Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36CACCC/DC647B426C3011EF91DB8BBE762E951A/690AD7B26C3111EF81B16842762E951A.roa
File: 690AD7B26C3111EF81B16842762E951A.roa (raw, json)
Hash identifier: rHzjxo/eO2fqIELNKfmN3/VjzzeCb8hHN9sTo2VjXI0=
Subject key identifier: 3A:2E:77:03:9A:06:38:4B:C0:CD:4A:25:B5:3B:E2:93:B2:BE:13:43
Certificate issuer: /CN=F36CACCCAF/serialNumber=E54F5E9CCF7EB76E9790AE9533FE4A84C8B2FCBC
Certificate serial: 02
Authority key identifier: E5:4F:5E:9C:CF:7E:B7:6E:97:90:AE:95:33:FE:4A:84:C8:B2:FC:BC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/5U9enM9-t26XkK6VM_5KhMiy_Lw.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36CACCC/DC647B426C3011EF91DB8BBE762E951A/690AD7B26C3111EF81B16842762E951A.roa
Signing time: Fri 06 Sep 2024 09:21:34 +0000
ROA not before: Fri 06 Sep 2024 09:21:31 +0000
ROA not after: Fri 01 Sep 2028 09:21:31 +0000
asID: 329222
IP address blocks: 102.212.144.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36CACCC/DC647B426C3011EF91DB8BBE762E951A/5U9enM9-t26XkK6VM_5KhMiy_Lw.crl
rsync://rpki.afrinic.net/repository/member_repository/F36CACCC/DC647B426C3011EF91DB8BBE762E951A/5U9enM9-t26XkK6VM_5KhMiy_Lw.mft
rsync://rpki.afrinic.net/repository/afrinic/5U9enM9-t26XkK6VM_5KhMiy_Lw.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 26 Oct 2024 00:05:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36CACCCAF/serialNumber=E54F5E9CCF7EB76E9790AE9533FE4A84C8B2FCBC
Validity
Not Before: Sep 6 09:21:31 2024 GMT
Not After : Sep 1 09:21:31 2028 GMT
Subject: CN=66dac99e-b4d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:82:f2:5a:21:a8:59:a9:3e:f0:dd:49:1d:45:
77:87:53:55:4d:f2:54:7e:ce:37:5e:0e:69:8c:0e:
59:bd:6f:2d:6b:03:7a:db:2f:82:e9:2d:d6:f7:f3:
47:8c:6a:41:3a:95:6d:c9:78:35:5b:79:2e:12:5c:
df:b1:0b:18:f5:5b:78:9e:e3:ff:12:55:a0:b3:04:
a6:db:da:b1:d2:de:b9:f6:c7:7d:11:ad:26:bc:c1:
94:18:be:bc:4e:bc:aa:4b:f7:53:47:01:91:6a:d7:
ec:78:1b:d9:c9:50:25:94:af:37:ef:cc:7c:9f:48:
97:a1:37:7f:1a:95:ab:7d:b4:09:05:f3:b2:df:17:
2b:75:0f:73:74:ab:eb:6a:2c:21:3c:a4:c8:71:04:
b6:e9:33:b4:87:8f:f4:93:34:d3:c0:4f:66:7e:b2:
80:1e:0f:26:51:d2:ae:f3:5c:fe:0f:64:04:fe:c6:
d2:1d:2d:25:2b:5b:af:f3:58:03:9d:bf:77:bf:b6:
2b:50:17:b0:8d:51:2d:4b:6e:ae:7e:79:c6:a3:4d:
75:b7:ab:97:74:eb:dc:6c:4e:ac:11:df:7e:44:07:
12:4e:17:5b:f5:21:92:d9:55:2c:1f:a1:06:a1:cf:
39:0f:d4:86:c4:77:48:f5:db:5a:a4:05:33:98:84:
9b:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:2E:77:03:9A:06:38:4B:C0:CD:4A:25:B5:3B:E2:93:B2:BE:13:43
X509v3 Authority Key Identifier:
keyid:E5:4F:5E:9C:CF:7E:B7:6E:97:90:AE:95:33:FE:4A:84:C8:B2:FC:BC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36CACCC/DC647B426C3011EF91DB8BBE762E951A/5U9enM9-t26XkK6VM_5KhMiy_Lw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/5U9enM9-t26XkK6VM_5KhMiy_Lw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36CACCC/DC647B426C3011EF91DB8BBE762E951A/690AD7B26C3111EF81B16842762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.212.144.0/22
Signature Algorithm: sha256WithRSAEncryption
18:bd:88:3a:ed:82:45:d8:a2:d6:08:6b:17:6c:c5:b2:15:52:
be:11:4d:39:37:45:e0:aa:8b:8f:de:c6:b7:29:ce:cf:00:12:
fa:9b:f3:a9:1e:57:c4:68:4d:e0:9f:fc:e6:57:c8:97:2e:79:
e5:04:58:3a:fe:df:b9:55:ea:43:a1:69:b8:13:d7:ea:c5:05:
e6:3a:cc:50:56:b8:de:8b:9b:97:86:0d:46:7c:48:95:05:b7:
6a:f1:51:0f:3d:e0:0e:cf:68:af:fc:ec:c9:ba:a0:0b:39:fb:
15:e9:8c:31:c9:24:cb:98:80:93:33:4c:98:9e:33:5e:22:64:
ad:c3:f7:35:63:20:9e:7f:a6:3a:66:12:26:8b:c7:c3:93:d4:
a5:27:0f:4a:c4:54:48:8c:8b:87:32:aa:8d:b1:71:7d:d8:e2:
05:c4:85:a2:ac:b7:2b:4e:06:65:a2:f1:85:80:32:45:0b:5d:
88:79:d1:9b:48:b2:e1:3f:9b:ab:73:46:a4:28:df:8f:d2:83:
6c:f5:4f:a4:b0:05:b7:80:ea:7e:d8:a0:cf:95:71:85:a4:75:
78:28:d9:95:32:3a:86:23:78:a6:15:be:0f:ef:cc:65:0d:c8:
e6:e5:01:be:48:f7:cd:bc:67:0b:e0:77:47:ad:3c:eb:77:27:
41:13:0d:09
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZD
QUNDQ0FGMTEwLwYDVQQFEyhFNTRGNUU5Q0NGN0VCNzZFOTc5MEFFOTUzM0ZFNEE4
NEM4QjJGQ0JDMB4XDTI0MDkwNjA5MjEzMVoXDTI4MDkwMTA5MjEzMVowGDEWMBQG
A1UEAxMNNjZkYWM5OWUtYjRkODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN+C8lohqFmpPvDdSR1Fd4dTVU3yVH7ON14OaYwOWb1vLWsDetsvgukt1vfz
R4xqQTqVbcl4NVt5LhJc37ELGPVbeJ7j/xJVoLMEptvasdLeufbHfRGtJrzBlBi+
vE68qkv3U0cBkWrX7Hgb2clQJZSvN+/MfJ9Il6E3fxqVq320CQXzst8XK3UPc3Sr
62osITykyHEEtukztIeP9JM008BPZn6ygB4PJlHSrvNc/g9kBP7G0h0tJStbr/NY
A52/d7+2K1AXsI1RLUturn55xqNNdberl3Tr3GxOrBHffkQHEk4XW/UhktlVLB+h
BqHPOQ/UhsR3SPXbWqQFM5iEm0kCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBQ6LncD
mgY4S8DNSiW1O+KTsr4TQzAfBgNVHSMEGDAWgBTlT16cz363bpeQrpUz/kqEyLL8
vDAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2Q0FDQ0MvREM2NDdCNDI2QzMwMTFFRjkxREI4QkJFNzYyRTk1MUEvNVU5ZW5N
OS10MjZYa0s2Vk1fNUtoTWl5X0x3LmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvNVU5ZW5NOS10MjZYa0s2Vk1fNUtoTWl5X0x3LmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2Q0FDQ0MvREM2NDdCNDI2QzMwMTFFRjkxREI4QkJFNzYy
RTk1MUEvNjkwQUQ3QjI2QzMxMTFFRjgxQjE2ODQyNzYyRTk1MUEucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAmbUkDANBgkqhkiG9w0BAQsF
AAOCAQEAGL2IOu2CRdii1ghrF2zFshVSvhFNOTdF4KqLj97GtynOzwAS+pvzqR5X
xGhN4J/85lfIly555QRYOv7fuVXqQ6FpuBPX6sUF5jrMUFa43oubl4YNRnxIlQW3
avFRDz3gDs9or/zsybqgCzn7FemMMckky5iAkzNMmJ4zXiJkrcP3NWMgnn+mOmYS
JovHw5PUpScPSsRUSIyLhzKqjbFxfdjiBcSFoqy3K04GZaLxhYAyRQtdiHnRm0iy
4T+bq3NGpCjfj9KDbPVPpLAFt4Dqftigz5VxhaR1eCjZlTI6hiN4phW+D+/MZQ3I
5uUBvkj3zbxnC+B3R60863cnQRMNCQ==
-----END CERTIFICATE-----
Generated at Thu Oct 24 06:47:50 2024 by rpki-client on console-fra.rpki-client.org