Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/70EF22E2A7DE11EF833AFAA4762E951A.roa
File: 70EF22E2A7DE11EF833AFAA4762E951A.roa (raw, json)
Hash identifier: W5cqSkjqah8zoJtMIR/JtzQBRgMc8SoI3cAVe9op9sc=
Subject key identifier: 34:E8:5F:02:7B:11:F6:EF:B0:5A:91:78:5C:0D:71:AA:02:F4:2E:DA
Certificate issuer: /CN=F36C58D6AF/serialNumber=48A2F2C4AA4AEA39BE46BFE5F99C92629BBED8FC
Certificate serial: 12D7
Authority key identifier: 48:A2:F2:C4:AA:4A:EA:39:BE:46:BF:E5:F9:9C:92:62:9B:BE:D8:FC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/70EF22E2A7DE11EF833AFAA4762E951A.roa
Signing time: Thu 21 Nov 2024 07:58:49 +0000
ROA not before: Thu 21 Nov 2024 07:58:46 +0000
ROA not after: Sat 21 Nov 2026 07:58:46 +0000
asID: 151106
IP address blocks: 102.129.173.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.crl
rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.mft
rsync://rpki.afrinic.net/repository/afrinic/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4823 (0x12d7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36C58D6AF/serialNumber=48A2F2C4AA4AEA39BE46BFE5F99C92629BBED8FC
Validity
Not Before: Nov 21 07:58:46 2024 GMT
Not After : Nov 21 07:58:46 2026 GMT
Subject: CN=673ee839-ac03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:cd:90:91:59:53:4c:91:70:d2:fc:f8:16:20:
6f:e4:6a:a3:1b:ba:71:60:1d:8b:c5:70:4d:2f:1c:
88:d8:3c:02:d1:f8:d2:4f:df:97:ff:d6:0d:76:82:
32:75:6a:8f:73:c2:61:57:38:f7:61:93:b8:a8:2c:
64:34:75:e3:e4:5f:d0:76:d0:2e:a4:b1:87:a6:64:
40:3d:07:20:cb:52:b1:03:09:8f:00:ad:95:5b:ee:
14:db:4c:ad:8a:9b:c1:56:bf:af:e9:08:fa:f3:65:
48:43:d4:17:ce:96:61:cf:25:7f:56:f2:9a:8e:fc:
f6:13:5d:99:da:ac:8b:c3:74:6b:31:74:dd:71:5b:
4c:bc:86:3f:25:9a:fd:ee:13:76:de:ae:27:19:69:
3f:80:bf:a6:68:a2:84:9b:66:19:17:9d:35:25:89:
69:96:0b:db:27:20:8f:49:bb:81:f0:77:b3:e2:97:
15:58:7f:f0:8f:65:7f:1e:93:06:e4:04:77:28:28:
1d:0b:f4:bf:7c:c1:bc:f5:41:4b:de:59:12:21:0c:
81:9b:48:04:fe:8d:44:a7:8d:5f:ba:a6:f7:0d:81:
b5:b6:a9:79:a8:f4:f0:fa:b5:1d:e1:0b:10:43:8c:
1c:3c:c1:81:9a:71:c2:9d:2e:7c:e7:49:9e:c8:d7:
80:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:E8:5F:02:7B:11:F6:EF:B0:5A:91:78:5C:0D:71:AA:02:F4:2E:DA
X509v3 Authority Key Identifier:
keyid:48:A2:F2:C4:AA:4A:EA:39:BE:46:BF:E5:F9:9C:92:62:9B:BE:D8:FC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/70EF22E2A7DE11EF833AFAA4762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.129.173.0/24
Signature Algorithm: sha256WithRSAEncryption
48:be:a3:90:05:0e:ec:27:10:f5:66:2b:87:49:62:8d:db:ba:
