Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36A4459/CDD74D762D1B11EDBE00888BF1222468/C59A0A6C2D1C11EDB02E0A8EF1222468.roa
File: C59A0A6C2D1C11EDB02E0A8EF1222468.roa (raw, json)
Hash identifier: Y1g+dPExFN1MrB2P2z+NSyvwa7SBT+wcu+TZRMMx4+8=
Subject key identifier: 76:8C:FE:54:6D:32:87:78:FB:59:4A:95:60:5B:D9:08:40:F6:94:A5
Certificate issuer: /CN=F36A4459AF/serialNumber=84BC22A14BB5F889BC10A22CF17C9C19B519B288
Certificate serial: 02
Authority key identifier: 84:BC:22:A1:4B:B5:F8:89:BC:10:A2:2C:F1:7C:9C:19:B5:19:B2:88
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/hLwioUu1-Im8EKIs8XycGbUZsog.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36A4459/CDD74D762D1B11EDBE00888BF1222468/C59A0A6C2D1C11EDB02E0A8EF1222468.roa
Signing time: Mon 05 Sep 2022 13:15:12 +0000
ROA not before: Mon 05 Sep 2022 13:15:08 +0000
ROA not after: Sun 05 Sep 2032 13:15:08 +0000
asID: 37638
IP address blocks: 102.222.228.0/24 maxlen: 24
102.222.229.0/24 maxlen: 24
102.222.230.0/24 maxlen: 24
102.222.231.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36A4459/CDD74D762D1B11EDBE00888BF1222468/hLwioUu1-Im8EKIs8XycGbUZsog.crl
rsync://rpki.afrinic.net/repository/member_repository/F36A4459/CDD74D762D1B11EDBE00888BF1222468/hLwioUu1-Im8EKIs8XycGbUZsog.mft
rsync://rpki.afrinic.net/repository/afrinic/hLwioUu1-Im8EKIs8XycGbUZsog.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 30 May 2024 00:04:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36A4459AF/serialNumber=84BC22A14BB5F889BC10A22CF17C9C19B519B288
Validity
Not Before: Sep 5 13:15:08 2022 GMT
Not After : Sep 5 13:15:08 2032 GMT
Subject: CN=6315f660-2d2b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:73:fb:6c:c1:79:94:4e:8b:b2:09:05:23:ef:
6a:f1:89:11:53:ba:0b:a8:be:3c:d0:a9:5c:35:c6:
08:c3:38:11:1a:eb:43:c9:ce:56:9a:2c:74:df:67:
f6:77:bd:a5:37:92:68:82:15:7a:0a:10:b0:b7:14:
eb:33:86:04:f7:ad:ba:88:1b:a8:b3:53:71:a0:06:
a9:f7:54:2d:d0:9a:61:ad:73:69:72:4a:63:c8:f3:
1b:72:aa:0d:37:18:84:1e:94:2a:5a:c1:26:3c:77:
59:b1:aa:35:d1:bc:83:97:82:0f:d9:14:c9:84:53:
36:55:76:00:b3:82:c1:6b:66:82:8b:52:06:27:6b:
e1:a9:7c:17:0f:4c:2a:8a:2e:dd:c4:22:cc:3d:2b:
22:4f:70:2e:94:70:ce:9e:5f:36:a0:a6:3e:3f:f5:
a7:a6:41:7a:f0:32:ee:97:1e:bb:f0:11:a2:60:5f:
2b:c5:e2:bc:eb:77:1f:73:58:f4:25:21:37:77:bc:
2f:5a:69:ab:1c:61:0c:ba:2b:7d:77:87:63:d9:ae:
17:fb:c7:eb:35:03:ae:5e:26:a9:ba:9a:2a:4a:a9:
7e:db:a7:e0:7c:78:14:54:6c:1e:c7:97:2b:d3:8e:
0f:ce:3b:4f:d4:d3:95:b4:b9:70:aa:f9:76:a0:df:
b6:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:8C:FE:54:6D:32:87:78:FB:59:4A:95:60:5B:D9:08:40:F6:94:A5
X509v3 Authority Key Identifier:
keyid:84:BC:22:A1:4B:B5:F8:89:BC:10:A2:2C:F1:7C:9C:19:B5:19:B2:88
