Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36B57DF/5FB443762F7311ED91ED78CCF1222468/2C1A7CD22F7411ED88A88DCEF1222468.roa
File: 2C1A7CD22F7411ED88A88DCEF1222468.roa (raw, json)
Hash identifier: Sh1RvoN24iiQuOige1NA+5ffJjIAW81e8ojWpZOFayY=
Subject key identifier: C9:CC:1C:70:9F:A6:18:36:BF:F7:0B:5F:94:EE:C1:AB:64:3E:47:4C
Certificate issuer: /CN=F36B57DFAF/serialNumber=8F6F6FBCA3C634CDBFF04C72E9B0EC806F983CA8
Certificate serial: 02
Authority key identifier: 8F:6F:6F:BC:A3:C6:34:CD:BF:F0:4C:72:E9:B0:EC:80:6F:98:3C:A8
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/j29vvKPGNM2_8Exy6bDsgG-YPKg.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36B57DF/5FB443762F7311ED91ED78CCF1222468/2C1A7CD22F7411ED88A88DCEF1222468.roa
Signing time: Thu 08 Sep 2022 12:45:52 +0000
ROA not before: Thu 08 Sep 2022 12:45:47 +0000
ROA not after: Thu 30 Sep 2032 12:45:47 +0000
asID: 328533
IP address blocks: 102.36.208.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36B57DF/5FB443762F7311ED91ED78CCF1222468/j29vvKPGNM2_8Exy6bDsgG-YPKg.crl
rsync://rpki.afrinic.net/repository/member_repository/F36B57DF/5FB443762F7311ED91ED78CCF1222468/j29vvKPGNM2_8Exy6bDsgG-YPKg.mft
rsync://rpki.afrinic.net/repository/afrinic/j29vvKPGNM2_8Exy6bDsgG-YPKg.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36B57DFAF/serialNumber=8F6F6FBCA3C634CDBFF04C72E9B0EC806F983CA8
Validity
Not Before: Sep 8 12:45:47 2022 GMT
Not After : Sep 30 12:45:47 2032 GMT
Subject: CN=6319e400-7f5a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:66:59:be:2a:97:d2:18:59:c8:de:6b:80:ed:
d2:d3:21:54:0e:2d:da:09:8d:39:19:7f:b8:e1:7d:
22:bb:d7:1f:64:ab:df:57:38:18:6f:24:62:a5:42:
a2:7c:33:c7:bc:be:a5:a6:e8:1a:7e:36:23:e9:0c:
a2:07:c6:5b:b3:50:6b:8a:ef:4a:ea:6f:52:b7:86:
d1:33:7b:75:b6:a2:5a:e0:68:81:e5:38:62:00:4d:
74:23:2a:7a:8c:c1:8f:41:4b:6d:b9:78:e7:0e:93:
a1:28:20:27:3b:6b:26:87:69:e4:2b:a2:ae:25:dd:
34:8e:1e:29:6b:30:bf:10:1e:75:50:d8:02:bf:f4:
76:5c:8e:42:71:d7:8b:96:c1:1c:c4:37:4a:c4:e2:
11:11:eb:e6:bb:86:f2:b8:d8:4b:b9:5a:09:4e:bb:
6b:c4:65:ca:eb:05:a2:a5:d1:9e:45:7d:f9:c2:d8:
f2:ab:3d:54:62:77:28:dd:de:56:8c:a9:9b:80:02:
db:63:2a:21:7e:15:c2:4e:a3:f5:20:e6:2c:f8:a6:
b9:99:09:9b:90:59:24:75:9c:b0:86:57:8a:7c:25:
44:d4:57:e8:9a:ef:b3:a5:45:b2:13:ae:d9:50:32:
79:21:98:3c:bb:e6:eb:41:7d:d0:72:31:21:59:47:
34:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:CC:1C:70:9F:A6:18:36:BF:F7:0B:5F:94:EE:C1:AB:64:3E:47:4C
X509v3 Authority Key Identifier:
keyid:8F:6F:6F:BC:A3:C6:34:CD:BF:F0:4C:72:E9:B0:EC:80:6F:98:3C:A8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36B57DF/5FB443762F7311ED91ED78CCF1222468/j29vvKPGNM2_8Exy6bDsgG-YPKg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/j29vvKPGNM2_8Exy6bDsgG-YPKg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36B57DF/5FB443762F7311ED91ED78CCF1222468/2C1A7CD22F7411ED88A88DCEF1222468.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.36.208.0/22
