Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36AB1CD/9D49B92681BC11EA92D8485EF8AEA228/58CF41A4242311EFA6295A127DDC24C2.roa
File: 58CF41A4242311EFA6295A127DDC24C2.roa (raw, json)
Hash identifier: 9yt3mh2YCV1obwPNsEwKxTI4O8MtjgaSHUx+YACzWDs=
Subject key identifier: 36:7E:EA:56:5E:F3:E0:F5:9B:7F:D1:56:83:4A:FA:23:B5:F8:17:DE
Certificate issuer: /CN=F36AB1CDAF/serialNumber=35EC3294282FA7A35478F82F9094B03FE2606FB6
Certificate serial: 0617
Authority key identifier: 35:EC:32:94:28:2F:A7:A3:54:78:F8:2F:90:94:B0:3F:E2:60:6F:B6
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/NewylCgvp6NUePgvkJSwP-Jgb7Y.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36AB1CD/9D49B92681BC11EA92D8485EF8AEA228/58CF41A4242311EFA6295A127DDC24C2.roa
Signing time: Thu 06 Jun 2024 16:39:30 +0000
ROA not before: Thu 06 Jun 2024 16:39:26 +0000
ROA not after: Sat 06 Jun 2026 16:39:26 +0000
asID: 328266
IP address blocks: 102.135.240.0/21 maxlen: 24
102.208.236.0/22 maxlen: 24
102.216.76.0/22 maxlen: 24
2c0f:ef18::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36AB1CD/9D49B92681BC11EA92D8485EF8AEA228/NewylCgvp6NUePgvkJSwP-Jgb7Y.crl
rsync://rpki.afrinic.net/repository/member_repository/F36AB1CD/9D49B92681BC11EA92D8485EF8AEA228/NewylCgvp6NUePgvkJSwP-Jgb7Y.mft
rsync://rpki.afrinic.net/repository/afrinic/NewylCgvp6NUePgvkJSwP-Jgb7Y.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1559 (0x617)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36AB1CDAF/serialNumber=35EC3294282FA7A35478F82F9094B03FE2606FB6
Validity
Not Before: Jun 6 16:39:26 2024 GMT
Not After : Jun 6 16:39:26 2026 GMT
Subject: CN=6661e642-186d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:1f:8f:84:11:01:0e:17:d1:1a:4e:bf:30:5f:
04:f4:bd:76:93:65:e8:91:cc:8d:90:37:88:52:05:
fa:e7:8d:c4:72:81:05:dd:b3:35:75:19:73:ee:b5:
ba:63:99:18:2a:10:86:ff:2d:fc:28:de:23:bd:11:
eb:4e:9a:9b:a5:09:82:08:a6:4f:9c:b7:d1:9a:f4:
d5:89:84:c7:81:64:61:55:c0:ae:22:bd:0d:6f:b3:
e1:db:9a:3e:54:a5:bc:e7:94:c9:64:9f:45:88:48:
f6:7e:95:a1:70:e4:f4:ab:12:40:e1:c1:2d:26:81:
0f:90:55:d0:4c:e6:fc:76:7d:78:6d:b4:4d:6e:49:
93:f1:41:de:80:15:35:31:0c:57:f7:6a:2c:3d:11:
07:27:05:0e:5b:bf:72:6f:6a:f2:96:0a:e3:a0:9c:
b7:1c:7e:c8:dd:52:45:26:f8:7d:c0:3f:b4:0a:4f:
8e:cc:44:c0:e8:76:56:48:b5:e6:27:28:c0:08:a3:
d9:98:ae:ea:b2:ae:d4:19:37:80:13:af:21:c3:65:
f3:bb:16:a4:d9:3f:c7:9d:ca:91:f1:e3:16:6a:34:
f0:7f:d0:a1:ae:97:b3:21:ef:09:38:c5:7e:e7:0b:
dc:d2:d6:e9:c6:68:bd:92:ea:02:cd:6a:99:77:f3:
f2:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:7E:EA:56:5E:F3:E0:F5:9B:7F:D1:56:83:4A:FA:23:B5:F8:17:DE
X509v3 Authority Key Identifier:
keyid:35:EC:32:94:28:2F:A7:A3:54:78:F8:2F:90:94:B0:3F:E2:60:6F:B6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36AB1CD/9D49B92681BC11EA92D8485EF8AEA228/NewylCgvp6NUePgvkJSwP-Jgb7Y.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/NewylCgvp6NUePgvkJSwP-Jgb7Y.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36AB1CD/9D49B92681BC11EA92D8485EF8AEA228/58CF41A4242311EFA6295A127DDC24C2.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.135.240.0/21
