Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36C3A58/1B78C60CA8BF11EEBB3CA855775412E6/593B925C596E11EFAD90467E762E951A.roa
File: 593B925C596E11EFAD90467E762E951A.roa (raw, json)
Hash identifier: Z5CYZ2IOfV8aBkJsq9QO/61cXj1PNQGbmsacp+Lx38Y=
Subject key identifier: 62:1D:2B:43:DA:F5:CD:AE:78:52:FA:0F:7C:22:97:72:CB:2A:1E:9C
Certificate issuer: /CN=F36C3A58AF/serialNumber=E15F50DDD28E02FD6E6966D5918D1B0BBF4684E8
Certificate serial: 0100
Authority key identifier: E1:5F:50:DD:D2:8E:02:FD:6E:69:66:D5:91:8D:1B:0B:BF:46:84:E8
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/4V9Q3dKOAv1uaWbVkY0bC79GhOg.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36C3A58/1B78C60CA8BF11EEBB3CA855775412E6/593B925C596E11EFAD90467E762E951A.roa
Signing time: Tue 13 Aug 2024 12:19:55 +0000
ROA not before: Tue 13 Aug 2024 12:19:50 +0000
ROA not after: Sat 01 Aug 2026 12:19:50 +0000
asID: 21003
IP address blocks: 102.220.142.0/24 maxlen: 24
102.220.143.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36C3A58/1B78C60CA8BF11EEBB3CA855775412E6/4V9Q3dKOAv1uaWbVkY0bC79GhOg.crl
rsync://rpki.afrinic.net/repository/member_repository/F36C3A58/1B78C60CA8BF11EEBB3CA855775412E6/4V9Q3dKOAv1uaWbVkY0bC79GhOg.mft
rsync://rpki.afrinic.net/repository/afrinic/4V9Q3dKOAv1uaWbVkY0bC79GhOg.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 256 (0x100)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36C3A58AF/serialNumber=E15F50DDD28E02FD6E6966D5918D1B0BBF4684E8
Validity
Not Before: Aug 13 12:19:50 2024 GMT
Not After : Aug 1 12:19:50 2026 GMT
Subject: CN=66bb4f6b-eec0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:ac:fc:75:e0:23:9f:1a:31:1f:19:7a:6d:ef:
f3:a9:f0:f5:b5:49:44:3b:06:f6:91:f0:cd:74:bd:
4a:13:ef:db:0a:a7:6c:4c:d6:44:46:32:93:96:db:
84:bc:f4:4a:99:9d:19:9c:4c:10:79:09:96:ce:51:
00:85:53:2b:0b:20:fb:66:22:3a:95:22:d3:0e:a9:
20:75:24:9c:66:24:3c:2b:ca:ea:a6:a7:ad:50:9d:
82:39:25:43:1d:91:20:58:85:a5:ee:0c:3d:66:2e:
80:04:26:fb:3d:51:52:37:c0:f4:a1:51:67:79:85:
d6:1b:96:93:53:b2:20:76:cb:25:4f:a3:ed:cb:c0:
8b:16:4d:7b:ec:a8:48:5c:92:2d:6b:cd:f9:6a:37:
c3:22:af:ed:27:67:52:4f:de:1e:2e:36:56:9b:fa:
22:e4:7f:75:b2:3c:a0:c1:07:ad:69:72:45:df:21:
0e:6b:bd:00:c4:00:5e:5f:d3:93:92:82:15:0b:57:
5e:4a:1d:ff:74:0c:98:dc:e2:33:37:5a:a8:20:fd:
c1:a0:e0:12:6a:ba:38:94:93:c7:39:b3:4e:ba:2b:
35:7f:f3:d4:65:63:80:bf:46:72:89:79:d0:6f:76:
0b:df:db:65:82:28:eb:71:e5:1d:c7:e5:18:44:14:
69:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:1D:2B:43:DA:F5:CD:AE:78:52:FA:0F:7C:22:97:72:CB:2A:1E:9C
X509v3 Authority Key Identifier:
keyid:E1:5F:50:DD:D2:8E:02:FD:6E:69:66:D5:91:8D:1B:0B:BF:46:84:E8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36C3A58/1B78C60CA8BF11EEBB3CA855775412E6/4V9Q3dKOAv1uaWbVkY0bC79GhOg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/4V9Q3dKOAv1uaWbVkY0bC79GhOg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36C3A58/1B78C60CA8BF11EEBB3CA855775412E6/593B925C596E11EFAD90467E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.220.142.0/23
