Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36AB1CD/9D49B92681BC11EA92D8485EF8AEA228/C23A27E6584E11ED9522D6D5F1222468.roa
File: C23A27E6584E11ED9522D6D5F1222468.roa (raw, json)
Hash identifier: PY5TzDSQBaRMC5x6uYvJXsZ6g3nVVH+L/3M7MZBvDFU=
Subject key identifier: 3C:BA:60:A1:A2:1D:C7:B6:38:59:6E:68:27:1D:6A:D5:82:63:91:78
Certificate issuer: /CN=F36AB1CDAF/serialNumber=35EC3294282FA7A35478F82F9094B03FE2606FB6
Certificate serial: 03B2
Authority key identifier: 35:EC:32:94:28:2F:A7:A3:54:78:F8:2F:90:94:B0:3F:E2:60:6F:B6
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/NewylCgvp6NUePgvkJSwP-Jgb7Y.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36AB1CD/9D49B92681BC11EA92D8485EF8AEA228/C23A27E6584E11ED9522D6D5F1222468.roa
Signing time: Sun 30 Oct 2022 12:31:21 +0000
ROA not before: Sun 30 Oct 2022 12:31:16 +0000
ROA not after: Thu 31 Oct 2024 12:31:16 +0000
asID: 328266
IP address blocks: 102.135.240.0/21 maxlen: 24
102.216.76.0/22 maxlen: 24
2c0f:ef18::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36AB1CD/9D49B92681BC11EA92D8485EF8AEA228/NewylCgvp6NUePgvkJSwP-Jgb7Y.crl
rsync://rpki.afrinic.net/repository/member_repository/F36AB1CD/9D49B92681BC11EA92D8485EF8AEA228/NewylCgvp6NUePgvkJSwP-Jgb7Y.mft
rsync://rpki.afrinic.net/repository/afrinic/NewylCgvp6NUePgvkJSwP-Jgb7Y.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 05 May 2024 00:04:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 946 (0x3b2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36AB1CDAF/serialNumber=35EC3294282FA7A35478F82F9094B03FE2606FB6
Validity
Not Before: Oct 30 12:31:16 2022 GMT
Not After : Oct 31 12:31:16 2024 GMT
Subject: CN=635e6e99-5d73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:3a:45:4a:97:6d:35:1f:4f:41:bd:31:28:83:
ea:2d:2c:61:df:07:82:1a:85:9d:79:fc:46:9d:66:
f3:5d:09:0e:ef:9b:47:20:2c:e2:1c:af:28:b1:fb:
8b:5d:06:5e:c8:7a:6a:02:a3:1e:6d:e1:7f:ad:5d:
ba:51:f1:ed:32:1e:6a:19:96:0a:06:7f:e5:d7:aa:
b8:70:d3:7f:d0:78:1d:45:5f:c1:f8:ce:93:d6:14:
86:25:2e:36:f7:8e:1f:52:18:7a:f6:fc:37:90:63:
a8:48:25:01:52:b3:8d:8f:cb:1c:e3:ce:b2:f9:bd:
45:6c:33:a6:37:17:05:87:7e:30:03:ba:fb:f8:e0:
17:02:61:e9:1e:cf:f3:ff:6d:d2:e6:7c:36:0d:75:
da:a3:3e:a5:55:bf:b3:15:28:64:1a:f9:09:7c:6f:
10:21:42:fe:e8:e2:65:47:42:da:1a:de:b4:9d:5c:
23:0b:fe:e5:87:90:e9:0c:2e:4f:22:8c:4a:b5:bd:
7c:59:68:37:af:b4:58:15:78:ce:5d:1b:f9:bb:51:
6e:f9:bc:de:9b:2a:b6:48:48:a5:0d:d7:3b:dc:e9:
06:d7:5a:e2:b3:7e:6c:b5:28:99:51:1c:8b:c0:f5:
c0:d1:f0:4a:18:8d:9b:27:32:08:0f:8c:1f:37:74:
6f:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:BA:60:A1:A2:1D:C7:B6:38:59:6E:68:27:1D:6A:D5:82:63:91:78
X509v3 Authority Key Identifier:
