Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36CAD03/90CF9CCA1F4211EEB18184614AD9E6FC/5101379C1F4311EE8FC7B9634AD9E6FC.roa
File: 5101379C1F4311EE8FC7B9634AD9E6FC.roa (raw, json)
Hash identifier: 9vRfRWcOnYof6Mu0ENqhdmmo04buF4ccumW7t2r2a0A=
Subject key identifier: 60:E3:3E:A6:91:27:38:51:B9:CB:13:3D:CC:1E:4B:CA:A4:E1:0B:7B
Certificate issuer: /CN=F36CAD03AF/serialNumber=7F3738A2B28B6FAC0EE168DACDA1020991F65EFF
Certificate serial: 03
Authority key identifier: 7F:37:38:A2:B2:8B:6F:AC:0E:E1:68:DA:CD:A1:02:09:91:F6:5E:FF
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/fzc4orKLb6wO4WjazaECCZH2Xv8.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36CAD03/90CF9CCA1F4211EEB18184614AD9E6FC/5101379C1F4311EE8FC7B9634AD9E6FC.roa
Signing time: Mon 10 Jul 2023 17:00:48 +0000
ROA not before: Mon 10 Jul 2023 17:00:43 +0000
ROA not after: Fri 31 Dec 2049 17:00:43 +0000
asID: 328987
IP address blocks: 102.217.64.0/22 maxlen: 24
2c0f:2f00::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36CAD03/90CF9CCA1F4211EEB18184614AD9E6FC/fzc4orKLb6wO4WjazaECCZH2Xv8.crl
rsync://rpki.afrinic.net/repository/member_repository/F36CAD03/90CF9CCA1F4211EEB18184614AD9E6FC/fzc4orKLb6wO4WjazaECCZH2Xv8.mft
rsync://rpki.afrinic.net/repository/afrinic/fzc4orKLb6wO4WjazaECCZH2Xv8.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3 (0x3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36CAD03AF/serialNumber=7F3738A2B28B6FAC0EE168DACDA1020991F65EFF
Validity
Not Before: Jul 10 17:00:43 2023 GMT
Not After : Dec 31 17:00:43 2049 GMT
Subject: CN=64ac3940-a74b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:43:1d:33:bf:a8:75:49:2a:45:62:7a:d5:fe:
07:a0:b8:13:14:83:82:7c:f7:6d:0c:27:da:8d:ca:
69:81:a0:d8:bf:de:ae:6e:fb:26:91:cc:f8:01:c4:
f6:f5:0c:66:60:9c:5e:76:6d:db:00:29:fb:65:aa:
90:c6:5e:2c:17:eb:a2:20:86:91:e5:9f:84:8e:fc:
e6:f2:f2:7b:a4:22:73:10:57:a3:35:8e:41:c0:bc:
cc:00:32:8f:5c:93:58:f1:f6:20:a7:57:ae:50:3a:
8d:d7:b7:d6:2f:b2:c7:97:d0:ac:9f:27:97:77:c2:
ce:ca:2e:82:ac:7b:c6:ee:08:c7:c1:8c:33:ce:e6:
c6:1e:74:c2:f3:73:18:9d:15:56:7c:5c:dc:da:0a:
1d:15:ae:c8:96:14:6f:0b:87:8e:af:64:d2:dc:aa:
cb:5d:f3:52:b7:be:e5:cf:4f:fe:8b:34:4c:21:4e:
bc:d3:ad:c1:4c:b9:7c:99:cd:a3:d4:0d:22:8d:24:
ec:b2:0a:8f:6c:54:ae:b9:b2:14:66:40:5f:84:81:
1d:66:39:e5:a3:8a:b4:01:82:4b:7a:fe:e9:ee:70:
ab:54:9a:22:63:47:c1:11:3e:55:ad:c6:3c:23:53:
78:18:c6:95:2e:34:a8:d1:a0:19:29:63:d7:f4:3b:
b3:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:E3:3E:A6:91:27:38:51:B9:CB:13:3D:CC:1E:4B:CA:A4:E1:0B:7B
X509v3 Authority Key Identifier:
keyid:7F:37:38:A2:B2:8B:6F:AC:0E:E1:68:DA:CD:A1:02:09:91:F6:5E:FF
