Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36C1FBF/156436D23E7B11EF81CBC680762E951A/EF41E38E3F7211EFB7107E93762E951A.roa
File: EF41E38E3F7211EFB7107E93762E951A.roa (raw, json)
Hash identifier: +TBl5OfrCZWdrProFpPItD+GPP/JvkZ4+QJjIbM6pRk=
Subject key identifier: 9C:08:C8:40:2B:15:83:AF:07:27:53:7A:61:C4:62:3F:7C:69:E8:92
Certificate issuer: /CN=F36C1FBFAF/serialNumber=7DEAB771D66B17B0EE872E91F18D3C5A16C22FB0
Certificate serial: 05
Authority key identifier: 7D:EA:B7:71:D6:6B:17:B0:EE:87:2E:91:F1:8D:3C:5A:16:C2:2F:B0
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/feq3cdZrF7Duhy6R8Y08WhbCL7A.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36C1FBF/156436D23E7B11EF81CBC680762E951A/EF41E38E3F7211EFB7107E93762E951A.roa
Signing time: Thu 11 Jul 2024 10:47:14 +0000
ROA not before: Thu 11 Jul 2024 10:47:11 +0000
ROA not after: Sun 31 Dec 2034 10:47:11 +0000
asID: 329429
IP address blocks: 102.213.164.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36C1FBF/156436D23E7B11EF81CBC680762E951A/feq3cdZrF7Duhy6R8Y08WhbCL7A.crl
rsync://rpki.afrinic.net/repository/member_repository/F36C1FBF/156436D23E7B11EF81CBC680762E951A/feq3cdZrF7Duhy6R8Y08WhbCL7A.mft
rsync://rpki.afrinic.net/repository/afrinic/feq3cdZrF7Duhy6R8Y08WhbCL7A.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 26 Oct 2024 00:05:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5 (0x5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36C1FBFAF/serialNumber=7DEAB771D66B17B0EE872E91F18D3C5A16C22FB0
Validity
Not Before: Jul 11 10:47:11 2024 GMT
Not After : Dec 31 10:47:11 2034 GMT
Subject: CN=668fb832-5ae0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:1d:3e:f7:cb:6a:5e:e7:85:95:a2:08:bd:d6:
a4:0f:28:08:71:6f:c1:bf:33:af:e3:d2:0b:60:03:
52:ba:24:ec:a7:3d:d8:3a:48:d8:fd:76:48:56:dc:
4f:7b:86:f0:5c:c9:06:f1:62:14:71:9c:36:17:48:
2b:2f:f7:c4:5a:7b:58:b7:f8:d0:7e:37:32:12:b7:
5c:8a:5b:87:b0:cf:d2:28:69:ca:e3:0e:82:73:75:
54:c9:42:81:e6:cf:b9:fa:c3:03:c4:37:d3:21:98:
70:da:32:b8:f5:86:d8:c4:2a:71:88:13:42:9b:49:
d1:d2:7e:dd:ad:63:79:09:99:6a:75:d5:a4:84:03:
02:ea:09:de:23:32:23:f1:ae:c4:11:4e:36:d2:28:
88:f5:aa:6c:fe:69:ec:b1:35:c1:e1:2d:98:14:0b:
0f:20:76:43:60:96:e9:ce:fc:56:e6:56:20:e3:92:
8c:ba:e9:70:c0:01:30:ad:68:88:de:1e:20:f0:74:
d8:e4:0a:fb:b0:aa:8b:74:8e:e5:1a:95:1d:9e:4c:
10:9f:43:78:f1:81:54:b1:88:1a:e7:fb:d7:ef:53:
0c:b1:32:fc:2e:b2:fe:87:6b:24:40:a8:f0:ea:58:
54:2d:38:53:e9:de:02:03:0b:af:3b:51:ea:08:74:
c6:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:08:C8:40:2B:15:83:AF:07:27:53:7A:61:C4:62:3F:7C:69:E8:92
X509v3 Authority Key Identifier:
keyid:7D:EA:B7:71:D6:6B:17:B0:EE:87:2E:91:F1:8D:3C:5A:16:C2:2F:B0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36C1FBF/156436D23E7B11EF81CBC680762E951A/feq3cdZrF7Duhy6R8Y08WhbCL7A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/feq3cdZrF7Duhy6R8Y08WhbCL7A.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36C1FBF/156436D23E7B11EF81CBC680762E951A/EF41E38E3F7211EFB7107E93762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.213.164.0/22
Signature Algorithm: sha256WithRSAEncryption
95:2c:b4:b5:14:4a:f3:92:d6:f9:0d:be:e4:86:ff:9a:2c:72:
53:3d:29:6c:cf:f3:f1:e5:9e:b2:ec:59:86:2a:f5:0c:6a:1a:
bd:db:44:e7:cb:17:26:fa:cb:b1:f9:2f:8f:c1:4e:e6:04:0f:
01:c0:c9:73:f4:2e:a5:21:d6:ec:d8:87:3f:10:80:de:88:b4:
fc:f5:a6:81:8c:ed:af:7c:aa:f6:54:03:d3:c5:0f:84:c7:34:
1e:73:6f:26:91:b0:ab:23:53:58:fc:fa:15:54:3f:10:49:0f:
35:bc:83:ef:1c:b7:94:08:d0:b8:f1:8e:cd:79:40:ec:ed:be:
d9:9c:17:5c:eb:ba:aa:1d:b8:51:83:81:7b:22:53:d1:5f:2d:
ec:98:c0:73:b2:bd:92:9b:d0:38:97:0c:91:8b:47:ce:a0:85:
60:5b:09:9e:3f:52:51:d2:0a:65:c6:f8:f2:73:1f:e8:73:1e:
2d:7f:58:a3:46:cc:b6:b2:3d:85:88:7c:54:77:9c:4c:23:90:
09:6a:e7:7e:29:c8:7c:f8:d3:3c:bb:ea:fe:41:d5:12:15:25:
a5:83:aa:25:c7:0e:d2:bf:fe:57:1c:49:c3:6b:20:d1:8c:4e:
13:88:be:80:d6:05:fa:d4:db:0b:c6:3c:60:dc:b1:58:5f:0f:
f7:f3:b4:ff
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBBTANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZD
MUZCRkFGMTEwLwYDVQQFEyg3REVBQjc3MUQ2NkIxN0IwRUU4NzJFOTFGMThEM0M1
QTE2QzIyRkIwMB4XDTI0MDcxMTEwNDcxMVoXDTM0MTIzMTEwNDcxMVowGDEWMBQG
A1UEAxMNNjY4ZmI4MzItNWFlMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOMdPvfLal7nhZWiCL3WpA8oCHFvwb8zr+PSC2ADUrok7Kc92DpI2P12SFbc
T3uG8FzJBvFiFHGcNhdIKy/3xFp7WLf40H43MhK3XIpbh7DP0ihpyuMOgnN1VMlC
gebPufrDA8Q30yGYcNoyuPWG2MQqcYgTQptJ0dJ+3a1jeQmZanXVpIQDAuoJ3iMy
I/GuxBFONtIoiPWqbP5p7LE1weEtmBQLDyB2Q2CW6c78VuZWIOOSjLrpcMABMK1o
iN4eIPB02OQK+7Cqi3SO5RqVHZ5MEJ9DePGBVLGIGuf71+9TDLEy/C6y/odrJECo
8OpYVC04U+neAgMLrztR6gh0xosCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBScCMhA
KxWDrwcnU3phxGI/fGnokjAfBgNVHSMEGDAWgBR96rdx1msXsO6HLpHxjTxaFsIv
sDAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2QzFGQkYvMTU2NDM2RDIzRTdCMTFFRjgxQ0JDNjgwNzYyRTk1MUEvZmVxM2Nk
WnJGN0R1aHk2UjhZMDhXaGJDTDdBLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvZmVxM2NkWnJGN0R1aHk2UjhZMDhXaGJDTDdBLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2QzFGQkYvMTU2NDM2RDIzRTdCMTFFRjgxQ0JDNjgwNzYy
RTk1MUEvRUY0MUUzOEUzRjcyMTFFRkI3MTA3RTkzNzYyRTk1MUEucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAmbVpDANBgkqhkiG9w0BAQsF
AAOCAQEAlSy0tRRK85LW+Q2+5Ib/mixyUz0pbM/z8eWesuxZhir1DGoavdtE58sX
JvrLsfkvj8FO5gQPAcDJc/QupSHW7NiHPxCA3oi0/PWmgYztr3yq9lQD08UPhMc0
HnNvJpGwqyNTWPz6FVQ/EEkPNbyD7xy3lAjQuPGOzXlA7O2+2ZwXXOu6qh24UYOB
eyJT0V8t7JjAc7K9kpvQOJcMkYtHzqCFYFsJnj9SUdIKZcb48nMf6HMeLX9Yo0bM
trI9hYh8VHecTCOQCWrnfinIfPjTPLvq/kHVEhUlpYOqJccO0r/+VxxJw2sg0YxO
E4i+gNYF+tTbC8Y8YNyxWF8P9/O0/w==
-----END CERTIFICATE-----
Generated at Thu Oct 24 06:47:50 2024 by rpki-client on console-fra.rpki-client.org