Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36AC9F1/91D240A6697311EFAFAC2778762E951A/A30F3A50697C11EFB366DFAE762E951A.roa
File: A30F3A50697C11EFB366DFAE762E951A.roa (raw, json)
Hash identifier: /ilQRqAkN9GV5Cf0rRJQg2G1MMpc0XTxcTekWiarM/c=
Subject key identifier: A2:37:E3:8C:FE:07:38:0A:87:C8:DA:17:B1:DE:4F:BF:7C:E4:46:52
Certificate issuer: /CN=F36AC9F1AF/serialNumber=1B2E71DA04AE09103945117F9076C7F8E199243C
Certificate serial: 02
Authority key identifier: 1B:2E:71:DA:04:AE:09:10:39:45:11:7F:90:76:C7:F8:E1:99:24:3C
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/Gy5x2gSuCRA5RRF_kHbH-OGZJDw.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36AC9F1/91D240A6697311EFAFAC2778762E951A/A30F3A50697C11EFB366DFAE762E951A.roa
Signing time: Mon 02 Sep 2024 22:42:31 +0000
ROA not before: Tue 03 Sep 2024 22:42:27 +0000
ROA not after: Sun 01 Sep 2030 22:42:27 +0000
asID: 328583
IP address blocks: 102.36.140.0/22 maxlen: 24
102.213.148.0/22 maxlen: 24
2c0f:6140::/32 maxlen: 64
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36AC9F1/91D240A6697311EFAFAC2778762E951A/Gy5x2gSuCRA5RRF_kHbH-OGZJDw.crl
rsync://rpki.afrinic.net/repository/member_repository/F36AC9F1/91D240A6697311EFAFAC2778762E951A/Gy5x2gSuCRA5RRF_kHbH-OGZJDw.mft
rsync://rpki.afrinic.net/repository/afrinic/Gy5x2gSuCRA5RRF_kHbH-OGZJDw.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36AC9F1AF/serialNumber=1B2E71DA04AE09103945117F9076C7F8E199243C
Validity
Not Before: Sep 3 22:42:27 2024 GMT
Not After : Sep 1 22:42:27 2030 GMT
Subject: CN=66d63f56-d8cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:a4:a6:ac:37:84:e5:05:1c:3b:7e:9d:1d:70:
74:89:03:c1:c9:18:f2:3b:6c:f9:2e:44:12:da:22:
34:68:bd:f5:d5:97:30:94:fc:09:0e:f8:e0:7f:50:
9f:9c:83:5d:8f:d2:1b:04:ea:01:9f:01:ed:4f:39:
b4:58:6d:a1:e3:0b:4e:3a:42:27:83:07:93:2a:49:
8f:21:85:89:2c:91:b4:f7:e5:e6:44:05:35:c5:b6:
74:2d:08:e0:e4:f5:72:be:f4:d6:08:e3:fe:d7:19:
a0:a1:eb:9c:46:a4:9f:9e:5f:0e:dd:15:4c:66:08:
d9:b6:b6:45:02:03:b4:87:1d:dd:47:19:dd:3e:0b:
d7:21:3a:fb:9a:bd:4a:ca:df:6d:5e:29:b8:69:15:
1a:30:80:8c:c7:5d:3e:8c:ac:9d:5d:56:a5:66:d6:
a3:b2:ff:57:e1:2b:b5:bd:f9:84:06:41:20:58:12:
d9:ab:d6:cc:5e:ae:fb:e3:57:97:e6:e0:c3:0b:47:
9f:b0:fb:d2:55:65:80:fa:8a:a7:1a:e2:c5:d8:34:
7a:f7:60:e3:84:7d:fc:c4:4a:48:49:c5:b7:75:8f:
f5:12:29:30:b0:24:de:36:33:04:95:64:73:2f:f0:
ba:14:af:10:cd:4c:77:a3:fa:94:77:b1:44:c0:3c:
fd:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:37:E3:8C:FE:07:38:0A:87:C8:DA:17:B1:DE:4F:BF:7C:E4:46:52
X509v3 Authority Key Identifier:
keyid:1B:2E:71:DA:04:AE:09:10:39:45:11:7F:90:76:C7:F8:E1:99:24:3C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36AC9F1/91D240A6697311EFAFAC2778762E951A/Gy5x2gSuCRA5RRF_kHbH-OGZJDw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/Gy5x2gSuCRA5RRF_kHbH-OGZJDw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36AC9F1/91D240A6697311EFAFAC2778762E951A/A30F3A50697C11EFB366DFAE762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.36.140.0/22