keyid:35:EC:32:94:28:2F:A7:A3:54:78:F8:2F:90:94:B0:3F:E2:60:6F:B6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36AB1CD/9D49B92681BC11EA92D8485EF8AEA228/NewylCgvp6NUePgvkJSwP-Jgb7Y.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/NewylCgvp6NUePgvkJSwP-Jgb7Y.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36AB1CD/9D49B92681BC11EA92D8485EF8AEA228/C23A27E6584E11ED9522D6D5F1222468.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.135.240.0/21
102.216.76.0/22
IPv6:
2c0f:ef18::/32
Signature Algorithm: sha256WithRSAEncryption
31:8e:b8:56:e9:ad:5f:8e:da:be:02:ae:0a:55:a1:7a:b1:5d:
98:d8:64:88:db:67:6b:01:5a:1f:8b:66:29:08:dc:ce:e4:48:
b4:ea:30:61:3a:42:b1:38:3f:9c:06:c1:39:71:15:ea:04:9c:
41:4a:68:e8:be:81:71:7d:f7:0b:d4:7c:a1:3a:da:a4:55:7e:
fb:ba:bf:40:1b:75:c7:f2:65:d7:19:9a:88:33:d5:8d:a1:43:
35:ba:c1:88:e5:5a:1d:76:2b:15:97:41:c7:e7:f4:5f:13:db:
2e:77:48:c2:32:92:0c:c1:fa:2e:2b:98:4e:02:22:b8:74:be:
bc:9b:27:ac:70:4c:9d:5f:ad:26:1d:f5:0e:28:98:9c:5d:a2:
58:17:e6:d5:79:85:db:b9:fc:55:19:14:f2:07:d7:5d:21:60:
ae:47:dc:b0:eb:c7:c8:73:f5:e9:c3:35:85:6a:54:61:7f:93:
29:f7:d5:0f:31:e9:9a:8a:2e:03:18:ef:41:1f:c5:4f:df:d4:
f9:4f:f0:be:1b:3b:56:d3:3b:28:ae:6e:25:81:2a:1b:71:25:
cf:9c:a5:a1:1b:0c:15:df:b7:dc:71:1d:20:aa:6c:a8:26:d1:
f2:f1:67:da:8b:e6:a1:1e:5c:0c:21:6e:8b:74:17:82:02:e2:
8c:16:c0:21
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgICA7IwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
QUIxQ0RBRjExMC8GA1UEBRMoMzVFQzMyOTQyODJGQTdBMzU0NzhGODJGOTA5NEIw
M0ZFMjYwNkZCNjAeFw0yMjEwMzAxMjMxMTZaFw0yNDEwMzExMjMxMTZaMBgxFjAU
BgNVBAMMDTYzNWU2ZTk5LTVkNzMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDAOkVKl201H09BvTEog+otLGHfB4IahZ15/EadZvNdCQ7vm0cgLOIcryix
+4tdBl7IemoCox5t4X+tXbpR8e0yHmoZlgoGf+XXqrhw03/QeB1FX8H4zpPWFIYl
Ljb3jh9SGHr2/DeQY6hIJQFSs42PyxzjzrL5vUVsM6Y3FwWHfjADuvv44BcCYeke
z/P/bdLmfDYNddqjPqVVv7MVKGQa+Ql8bxAhQv7o4mVHQtoa3rSdXCML/uWHkOkM
Lk8ijEq1vXxZaDevtFgVeM5dG/m7UW75vN6bKrZISKUN1zvc6QbXWuKzfmy1KJlR
HIvA9cDR8EoYjZsnMggPjB83dG8zAgMBAAGjggK6MIICtjAdBgNVHQ4EFgQUPLpg
oaIdx7Y4WW5oJx1q1YJjkXgwHwYDVR0jBBgwFoAUNewylCgvp6NUePgvkJSwP+Jg
b7YwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkFCMUNELzlENDlCOTI2ODFCQzExRUE5MkQ4NDg1RUY4QUVBMjI4L05ld3ls
Q2d2cDZOVWVQZ3ZrSlN3UC1KZ2I3WS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL05ld3lsQ2d2cDZOVWVQZ3ZrSlN3UC1KZ2I3WS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkFCMUNELzlENDlCOTI2ODFCQzExRUE5MkQ4NDg1RUY4
QUVBMjI4L0MyM0EyN0U2NTg0RTExRUQ5NTIyRDZENUYxMjIyNDY4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwNAYIKwYBBQUHAQcBAf8EJTAjMBIEAgABMAwDBANmh/ADBAJm2EwwDQQCAAIw
BwMFACwP7xgwDQYJKoZIhvcNAQELBQADggEBADGOuFbprV+O2r4CrgpVoXqxXZjY
ZIjbZ2sBWh+LZikI3M7kSLTqMGE6QrE4P5wGwTlxFeoEnEFKaOi+gXF99wvUfKE6
2qRVfvu6v0AbdcfyZdcZmogz1Y2hQzW6wYjlWh12KxWXQcfn9F8T2y53SMIykgzB
+i4rmE4CIrh0vrybJ6xwTJ1frSYd9Q4omJxdolgX5tV5hdu5/FUZFPIH110hYK5H
3LDrx8hz9enDNYVqVGF/kyn31Q8x6ZqKLgMY70EfxU/f1PlP8L4bO1bTOyiubiWB
KhtxJc+cpaEbDBXft9xxHSCqbKgm0fLxZ9qL5qEeXAwhbot0F4IC4owWwCE=
-----END CERTIFICATE-----
Generated at Fri May 3 04:45:03 2024 by rpki-client on console-fra.rpki-client.org