b4:5c:0f:2c:59:9e:8c:cb:22:32:95:c6:97:67:93:c6:11:9f:
1a:82:73:1b:0c:89:22:82:75:f2:30:6a:93:77:df:f3:49:5a:
cc:9d:d0:e3:81:72:7e:ec:ab:94:f7:9a:9c:a9:83:ec:50:3f:
d8:4a:14:48:f7:c0:85:7c:39:3a:ba:c4:13:6a:f5:22:fb:a0:
df:50:35:94:da:fc:84:6f:a4:d2:76:a4:90:fe:76:bf:c8:ea:
a9:ac:c0:a0:2a:f9:9f:21:a0:39:21:fb:00:38:f9:6e:94:4d:
cc:74:81:96:48:0f:1f:74:65:c5:06:4a:71:0c:79:0b:79:bf:
ef:85:62:a3:f2:9b:dc:a3:26:7f:ff:9a:14:e8:0e:58:fa:5c:
2f:96:6a:b7:1a:16:fa:ef:11:18:d7:41:28:57:3a:ad:c4:a8:
47:1c:3a:2c:5d:ab:63:f5:67:13:a4:5f:58:2d:20:04:43:f5:
3a:9a:91:fe:ee:a9:06:ca:a2:fe:6f:15:63:aa:09:55:8d:90:
88:41:0f:9a:42:35:18:27:3a:30:4f:5d:69:5c:a6:8e:b9:10:
77:dd:7d:ac:85:77:16:8a:c7:a8:64:95:97:a5:24:13:8c:15:
bb:43:17:48
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICEtcwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
QzU4RDZBRjExMC8GA1UEBRMoNDhBMkYyQzRBQTRBRUEzOUJFNDZCRkU1Rjk5Qzky
NjI5QkJFRDhGQzAeFw0yNDExMjEwNzU4NDZaFw0yNjExMjEwNzU4NDZaMBgxFjAU
BgNVBAMTDTY3M2VlODM5LWFjMDMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDOzZCRWVNMkXDS/PgWIG/kaqMbunFgHYvFcE0vHIjYPALR+NJP35f/1g12
gjJ1ao9zwmFXOPdhk7ioLGQ0dePkX9B20C6ksYemZEA9ByDLUrEDCY8ArZVb7hTb
TK2Km8FWv6/pCPrzZUhD1BfOlmHPJX9W8pqO/PYTXZnarIvDdGsxdN1xW0y8hj8l
mv3uE3bericZaT+Av6ZoooSbZhkXnTUliWmWC9snII9Ju4Hwd7PilxVYf/CPZX8e
kwbkBHcoKB0L9L98wbz1QUveWRIhDIGbSAT+jUSnjV+6pvcNgbW2qXmo9PD6tR3h
CxBDjBw8wYGaccKdLnznSZ7I14ALAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUNOhf
AnsR9u+wWpF4XA1xqgL0LtowHwYDVR0jBBgwFoAUSKLyxKpK6jm+Rr/l+ZySYpu+
2PwwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkM1OEQ2L0Q2OUE0REZFNzMxNjExRTk5MTMzMDM3Q0Y4QUVBMjI4L1NLTHl4
S3BLNmptLVJyX2wtWnlTWXB1LTJQdy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL1NLTHl4S3BLNmptLVJyX2wtWnlTWXB1LTJQdy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkM1OEQ2L0Q2OUE0REZFNzMxNjExRTk5MTMzMDM3Q0Y4
QUVBMjI4LzcwRUYyMkUyQTdERTExRUY4MzNBRkFBNDc2MkU5NTFBLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABmga0wDQYJKoZIhvcNAQEL
BQADggEBAEi+o5AFDuwnEPVmK4dJYo3burRcDyxZnozLIjKVxpdnk8YRnxqCcxsM
iSKCdfIwapN33/NJWsyd0OOBcn7sq5T3mpypg+xQP9hKFEj3wIV8OTq6xBNq9SL7
oN9QNZTa/IRvpNJ2pJD+dr/I6qmswKAq+Z8hoDkh+wA4+W6UTcx0gZZIDx90ZcUG
SnEMeQt5v++FYqPym9yjJn//mhToDlj6XC+WarcaFvrvERjXQShXOq3EqEccOixd
q2P1ZxOkX1gtIARD9Tqakf7uqQbKov5vFWOqCVWNkIhBD5pCNRgnOjBPXWlcpo65
EHfdfayFdxaKx6hklZelJBOMFbtDF0g=
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:10:16 2024 by rpki-client on console-fra.rpki-client.org