Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36AB5C3/F1C8256E184511EE9E5699174AD9E6FC/5323458C184611EEAA09D5184AD9E6FC.roa
File: 5323458C184611EEAA09D5184AD9E6FC.roa (raw, json)
Hash identifier: A8xuzCyGtjAq6hsUbNjHYuJn81F3LK8LOnUy2g8YDWc=
Subject key identifier: F9:3A:CA:30:93:F6:71:74:F2:5E:B6:44:34:B0:9B:A8:4D:15:15:5C
Certificate issuer: /CN=F36AB5C3AF/serialNumber=79E907176CFB7506BD916056F375FA38CE41CDA3
Certificate serial: 02
Authority key identifier: 79:E9:07:17:6C:FB:75:06:BD:91:60:56:F3:75:FA:38:CE:41:CD:A3
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/eekHF2z7dQa9kWBW83X6OM5BzaM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36AB5C3/F1C8256E184511EE9E5699174AD9E6FC/5323458C184611EEAA09D5184AD9E6FC.roa
Signing time: Sat 01 Jul 2023 19:34:42 +0000
ROA not before: Sat 01 Jul 2023 19:34:37 +0000
ROA not after: Sat 31 Dec 2033 19:34:37 +0000
asID: 328652
IP address blocks: 102.223.32.0/22 maxlen: 24
2c0f:e880::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36AB5C3/F1C8256E184511EE9E5699174AD9E6FC/eekHF2z7dQa9kWBW83X6OM5BzaM.crl
rsync://rpki.afrinic.net/repository/member_repository/F36AB5C3/F1C8256E184511EE9E5699174AD9E6FC/eekHF2z7dQa9kWBW83X6OM5BzaM.mft
rsync://rpki.afrinic.net/repository/afrinic/eekHF2z7dQa9kWBW83X6OM5BzaM.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36AB5C3AF/serialNumber=79E907176CFB7506BD916056F375FA38CE41CDA3
Validity
Not Before: Jul 1 19:34:37 2023 GMT
Not After : Dec 31 19:34:37 2033 GMT
Subject: CN=64a07fd2-b599
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:3e:63:d7:ad:8e:17:ec:59:ec:d5:e9:6f:ba:
18:f9:fe:3c:58:78:27:da:35:e4:0c:64:97:d1:d7:
94:d0:8e:66:92:76:e9:26:69:9e:44:07:dd:55:6e:
08:cf:d5:49:36:74:4e:c4:4f:f9:62:b7:5a:0d:f9:
86:88:01:47:ec:57:de:59:07:60:81:c4:c8:33:46:
db:00:f4:0e:cf:bb:e3:d0:9d:4a:ad:e4:db:6d:fc:
ba:c7:de:ed:73:fb:ed:11:53:7b:f8:20:04:74:18:
41:95:af:89:f2:28:91:b4:59:be:69:27:ed:96:90:
28:d2:65:5d:d0:aa:cc:de:2c:58:45:d7:6e:e5:36:
72:24:7e:c9:57:f7:2c:45:d0:94:3d:4c:dc:a9:25:
f3:4a:24:2d:ba:b3:fd:d8:ee:71:e9:1b:90:c0:6e:
53:f9:d6:cc:59:d2:fa:62:32:8e:ba:1e:07:2a:47:
7a:78:9e:91:0d:47:5d:fb:9d:c6:6b:dc:28:57:93:
84:ca:ee:5d:8b:c8:31:a7:18:91:b0:9b:e3:aa:ee:
ea:9b:48:23:63:7a:c1:6e:1e:86:f7:0f:9c:e6:8d:
d2:ed:ed:50:7e:a9:84:a4:f1:e4:23:69:aa:6a:96:
be:e0:9f:8d:18:3b:46:28:d0:8f:2a:ee:3a:f1:ff:
d8:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:3A:CA:30:93:F6:71:74:F2:5E:B6:44:34:B0:9B:A8:4D:15:15:5C
X509v3 Authority Key Identifier:
keyid:79:E9:07:17:6C:FB:75:06:BD:91:60:56:F3:75:FA:38:CE:41:CD:A3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36AB5C3/F1C8256E184511EE9E5699174AD9E6FC/eekHF2z7dQa9kWBW83X6OM5BzaM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/eekHF2z7dQa9kWBW83X6OM5BzaM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36AB5C3/F1C8256E184511EE9E5699174AD9E6FC/5323458C184611EEAA09D5184AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.223.32.0/22
