Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36A42DF/9EF3DB824D6311EEA36358814AD9E6FC/63EB76DE4D6411EEB8D5BE834AD9E6FC.roa
File: 63EB76DE4D6411EEB8D5BE834AD9E6FC.roa (raw, json)
Hash identifier: fbwi/jtS6FeTqYdpHpFLvs6qADWyxrzMpo/5QspGOXI=
Subject key identifier: 26:A5:70:E3:B2:3D:8F:BA:02:FE:3A:C7:60:A6:6B:E3:CF:2E:D6:05
Certificate issuer: /CN=F36A42DFAF/serialNumber=9B5668BC13211131DF0ED3EE9C25D3114C54B293
Certificate serial: 02
Authority key identifier: 9B:56:68:BC:13:21:11:31:DF:0E:D3:EE:9C:25:D3:11:4C:54:B2:93
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/m1ZovBMhETHfDtPunCXTEUxUspM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36A42DF/9EF3DB824D6311EEA36358814AD9E6FC/63EB76DE4D6411EEB8D5BE834AD9E6FC.roa
Signing time: Thu 07 Sep 2023 09:53:26 +0000
ROA not before: Thu 07 Sep 2023 09:53:22 +0000
ROA not after: Mon 30 Sep 2030 09:53:22 +0000
asID: 328170
IP address blocks: 102.22.80.0/22 maxlen: 24
102.67.136.0/21 maxlen: 24
102.221.36.0/22 maxlen: 24
2c0f:ed68::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36A42DF/9EF3DB824D6311EEA36358814AD9E6FC/m1ZovBMhETHfDtPunCXTEUxUspM.crl
rsync://rpki.afrinic.net/repository/member_repository/F36A42DF/9EF3DB824D6311EEA36358814AD9E6FC/m1ZovBMhETHfDtPunCXTEUxUspM.mft
rsync://rpki.afrinic.net/repository/afrinic/m1ZovBMhETHfDtPunCXTEUxUspM.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 27 Nov 2024 00:05:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36A42DFAF/serialNumber=9B5668BC13211131DF0ED3EE9C25D3114C54B293
Validity
Not Before: Sep 7 09:53:22 2023 GMT
Not After : Sep 30 09:53:22 2030 GMT
Subject: CN=64f99d96-ab2f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:e5:2c:31:ec:90:92:18:36:fe:6c:50:7a:08:
cb:70:2c:fd:da:83:0a:d5:e2:07:e5:1f:c7:a1:56:
75:ff:dc:52:90:9b:95:13:b2:a7:fa:05:52:18:c3:
f8:63:4b:c5:8f:32:67:e5:62:1e:a8:12:94:65:00:
06:fe:b3:db:e5:90:a1:e8:22:cc:18:ac:07:05:ed:
ee:f9:06:40:f6:d9:5a:a7:f1:23:66:17:a7:a5:b1:
3a:13:2b:0d:ba:3e:21:d9:eb:e7:88:dc:e0:1f:63:
51:f6:58:e7:f3:35:b3:30:d9:e0:38:b2:2f:43:bf:
b0:df:78:ed:34:83:5e:fb:3f:79:09:c8:f2:ce:de:
cc:07:b0:e3:c1:47:26:d1:1a:56:be:38:16:3f:dc:
20:6e:06:43:24:8e:de:6d:63:fe:c2:ce:97:19:9a:
00:e3:54:c4:11:13:7a:f9:5e:3c:c5:4b:36:fb:94:
93:d6:13:f6:fc:68:0b:21:a7:67:f7:82:7f:5e:72:
1a:80:81:96:60:0e:14:4c:a6:e9:a7:0a:88:a8:d1:
9f:c5:e0:9b:b9:61:96:de:bd:f1:1c:e8:fa:fe:fb:
9c:7c:35:14:43:49:3a:fd:91:2a:f1:d8:5f:28:8f:
c8:43:97:e5:53:cd:b0:d3:d2:02:49:0e:79:70:73:
fc:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:A5:70:E3:B2:3D:8F:BA:02:FE:3A:C7:60:A6:6B:E3:CF:2E:D6:05
X509v3 Authority Key Identifier:
keyid:9B:56:68:BC:13:21:11:31:DF:0E:D3:EE:9C:25:D3:11:4C:54:B2:93
