Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36BCCC8/B66E9294968611EFB8C3B245762E951A/5822D58E969911EFBB03BAB6762E951A.roa
File: 5822D58E969911EFBB03BAB6762E951A.roa (raw, json)
Hash identifier: OlnjZbEYMFxAprqREi0XurB39VJQTTPlIESsXPJn9fE=
Subject key identifier: FB:39:08:02:63:C7:03:D4:A5:A6:D4:A4:0D:51:12:C6:7F:47:ED:56
Certificate issuer: /CN=F36BCCC8AF/serialNumber=383250D23EC1AACC466655B2219B19F2E1C9455B
Certificate serial: 02
Authority key identifier: 38:32:50:D2:3E:C1:AA:CC:46:66:55:B2:21:9B:19:F2:E1:C9:45:5B
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/ODJQ0j7BqsxGZlWyIZsZ8uHJRVs.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36BCCC8/B66E9294968611EFB8C3B245762E951A/5822D58E969911EFBB03BAB6762E951A.roa
Signing time: Wed 30 Oct 2024 08:31:22 +0000
ROA not before: Wed 30 Oct 2024 08:31:19 +0000
ROA not after: Tue 31 Dec 2030 08:31:19 +0000
asID: 329033
IP address blocks: 102.216.64.0/22 maxlen: 24
2c0f:880::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36BCCC8/B66E9294968611EFB8C3B245762E951A/ODJQ0j7BqsxGZlWyIZsZ8uHJRVs.crl
rsync://rpki.afrinic.net/repository/member_repository/F36BCCC8/B66E9294968611EFB8C3B245762E951A/ODJQ0j7BqsxGZlWyIZsZ8uHJRVs.mft
rsync://rpki.afrinic.net/repository/afrinic/ODJQ0j7BqsxGZlWyIZsZ8uHJRVs.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 26 Nov 2024 00:05:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36BCCC8AF/serialNumber=383250D23EC1AACC466655B2219B19F2E1C9455B
Validity
Not Before: Oct 30 08:31:19 2024 GMT
Not After : Dec 31 08:31:19 2030 GMT
Subject: CN=6721eeda-b6af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:21:0c:83:70:49:01:9f:b1:89:bf:bd:d8:29:
e2:33:6c:50:5c:4a:b8:3e:46:e6:f9:5f:eb:ad:0d:
5c:37:1c:c5:6b:2c:fe:68:65:8f:ee:54:61:50:98:
aa:41:fe:4e:2d:4a:b4:07:fc:af:20:80:6a:10:85:
29:e6:91:80:00:53:f1:02:ff:60:94:46:8f:6d:59:
12:88:e7:0b:45:b2:03:fb:b0:85:e5:16:4b:e6:48:
b0:09:04:bc:ea:04:10:65:57:81:91:6a:b4:a0:b2:
eb:4e:b0:53:d5:bf:6c:e6:9f:cc:bd:c3:7c:e5:6e:
dc:f0:90:3c:12:8d:79:a3:d7:03:4b:d9:a3:03:89:
6c:a2:dd:bb:15:81:84:ce:47:5a:15:2c:0e:52:8e:
ed:9d:80:63:d8:14:5b:b0:a9:18:29:7f:5c:50:25:
95:e9:66:2d:fb:82:1c:ee:df:a8:9c:d5:d2:ed:07:
42:bc:61:b8:df:90:e2:49:b6:0d:15:aa:6f:0c:2b:
7d:3f:25:53:a8:da:91:89:b9:07:11:91:6b:73:71:
eb:da:40:af:af:11:99:7d:a7:69:be:d6:c3:b5:5b:
b2:c5:57:85:dc:3c:96:e6:7e:f4:2a:c5:24:97:ee:
86:91:70:c3:86:41:df:94:02:46:1e:3e:e8:65:06:
5a:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:39:08:02:63:C7:03:D4:A5:A6:D4:A4:0D:51:12:C6:7F:47:ED:56
X509v3 Authority Key Identifier:
keyid:38:32:50:D2:3E:C1:AA:CC:46:66:55:B2:21:9B:19:F2:E1:C9:45:5B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36BCCC8/B66E9294968611EFB8C3B245762E951A/ODJQ0j7BqsxGZlWyIZsZ8uHJRVs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/ODJQ0j7BqsxGZlWyIZsZ8uHJRVs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36BCCC8/B66E9294968611EFB8C3B245762E951A/5822D58E969911EFBB03BAB6762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.216.64.0/22
IPv6:
2c0f:880::/32
Signature Algorithm: sha256WithRSAEncryption
69:99:6f:db:a0:75:d0:ad:5c:60:2d:ba:c8:5f:e9:43:5c:ac:
28:ae:1e:53:f9:d9:b7:ea:6c:00:5a:1a:35:ba:d6:f2:c4:7e:
f3:d9:e2:bf:b5:6c:a4:b3:be:8b:ea:03:c2:8a:fb:fd:17:38:
fe:20:73:e0:8a:8d:37:74:47:43:69:5e:91:d1:92:00:58:f4:
64:f3:bf:96:7a:6c:89:27:b1:06:e4:52:cd:b0:bd:b8:cd:91:
d6:13:29:20:89:09:26:cd:93:a7:3a:f3:1f:a5:3b:11:13:d3:
b8:a7:46:c2:ad:aa:9c:25:0d:2b:5c:0a:9b:0e:64:bc:26:01:
29:9e:cc:99:22:9c:20:50:52:20:3e:ce:96:c8:72:36:f6:b1:
d9:43:7c:28:38:3c:84:0b:67:59:d3:49:b1:fb:c5:3c:f2:33:
03:f8:e1:6e:18:27:be:d5:e3:fc:28:66:04:af:2c:81:23:32:
a2:94:58:33:bc:b6:91:e4:9c:0f:91:67:cf:ed:d1:96:71:51:
14:d3:c1:04:5f:0a:e9:15:fc:9e:de:0a:8f:21:4c:3d:b9:2c:
a3:10:d0:ea:2d:7b:c9:70:90:d0:64:33:42:d6:27:72:f3:ea:
2d:7b:72:12:15:7f:11:28:73:e2:fe:1e:d3:bc:94:b9:c4:e7:
7e:e2:7a:23
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZC
Q0NDOEFGMTEwLwYDVQQFEygzODMyNTBEMjNFQzFBQUNDNDY2NjU1QjIyMTlCMTlG
MkUxQzk0NTVCMB4XDTI0MTAzMDA4MzExOVoXDTMwMTIzMTA4MzExOVowGDEWMBQG
A1UEAxMNNjcyMWVlZGEtYjZhZjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMQhDINwSQGfsYm/vdgp4jNsUFxKuD5G5vlf660NXDccxWss/mhlj+5UYVCY
qkH+Ti1KtAf8ryCAahCFKeaRgABT8QL/YJRGj21ZEojnC0WyA/uwheUWS+ZIsAkE
vOoEEGVXgZFqtKCy606wU9W/bOafzL3DfOVu3PCQPBKNeaPXA0vZowOJbKLduxWB
hM5HWhUsDlKO7Z2AY9gUW7CpGCl/XFAllelmLfuCHO7fqJzV0u0HQrxhuN+Q4km2
DRWqbwwrfT8lU6jakYm5BxGRa3Nx69pAr68RmX2nab7Ww7VbssVXhdw8luZ+9CrF
JJfuhpFww4ZB35QCRh4+6GUGWnECAwEAAaOCArQwggKwMB0GA1UdDgQWBBT7OQgC
Y8cD1KWm1KQNURLGf0ftVjAfBgNVHSMEGDAWgBQ4MlDSPsGqzEZmVbIhmxny4clF
WzAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2QkNDQzgvQjY2RTkyOTQ5Njg2MTFFRkI4QzNCMjQ1NzYyRTk1MUEvT0RKUTBq
N0Jxc3hHWmxXeUlac1o4dUhKUlZzLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvT0RKUTBqN0Jxc3hHWmxXeUlac1o4dUhKUlZzLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2QkNDQzgvQjY2RTkyOTQ5Njg2MTFFRkI4QzNCMjQ1NzYy
RTk1MUEvNTgyMkQ1OEU5Njk5MTFFRkJCMDNCQUI2NzYyRTk1MUEucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAmbYQDANBAIAAjAHAwUALA8I
gDANBgkqhkiG9w0BAQsFAAOCAQEAaZlv26B10K1cYC26yF/pQ1ysKK4eU/nZt+ps
AFoaNbrW8sR+89niv7VspLO+i+oDwor7/Rc4/iBz4IqNN3RHQ2lekdGSAFj0ZPO/
lnpsiSexBuRSzbC9uM2R1hMpIIkJJs2TpzrzH6U7ERPTuKdGwq2qnCUNK1wKmw5k
vCYBKZ7MmSKcIFBSID7OlshyNvax2UN8KDg8hAtnWdNJsfvFPPIzA/jhbhgnvtXj
/ChmBK8sgSMyopRYM7y2keScD5Fnz+3RlnFRFNPBBF8K6RX8nt4KjyFMPbksoxDQ
6i17yXCQ0GQzQtYncvPqLXtyEhV/EShz4v4e07yUucTnfuJ6Iw==
-----END CERTIFICATE-----
Generated at Sun Nov 24 05:19:32 2024 by rpki-client on console-ams.rpki-client.org