Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36BE2ED/2C4CE81097DF11EDB38878F3F1222468/B15985CA97E111EDB41AE57CF1222468.roa
File: B15985CA97E111EDB41AE57CF1222468.roa (raw, json)
Hash identifier: abdzPuIuACJJuQmlSUaUnN0N+3SokV71Kyt96n5N98A=
Subject key identifier: 4B:7B:70:AE:1B:06:C0:D9:0A:2B:D8:0A:E4:E9:07:5D:54:C0:74:3B
Certificate issuer: /CN=F36BE2EDAF/serialNumber=742FA2030FA40C4B1F29E063FF32E7053009FA33
Certificate serial: 02
Authority key identifier: 74:2F:A2:03:0F:A4:0C:4B:1F:29:E0:63:FF:32:E7:05:30:09:FA:33
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/dC-iAw-kDEsfKeBj_zLnBTAJ-jM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36BE2ED/2C4CE81097DF11EDB38878F3F1222468/B15985CA97E111EDB41AE57CF1222468.roa
Signing time: Thu 19 Jan 2023 10:11:52 +0000
ROA not before: Thu 19 Jan 2023 10:11:46 +0000
ROA not after: Sat 31 Dec 2033 10:11:46 +0000
asID: 33779
IP address blocks: 102.213.56.0/22 maxlen: 27
105.235.128.0/20 maxlen: 27
2c0f:f940::/32 maxlen: 128
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36BE2ED/2C4CE81097DF11EDB38878F3F1222468/dC-iAw-kDEsfKeBj_zLnBTAJ-jM.crl
rsync://rpki.afrinic.net/repository/member_repository/F36BE2ED/2C4CE81097DF11EDB38878F3F1222468/dC-iAw-kDEsfKeBj_zLnBTAJ-jM.mft
rsync://rpki.afrinic.net/repository/afrinic/dC-iAw-kDEsfKeBj_zLnBTAJ-jM.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 27 Nov 2024 00:05:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36BE2EDAF/serialNumber=742FA2030FA40C4B1F29E063FF32E7053009FA33
Validity
Not Before: Jan 19 10:11:46 2023 GMT
Not After : Dec 31 10:11:46 2033 GMT
Subject: CN=63c91768-98e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:9e:05:5b:9b:c6:26:e8:9d:da:79:44:5f:30:
6c:a4:3c:ad:25:08:14:e0:2c:86:2d:24:88:fc:14:
1d:5e:a9:d2:17:e5:7d:fe:80:26:6d:a9:b1:8c:99:
6f:32:ae:03:7a:ec:68:06:31:62:db:c6:0c:f8:40:
00:3c:b8:ba:7d:e9:00:f6:81:46:41:fc:db:97:73:
84:e5:77:6c:0a:ce:24:07:b4:1a:7a:2d:35:6e:f6:
1a:cc:b0:21:4f:89:7a:ac:58:4a:5e:05:ca:06:df:
69:86:44:44:26:d4:49:e9:9e:2c:53:9b:e6:49:61:
95:23:cd:e1:d9:62:2c:a9:82:97:40:ce:44:77:9e:
e6:c5:cb:91:d0:85:98:83:ec:64:a3:8c:f6:fe:e9:
ac:9f:b7:41:c0:06:1d:4e:d0:69:23:d8:e2:cb:9f:
05:70:e2:8a:17:8b:15:c3:8b:e4:83:2a:67:e4:eb:
26:93:53:ee:4c:03:49:8b:49:b2:3d:43:e4:dc:bc:
49:bc:34:0f:3f:c0:bf:96:16:a8:76:10:bc:2a:41:
02:f2:bb:4d:cf:ad:6a:15:b2:46:af:9a:d1:62:11:
fd:fe:00:d6:f6:ea:de:6c:16:64:df:6b:00:9d:50:
2f:77:46:b0:a9:a5:4e:0c:3f:71:cf:5e:e6:de:bd:
8e:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:7B:70:AE:1B:06:C0:D9:0A:2B:D8:0A:E4:E9:07:5D:54:C0:74:3B
X509v3 Authority Key Identifier:
keyid:74:2F:A2:03:0F:A4:0C:4B:1F:29:E0:63:FF:32:E7:05:30:09:FA:33