Signature Algorithm: sha256WithRSAEncryption
52:c3:65:63:c5:80:f0:84:db:17:ac:23:d2:b2:19:02:12:61:
ad:4a:f0:43:c5:73:c8:26:ea:ff:3c:cb:2d:22:01:9b:62:a6:
15:46:70:4d:f9:2b:73:18:4c:29:78:de:38:6b:d3:95:65:5e:
49:92:ac:d3:e9:8c:26:b8:43:c6:75:3f:6e:e3:cc:9c:a8:c6:
4f:da:c3:5f:21:6d:45:ed:01:02:6e:87:38:0e:fd:b0:e4:65:
cf:6c:3b:27:b5:4f:6e:7c:fc:42:10:ac:cb:5e:59:bf:af:a2:
9a:65:af:7f:a6:86:e3:c8:25:d2:c4:52:b3:42:f9:f7:68:17:
b6:73:e9:39:95:41:ec:47:b1:2b:e8:df:c3:83:78:05:84:46:
9c:4c:21:cf:20:24:4f:0c:dc:f3:04:a9:6d:23:6c:e3:bc:0c:
30:7a:94:87:72:b5:d5:b5:b5:41:cc:5d:b8:dc:a5:8b:f2:35:
ad:d0:4a:20:fa:5e:c5:8d:34:ed:53:7b:d3:b3:f3:41:4c:a1:
21:b0:63:d6:97:d5:c2:94:cd:f3:d1:9f:6d:1c:fe:63:c8:e2:
01:98:df:2c:fb:20:65:12:90:3f:0d:ff:8b:46:12:99:5c:e3:
64:ba:60:82:05:54:52:99:ed:f3:dd:fd:42:b7:52:28:04:d5:
52:fa:81:35
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDDApGMzZC
NTdERkFGMTEwLwYDVQQFEyg4RjZGNkZCQ0EzQzYzNENEQkZGMDRDNzJFOUIwRUM4
MDZGOTgzQ0E4MB4XDTIyMDkwODEyNDU0N1oXDTMyMDkzMDEyNDU0N1owGDEWMBQG
A1UEAwwNNjMxOWU0MDAtN2Y1YTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANRmWb4ql9IYWcjea4Dt0tMhVA4t2gmNORl/uOF9IrvXH2Sr31c4GG8kYqVC
onwzx7y+paboGn42I+kMogfGW7NQa4rvSupvUreG0TN7dbaiWuBogeU4YgBNdCMq
eozBj0FLbbl45w6ToSggJztrJodp5CuiriXdNI4eKWswvxAedVDYAr/0dlyOQnHX
i5bBHMQ3SsTiERHr5ruG8rjYS7laCU67a8RlyusFoqXRnkV9+cLY8qs9VGJ3KN3e
Voypm4AC22MqIX4Vwk6j9SDmLPimuZkJm5BZJHWcsIZXinwlRNRX6Jrvs6VFshOu
2VAyeSGYPLvm60F90HIxIVlHNCECAwEAAaOCAqUwggKhMB0GA1UdDgQWBBTJzBxw
n6YYNr/3C1+U7sGrZD5HTDAfBgNVHSMEGDAWgBSPb2+8o8Y0zb/wTHLpsOyAb5g8
qDAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2QjU3REYvNUZCNDQzNzYyRjczMTFFRDkxRUQ3OENDRjEyMjI0NjgvajI5dnZL
UEdOTTJfOEV4eTZiRHNnRy1ZUEtnLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvajI5dnZLUEdOTTJfOEV4eTZiRHNnRy1ZUEtnLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2QjU3REYvNUZCNDQzNzYyRjczMTFFRDkxRUQ3OENDRjEy
MjI0NjgvMkMxQTdDRDIyRjc0MTFFRDg4QTg4RENFRjEyMjI0Njgucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAmYk0DANBgkqhkiG9w0BAQsF
AAOCAQEAUsNlY8WA8ITbF6wj0rIZAhJhrUrwQ8VzyCbq/zzLLSIBm2KmFUZwTfkr
cxhMKXjeOGvTlWVeSZKs0+mMJrhDxnU/buPMnKjGT9rDXyFtRe0BAm6HOA79sORl
z2w7J7VPbnz8QhCsy15Zv6+immWvf6aG48gl0sRSs0L592gXtnPpOZVB7EexK+jf
w4N4BYRGnEwhzyAkTwzc8wSpbSNs47wMMHqUh3K11bW1QcxduNyli/I1rdBKIPpe
xY007VN707PzQUyhIbBj1pfVwpTN89GfbRz+Y8jiAZjfLPsgZRKQPw3/i0YSmVzj
ZLpgggVUUpnt8939QrdSKATVUvqBNQ==
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:05:21 2024 by rpki-client on console-ams.rpki-client.org