IPv6:
2c0f:e880::/32
Signature Algorithm: sha256WithRSAEncryption
5b:f9:16:0d:cd:15:9e:65:03:df:e4:48:35:18:e4:b5:bb:ac:
96:d8:01:4c:61:c8:d8:9d:ad:a6:fd:06:1e:be:48:1f:47:f7:
be:11:dd:4d:cf:2e:92:b8:9d:5e:41:c7:19:d8:0c:42:30:38:
58:51:97:8f:64:3d:c5:08:29:8e:a7:16:10:57:fb:c3:5c:71:
72:bf:0f:22:99:ab:88:fc:67:8b:1b:54:29:6d:78:f4:ca:9e:
d4:5e:9d:0d:f4:42:57:76:19:d4:a7:9c:a7:4f:ca:97:77:9b:
6c:03:6a:b0:bb:4a:18:e2:e3:ab:fc:f8:2c:8a:5b:37:3f:be:
eb:77:d6:d0:77:34:2f:8e:ec:bb:ba:b4:14:e3:8d:9b:dc:0d:
62:36:1a:61:a1:2c:08:8e:d1:43:0f:28:5f:09:36:2a:79:b5:
2c:9e:39:3e:40:55:90:55:9d:df:d7:7f:c3:01:54:e0:61:55:
82:33:ad:c2:0e:99:97:d8:9e:26:b4:89:35:1c:fb:da:d0:c6:
e7:49:b1:df:de:d0:96:6b:3d:97:9e:a8:55:1b:99:c4:0b:16:
6d:7a:8d:e5:f9:bc:a0:6b:78:dd:e4:ff:0d:b7:8c:0a:35:f0:
cb:10:35:31:4a:eb:8a:f9:13:7a:59:c4:ac:69:b9:7f:58:cb:
9f:e5:1b:3a
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZB
QjVDM0FGMTEwLwYDVQQFEyg3OUU5MDcxNzZDRkI3NTA2QkQ5MTYwNTZGMzc1RkEz
OENFNDFDREEzMB4XDTIzMDcwMTE5MzQzN1oXDTMzMTIzMTE5MzQzN1owGDEWMBQG
A1UEAxMNNjRhMDdmZDItYjU5OTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMM+Y9etjhfsWezV6W+6GPn+PFh4J9o15Axkl9HXlNCOZpJ26SZpnkQH3VVu
CM/VSTZ0TsRP+WK3Wg35hogBR+xX3lkHYIHEyDNG2wD0Ds+749CdSq3k2238usfe
7XP77RFTe/ggBHQYQZWvifIokbRZvmkn7ZaQKNJlXdCqzN4sWEXXbuU2ciR+yVf3
LEXQlD1M3Kkl80okLbqz/djucekbkMBuU/nWzFnS+mIyjroeBypHeniekQ1HXfud
xmvcKFeThMruXYvIMacYkbCb46ru6ptII2N6wW4ehvcPnOaN0u3tUH6phKTx5CNp
qmqWvuCfjRg7RijQjyruOvH/2KsCAwEAAaOCArQwggKwMB0GA1UdDgQWBBT5Osow
k/ZxdPJetkQ0sJuoTRUVXDAfBgNVHSMEGDAWgBR56QcXbPt1Br2RYFbzdfo4zkHN
ozAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2QUI1QzMvRjFDODI1NkUxODQ1MTFFRTlFNTY5OTE3NEFEOUU2RkMvZWVrSEYy
ejdkUWE5a1dCVzgzWDZPTTVCemFNLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvZWVrSEYyejdkUWE5a1dCVzgzWDZPTTVCemFNLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2QUI1QzMvRjFDODI1NkUxODQ1MTFFRTlFNTY5OTE3NEFE
OUU2RkMvNTMyMzQ1OEMxODQ2MTFFRUFBMDlENTE4NEFEOUU2RkMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAmbfIDANBAIAAjAHAwUALA/o
gDANBgkqhkiG9w0BAQsFAAOCAQEAW/kWDc0VnmUD3+RINRjktbusltgBTGHI2J2t
pv0GHr5IH0f3vhHdTc8ukridXkHHGdgMQjA4WFGXj2Q9xQgpjqcWEFf7w1xxcr8P
IpmriPxnixtUKW149Mqe1F6dDfRCV3YZ1Kecp0/Kl3ebbANqsLtKGOLjq/z4LIpb
Nz++63fW0Hc0L47su7q0FOONm9wNYjYaYaEsCI7RQw8oXwk2Knm1LJ45PkBVkFWd
39d/wwFU4GFVgjOtwg6Zl9ieJrSJNRz72tDG50mx397Qlms9l56oVRuZxAsWbXqN
5fm8oGt43eT/DbeMCjXwyxA1MUrrivkTelnErGm5f1jLn+UbOg==
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:05:20 2024 by rpki-client on console-ams.rpki-client.org