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36BE2ED/2C4CE81097DF11EDB38878F3F1222468/dC-iAw-kDEsfKeBj_zLnBTAJ-jM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/dC-iAw-kDEsfKeBj_zLnBTAJ-jM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36BE2ED/2C4CE81097DF11EDB38878F3F1222468/B15985CA97E111EDB41AE57CF1222468.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.213.56.0/22
105.235.128.0/20
IPv6:
2c0f:f940::/32
Signature Algorithm: sha256WithRSAEncryption
9b:d0:a8:aa:8c:c4:db:58:93:63:62:92:ef:1d:ea:fe:38:dd:
21:5e:08:2e:4a:52:45:37:4a:12:24:dc:25:d0:97:49:33:7e:
41:f6:34:75:df:63:d0:a3:2d:94:1d:2c:60:c6:b8:86:26:86:
d0:32:11:66:fe:96:fb:8e:48:e7:7e:1a:4b:09:db:8b:69:cc:
c1:f3:ff:26:e6:fc:ab:f6:e8:a1:61:b6:77:68:26:69:2d:e7:
49:f7:18:e7:50:e4:90:79:0d:f7:99:bb:99:d7:52:70:68:27:
f6:4f:23:12:6f:9f:20:74:8f:4b:92:91:f1:1d:f4:e2:93:66:
06:9d:a2:32:bb:af:c9:e4:03:ae:f3:a7:bf:91:04:9c:97:28:
91:d9:0d:9d:82:0f:b8:0d:a0:f7:18:97:b7:fe:5e:82:39:94:
1f:b8:62:59:5e:3a:6e:19:a9:3a:32:f5:01:2d:7f:73:80:99:
19:a6:07:c4:b6:44:c0:45:11:1d:88:da:b7:58:be:4e:c4:e1:
0a:fe:d6:5c:65:ca:2c:97:43:17:1b:b3:c8:8c:b3:8c:55:92:
0e:d2:32:0d:59:67:ff:2a:67:dc:aa:b0:9b:32:12:75:f1:3b:
8d:94:0e:69:27:34:e9:da:76:02:be:bc:ec:4f:56:70:03:3b:
1f:fd:d1:bb
-----BEGIN CERTIFICATE-----
MIIFlzCCBH+gAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDDApGMzZC
RTJFREFGMTEwLwYDVQQFEyg3NDJGQTIwMzBGQTQwQzRCMUYyOUUwNjNGRjMyRTcw
NTMwMDlGQTMzMB4XDTIzMDExOTEwMTE0NloXDTMzMTIzMTEwMTE0NlowGDEWMBQG
A1UEAwwNNjNjOTE3NjgtOThlMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN6eBVubxibondp5RF8wbKQ8rSUIFOAshi0kiPwUHV6p0hflff6AJm2psYyZ
bzKuA3rsaAYxYtvGDPhAADy4un3pAPaBRkH825dzhOV3bArOJAe0GnotNW72Gsyw
IU+JeqxYSl4FygbfaYZERCbUSemeLFOb5klhlSPN4dliLKmCl0DORHee5sXLkdCF
mIPsZKOM9v7prJ+3QcAGHU7QaSPY4sufBXDiiheLFcOL5IMqZ+TrJpNT7kwDSYtJ
sj1D5Ny8Sbw0Dz/Av5YWqHYQvCpBAvK7Tc+tahWyRq+a0WIR/f4A1vbq3mwWZN9r
AJ1QL3dGsKmlTgw/cc9e5t69jiUCAwEAAaOCArowggK2MB0GA1UdDgQWBBRLe3Cu
GwbA2Qor2Ark6QddVMB0OzAfBgNVHSMEGDAWgBR0L6IDD6QMSx8p4GP/MucFMAn6
MzAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2QkUyRUQvMkM0Q0U4MTA5N0RGMTFFREIzODg3OEYzRjEyMjI0NjgvZEMtaUF3
LWtERXNmS2VCal96TG5CVEFKLWpNLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvZEMtaUF3LWtERXNmS2VCal96TG5CVEFKLWpNLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2QkUyRUQvMkM0Q0U4MTA5N0RGMTFFREIzODg3OEYzRjEy
MjI0NjgvQjE1OTg1Q0E5N0UxMTFFREI0MUFFNTdDRjEyMjI0Njgucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDA0BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEAmbVOAMEBGnrgDANBAIAAjAH
AwUALA/5QDANBgkqhkiG9w0BAQsFAAOCAQEAm9CoqozE21iTY2KS7x3q/jjdIV4I
LkpSRTdKEiTcJdCXSTN+QfY0dd9j0KMtlB0sYMa4hiaG0DIRZv6W+45I534aSwnb
i2nMwfP/Jub8q/booWG2d2gmaS3nSfcY51DkkHkN95m7mddScGgn9k8jEm+fIHSP
S5KR8R304pNmBp2iMruvyeQDrvOnv5EEnJcokdkNnYIPuA2g9xiXt/5egjmUH7hi
WV46bhmpOjL1AS1/c4CZGaYHxLZEwEURHYjat1i+TsThCv7WXGXKLJdDFxuzyIyz
jFWSDtIyDVln/ypn3KqwmzISdfE7jZQOaSc06dp2Ar687E9WcAM7H/3Ruw==
-----END CERTIFICATE-----
Generated at Mon Nov 25 03:00:12 2024 by rpki-client on console-fra.rpki-client.org