102.208.236.0/22
102.216.76.0/22
IPv6:
2c0f:ef18::/32
Signature Algorithm: sha256WithRSAEncryption
2b:83:51:7d:64:dc:9a:86:c7:1b:ea:b4:f6:07:6d:04:df:77:
18:d0:0b:91:2f:8a:a3:48:40:6b:2d:98:cf:5a:48:9e:e5:8a:
57:2e:c6:04:ff:a1:06:21:ff:b8:05:8e:d7:29:88:4b:8d:4b:
1d:ba:11:9d:cf:4d:2f:88:50:2b:de:f1:7d:83:96:47:ea:7b:
8d:88:36:e0:67:c5:a5:bc:3a:1d:16:f8:a2:42:1b:43:c3:26:
ec:7b:e1:b5:0d:ac:f6:4b:a7:32:a9:93:9f:54:56:8f:c6:f3:
06:6a:20:47:67:11:32:c4:b2:1d:87:67:9a:b5:4a:71:5c:96:
58:c1:64:f9:b0:c9:18:0c:3a:d7:29:c5:6f:2d:ae:b7:52:6a:
9f:3d:0a:04:88:ee:7c:41:94:99:c4:a2:8d:f4:51:7c:74:ae:
74:04:c9:db:3b:b1:34:41:42:70:0e:72:b0:3f:3c:32:26:5a:
ec:99:11:f4:1a:9f:bb:f9:7f:72:1a:bc:dc:c0:90:7f:13:9a:
0a:f1:cd:95:ef:8d:65:43:17:ab:ce:07:67:a0:8d:62:14:b7:
1e:47:17:0e:2f:e1:53:7c:97:73:20:fe:26:04:72:a3:8d:9e:
1e:0e:52:46:39:18:31:c6:f4:ef:1f:de:6a:bd:df:9b:a8:1c:
f5:28:03:77
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgICBhcwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
QUIxQ0RBRjExMC8GA1UEBRMoMzVFQzMyOTQyODJGQTdBMzU0NzhGODJGOTA5NEIw
M0ZFMjYwNkZCNjAeFw0yNDA2MDYxNjM5MjZaFw0yNjA2MDYxNjM5MjZaMBgxFjAU
BgNVBAMTDTY2NjFlNjQyLTE4NmQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCpH4+EEQEOF9EaTr8wXwT0vXaTZeiRzI2QN4hSBfrnjcRygQXdszV1GXPu
tbpjmRgqEIb/Lfwo3iO9EetOmpulCYIIpk+ct9Ga9NWJhMeBZGFVwK4ivQ1vs+Hb
mj5UpbznlMlkn0WISPZ+laFw5PSrEkDhwS0mgQ+QVdBM5vx2fXhttE1uSZPxQd6A
FTUxDFf3aiw9EQcnBQ5bv3JvavKWCuOgnLccfsjdUkUm+H3AP7QKT47MRMDodlZI
teYnKMAIo9mYruqyrtQZN4ATryHDZfO7FqTZP8edypHx4xZqNPB/0KGul7Mh7wk4
xX7nC9zS1unGaL2S6gLNapl38/JFAgMBAAGjggLAMIICvDAdBgNVHQ4EFgQUNn7q
Vl7z4PWbf9FWg0r6I7X4F94wHwYDVR0jBBgwFoAUNewylCgvp6NUePgvkJSwP+Jg
b7YwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkFCMUNELzlENDlCOTI2ODFCQzExRUE5MkQ4NDg1RUY4QUVBMjI4L05ld3ls
Q2d2cDZOVWVQZ3ZrSlN3UC1KZ2I3WS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL05ld3lsQ2d2cDZOVWVQZ3ZrSlN3UC1KZ2I3WS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkFCMUNELzlENDlCOTI2ODFCQzExRUE5MkQ4NDg1RUY4
QUVBMjI4LzU4Q0Y0MUE0MjQyMzExRUZBNjI5NUExMjdEREMyNEMyLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwOgYIKwYBBQUHAQcBAf8EKzApMBgEAgABMBIDBANmh/ADBAJm0OwDBAJm2Eww
DQQCAAIwBwMFACwP7xgwDQYJKoZIhvcNAQELBQADggEBACuDUX1k3JqGxxvqtPYH
bQTfdxjQC5EviqNIQGstmM9aSJ7lilcuxgT/oQYh/7gFjtcpiEuNSx26EZ3PTS+I
UCve8X2Dlkfqe42INuBnxaW8Oh0W+KJCG0PDJux74bUNrPZLpzKpk59UVo/G8wZq
IEdnETLEsh2HZ5q1SnFclljBZPmwyRgMOtcpxW8trrdSap89CgSI7nxBlJnEoo30
UXx0rnQEyds7sTRBQnAOcrA/PDImWuyZEfQan7v5f3IavNzAkH8TmgrxzZXvjWVD
F6vOB2egjWIUtx5HFw4v4VN8l3Mg/iYEcqONnh4OUkY5GDHG9O8f3mq935uoHPUo
A3c=
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:10:14 2024 by rpki-client on console-fra.rpki-client.org