Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36C4A3B/4FAFFDAEA48D11EE88CB8763D25BE465/B4ABD18CA48E11EEB808FE65D25BE465.roa
File: B4ABD18CA48E11EEB808FE65D25BE465.roa (raw, json)
Hash identifier: S5XSL+t01DymTgJeqFWNkxH4TrI/NWZhOLYNwLD+7Qs=
Subject key identifier: 3A:61:36:57:2A:09:67:5E:89:EE:CF:6E:33:B6:7E:88:0B:00:7B:89
Certificate issuer: /CN=F36C4A3BAF/serialNumber=CEBE99EEB0BE3CE8DB19BA44766CA3E3C807A989
Certificate serial: 03
Authority key identifier: CE:BE:99:EE:B0:BE:3C:E8:DB:19:BA:44:76:6C:A3:E3:C8:07:A9:89
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/zr6Z7rC-POjbGbpEdmyj48gHqYk.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36C4A3B/4FAFFDAEA48D11EE88CB8763D25BE465/B4ABD18CA48E11EEB808FE65D25BE465.roa
Signing time: Wed 27 Dec 2023 08:05:32 +0000
ROA not before: Wed 27 Dec 2023 08:05:28 +0000
ROA not after: Thu 31 Dec 2043 08:05:28 +0000
asID: 328728
IP address blocks: 102.222.25.0/24 maxlen: 24
2c0f:5140::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36C4A3B/4FAFFDAEA48D11EE88CB8763D25BE465/zr6Z7rC-POjbGbpEdmyj48gHqYk.crl
rsync://rpki.afrinic.net/repository/member_repository/F36C4A3B/4FAFFDAEA48D11EE88CB8763D25BE465/zr6Z7rC-POjbGbpEdmyj48gHqYk.mft
rsync://rpki.afrinic.net/repository/afrinic/zr6Z7rC-POjbGbpEdmyj48gHqYk.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3 (0x3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36C4A3BAF/serialNumber=CEBE99EEB0BE3CE8DB19BA44766CA3E3C807A989
Validity
Not Before: Dec 27 08:05:28 2023 GMT
Not After : Dec 31 08:05:28 2043 GMT
Subject: CN=658bdacc-ef06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:6d:22:77:65:21:83:fa:e0:cb:da:f4:ce:e1:
e2:75:44:c7:6b:07:fa:51:d2:68:d2:18:88:06:43:
f4:4d:51:62:c9:17:c7:3e:65:fb:e3:f6:c3:8b:e8:
fa:58:81:77:ae:ca:27:a1:6f:8f:fe:f0:58:57:68:
17:81:49:22:b2:8d:1d:2d:a9:49:e6:10:f4:1f:24:
5c:91:58:b6:ab:58:2a:5c:7a:83:de:dc:cd:5e:dd:
37:43:3f:6e:5b:ce:2c:38:32:9a:c1:6b:fc:f8:19:
ce:4c:cd:a4:e1:60:b6:34:c8:e4:68:c9:18:29:55:
9b:bc:9c:a9:f0:d5:e0:39:0c:a1:fa:93:50:6b:ea:
32:1f:48:b2:68:7d:c5:c0:f5:e6:f1:cb:7a:1f:b3:
99:11:c4:25:8b:30:13:8a:cd:bd:33:0a:0a:a4:55:
87:d3:4a:73:94:12:95:2e:42:c0:32:4a:e9:3c:cd:
78:b8:d9:8d:72:cf:a8:7a:e5:bc:38:0e:ff:03:29:
0f:8b:ef:fe:6e:da:ba:5f:66:2e:d8:f8:8a:34:c3:
e6:12:cf:9c:9b:a2:46:be:19:4b:a5:1a:24:36:14:
21:02:2b:ae:cb:da:b0:eb:3d:c2:26:cc:43:1b:22:
56:13:0a:ac:e2:f4:62:2c:87:2e:67:35:fe:2c:d9:
8d:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:61:36:57:2A:09:67:5E:89:EE:CF:6E:33:B6:7E:88:0B:00:7B:89
X509v3 Authority Key Identifier:
keyid:CE:BE:99:EE:B0:BE:3C:E8:DB:19:BA:44:76:6C:A3:E3:C8:07:A9:89
