F4AD9E6FC.roa (raw, json)
Hash identifier: W3v7z0bD4xDIRe/gW/pbCarC03DpxlFDr91TDGXTVH8=
Subject key identifier: B7:E8:2B:59:DA:DD:96:D6:69:CC:28:9F:2D:3A:0C:90:59:C3:7E:FE
Certificate issuer: /CN=F36A18AFAF/serialNumber=86E8259E43EAF16EF991832E17708993EA2DD57E
Certificate serial: 02
Authority key identifier: 86:E8:25:9E:43:EA:F1:6E:F9:91:83:2E:17:70:89:93:EA:2D:D5:7E
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/huglnkPq8W75kYMuF3CJk-ot1X4.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36A18AF/B855BBE8628C11EE9EC0747F4AD9E6FC/0F7BCDCC62A111EEB45DC33F4AD9E6FC.roa
Signing time: Wed 04 Oct 2023 10:30:38 +0000
ROA not before: Wed 04 Oct 2023 10:30:35 +0000
ROA not after: Sun 03 Oct 2027 10:30:35 +0000
asID: 327861
IP address blocks: 102.141.236.0/22 maxlen: 24
196.13.208.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36A18AF/B855BBE8628C11EE9EC0747F4AD9E6FC/huglnkPq8W75kYMuF3CJk-ot1X4.crl
rsync://rpki.afrinic.net/repository/member_repository/F36A18AF/B855BBE8628C11EE9EC0747F4AD9E6FC/huglnkPq8W75kYMuF3CJk-ot1X4.mft
rsync://rpki.afrinic.net/repository/afrinic/huglnkPq8W75kYMuF3CJk-ot1X4.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36A18AFAF/serialNumber=86E8259E43EAF16EF991832E17708993EA2DD57E
Validity
Not Before: Oct 4 10:30:35 2023 GMT
Not After : Oct 3 10:30:35 2027 GMT
Subject: CN=651d3ece-75f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:f7:3b:09:24:c0:b7:81:2e:67:28:06:3f:c6:
f9:3f:b3:98:56:6d:5f:a2:34:e5:ef:e5:ea:c2:77:
fe:4a:7f:e7:6e:eb:41:08:38:0e:c2:dd:1d:58:73:
ab:b6:52:4d:a1:33:7e:b3:ae:30:eb:f0:67:d5:1f:
76:17:bf:ff:e1:ad:0c:70:ca:6e:11:79:0e:c9:c9:
de:26:f4:52:3a:77:f6:e3:b8:60:84:37:69:4e:b7:
fa:cb:c2:5e:31:2b:31:7d:61:95:1d:53:29:74:a6:
84:73:9e:82:ec:d3:de:78:d8:b1:ea:9c:34:3c:cd:
e4:08:8f:3a:94:3d:03:7f:40:cb:7e:62:29:55:e3:
f0:47:84:4b:90:18:ef:c6:eb:b5:c9:58:3e:ef:cb:
14:92:74:3d:d7:4a:ee:90:1f:7f:af:fc:38:6c:47:
65:0e:8a:98:1c:70:d6:db:a9:c9:f8:87:d1:04:ad:
ce:b7:fc:aa:57:ad:9c:51:85:43:74:a1:63:10:09:
54:3a:ea:31:83:77:a4:42:8c:0c:9e:f1:0c:f9:11:
52:e7:65:4d:de:52:68:4b:0e:67:54:e6:44:3b:83:
f1:46:ae:8e:b1:26:50:78:aa:1f:09:be:d9:e3:ca:
11:9c:1c:e3:9c:ed:82:8c:2c:01:e6:b7:34:1d:b7:
45:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:E8:2B:59:DA:DD:96:D6:69:CC:28:9F:2D:3A:0C:90:59:C3:7E:FE
X509v3 Authority Key Identifier:
keyid:86:E8:25:9E:43:EA:F1:6E:F9:91:83:2E:17:70:89:93:EA:2D:D5:7E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36A18AF/B855BBE8628C11EE9EC0747F4AD9E6FC/huglnkPq8W75kYMuF3CJk-ot1X4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/huglnkPq8W75kYMuF3CJk-ot1X4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36A18AF/B855BBE8628C11EE9EC0747F4AD9E6FC/0F7BCDCC62A111EEB45DC33F4AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.141.236.0/22