102.213.148.0/22
IPv6:
2c0f:6140::/32
Signature Algorithm: sha256WithRSAEncryption
04:b7:a0:e2:a8:8d:85:30:2e:0e:9b:0f:6f:10:92:83:75:b4:
79:4e:67:8d:2d:87:42:7b:2b:f0:05:69:d7:b6:9c:8d:1e:45:
04:87:96:8e:d3:92:62:c1:56:6f:d9:26:10:96:dc:a2:70:9a:
4e:8e:73:c2:4c:30:e5:af:b1:83:76:bb:f4:fc:96:11:84:8e:
dc:b9:b1:e7:fd:89:f5:1e:11:ea:2f:d9:c8:a1:f0:42:49:5d:
73:64:99:13:09:5a:56:9e:dc:f9:7e:31:60:2d:d4:d2:19:38:
de:78:91:56:ab:55:3d:c0:f6:3a:73:ad:a4:fe:91:ec:a4:f5:
a6:35:3d:9b:d6:1e:59:8e:c7:33:bc:9a:74:56:72:6d:24:14:
20:2e:a0:f2:9d:bd:9a:4b:d3:03:51:49:46:fe:98:e0:4a:68:
11:59:5e:68:6c:11:d3:9d:13:cb:ce:9c:92:9c:e4:b4:7c:57:
d1:9e:a1:1b:2d:67:d0:85:c7:98:52:1d:71:79:b4:d6:ea:64:
a0:98:f3:5e:31:5e:82:b2:54:1f:5b:9b:2b:4f:10:f1:63:a7:
02:e6:28:47:b2:7a:c8:de:55:bd:df:c9:28:b2:c9:fa:44:6f:
f6:3a:d0:17:85:1b:a7:04:3f:f5:04:06:7b:06:73:20:1a:de:
da:e5:97:9f
-----BEGIN CERTIFICATE-----
MIIFlzCCBH+gAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZB
QzlGMUFGMTEwLwYDVQQFEygxQjJFNzFEQTA0QUUwOTEwMzk0NTExN0Y5MDc2QzdG
OEUxOTkyNDNDMB4XDTI0MDkwMzIyNDIyN1oXDTMwMDkwMTIyNDIyN1owGDEWMBQG
A1UEAxMNNjZkNjNmNTYtZDhjZDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMukpqw3hOUFHDt+nR1wdIkDwckY8jts+S5EEtoiNGi99dWXMJT8CQ744H9Q
n5yDXY/SGwTqAZ8B7U85tFhtoeMLTjpCJ4MHkypJjyGFiSyRtPfl5kQFNcW2dC0I
4OT1cr701gjj/tcZoKHrnEakn55fDt0VTGYI2ba2RQIDtIcd3UcZ3T4L1yE6+5q9
SsrfbV4puGkVGjCAjMddPoysnV1WpWbWo7L/V+Ertb35hAZBIFgS2avWzF6u++NX
l+bgwwtHn7D70lVlgPqKpxrixdg0evdg44R9/MRKSEnFt3WP9RIpMLAk3jYzBJVk
cy/wuhSvEM1Md6P6lHexRMA8/WECAwEAAaOCArowggK2MB0GA1UdDgQWBBSiN+OM
/gc4CofI2hex3k+/fORGUjAfBgNVHSMEGDAWgBQbLnHaBK4JEDlFEX+Qdsf44Zkk
PDAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2QUM5RjEvOTFEMjQwQTY2OTczMTFFRkFGQUMyNzc4NzYyRTk1MUEvR3k1eDJn
U3VDUkE1UlJGX2tIYkgtT0daSkR3LmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvR3k1eDJnU3VDUkE1UlJGX2tIYkgtT0daSkR3LmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2QUM5RjEvOTFEMjQwQTY2OTczMTFFRkFGQUMyNzc4NzYy
RTk1MUEvQTMwRjNBNTA2OTdDMTFFRkIzNjZERkFFNzYyRTk1MUEucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDA0BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEAmYkjAMEAmbVlDANBAIAAjAH
AwUALA9hQDANBgkqhkiG9w0BAQsFAAOCAQEABLeg4qiNhTAuDpsPbxCSg3W0eU5n
jS2HQnsr8AVp17acjR5FBIeWjtOSYsFWb9kmEJbconCaTo5zwkww5a+xg3a79PyW
EYSO3Lmx5/2J9R4R6i/ZyKHwQkldc2SZEwlaVp7c+X4xYC3U0hk43niRVqtVPcD2
OnOtpP6R7KT1pjU9m9YeWY7HM7yadFZybSQUIC6g8p29mkvTA1FJRv6Y4EpoEVle
aGwR050Ty86ckpzktHxX0Z6hGy1n0IXHmFIdcXm01upkoJjzXjFegrJUH1ubK08Q
8WOnAuYoR7J6yN5Vvd/JKLLJ+kRv9jrQF4UbpwQ/9QQGewZzIBre2uWXnw==
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:05:20 2024 by rpki-client on console-ams.rpki-client.org