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36CAD03/90CF9CCA1F4211EEB18184614AD9E6FC/fzc4orKLb6wO4WjazaECCZH2Xv8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/fzc4orKLb6wO4WjazaECCZH2Xv8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36CAD03/90CF9CCA1F4211EEB18184614AD9E6FC/5101379C1F4311EE8FC7B9634AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.217.64.0/22
IPv6:
2c0f:2f00::/32
Signature Algorithm: sha256WithRSAEncryption
0d:8f:c3:db:86:9e:25:4c:0b:ac:37:c3:0f:97:ec:1a:00:12:
e2:51:06:fc:fa:d5:cf:1d:c7:60:1a:97:21:17:3b:f8:e3:f5:
bb:bf:d8:66:f7:be:68:85:fb:80:e4:2c:dc:c8:34:86:f7:15:
b0:7c:cb:49:a1:81:84:27:06:03:e5:c0:39:bd:29:15:72:37:
ca:3b:e9:78:a8:54:64:e7:67:4e:17:1d:db:52:5e:a0:dd:d4:
85:1f:d0:79:3e:c0:76:26:2a:5a:a0:5c:77:30:34:56:75:5e:
76:37:b2:4b:c8:80:51:dd:4b:a5:75:b6:68:a7:8b:d8:ef:d9:
f6:76:ac:d4:f0:5c:8a:96:61:fe:ce:32:2e:19:90:19:35:00:
59:4a:fd:44:94:d5:cc:04:ee:61:0f:c4:43:48:2c:cd:6b:13:
97:6a:d6:7b:42:37:df:b0:f6:e2:ad:b0:12:54:38:97:32:ee:
65:de:45:07:d6:c9:99:63:50:1e:50:c7:bf:a5:52:ae:7b:1a:
92:69:b7:81:27:f7:8a:65:ba:b4:dc:ac:15:55:17:7f:49:27:
ce:a0:c4:5d:74:22:fb:0b:2a:ae:0f:98:c6:59:0e:c6:e2:69:
a0:72:2e:ff:43:15:08:df:aa:c4:c8:2a:3e:7e:e0:0b:8e:47:
58:1c:90:e8
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgIBAzANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZD
QUQwM0FGMTEwLwYDVQQFEyg3RjM3MzhBMkIyOEI2RkFDMEVFMTY4REFDREExMDIw
OTkxRjY1RUZGMB4XDTIzMDcxMDE3MDA0M1oXDTQ5MTIzMTE3MDA0M1owGDEWMBQG
A1UEAxMNNjRhYzM5NDAtYTc0YjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKBDHTO/qHVJKkVietX+B6C4ExSDgnz3bQwn2o3KaYGg2L/erm77JpHM+AHE
9vUMZmCcXnZt2wAp+2WqkMZeLBfroiCGkeWfhI785vLye6QicxBXozWOQcC8zAAy
j1yTWPH2IKdXrlA6jde31i+yx5fQrJ8nl3fCzsougqx7xu4Ix8GMM87mxh50wvNz
GJ0VVnxc3NoKHRWuyJYUbwuHjq9k0tyqy13zUre+5c9P/os0TCFOvNOtwUy5fJnN
o9QNIo0k7LIKj2xUrrmyFGZAX4SBHWY55aOKtAGCS3r+6e5wq1SaImNHwRE+Va3G
PCNTeBjGlS40qNGgGSlj1/Q7s48CAwEAAaOCArQwggKwMB0GA1UdDgQWBBRg4z6m
kSc4UbnLEz3MHkvKpOELezAfBgNVHSMEGDAWgBR/NziisotvrA7haNrNoQIJkfZe
/zAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2Q0FEMDMvOTBDRjlDQ0ExRjQyMTFFRUIxODE4NDYxNEFEOUU2RkMvZnpjNG9y
S0xiNndPNFdqYXphRUNDWkgyWHY4LmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvZnpjNG9yS0xiNndPNFdqYXphRUNDWkgyWHY4LmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2Q0FEMDMvOTBDRjlDQ0ExRjQyMTFFRUIxODE4NDYxNEFE
OUU2RkMvNTEwMTM3OUMxRjQzMTFFRThGQzdCOTYzNEFEOUU2RkMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAmbZQDANBAIAAjAHAwUALA8v
ADANBgkqhkiG9w0BAQsFAAOCAQEADY/D24aeJUwLrDfDD5fsGgAS4lEG/PrVzx3H
YBqXIRc7+OP1u7/YZve+aIX7gOQs3Mg0hvcVsHzLSaGBhCcGA+XAOb0pFXI3yjvp
eKhUZOdnThcd21JeoN3UhR/QeT7AdiYqWqBcdzA0VnVedjeyS8iAUd1LpXW2aKeL
2O/Z9nas1PBcipZh/s4yLhmQGTUAWUr9RJTVzATuYQ/EQ0gszWsTl2rWe0I337D2
4q2wElQ4lzLuZd5FB9bJmWNQHlDHv6VSrnsakmm3gSf3imW6tNysFVUXf0knzqDE
XXQi+wsqrg+YxlkOxuJpoHIu/0MVCN+qxMgqPn7gC45HWByQ6A==
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:05:26 2024 by rpki-client on console-ams.rpki-client.org