Signature Algorithm: sha256WithRSAEncryption
49:e2:ca:c8:79:43:3b:a8:66:87:44:9d:f2:f8:4c:eb:d4:0c:
f2:e9:a9:76:cd:25:5b:ad:f9:a4:89:b9:60:06:36:96:81:93:
45:8c:53:ab:12:a4:d6:94:a7:f9:8e:7a:a2:6a:6d:ee:91:52:
6b:a0:2e:3d:65:16:da:20:c0:91:ad:dd:0c:7e:b5:68:91:ce:
47:04:a9:17:bc:94:ac:95:70:f9:13:ce:4b:e8:f6:94:18:12:
76:53:ba:a0:88:70:ef:9f:68:cc:b7:3f:ce:8c:0b:f8:c1:1f:
ae:ed:b4:17:fa:c8:84:c1:ab:34:33:f4:e5:df:e9:27:b6:d0:
fe:79:fc:04:d5:29:df:f3:97:f4:3b:3a:26:b3:e3:06:c4:78:
40:8b:7e:06:02:11:9d:c5:d9:cc:d3:52:af:8c:a5:c8:76:48:
5f:8a:ff:1a:e4:e0:3d:51:23:8b:b0:05:5f:a5:dd:93:72:88:
54:c8:7d:3f:63:4a:78:39:f6:23:9f:7e:ee:53:ce:57:bd:60:
ce:be:ee:88:2b:e2:67:13:8a:45:21:fe:4e:fe:dd:e9:3f:b5:
28:43:a2:5b:04:75:e9:85:c9:22:0e:88:a0:a2:9b:7a:8e:fd:
52:6b:c8:f7:ca:83:2b:46:c3:15:45:50:88:88:9c:4b:e8:d9:
df:5a:37:4c
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICAQAwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
QzNBNThBRjExMC8GA1UEBRMoRTE1RjUwREREMjhFMDJGRDZFNjk2NkQ1OTE4RDFC
MEJCRjQ2ODRFODAeFw0yNDA4MTMxMjE5NTBaFw0yNjA4MDExMjE5NTBaMBgxFjAU
BgNVBAMTDTY2YmI0ZjZiLWVlYzAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDtrPx14COfGjEfGXpt7/Op8PW1SUQ7BvaR8M10vUoT79sKp2xM1kRGMpOW
24S89EqZnRmcTBB5CZbOUQCFUysLIPtmIjqVItMOqSB1JJxmJDwryuqmp61QnYI5
JUMdkSBYhaXuDD1mLoAEJvs9UVI3wPShUWd5hdYblpNTsiB2yyVPo+3LwIsWTXvs
qEhcki1rzflqN8Mir+0nZ1JP3h4uNlab+iLkf3WyPKDBB61pckXfIQ5rvQDEAF5f
05OSghULV15KHf90DJjc4jM3Wqgg/cGg4BJqujiUk8c5s066KzV/89RlY4C/RnKJ
edBvdgvf22WCKOtx5R3H5RhEFGlFAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUYh0r
Q9r1za54UvoPfCKXcssqHpwwHwYDVR0jBBgwFoAU4V9Q3dKOAv1uaWbVkY0bC79G
hOgwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkMzQTU4LzFCNzhDNjBDQThCRjExRUVCQjNDQTg1NTc3NTQxMkU2LzRWOVEz
ZEtPQXYxdWFXYlZrWTBiQzc5R2hPZy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljLzRWOVEzZEtPQXYxdWFXYlZrWTBiQzc5R2hPZy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkMzQTU4LzFCNzhDNjBDQThCRjExRUVCQjNDQTg1NTc3
NTQxMkU2LzU5M0I5MjVDNTk2RTExRUZBRDkwNDY3RTc2MkU5NTFBLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAFm3I4wDQYJKoZIhvcNAQEL
BQADggEBAEniysh5QzuoZodEnfL4TOvUDPLpqXbNJVut+aSJuWAGNpaBk0WMU6sS
pNaUp/mOeqJqbe6RUmugLj1lFtogwJGt3Qx+tWiRzkcEqRe8lKyVcPkTzkvo9pQY
EnZTuqCIcO+faMy3P86MC/jBH67ttBf6yITBqzQz9OXf6Se20P55/ATVKd/zl/Q7
Oiaz4wbEeECLfgYCEZ3F2czTUq+Mpch2SF+K/xrk4D1RI4uwBV+l3ZNyiFTIfT9j
Sng59iOffu5Tzle9YM6+7ogr4mcTikUh/k7+3ek/tShDolsEdemFySIOiKCim3qO
/VJryPfKgytGwxVFUIiInEvo2d9aN0w=
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:05:23 2024 by rpki-client on console-ams.rpki-client.org