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36A42DF/9EF3DB824D6311EEA36358814AD9E6FC/m1ZovBMhETHfDtPunCXTEUxUspM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/m1ZovBMhETHfDtPunCXTEUxUspM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36A42DF/9EF3DB824D6311EEA36358814AD9E6FC/63EB76DE4D6411EEB8D5BE834AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.22.80.0/22
102.67.136.0/21
102.221.36.0/22
IPv6:
2c0f:ed68::/32
Signature Algorithm: sha256WithRSAEncryption
4c:ab:3e:62:10:93:a9:26:f5:32:d3:33:90:eb:d6:e1:bc:f6:
20:41:b9:89:1c:ae:95:9b:4d:ad:18:12:81:6a:b6:2f:38:f1:
57:72:27:ca:b8:19:83:50:aa:61:b3:c3:8c:53:cf:d2:69:9d:
72:42:b5:74:63:bd:12:fd:1d:04:c0:ef:b7:f6:71:51:ce:99:
e7:f3:2a:53:53:bf:57:04:9a:43:f7:b5:29:82:0e:f5:b2:5c:
51:d1:5b:08:01:9f:0d:3d:c8:c8:72:47:a9:37:fb:7a:d4:9a:
d3:cc:39:fe:3b:52:25:56:2b:2a:f3:d2:59:69:f8:36:cc:57:
ba:fb:aa:a8:48:1b:34:0b:a4:40:f3:bd:07:4d:6d:9d:35:02:
62:3b:79:32:03:4f:58:4d:10:d1:52:87:ec:8a:7b:ef:a3:a1:
36:64:dc:85:f6:7f:b9:75:f8:c8:83:bd:a4:2f:47:98:e4:6d:
1a:d6:da:1e:42:00:52:cd:80:a2:dc:b7:2f:e7:95:c7:cd:07:
3d:89:4e:ea:0b:1e:8b:e0:0c:af:aa:9c:b0:76:82:4b:77:d2:
8b:27:2e:25:14:40:9d:3f:34:61:59:66:c9:7c:ec:24:c1:08:
92:a4:d8:d8:92:ca:48:4d:e2:71:88:03:0b:e7:cc:cf:04:f6:
1b:7c:8c:9e
-----BEGIN CERTIFICATE-----
MIIFnTCCBIWgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZB
NDJERkFGMTEwLwYDVQQFEyg5QjU2NjhCQzEzMjExMTMxREYwRUQzRUU5QzI1RDMx
MTRDNTRCMjkzMB4XDTIzMDkwNzA5NTMyMloXDTMwMDkzMDA5NTMyMlowGDEWMBQG
A1UEAxMNNjRmOTlkOTYtYWIyZjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALTlLDHskJIYNv5sUHoIy3As/dqDCtXiB+Ufx6FWdf/cUpCblROyp/oFUhjD
+GNLxY8yZ+ViHqgSlGUABv6z2+WQoegizBisBwXt7vkGQPbZWqfxI2YXp6WxOhMr
Dbo+Idnr54jc4B9jUfZY5/M1szDZ4DiyL0O/sN947TSDXvs/eQnI8s7ezAew48FH
JtEaVr44Fj/cIG4GQySO3m1j/sLOlxmaAONUxBETevlePMVLNvuUk9YT9vxoCyGn
Z/eCf15yGoCBlmAOFEym6acKiKjRn8Xgm7lhlt698Rzo+v77nHw1FENJOv2RKvHY
XyiPyEOX5VPNsNPSAkkOeXBz/LMCAwEAAaOCAsAwggK8MB0GA1UdDgQWBBQmpXDj
sj2PugL+Osdgpmvjzy7WBTAfBgNVHSMEGDAWgBSbVmi8EyERMd8O0+6cJdMRTFSy
kzAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2QTQyREYvOUVGM0RCODI0RDYzMTFFRUEzNjM1ODgxNEFEOUU2RkMvbTFab3ZC
TWhFVEhmRHRQdW5DWFRFVXhVc3BNLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvbTFab3ZCTWhFVEhmRHRQdW5DWFRFVXhVc3BNLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2QTQyREYvOUVGM0RCODI0RDYzMTFFRUEzNjM1ODgxNEFE
OUU2RkMvNjNFQjc2REU0RDY0MTFFRUI4RDVCRTgzNEFEOUU2RkMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDA6BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEAmYWUAMEA2ZDiAMEAmbdJDAN
BAIAAjAHAwUALA/taDANBgkqhkiG9w0BAQsFAAOCAQEATKs+YhCTqSb1MtMzkOvW
4bz2IEG5iRyulZtNrRgSgWq2LzjxV3InyrgZg1CqYbPDjFPP0mmdckK1dGO9Ev0d
BMDvt/ZxUc6Z5/MqU1O/VwSaQ/e1KYIO9bJcUdFbCAGfDT3IyHJHqTf7etSa08w5
/jtSJVYrKvPSWWn4NsxXuvuqqEgbNAukQPO9B01tnTUCYjt5MgNPWE0Q0VKH7Ip7
76OhNmTchfZ/uXX4yIO9pC9HmORtGtbaHkIAUs2Aoty3L+eVx80HPYlO6gsei+AM
r6qcsHaCS3fSiycuJRRAnT80YVlmyXzsJMEIkqTY2JLKSE3icYgDC+fMzwT2G3yM
ng==
-----END CERTIFICATE-----
Generated at Mon Nov 25 04:54:25 2024 by rpki-client on console-fra.rpki-client.org