Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36B1EE5/21831C1C4F1511EFB7A68685762E951A/15FF8A604F2E11EFBF7DAA5D762E951A.roa
File: 15FF8A604F2E11EFBF7DAA5D762E951A.roa (raw, json)
Hash identifier: Ji+PkrLYVd8mg+kmjzLysu+cTidIjguKCtckW26wTJg=
Subject key identifier: 63:41:12:4C:80:47:86:C0:7B:8D:57:80:A7:1C:22:AD:1B:8A:AF:A1
Certificate issuer: /CN=F36B1EE5AF/serialNumber=97CC893F4FD520F6736806F97962599B778E1B63
Certificate serial: 08
Authority key identifier: 97:CC:89:3F:4F:D5:20:F6:73:68:06:F9:79:62:59:9B:77:8E:1B:63
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/l8yJP0_VIPZzaAb5eWJZm3eOG2M.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36B1EE5/21831C1C4F1511EFB7A68685762E951A/15FF8A604F2E11EFBF7DAA5D762E951A.roa
Signing time: Wed 31 Jul 2024 11:14:43 +0000
ROA not before: Wed 31 Jul 2024 11:14:40 +0000
ROA not after: Tue 31 Jul 2029 11:14:40 +0000
asID: 328497
IP address blocks: 102.64.48.0/24 maxlen: 24
102.64.50.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36B1EE5/21831C1C4F1511EFB7A68685762E951A/l8yJP0_VIPZzaAb5eWJZm3eOG2M.crl
rsync://rpki.afrinic.net/repository/member_repository/F36B1EE5/21831C1C4F1511EFB7A68685762E951A/l8yJP0_VIPZzaAb5eWJZm3eOG2M.mft
rsync://rpki.afrinic.net/repository/afrinic/l8yJP0_VIPZzaAb5eWJZm3eOG2M.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8 (0x8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36B1EE5AF/serialNumber=97CC893F4FD520F6736806F97962599B778E1B63
Validity
Not Before: Jul 31 11:14:40 2024 GMT
Not After : Jul 31 11:14:40 2029 GMT
Subject: CN=66aa1ca3-3a42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:98:a1:19:a4:d3:a6:65:01:b9:40:eb:c1:52:
0a:82:3a:c7:4e:71:52:1c:4d:35:f0:df:b4:98:dc:
50:d1:c2:6f:6e:1d:99:50:b7:5e:53:51:df:f4:2f:
3c:96:c0:ef:38:2a:1a:e7:21:2e:60:01:ba:89:42:
4f:ff:f9:9c:73:23:5b:9e:3a:24:33:b3:e9:34:cc:
73:7c:f3:fc:a1:33:bf:0b:77:08:24:d0:7c:88:71:
e6:b8:8c:38:23:bb:65:14:7c:89:f0:39:f6:46:fb:
e6:31:5e:2b:c1:0e:95:55:77:06:83:00:22:04:a2:
2a:11:d7:0b:e8:6f:1a:ed:7a:97:09:3a:20:c1:53:
6c:fd:36:74:5b:0f:f2:30:b2:6d:15:f1:43:61:3a:
5c:fe:ff:98:35:99:f4:d2:c8:a8:f5:55:2f:f0:41:
07:7a:37:0f:6c:ef:23:45:cc:72:f7:cc:54:81:f9:
e4:d8:d2:f0:f0:c2:30:15:ea:85:1c:ed:07:09:d1:
c9:2a:a4:ce:e6:8d:4b:47:b3:3b:16:b9:1b:60:e1:
98:0b:d1:58:50:a8:77:c7:2a:d0:0b:6f:00:32:cd:
8a:c7:82:77:c2:8c:81:1c:7d:69:56:b2:1c:65:fb:
5e:66:ad:74:58:fb:bf:3c:83:b2:1d:2a:20:a9:21:
df:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:41:12:4C:80:47:86:C0:7B:8D:57:80:A7:1C:22:AD:1B:8A:AF:A1
X509v3 Authority Key Identifier:
keyid:97:CC:89:3F:4F:D5:20:F6:73:68:06:F9:79:62:59:9B:77:8E:1B:63
