Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36BCC19/F6336432550111ECB65B497AD8A014CE/82B0CD28582C11ECB2ACE4C45A40D577.roa
File: 82B0CD28582C11ECB2ACE4C45A40D577.roa (raw, json)
Hash identifier: 5WnTeUTvylt7jsHDPv28dWX8ugIJRfhq5fv0MFgaPjI=
Subject key identifier: 39:02:09:97:92:AA:09:7B:B0:DC:D6:4A:86:B9:EA:28:C6:D1:DB:C4
Certificate issuer: /CN=F36BCC19AF/serialNumber=87C277EA5445529DD06B2FE5EE9F33CDC7CE84E0
Certificate serial: 0E
Authority key identifier: 87:C2:77:EA:54:45:52:9D:D0:6B:2F:E5:EE:9F:33:CD:C7:CE:84:E0
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/h8J36lRFUp3Qay_l7p8zzcfOhOA.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36BCC19/F6336432550111ECB65B497AD8A014CE/82B0CD28582C11ECB2ACE4C45A40D577.roa
Signing time: Wed 08 Dec 2021 13:41:14 +0000
ROA not before: Wed 08 Dec 2021 13:41:10 +0000
ROA not after: Thu 31 Dec 2048 13:41:10 +0000
asID: 328250
IP address blocks: 102.220.40.0/22 maxlen: 24
2c0f:f8f8::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36BCC19/F6336432550111ECB65B497AD8A014CE/h8J36lRFUp3Qay_l7p8zzcfOhOA.crl
rsync://rpki.afrinic.net/repository/member_repository/F36BCC19/F6336432550111ECB65B497AD8A014CE/h8J36lRFUp3Qay_l7p8zzcfOhOA.mft
rsync://rpki.afrinic.net/repository/afrinic/h8J36lRFUp3Qay_l7p8zzcfOhOA.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 26 Apr 2024 00:05:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14 (0xe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36BCC19AF/serialNumber=87C277EA5445529DD06B2FE5EE9F33CDC7CE84E0
Validity
Not Before: Dec 8 13:41:10 2021 GMT
Not After : Dec 31 13:41:10 2048 GMT
Subject: CN=61b0b5fa-06df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:b7:46:3b:cb:d7:03:b1:24:be:07:3c:0c:57:
c2:51:0f:b0:d4:fa:bf:c3:d1:6c:af:d1:8d:15:cf:
92:2c:49:f0:63:7f:77:c7:4f:28:30:fd:18:27:3c:
d6:ea:4b:49:a6:67:39:cd:cb:ff:d4:34:f1:96:77:
f7:a0:0e:26:04:21:d6:c5:25:cf:45:b1:87:63:d1:
ad:79:b8:59:35:de:f0:34:be:31:a6:fd:e9:df:39:
06:be:6a:22:0c:ca:1d:41:51:ae:d6:ae:80:50:ec:
97:35:16:4a:de:39:78:fc:cd:9e:f3:d6:30:18:5d:
c1:cb:38:4b:fa:0a:a7:d3:5f:a4:8a:e7:c7:83:68:
f3:35:ca:01:90:7d:f7:a4:b7:d5:8e:a9:94:c5:e5:
74:79:81:18:27:fc:7c:90:48:2b:b0:df:d0:57:9f:
46:2a:62:a0:1c:7e:b7:7f:4c:6a:11:54:41:16:d1:
46:3c:f2:3c:c2:2d:7d:34:bc:0b:59:cd:44:b2:cf:
c8:df:ff:bd:e9:8e:fe:84:69:1e:87:07:f1:40:dd:
0a:21:8f:49:df:d9:c2:92:ec:f8:71:36:44:ad:eb:
f5:73:39:6a:2f:a9:4a:57:25:c9:54:04:d6:c5:12:
18:8f:bd:3f:43:6c:fa:d8:2c:3b:eb:16:72:69:0b:
0f:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:02:09:97:92:AA:09:7B:B0:DC:D6:4A:86:B9:EA:28:C6:D1:DB:C4
X509v3 Authority Key Identifier:
keyid:87:C2:77:EA:54:45:52:9D:D0:6B:2F:E5:EE:9F:33:CD:C7:CE:84:E0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36BCC19/F6336432550111ECB65B497AD8A014CE/h8J36lRFUp3Qay_l7p8zzcfOhOA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/h8J36lRFUp3Qay_l7p8zzcfOhOA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36BCC19/F6336432550111ECB65B497AD8A014CE/82B0CD28582C11ECB2ACE4C45A40D577.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.220.40.0/22
IPv6:
2c0f:f8f8::/32
Signature Algorithm: sha256WithRSAEncryption
2a:d0:a4:29:86:34:1c:e2:88:da:61:17:bd:b2:17:0d:33:28:
25:1e:3e:ec:a1:f2:ba:24:f8:20:6a:91:d6:e9:42:59:03:2e:
ed:b1:4c:0b:bd:2d:40:0d:a4:bb:9d:f0:d4:d4:f4:0b:4b:da:
9a:4d:39:bb:65:71:5d:d9:bd:ac:3c:14:1a:7c:db:1c:9e:e7:
44:b6:bc:c3:33:b9:68:9e:cf:e3:39:b8:55:b4:3d:83:89:03:
56:9e:62:d2:e2:63:a3:7a:cf:74:21:1f:94:59:5d:7a:6d:6b:
d3:5c:c3:d0:8a:e4:00:74:ae:56:f9:af:01:72:ed:d7:7e:bc:
f3:e7:55:90:54:c1:a2:be:07:b1:de:d1:bc:17:52:72:c5:a8:
1c:a2:ab:73:aa:cf:02:94:74:b6:ea:3c:47:8d:08:eb:30:39:
6e:51:fe:89:66:fc:42:1d:4e:34:4c:5a:42:59:e3:ff:d0:60:
f8:97:82:f7:04:33:5c:9a:8f:d4:90:f7:e2:58:65:35:2d:e0:
4a:50:41:e0:70:98:d2:d0:5c:5c:9c:8b:e9:ab:ee:6b:2f:19:
b9:38:5d:3d:f0:95:69:f3:39:d4:71:82:ac:a0:a5:26:ed:d6:
39:a0:bc:e6:be:ce:db:d1:56:12:13:37:dc:d0:c6:c7:35:ab:
c4:e0:e1:b9
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgIBDjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDDApGMzZC
Q0MxOUFGMTEwLwYDVQQFEyg4N0MyNzdFQTU0NDU1MjlERDA2QjJGRTVFRTlGMzND
REM3Q0U4NEUwMB4XDTIxMTIwODEzNDExMFoXDTQ4MTIzMTEzNDExMFowGDEWMBQG
A1UEAwwNNjFiMGI1ZmEtMDZkZjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOy3RjvL1wOxJL4HPAxXwlEPsNT6v8PRbK/RjRXPkixJ8GN/d8dPKDD9GCc8
1upLSaZnOc3L/9Q08ZZ396AOJgQh1sUlz0Wxh2PRrXm4WTXe8DS+Mab96d85Br5q
IgzKHUFRrtaugFDslzUWSt45ePzNnvPWMBhdwcs4S/oKp9NfpIrnx4No8zXKAZB9
96S31Y6plMXldHmBGCf8fJBIK7Df0FefRipioBx+t39MahFUQRbRRjzyPMItfTS8
C1nNRLLPyN//vemO/oRpHocH8UDdCiGPSd/ZwpLs+HE2RK3r9XM5ai+pSlclyVQE
1sUSGI+9P0Ns+tgsO+sWcmkLD50CAwEAAaOCArQwggKwMB0GA1UdDgQWBBQ5AgmX
kqoJe7Dc1kqGueooxtHbxDAfBgNVHSMEGDAWgBSHwnfqVEVSndBrL+XunzPNx86E
4DAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2QkNDMTkvRjYzMzY0MzI1NTAxMTFFQ0I2NUI0OTdBRDhBMDE0Q0UvaDhKMzZs
UkZVcDNRYXlfbDdwOHp6Y2ZPaE9BLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvaDhKMzZsUkZVcDNRYXlfbDdwOHp6Y2ZPaE9BLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2QkNDMTkvRjYzMzY0MzI1NTAxMTFFQ0I2NUI0OTdBRDhB
MDE0Q0UvODJCMENEMjg1ODJDMTFFQ0IyQUNFNEM0NUE0MEQ1Nzcucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAmbcKDANBAIAAjAHAwUALA/4
+DANBgkqhkiG9w0BAQsFAAOCAQEAKtCkKYY0HOKI2mEXvbIXDTMoJR4+7KHyuiT4
IGqR1ulCWQMu7bFMC70tQA2ku53w1NT0C0vamk05u2VxXdm9rDwUGnzbHJ7nRLa8
wzO5aJ7P4zm4VbQ9g4kDVp5i0uJjo3rPdCEflFldem1r01zD0IrkAHSuVvmvAXLt
13688+dVkFTBor4Hsd7RvBdScsWoHKKrc6rPApR0tuo8R40I6zA5blH+iWb8Qh1O
NExaQlnj/9Bg+JeC9wQzXJqP1JD34lhlNS3gSlBB4HCY0tBcXJyL6avuay8ZuThd
PfCVafM51HGCrKClJu3WOaC85r7O29FWEhM33NDGxzWrxODhuQ==
-----END CERTIFICATE-----
Generated at Wed Apr 24 03:22:03 2024 by rpki-client on console-ams.rpki-client.org