Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36C629B/E09366C0847C11EE90B044464AD9E6FC/B2D67FBC81B811EFBF661993762E951A.roa
File: B2D67FBC81B811EFBF661993762E951A.roa (raw, json)
Hash identifier: uoPtPDn/rbTQRBGn7Sv62W9Z11akCbhfrMo3RcO5nHI=
Subject key identifier: E1:4E:56:EB:F7:0F:F5:70:05:37:F9:FD:4D:DE:29:63:C5:16:02:95
Certificate issuer: /CN=F36C629BAF/serialNumber=C7D3466682C5160E22B62548E97E210FE4A1E386
Certificate serial: 014E
Authority key identifier: C7:D3:46:66:82:C5:16:0E:22:B6:25:48:E9:7E:21:0F:E4:A1:E3:86
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/x9NGZoLFFg4itiVI6X4hD-Sh44Y.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36C629B/E09366C0847C11EE90B044464AD9E6FC/B2D67FBC81B811EFBF661993762E951A.roa
Signing time: Thu 03 Oct 2024 18:52:55 +0000
ROA not before: Thu 03 Oct 2024 18:52:51 +0000
ROA not after: Wed 03 Oct 2029 18:52:51 +0000
asID: 329294
IP address blocks: 102.211.198.0/24 maxlen: 24
2c0f:1140::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36C629B/E09366C0847C11EE90B044464AD9E6FC/x9NGZoLFFg4itiVI6X4hD-Sh44Y.crl
rsync://rpki.afrinic.net/repository/member_repository/F36C629B/E09366C0847C11EE90B044464AD9E6FC/x9NGZoLFFg4itiVI6X4hD-Sh44Y.mft
rsync://rpki.afrinic.net/repository/afrinic/x9NGZoLFFg4itiVI6X4hD-Sh44Y.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 334 (0x14e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36C629BAF/serialNumber=C7D3466682C5160E22B62548E97E210FE4A1E386
Validity
Not Before: Oct 3 18:52:51 2024 GMT
Not After : Oct 3 18:52:51 2029 GMT
Subject: CN=66fee807-02d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:b9:fa:8e:ff:7c:4d:89:d1:f3:a8:e9:7f:9f:
0c:98:c2:2c:3e:2c:77:45:71:04:f8:01:fb:9b:bb:
d9:9f:9a:2a:82:e6:1a:d3:d0:46:42:90:d0:76:05:
e2:1a:4a:d2:cc:1e:05:42:54:7c:5c:1c:86:12:c8:
c9:ab:4e:af:73:5e:95:16:e5:9f:b8:36:34:28:33:
85:7b:9e:04:d4:6a:5d:2e:3d:aa:40:e0:3a:a5:9f:
81:46:3b:7d:3e:8b:40:1b:e2:3d:50:fe:37:54:7d:
58:3a:56:8c:1e:5a:26:2d:32:38:40:88:15:11:3b:
ae:7d:a3:df:2f:8d:ad:1b:f0:32:73:65:88:cc:46:
a8:73:30:85:a5:fd:50:1b:e9:ef:87:49:ba:4d:6e:
16:a0:9c:b1:02:a9:38:80:e2:d3:a6:32:92:f9:2b:
8a:14:16:4d:7e:3b:41:8f:1d:11:b9:5d:cf:5c:ab:
de:90:7d:36:18:0c:ef:5e:94:1e:ab:87:60:1d:0e:
a2:7e:c5:9c:45:2b:39:bc:d1:00:32:ad:7c:3d:04:
ac:35:b9:e4:91:26:31:98:66:60:3c:da:d4:2b:97:
ed:01:d7:bd:bc:40:cd:d1:09:d4:e1:78:93:57:2f:
b6:d2:9a:25:2d:34:be:27:72:e7:a0:a0:a6:98:b7:
ae:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:4E:56:EB:F7:0F:F5:70:05:37:F9:FD:4D:DE:29:63:C5:16:02:95
X509v3 Authority Key Identifier:
keyid:C7:D3:46:66:82:C5:16:0E:22:B6:25:48:E9:7E:21:0F:E4:A1:E3:86