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36B1EE5/21831C1C4F1511EFB7A68685762E951A/l8yJP0_VIPZzaAb5eWJZm3eOG2M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/l8yJP0_VIPZzaAb5eWJZm3eOG2M.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36B1EE5/21831C1C4F1511EFB7A68685762E951A/15FF8A604F2E11EFBF7DAA5D762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.64.48.0/24
102.64.50.0/24
Signature Algorithm: sha256WithRSAEncryption
b2:c5:09:31:bf:32:b3:30:c8:a6:1f:23:bb:16:cc:0c:e5:2a:
e9:22:19:d5:b2:16:bd:75:b4:a2:09:a5:22:ca:2a:ef:46:64:
f4:ff:5b:d9:f6:b5:65:ff:98:c1:42:77:76:ec:60:ed:95:16:
ac:03:48:1c:e5:6d:2c:88:ae:4d:19:89:d8:44:4c:f7:b8:d5:
be:8d:c2:da:f1:71:26:2a:cd:07:03:67:82:e1:51:03:c8:17:
b4:21:c6:80:ad:44:88:d5:f6:16:5b:c6:57:e4:86:33:b3:c4:
0d:ea:19:fa:81:ed:39:5a:9c:64:0e:b5:d5:eb:42:10:4e:1e:
35:53:66:a3:4e:b2:61:cd:0e:56:40:36:f1:11:a2:98:73:2b:
c4:fc:77:8e:94:77:f1:2f:d6:98:64:f7:43:d7:5c:3e:6c:01:
ad:b8:bc:75:1b:b2:2b:bb:40:93:23:1f:4a:d2:20:2d:9a:2b:
f7:c7:87:79:09:c8:b0:f2:21:51:6e:11:7d:a3:d8:e7:11:ff:
8c:c7:54:dd:6a:3c:1e:0a:16:ea:6e:e8:dc:3a:ce:72:60:69:
7d:4b:a9:16:29:4e:0e:b8:b4:55:53:8a:97:25:4f:37:6f:57:
50:74:5f:42:3d:c6:7b:d1:e0:37:78:fc:44:66:4c:95:b6:9e:
9c:1f:d6:97
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgIBCDANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZC
MUVFNUFGMTEwLwYDVQQFEyg5N0NDODkzRjRGRDUyMEY2NzM2ODA2Rjk3OTYyNTk5
Qjc3OEUxQjYzMB4XDTI0MDczMTExMTQ0MFoXDTI5MDczMTExMTQ0MFowGDEWMBQG
A1UEAxMNNjZhYTFjYTMtM2E0MjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKyYoRmk06ZlAblA68FSCoI6x05xUhxNNfDftJjcUNHCb24dmVC3XlNR3/Qv
PJbA7zgqGuchLmABuolCT//5nHMjW546JDOz6TTMc3zz/KEzvwt3CCTQfIhx5riM
OCO7ZRR8ifA59kb75jFeK8EOlVV3BoMAIgSiKhHXC+hvGu16lwk6IMFTbP02dFsP
8jCybRXxQ2E6XP7/mDWZ9NLIqPVVL/BBB3o3D2zvI0XMcvfMVIH55NjS8PDCMBXq
hRztBwnRySqkzuaNS0ezOxa5G2DhmAvRWFCod8cq0AtvADLNiseCd8KMgRx9aVay
HGX7XmatdFj7vzyDsh0qIKkh34MCAwEAAaOCAqswggKnMB0GA1UdDgQWBBRjQRJM
gEeGwHuNV4CnHCKtG4qvoTAfBgNVHSMEGDAWgBSXzIk/T9Ug9nNoBvl5Ylmbd44b
YzAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2QjFFRTUvMjE4MzFDMUM0RjE1MTFFRkI3QTY4Njg1NzYyRTk1MUEvbDh5SlAw
X1ZJUFp6YUFiNWVXSlptM2VPRzJNLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvbDh5SlAwX1ZJUFp6YUFiNWVXSlptM2VPRzJNLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2QjFFRTUvMjE4MzFDMUM0RjE1MTFFRkI3QTY4Njg1NzYy
RTk1MUEvMTVGRjhBNjA0RjJFMTFFRkJGN0RBQTVENzYyRTk1MUEucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAGZAMAMEAGZAMjANBgkqhkiG
9w0BAQsFAAOCAQEAssUJMb8yszDIph8juxbMDOUq6SIZ1bIWvXW0ogmlIsoq70Zk
9P9b2fa1Zf+YwUJ3duxg7ZUWrANIHOVtLIiuTRmJ2ERM97jVvo3C2vFxJirNBwNn
guFRA8gXtCHGgK1EiNX2FlvGV+SGM7PEDeoZ+oHtOVqcZA611etCEE4eNVNmo06y
Yc0OVkA28RGimHMrxPx3jpR38S/WmGT3Q9dcPmwBrbi8dRuyK7tAkyMfStIgLZor
98eHeQnIsPIhUW4RfaPY5xH/jMdU3Wo8HgoW6m7o3DrOcmBpfUupFilODri0VVOK
lyVPN29XUHRfQj3Ge9HgN3j8RGZMlbaenB/Wlw==
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:05:20 2024 by rpki-client on console-ams.rpki-client.org