Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36B70EF/8F798B325A6611EABB216F4BF8AEA228/8D3DC440A70B11EF86ACE974762E951A.roa
File: 8D3DC440A70B11EF86ACE974762E951A.roa (raw, json)
Hash identifier: Py/R2WBbifPX4/K3F5F8kgPQCqbFBhwEISTO2st5s50=
Subject key identifier: 7A:E6:FC:BA:26:58:4D:6C:96:DF:E0:A3:DD:67:CF:87:56:4E:5C:BF
Certificate issuer: /CN=F36B70EFAF/serialNumber=D0BE67D045B33F05A5871510399E709C98F6D77D
Certificate serial: 06FF
Authority key identifier: D0:BE:67:D0:45:B3:3F:05:A5:87:15:10:39:9E:70:9C:98:F6:D7:7D
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/0L5n0EWzPwWlhxUQOZ5wnJj2130.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36B70EF/8F798B325A6611EABB216F4BF8AEA228/8D3DC440A70B11EF86ACE974762E951A.roa
Signing time: Wed 20 Nov 2024 06:49:13 +0000
ROA not before: Wed 20 Nov 2024 06:49:09 +0000
ROA not after: Wed 01 Nov 2034 06:49:09 +0000
asID: 328337
IP address blocks: 102.134.68.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36B70EF/8F798B325A6611EABB216F4BF8AEA228/0L5n0EWzPwWlhxUQOZ5wnJj2130.crl
rsync://rpki.afrinic.net/repository/member_repository/F36B70EF/8F798B325A6611EABB216F4BF8AEA228/0L5n0EWzPwWlhxUQOZ5wnJj2130.mft
rsync://rpki.afrinic.net/repository/afrinic/0L5n0EWzPwWlhxUQOZ5wnJj2130.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1791 (0x6ff)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36B70EFAF/serialNumber=D0BE67D045B33F05A5871510399E709C98F6D77D
Validity
Not Before: Nov 20 06:49:09 2024 GMT
Not After : Nov 1 06:49:09 2034 GMT
Subject: CN=673d8669-4694
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:b6:ad:23:bc:87:d2:69:3b:42:78:b7:1a:a5:
f8:0a:2e:c2:ee:36:0b:b6:5e:5c:93:7e:50:00:06:
7f:f8:a4:90:40:ec:c5:95:64:98:06:fa:be:ce:ed:
1c:39:1f:ab:75:97:41:2c:43:d1:f5:b4:56:ec:df:
df:18:3f:63:b8:51:6d:72:5b:69:d6:ca:21:47:b1:
42:b4:14:32:ff:76:39:68:8c:d4:1d:e4:e9:5b:86:
5a:1c:ef:45:6b:8e:b2:2a:60:ff:bc:14:5e:42:0d:
00:23:2e:37:34:8a:fa:59:6e:88:6e:9e:fb:ad:7c:
15:59:f2:17:0c:40:9a:21:de:92:ef:55:e5:a3:c1:
f4:6e:27:8c:48:1f:83:bf:12:97:ea:67:2f:b1:4e:
d8:62:14:28:a8:fc:f7:51:61:28:ae:f0:16:ea:54:
c3:01:7a:c4:71:7b:b6:2b:a2:d4:7c:ef:e4:bb:38:
21:81:67:df:25:a8:a4:2e:5d:f3:eb:5c:5c:5a:70:
eb:8e:fb:ba:97:b1:d5:5c:fd:bf:1b:ea:c7:28:9c:
c0:b6:37:2e:12:68:72:d3:bc:e7:ff:32:3d:14:58:
d0:04:d0:13:00:7b:13:6e:fc:4c:57:04:10:1d:be:
d3:1e:5d:bf:e7:e1:40:fa:e4:43:1d:ea:92:9d:ea:
49:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:E6:FC:BA:26:58:4D:6C:96:DF:E0:A3:DD:67:CF:87:56:4E:5C:BF
X509v3 Authority Key Identifier:
keyid:D0:BE:67:D0:45:B3:3F:05:A5:87:15:10:39:9E:70:9C:98:F6:D7:7D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36B70EF/8F798B325A6611EABB216F4BF8AEA228/0L5n0EWzPwWlhxUQOZ5wnJj2130.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/0L5n0EWzPwWlhxUQOZ5wnJj2130.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36B70EF/8F798B325A6611EABB216F4BF8AEA228/8D3DC440A70B11EF86ACE974762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.134.68.0/24