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36A4459/CDD74D762D1B11EDBE00888BF1222468/hLwioUu1-Im8EKIs8XycGbUZsog.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/hLwioUu1-Im8EKIs8XycGbUZsog.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36A4459/CDD74D762D1B11EDBE00888BF1222468/C59A0A6C2D1C11EDB02E0A8EF1222468.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.222.228.0/22
Signature Algorithm: sha256WithRSAEncryption
d3:94:8e:8c:82:b3:29:dd:68:81:6b:c7:0c:97:eb:b6:d2:32:
30:81:f0:3b:36:1b:8b:7b:a1:76:45:39:81:91:d0:60:65:ca:
e4:31:e4:02:6a:3d:1a:e1:11:5e:a9:d9:5f:70:b4:e2:21:d9:
e1:05:bc:96:10:2e:33:f5:1f:35:ba:02:18:1f:21:3e:90:b1:
bb:c8:4b:ce:50:54:f3:e1:7f:17:8f:2c:ab:d4:ed:15:92:d2:
fb:f1:ce:1f:fd:58:99:a4:28:74:40:7a:34:26:00:96:dd:c2:
f0:a0:97:ed:41:df:b3:cc:c1:bd:f2:ff:31:e8:31:e6:24:cd:
1a:9a:b7:e7:59:f0:c3:a8:f5:0d:93:ed:0c:c2:cf:1f:02:eb:
47:df:85:cb:f9:89:8f:17:06:3a:50:f5:e6:6d:82:e6:26:30:
b6:55:d4:ca:4c:18:b2:9d:68:33:1f:2d:d1:21:d1:37:8d:41:
c6:9a:3e:15:16:19:63:69:a4:b7:6c:a9:8c:9b:f2:f4:90:4b:
84:b0:85:96:4a:7d:31:82:dc:17:eb:79:fe:69:32:12:7c:a0:
3a:c5:77:bc:26:54:97:d5:5d:4a:e4:a3:1b:23:93:56:39:a8:
c7:3d:bc:39:54:b2:ec:5c:a9:1b:2a:e2:0b:16:71:98:b8:fa:
c6:78:3e:84
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDDApGMzZB
NDQ1OUFGMTEwLwYDVQQFEyg4NEJDMjJBMTRCQjVGODg5QkMxMEEyMkNGMTdDOUMx
OUI1MTlCMjg4MB4XDTIyMDkwNTEzMTUwOFoXDTMyMDkwNTEzMTUwOFowGDEWMBQG
A1UEAwwNNjMxNWY2NjAtMmQyYjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM1z+2zBeZROi7IJBSPvavGJEVO6C6i+PNCpXDXGCMM4ERrrQ8nOVposdN9n
9ne9pTeSaIIVegoQsLcU6zOGBPetuogbqLNTcaAGqfdULdCaYa1zaXJKY8jzG3Kq
DTcYhB6UKlrBJjx3WbGqNdG8g5eCD9kUyYRTNlV2ALOCwWtmgotSBidr4al8Fw9M
Koou3cQizD0rIk9wLpRwzp5fNqCmPj/1p6ZBevAy7pceu/ARomBfK8XivOt3H3NY
9CUhN3e8L1ppqxxhDLorfXeHY9muF/vH6zUDrl4mqbqaKkqpftun4Hx4FFRsHseX
K9OOD847T9TTlbS5cKr5dqDftosCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBR2jP5U
bTKHePtZSpVgW9kIQPaUpTAfBgNVHSMEGDAWgBSEvCKhS7X4ibwQoizxfJwZtRmy
iDAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2QTQ0NTkvQ0RENzRENzYyRDFCMTFFREJFMDA4ODhCRjEyMjI0NjgvaEx3aW9V
dTEtSW04RUtJczhYeWNHYlVac29nLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvaEx3aW9VdTEtSW04RUtJczhYeWNHYlVac29nLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2QTQ0NTkvQ0RENzRENzYyRDFCMTFFREJFMDA4ODhCRjEy
MjI0NjgvQzU5QTBBNkMyRDFDMTFFREIwMkUwQThFRjEyMjI0Njgucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAmbe5DANBgkqhkiG9w0BAQsF
AAOCAQEA05SOjIKzKd1ogWvHDJfrttIyMIHwOzYbi3uhdkU5gZHQYGXK5DHkAmo9
GuERXqnZX3C04iHZ4QW8lhAuM/UfNboCGB8hPpCxu8hLzlBU8+F/F48sq9TtFZLS
+/HOH/1YmaQodEB6NCYAlt3C8KCX7UHfs8zBvfL/Megx5iTNGpq351nww6j1DZPt
DMLPHwLrR9+Fy/mJjxcGOlD15m2C5iYwtlXUykwYsp1oMx8t0SHRN41Bxpo+FRYZ
Y2mkt2ypjJvy9JBLhLCFlkp9MYLcF+t5/mkyEnygOsV3vCZUl9VdSuSjGyOTVjmo
xz28OVSy7FypGyriCxZxmLj6xng+hA==
-----END CERTIFICATE-----
Generated at Tue May 28 04:28:58 2024 by rpki-client on console-ams.rpki-client.org