Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36C3A58/1B78C60CA8BF11EEBB3CA855775412E6/6E7B5E40A8C011EE9F31D957775412E6.roa
File: 6E7B5E40A8C011EE9F31D957775412E6.roa (raw, json)
Hash identifier: wWJOUD9iMYA0OeY1jJDjGJBB4uB4f2t6S1oRDngjVnE=
Subject key identifier: A6:A5:BD:FF:7E:AC:10:B3:AF:BC:8A:5E:13:8A:65:58:59:9B:07:5B
Certificate issuer: /CN=F36C3A58AF/serialNumber=E15F50DDD28E02FD6E6966D5918D1B0BBF4684E8
Certificate serial: 02
Authority key identifier: E1:5F:50:DD:D2:8E:02:FD:6E:69:66:D5:91:8D:1B:0B:BF:46:84:E8
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/4V9Q3dKOAv1uaWbVkY0bC79GhOg.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36C3A58/1B78C60CA8BF11EEBB3CA855775412E6/6E7B5E40A8C011EE9F31D957775412E6.roa
Signing time: Mon 01 Jan 2024 16:11:34 +0000
ROA not before: Mon 01 Jan 2024 16:11:29 +0000
ROA not after: Wed 01 Jan 2025 16:11:29 +0000
asID: 327921
IP address blocks: 102.220.141.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36C3A58/1B78C60CA8BF11EEBB3CA855775412E6/4V9Q3dKOAv1uaWbVkY0bC79GhOg.crl
rsync://rpki.afrinic.net/repository/member_repository/F36C3A58/1B78C60CA8BF11EEBB3CA855775412E6/4V9Q3dKOAv1uaWbVkY0bC79GhOg.mft
rsync://rpki.afrinic.net/repository/afrinic/4V9Q3dKOAv1uaWbVkY0bC79GhOg.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 03 Jun 2024 00:05:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36C3A58AF/serialNumber=E15F50DDD28E02FD6E6966D5918D1B0BBF4684E8
Validity
Not Before: Jan 1 16:11:29 2024 GMT
Not After : Jan 1 16:11:29 2025 GMT
Subject: CN=6592e435-cbf2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:67:4b:9a:b7:65:29:1a:98:49:a9:98:04:1d:
46:1a:5b:eb:bc:1c:6e:91:6d:66:3a:bb:df:db:c5:
e4:a8:8b:23:dd:71:ce:ff:2c:c9:39:ef:25:af:09:
3f:30:12:28:12:f0:77:91:cc:99:59:cb:79:9d:37:
d7:06:e4:93:5d:da:54:17:0b:a2:6c:b2:27:ca:54:
26:75:89:cb:51:32:a1:f2:d1:99:80:b9:2f:f1:b3:
ba:7e:72:b2:4b:87:73:5a:d3:cd:44:47:4c:44:72:
c3:0b:5d:6b:0e:cc:e4:c9:1e:59:aa:5d:e0:ba:ac:
e8:ac:c9:b8:08:af:08:1b:98:ac:42:ef:17:ef:1b:
db:ef:9e:f0:3d:9e:09:09:f1:05:54:e3:52:92:a7:
f4:d9:d6:52:ee:ac:49:76:8a:12:0d:e0:3a:cd:f1:
98:40:83:9d:6b:11:fb:5a:e1:16:1f:cf:1d:f7:77:
0f:45:cd:fd:63:9c:7f:36:14:66:c7:a3:ae:ba:d3:
ca:48:a9:40:c4:24:45:cf:9e:97:c7:cb:ca:58:cf:
74:c3:a4:6e:8f:e6:2b:30:55:b6:22:c5:d5:bc:50:
79:86:a5:cc:60:7c:b5:15:a3:eb:f6:0f:2c:ac:9e:
d6:b7:57:a2:22:fd:63:ef:28:c0:83:ec:87:a6:09:
5c:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:A5:BD:FF:7E:AC:10:B3:AF:BC:8A:5E:13:8A:65:58:59:9B:07:5B
X509v3 Authority Key Identifier:
keyid:E1:5F:50:DD:D2:8E:02:FD:6E:69:66:D5:91:8D:1B:0B:BF:46:84:E8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36C3A58/1B78C60CA8BF11EEBB3CA855775412E6/4V9Q3dKOAv1uaWbVkY0bC79GhOg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/4V9Q3dKOAv1uaWbVkY0bC79GhOg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36C3A58/1B78C60CA8BF11EEBB3CA855775412E6/6E7B5E40A8C011EE9F31D957775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.220.141.0/24
Signature Algorithm: sha256WithRSAEncryption
9f:a3:ba:c2:42:2e:1d:d8:12:05:87:bf:f4:29:d7:78:9f:53:
c6:66:fd:2d:f6:a2:f3:bf:82:a9:8d:d4:f4:55:5d:d1:87:d0:
82:0d:76:12:5b:5b:51:d0:50:33:d1:3c:f0:a8:a3:31:77:f3:
cd:be:a8:7c:6b:59:82:70:28:5c:45:54:c2:40:9f:62:59:4c:
6b:f8:b8:a7:00:e5:70:3d:f9:e1:a2:a5:11:4f:55:69:26:06:
c3:2b:51:3b:61:15:48:6b:2f:2f:a6:6a:86:48:df:ac:c6:e3:
78:fa:10:58:c1:27:bd:8c:53:be:25:4d:4b:e7:1e:0f:0e:11:
2f:3d:d9:8e:bc:03:3d:6b:c0:f2:4f:70:5b:0e:2a:3d:1b:37:
39:df:3a:6e:68:d3:d6:ef:38:1c:20:01:7c:be:53:5c:90:c4:
4c:d4:e5:55:12:95:8f:12:af:a1:97:41:77:f4:81:a9:da:d1:
cc:1a:d2:35:f8:44:48:40:fc:5e:27:34:09:1b:a2:1e:4e:63:
79:ea:26:6a:98:24:46:47:9d:cf:89:05:f4:88:11:a8:0a:59:
05:69:5c:7b:21:19:d4:a7:41:7e:13:15:ff:df:33:6d:27:55:
3a:ae:92:da:34:d9:60:28:e7:e5:f1:79:91:d4:fe:44:49:17:
49:8c:7c:f2
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZD
M0E1OEFGMTEwLwYDVQQFEyhFMTVGNTBEREQyOEUwMkZENkU2OTY2RDU5MThEMUIw
QkJGNDY4NEU4MB4XDTI0MDEwMTE2MTEyOVoXDTI1MDEwMTE2MTEyOVowGDEWMBQG
A1UEAxMNNjU5MmU0MzUtY2JmMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL5nS5q3ZSkamEmpmAQdRhpb67wcbpFtZjq739vF5KiLI91xzv8syTnvJa8J
PzASKBLwd5HMmVnLeZ031wbkk13aVBcLomyyJ8pUJnWJy1EyofLRmYC5L/Gzun5y
skuHc1rTzURHTERywwtdaw7M5MkeWapd4Lqs6KzJuAivCBuYrELvF+8b2++e8D2e
CQnxBVTjUpKn9NnWUu6sSXaKEg3gOs3xmECDnWsR+1rhFh/PHfd3D0XN/WOcfzYU
ZsejrrrTykipQMQkRc+el8fLyljPdMOkbo/mKzBVtiLF1bxQeYalzGB8tRWj6/YP
LKye1rdXoiL9Y+8owIPsh6YJXN0CAwEAAaOCAqUwggKhMB0GA1UdDgQWBBSmpb3/
fqwQs6+8il4TimVYWZsHWzAfBgNVHSMEGDAWgBThX1Dd0o4C/W5pZtWRjRsLv0aE
6DAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2QzNBNTgvMUI3OEM2MENBOEJGMTFFRUJCM0NBODU1Nzc1NDEyRTYvNFY5UTNk
S09BdjF1YVdiVmtZMGJDNzlHaE9nLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvNFY5UTNkS09BdjF1YVdiVmtZMGJDNzlHaE9nLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2QzNBNTgvMUI3OEM2MENBOEJGMTFFRUJCM0NBODU1Nzc1
NDEyRTYvNkU3QjVFNDBBOEMwMTFFRTlGMzFEOTU3Nzc1NDEyRTYucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAGbcjTANBgkqhkiG9w0BAQsF
AAOCAQEAn6O6wkIuHdgSBYe/9CnXeJ9Txmb9Lfai87+CqY3U9FVd0YfQgg12Eltb
UdBQM9E88KijMXfzzb6ofGtZgnAoXEVUwkCfYllMa/i4pwDlcD354aKlEU9VaSYG
wytRO2EVSGsvL6ZqhkjfrMbjePoQWMEnvYxTviVNS+ceDw4RLz3ZjrwDPWvA8k9w
Ww4qPRs3Od86bmjT1u84HCABfL5TXJDETNTlVRKVjxKvoZdBd/SBqdrRzBrSNfhE
SED8Xic0CRuiHk5jeeomapgkRkedz4kF9IgRqApZBWlceyEZ1KdBfhMV/98zbSdV
Oq6S2jTZYCjn5fF5kdT+REkXSYx88g==
-----END CERTIFICATE-----
Generated at Sat Jun 1 04:58:59 2024 by rpki-client on console-fra.rpki-client.org