Signature Algorithm: sha256WithRSAEncryption
84:60:a3:8f:5a:77:64:dd:9c:99:d2:80:3d:c5:72:87:50:0b:
03:a0:72:06:e0:35:e6:d5:31:42:e4:78:7e:67:65:8d:2f:60:
da:29:f9:cf:99:ab:c3:c8:80:d3:a5:ee:01:22:b1:bc:da:38:
fb:65:ae:af:cf:08:b8:b1:3b:3b:bf:dc:64:c0:88:1f:43:98:
26:15:a5:11:8a:3b:7c:02:68:40:06:36:3b:bb:da:60:db:03:
57:ac:ae:0a:6f:c5:89:38:08:5b:db:ff:63:70:1f:1a:df:da:
20:da:c5:6d:2a:ea:6b:e8:98:7c:e5:4d:20:45:5f:7b:e3:01:
9b:a6:f2:89:80:cf:92:af:8a:9e:ad:25:ae:84:65:ef:37:fd:
fd:eb:10:47:0c:86:9b:86:c4:56:f2:cf:9d:3a:70:61:85:6f:
a3:cf:8e:7e:e9:f0:c4:50:4d:e3:e0:2e:18:a4:84:02:f8:0e:
a4:36:0f:f6:d3:58:0e:a4:3f:a5:d7:fe:04:5b:e1:0c:3a:24:
df:f9:20:b2:52:55:9f:43:f6:82:af:c2:99:0b:8a:01:ea:e2:
ee:31:ec:a3:3b:f7:75:01:97:0c:96:18:49:df:72:75:09:b1:
99:b9:e1:8b:cf:55:72:e6:4b:93:8a:c2:1c:7d:b4:30:58:83:
3e:cd:5f:5d
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICBv8wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
QjcwRUZBRjExMC8GA1UEBRMoRDBCRTY3RDA0NUIzM0YwNUE1ODcxNTEwMzk5RTcw
OUM5OEY2RDc3RDAeFw0yNDExMjAwNjQ5MDlaFw0zNDExMDEwNjQ5MDlaMBgxFjAU
BgNVBAMTDTY3M2Q4NjY5LTQ2OTQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC6tq0jvIfSaTtCeLcapfgKLsLuNgu2XlyTflAABn/4pJBA7MWVZJgG+r7O
7Rw5H6t1l0EsQ9H1tFbs398YP2O4UW1yW2nWyiFHsUK0FDL/djlojNQd5Olbhloc
70VrjrIqYP+8FF5CDQAjLjc0ivpZbohunvutfBVZ8hcMQJoh3pLvVeWjwfRuJ4xI
H4O/EpfqZy+xTthiFCio/PdRYSiu8BbqVMMBesRxe7YrotR87+S7OCGBZ98lqKQu
XfPrXFxacOuO+7qXsdVc/b8b6sconMC2Ny4SaHLTvOf/Mj0UWNAE0BMAexNu/ExX
BBAdvtMeXb/n4UD65EMd6pKd6km7AgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUeub8
uiZYTWyW3+Cj3WfPh1ZOXL8wHwYDVR0jBBgwFoAU0L5n0EWzPwWlhxUQOZ5wnJj2
130wDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkI3MEVGLzhGNzk4QjMyNUE2NjExRUFCQjIxNkY0QkY4QUVBMjI4LzBMNW4w
RVd6UHdXbGh4VVFPWjV3bkpqMjEzMC5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljLzBMNW4wRVd6UHdXbGh4VVFPWjV3bkpqMjEzMC5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkI3MEVGLzhGNzk4QjMyNUE2NjExRUFCQjIxNkY0QkY4
QUVBMjI4LzhEM0RDNDQwQTcwQjExRUY4NkFDRTk3NDc2MkU5NTFBLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABmhkQwDQYJKoZIhvcNAQEL
BQADggEBAIRgo49ad2TdnJnSgD3FcodQCwOgcgbgNebVMULkeH5nZY0vYNop+c+Z
q8PIgNOl7gEisbzaOPtlrq/PCLixOzu/3GTAiB9DmCYVpRGKO3wCaEAGNju72mDb
A1esrgpvxYk4CFvb/2NwHxrf2iDaxW0q6mvomHzlTSBFX3vjAZum8omAz5Kvip6t
Ja6EZe83/f3rEEcMhpuGxFbyz506cGGFb6PPjn7p8MRQTePgLhikhAL4DqQ2D/bT
WA6kP6XX/gRb4Qw6JN/5ILJSVZ9D9oKvwpkLigHq4u4x7KM793UBlwyWGEnfcnUJ
sZm54YvPVXLmS5OKwhx9tDBYgz7NX10=
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:10:14 2024 by rpki-client on console-fra.rpki-client.org