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36C4A3B/4FAFFDAEA48D11EE88CB8763D25BE465/zr6Z7rC-POjbGbpEdmyj48gHqYk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/zr6Z7rC-POjbGbpEdmyj48gHqYk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36C4A3B/4FAFFDAEA48D11EE88CB8763D25BE465/B4ABD18CA48E11EEB808FE65D25BE465.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.222.25.0/24
IPv6:
2c0f:5140::/32
Signature Algorithm: sha256WithRSAEncryption
76:d7:3f:79:48:b3:58:83:ca:f3:20:85:f2:cd:71:2d:6e:c6:
cf:6e:a1:2f:52:85:39:a9:e9:c7:c3:d1:44:ba:35:e4:21:69:
6b:d6:d6:d2:a0:25:55:2d:52:78:ff:15:a6:df:bb:ad:f0:27:
44:aa:bd:68:0a:33:15:88:24:1e:dd:63:30:23:da:42:df:36:
14:5e:cb:cc:09:71:87:c6:1f:6b:61:b3:8c:a7:e5:e8:d1:0f:
83:0a:23:f2:c4:76:55:a4:8d:e9:d7:bf:96:93:ca:be:6b:49:
bc:02:53:51:2b:ab:b2:44:46:e9:58:7e:04:f8:cb:99:a7:2b:
40:d4:28:d2:54:36:2a:a0:bf:52:7f:31:63:5a:30:c1:71:f6:
a8:de:b8:95:c7:d3:b4:b3:fe:fd:f6:8a:51:57:91:43:d2:d7:
79:0c:cb:5d:80:57:c5:57:3f:5a:b5:a5:a4:dd:fc:ad:eb:bd:
f8:20:eb:44:77:85:d7:30:51:0b:03:8a:bb:9f:34:e8:fd:c3:
7c:08:f0:12:d6:e3:d5:eb:0a:01:f3:2a:40:d9:30:96:72:71:
4f:c9:49:55:c2:d6:aa:74:6f:06:73:1d:1a:3b:9b:5d:8b:82:
d9:ee:53:bb:8b:3b:6e:b0:e5:4b:f1:fc:cf:65:0e:10:56:7a:
48:37:77:fa
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgIBAzANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZD
NEEzQkFGMTEwLwYDVQQFEyhDRUJFOTlFRUIwQkUzQ0U4REIxOUJBNDQ3NjZDQTNF
M0M4MDdBOTg5MB4XDTIzMTIyNzA4MDUyOFoXDTQzMTIzMTA4MDUyOFowGDEWMBQG
A1UEAxMNNjU4YmRhY2MtZWYwNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK1tIndlIYP64Mva9M7h4nVEx2sH+lHSaNIYiAZD9E1RYskXxz5l++P2w4vo
+liBd67KJ6Fvj/7wWFdoF4FJIrKNHS2pSeYQ9B8kXJFYtqtYKlx6g97czV7dN0M/
blvOLDgymsFr/PgZzkzNpOFgtjTI5GjJGClVm7ycqfDV4DkMofqTUGvqMh9Ismh9
xcD15vHLeh+zmRHEJYswE4rNvTMKCqRVh9NKc5QSlS5CwDJK6TzNeLjZjXLPqHrl
vDgO/wMpD4vv/m7aul9mLtj4ijTD5hLPnJuiRr4ZS6UaJDYUIQIrrsvasOs9wibM
QxsiVhMKrOL0YiyHLmc1/izZjVECAwEAAaOCArQwggKwMB0GA1UdDgQWBBQ6YTZX
KglnXonuz24ztn6ICwB7iTAfBgNVHSMEGDAWgBTOvpnusL486NsZukR2bKPjyAep
iTAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2QzRBM0IvNEZBRkZEQUVBNDhEMTFFRTg4Q0I4NzYzRDI1QkU0NjUvenI2Wjdy
Qy1QT2piR2JwRWRteWo0OGdIcVlrLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvenI2WjdyQy1QT2piR2JwRWRteWo0OGdIcVlrLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2QzRBM0IvNEZBRkZEQUVBNDhEMTFFRTg4Q0I4NzYzRDI1
QkU0NjUvQjRBQkQxOENBNDhFMTFFRUI4MDhGRTY1RDI1QkU0NjUucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAGbeGTANBAIAAjAHAwUALA9R
QDANBgkqhkiG9w0BAQsFAAOCAQEAdtc/eUizWIPK8yCF8s1xLW7Gz26hL1KFOanp
x8PRRLo15CFpa9bW0qAlVS1SeP8Vpt+7rfAnRKq9aAozFYgkHt1jMCPaQt82FF7L
zAlxh8Yfa2GzjKfl6NEPgwoj8sR2VaSN6de/lpPKvmtJvAJTUSurskRG6Vh+BPjL
macrQNQo0lQ2KqC/Un8xY1owwXH2qN64lcfTtLP+/faKUVeRQ9LXeQzLXYBXxVc/
WrWlpN38reu9+CDrRHeF1zBRCwOKu5806P3DfAjwEtbj1esKAfMqQNkwlnJxT8lJ
VcLWqnRvBnMdGjubXYuC2e5Tu4s7brDlS/H8z2UOEFZ6SDd3+g==
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:05:23 2024 by rpki-client on console-ams.rpki-client.org