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36C629B/E09366C0847C11EE90B044464AD9E6FC/x9NGZoLFFg4itiVI6X4hD-Sh44Y.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/x9NGZoLFFg4itiVI6X4hD-Sh44Y.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36C629B/E09366C0847C11EE90B044464AD9E6FC/B2D67FBC81B811EFBF661993762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.211.198.0/24
IPv6:
2c0f:1140::/32
Signature Algorithm: sha256WithRSAEncryption
d9:88:26:d7:f3:30:6f:a5:77:ce:ad:00:3a:9f:18:d7:02:9d:
87:b6:d5:6e:79:1f:22:5a:0f:bc:fb:b9:61:4c:01:a2:85:e6:
e7:45:12:45:b0:84:e3:6b:2f:18:0f:bf:24:d9:0b:b1:cb:2f:
50:31:06:16:bc:96:87:4b:bf:87:bd:b7:b8:64:ef:ee:fb:77:
2c:a6:7f:93:8d:f0:3a:9e:9d:ba:b2:42:60:4d:e3:e4:34:91:
2c:a2:76:59:04:d5:58:39:52:93:c2:a0:b8:3d:4d:8d:4a:99:
7a:e2:5b:12:46:b4:e8:33:44:cb:b4:00:67:3e:cc:b7:08:ad:
e8:f8:db:27:25:f8:05:ab:01:ad:1d:e4:d2:ac:59:8b:78:10:
10:84:0f:9b:1d:dc:ff:2e:32:f0:89:dc:e1:e1:f3:7e:e1:0e:
56:97:af:be:86:2d:15:3e:f4:b3:94:77:e6:c1:48:30:c7:cc:
dc:47:dd:2a:4b:e9:3d:0e:3b:4d:9b:e6:c0:8a:d4:de:51:4b:
62:b2:83:d1:1e:f4:34:99:3f:75:0f:a1:1b:4d:76:f0:bb:2e:
5b:45:22:96:92:a4:9c:d4:ea:72:29:24:9e:7f:c3:4a:f5:b2:
32:62:dd:7f:44:44:4d:e6:11:20:7d:4f:94:a0:3e:0e:4d:f7:
50:20:9f:ee
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgICAU4wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
QzYyOUJBRjExMC8GA1UEBRMoQzdEMzQ2NjY4MkM1MTYwRTIyQjYyNTQ4RTk3RTIx
MEZFNEExRTM4NjAeFw0yNDEwMDMxODUyNTFaFw0yOTEwMDMxODUyNTFaMBgxFjAU
BgNVBAMTDTY2ZmVlODA3LTAyZDMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDJufqO/3xNidHzqOl/nwyYwiw+LHdFcQT4Afubu9mfmiqC5hrT0EZCkNB2
BeIaStLMHgVCVHxcHIYSyMmrTq9zXpUW5Z+4NjQoM4V7ngTUal0uPapA4Dqln4FG
O30+i0Ab4j1Q/jdUfVg6VoweWiYtMjhAiBURO659o98vja0b8DJzZYjMRqhzMIWl
/VAb6e+HSbpNbhagnLECqTiA4tOmMpL5K4oUFk1+O0GPHRG5Xc9cq96QfTYYDO9e
lB6rh2AdDqJ+xZxFKzm80QAyrXw9BKw1ueSRJjGYZmA82tQrl+0B1728QM3RCdTh
eJNXL7bSmiUtNL4ncuegoKaYt64vAgMBAAGjggK0MIICsDAdBgNVHQ4EFgQU4U5W
6/cP9XAFN/n9Td4pY8UWApUwHwYDVR0jBBgwFoAUx9NGZoLFFg4itiVI6X4hD+Sh
44YwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkM2MjlCL0UwOTM2NkMwODQ3QzExRUU5MEIwNDQ0NjRBRDlFNkZDL3g5Tkda
b0xGRmc0aXRpVkk2WDRoRC1TaDQ0WS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL3g5Tkdab0xGRmc0aXRpVkk2WDRoRC1TaDQ0WS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkM2MjlCL0UwOTM2NkMwODQ3QzExRUU5MEIwNDQ0NjRB
RDlFNkZDL0IyRDY3RkJDODFCODExRUZCRjY2MTk5Mzc2MkU5NTFBLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBABm08YwDQQCAAIwBwMFACwP
EUAwDQYJKoZIhvcNAQELBQADggEBANmIJtfzMG+ld86tADqfGNcCnYe21W55HyJa
D7z7uWFMAaKF5udFEkWwhONrLxgPvyTZC7HLL1AxBha8lodLv4e9t7hk7+77dyym
f5ON8DqenbqyQmBN4+Q0kSyidlkE1Vg5UpPCoLg9TY1KmXriWxJGtOgzRMu0AGc+
zLcIrej42ycl+AWrAa0d5NKsWYt4EBCED5sd3P8uMvCJ3OHh837hDlaXr76GLRU+
9LOUd+bBSDDHzNxH3SpL6T0OO02b5sCK1N5RS2Kyg9Ee9DSZP3UPoRtNdvC7LltF
IpaSpJzU6nIpJJ5/w0r1sjJi3X9ERE3mESB9T5SgPg5N91Agn+4=
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:52:59 2024 by rpki-client on console-fra.rpki-client.org