Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36C2BF2/DABAB87E19EC11EFBCBF5E2C017001B1/BF6D84E41C4811EF92649B307DDC24C2.roa
File: BF6D84E41C4811EF92649B307DDC24C2.roa (raw, json)
Hash identifier: Jbh8WY5UNAzz+osRgcagPYaVf8dyK5RVLpOyRMHMYas=
Subject key identifier: 92:75:AF:2C:A8:3C:10:7E:C9:A6:55:F2:4E:6A:70:E5:26:2E:E6:89
Certificate issuer: /CN=F36C2BF2AF/serialNumber=FB85E08E5DBB05C95B7BD0DA7E5FE6FCE39826FF
Certificate serial: 09
Authority key identifier: FB:85:E0:8E:5D:BB:05:C9:5B:7B:D0:DA:7E:5F:E6:FC:E3:98:26:FF
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/-4Xgjl27Bclbe9Dafl_m_OOYJv8.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36C2BF2/DABAB87E19EC11EFBCBF5E2C017001B1/BF6D84E41C4811EF92649B307DDC24C2.roa
Signing time: Mon 27 May 2024 16:47:05 +0000
ROA not before: Tue 28 May 2024 16:47:01 +0000
ROA not after: Thu 28 May 2026 16:47:01 +0000
asID: 37517
IP address blocks: 102.211.8.0/22 maxlen: 23
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36C2BF2/DABAB87E19EC11EFBCBF5E2C017001B1/-4Xgjl27Bclbe9Dafl_m_OOYJv8.crl
rsync://rpki.afrinic.net/repository/member_repository/F36C2BF2/DABAB87E19EC11EFBCBF5E2C017001B1/-4Xgjl27Bclbe9Dafl_m_OOYJv8.mft
rsync://rpki.afrinic.net/repository/afrinic/-4Xgjl27Bclbe9Dafl_m_OOYJv8.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 21 Sep 2024 00:05:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9 (0x9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36C2BF2AF/serialNumber=FB85E08E5DBB05C95B7BD0DA7E5FE6FCE39826FF
Validity
Not Before: May 28 16:47:01 2024 GMT
Not After : May 28 16:47:01 2026 GMT
Subject: CN=6654b909-8e92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:16:41:3f:4d:29:5d:8f:42:97:c0:30:b1:80:
2f:9f:14:fa:52:e7:e7:bb:66:4b:36:62:dc:e7:30:
3a:08:7e:72:93:b7:50:76:06:3f:23:36:bd:1a:75:
8e:d4:23:5d:4f:82:a8:d4:85:83:e9:f6:09:73:db:
a3:9d:61:0a:58:0e:32:97:44:02:00:54:5f:42:2b:
84:bf:48:ef:81:02:0f:f3:15:5d:18:05:ed:69:fa:
56:3a:41:80:d3:97:81:90:c2:5f:c6:ae:46:a4:6f:
44:7e:45:66:73:e6:d1:ad:4f:49:31:17:2a:cc:84:
c6:de:c6:ea:1a:46:80:0b:87:a8:1b:6e:4c:49:e3:
70:71:95:17:ac:d2:f0:18:20:ba:86:59:2e:cf:7f:
0d:bb:ed:f4:5b:60:67:c2:a7:8a:e7:8e:70:41:46:
28:4e:46:84:8e:8d:0f:fa:d8:ad:f6:2c:1c:a2:79:
ea:94:c3:72:37:61:26:b6:48:19:a1:0f:bf:d5:49:
0d:58:f5:69:13:a0:dc:25:15:ac:b4:49:26:37:63:
a4:12:0b:08:35:35:3c:99:7d:c9:84:44:4a:75:54:
3f:bb:8a:65:e4:b2:f9:a5:e4:aa:bc:4f:b8:13:8d:
11:11:be:8e:ca:21:f3:04:c0:75:5d:3f:59:e0:b8:
63:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:75:AF:2C:A8:3C:10:7E:C9:A6:55:F2:4E:6A:70:E5:26:2E:E6:89
X509v3 Authority Key Identifier:
keyid:FB:85:E0:8E:5D:BB:05:C9:5B:7B:D0:DA:7E:5F:E6:FC:E3:98:26:FF