196.13.208.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:a6:4b:f7:8a:5f:03:ad:93:f3:cd:2d:44:96:a1:c2:32:7a:
45:3f:36:07:41:cf:b1:96:5c:b8:db:2f:a8:46:3f:be:5d:f3:
b7:19:5e:7c:43:98:76:ac:1e:3b:e6:f5:bd:43:b6:b7:af:cc:
76:6c:12:f4:17:e9:37:3f:fd:29:28:6e:41:b7:06:20:24:35:
6f:46:19:fb:7e:78:b2:f4:d4:ee:0d:99:7d:dd:a1:80:d0:87:
95:29:b8:2c:51:5d:4c:e8:69:f0:0c:07:46:42:21:89:84:7b:
f7:31:75:a2:d1:c9:ca:17:d4:8e:dd:68:37:e4:50:8c:b6:ae:
59:f9:9d:58:b3:9b:8d:f5:cd:23:59:80:fb:92:3a:9b:5f:68:
2a:20:1d:32:68:69:cc:f6:1d:33:df:47:35:6d:f1:dc:85:a7:
14:db:9f:10:5a:37:98:2f:48:7f:25:bb:d0:22:93:32:a8:da:
39:e8:86:be:d9:84:1c:d8:46:3b:89:8f:10:e3:9e:1b:7a:d9:
68:4f:6f:ad:89:95:12:68:9e:8b:82:40:e0:32:4e:90:99:61:
84:e2:1d:1a:3d:cb:9a:2e:1e:1b:32:a8:52:56:35:bb:ee:60:
55:58:1f:d4:90:c9:f2:cd:97:f9:d9:49:08:67:d4:77:f3:a1:
64:b7:aa:31
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZB
MThBRkFGMTEwLwYDVQQFEyg4NkU4MjU5RTQzRUFGMTZFRjk5MTgzMkUxNzcwODk5
M0VBMkRENTdFMB4XDTIzMTAwNDEwMzAzNVoXDTI3MTAwMzEwMzAzNVowGDEWMBQG
A1UEAxMNNjUxZDNlY2UtNzVmMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ33OwkkwLeBLmcoBj/G+T+zmFZtX6I05e/l6sJ3/kp/527rQQg4DsLdHVhz
q7ZSTaEzfrOuMOvwZ9Ufdhe//+GtDHDKbhF5DsnJ3ib0Ujp39uO4YIQ3aU63+svC
XjErMX1hlR1TKXSmhHOeguzT3njYseqcNDzN5AiPOpQ9A39Ay35iKVXj8EeES5AY
78brtclYPu/LFJJ0PddK7pAff6/8OGxHZQ6KmBxw1tupyfiH0QStzrf8qletnFGF
Q3ShYxAJVDrqMYN3pEKMDJ7xDPkRUudlTd5SaEsOZ1TmRDuD8UaujrEmUHiqHwm+
2ePKEZwc45ztgowsAea3NB23RUsCAwEAAaOCAqswggKnMB0GA1UdDgQWBBS36CtZ
2t2W1mnMKJ8tOgyQWcN+/jAfBgNVHSMEGDAWgBSG6CWeQ+rxbvmRgy4XcImT6i3V
fjAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2QTE4QUYvQjg1NUJCRTg2MjhDMTFFRTlFQzA3NDdGNEFEOUU2RkMvaHVnbG5r
UHE4Vzc1a1lNdUYzQ0prLW90MVg0LmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvaHVnbG5rUHE4Vzc1a1lNdUYzQ0prLW90MVg0LmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2QTE4QUYvQjg1NUJCRTg2MjhDMTFFRTlFQzA3NDdGNEFE
OUU2RkMvMEY3QkNEQ0M2MkExMTFFRUI0NURDMzNGNEFEOUU2RkMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAmaN7AMEAMQN0DANBgkqhkiG
9w0BAQsFAAOCAQEAHaZL94pfA62T880tRJahwjJ6RT82B0HPsZZcuNsvqEY/vl3z
txlefEOYdqweO+b1vUO2t6/MdmwS9BfpNz/9KShuQbcGICQ1b0YZ+354svTU7g2Z
fd2hgNCHlSm4LFFdTOhp8AwHRkIhiYR79zF1otHJyhfUjt1oN+RQjLauWfmdWLOb
jfXNI1mA+5I6m19oKiAdMmhpzPYdM99HNW3x3IWnFNufEFo3mC9IfyW70CKTMqja
OeiGvtmEHNhGO4mPEOOeG3rZaE9vrYmVEmiei4JA4DJOkJlhhOIdGj3Lmi4eGzKo
UlY1u+5gVVgf1JDJ8s2X+dlJCGfUd/OhZLeqMQ==
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:05:18 2024 by rpki-client on console-ams.rpki-client.org