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36C2BF2/DABAB87E19EC11EFBCBF5E2C017001B1/-4Xgjl27Bclbe9Dafl_m_OOYJv8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/-4Xgjl27Bclbe9Dafl_m_OOYJv8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36C2BF2/DABAB87E19EC11EFBCBF5E2C017001B1/BF6D84E41C4811EF92649B307DDC24C2.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.211.8.0/22
Signature Algorithm: sha256WithRSAEncryption
7d:ea:30:50:48:e3:41:19:35:23:59:e4:37:7c:55:b1:4d:df:
6f:ec:11:d3:7e:01:c0:8b:c6:3e:53:cc:bf:25:77:01:39:4a:
70:ad:c0:ed:f1:2f:e1:3e:d7:06:1b:cd:fa:31:a2:3c:a6:c5:
ed:87:85:35:3d:a8:f0:82:31:06:a3:f4:5a:5e:51:49:e5:43:
98:2a:99:33:89:90:bb:43:82:f3:0c:02:0b:82:56:11:f5:10:
fd:ad:77:90:eb:f0:93:b1:f3:5f:7d:0b:0a:02:e3:3e:36:42:
43:c6:11:33:5a:3c:80:79:0b:cf:5b:93:24:2b:c9:4e:cc:28:
8f:9b:64:4e:42:a2:8b:32:14:ca:c7:b4:0d:76:1c:ad:5f:7c:
f0:47:46:63:67:5c:77:2b:2d:5d:54:ab:12:66:ec:41:00:8d:
a4:83:85:74:7d:19:19:43:3a:e5:4c:45:e1:35:32:d3:db:aa:
cc:25:f8:bf:85:2d:34:d9:2d:99:00:85:e3:38:b5:13:90:6b:
dd:af:b0:ff:9f:41:a8:d5:d1:f5:89:53:2c:8e:ee:24:20:98:
b7:df:3c:b5:10:72:e4:08:01:f1:3d:5b:e9:d5:7c:88:09:72:
2a:a1:a3:03:10:af:5b:83:2d:9d:8d:4b:6f:19:44:64:4e:4a:
4d:8d:7f:bb
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBCTANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZD
MkJGMkFGMTEwLwYDVQQFEyhGQjg1RTA4RTVEQkIwNUM5NUI3QkQwREE3RTVGRTZG
Q0UzOTgyNkZGMB4XDTI0MDUyODE2NDcwMVoXDTI2MDUyODE2NDcwMVowGDEWMBQG
A1UEAxMNNjY1NGI5MDktOGU5MjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOYWQT9NKV2PQpfAMLGAL58U+lLn57tmSzZi3OcwOgh+cpO3UHYGPyM2vRp1
jtQjXU+CqNSFg+n2CXPbo51hClgOMpdEAgBUX0IrhL9I74ECD/MVXRgF7Wn6VjpB
gNOXgZDCX8auRqRvRH5FZnPm0a1PSTEXKsyExt7G6hpGgAuHqBtuTEnjcHGVF6zS
8BgguoZZLs9/Dbvt9FtgZ8KniueOcEFGKE5GhI6ND/rYrfYsHKJ56pTDcjdhJrZI
GaEPv9VJDVj1aROg3CUVrLRJJjdjpBILCDU1PJl9yYRESnVUP7uKZeSy+aXkqrxP
uBONERG+jsoh8wTAdV0/WeC4Y3ECAwEAAaOCAqUwggKhMB0GA1UdDgQWBBSSda8s
qDwQfsmmVfJOanDlJi7miTAfBgNVHSMEGDAWgBT7heCOXbsFyVt70Np+X+b845gm
/zAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2QzJCRjIvREFCQUI4N0UxOUVDMTFFRkJDQkY1RTJDMDE3MDAxQjEvLTRYZ2ps
MjdCY2xiZTlEYWZsX21fT09ZSnY4LmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvLTRYZ2psMjdCY2xiZTlEYWZsX21fT09ZSnY4LmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2QzJCRjIvREFCQUI4N0UxOUVDMTFFRkJDQkY1RTJDMDE3
MDAxQjEvQkY2RDg0RTQxQzQ4MTFFRjkyNjQ5QjMwN0REQzI0QzIucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAmbTCDANBgkqhkiG9w0BAQsF
AAOCAQEAfeowUEjjQRk1I1nkN3xVsU3fb+wR034BwIvGPlPMvyV3ATlKcK3A7fEv
4T7XBhvN+jGiPKbF7YeFNT2o8IIxBqP0Wl5RSeVDmCqZM4mQu0OC8wwCC4JWEfUQ
/a13kOvwk7HzX30LCgLjPjZCQ8YRM1o8gHkLz1uTJCvJTswoj5tkTkKiizIUyse0
DXYcrV988EdGY2dcdystXVSrEmbsQQCNpIOFdH0ZGUM65UxF4TUy09uqzCX4v4Ut
NNktmQCF4zi1E5Br3a+w/59BqNXR9YlTLI7uJCCYt988tRBy5AgB8T1b6dV8iAly
KqGjAxCvW4MtnY1LbxlEZE5KTY1/uw==
-----END CERTIFICATE-----
Generated at Thu Sep 19 03:59:26 2024 by rpki-client on console-fra.rpki-client.org