Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36CAE5A/92819FDE439C11EBB864D94AF8AEA228/7F048B62439F11EB9C0BC24DF8AEA228.roa
File: 7F048B62439F11EB9C0BC24DF8AEA228.roa (raw, json)
Hash identifier: 06HjzJUfLQnr3VKopWSyRxV1nWNqt+gwC+wb8K/XySs=
Subject key identifier: D8:85:02:54:66:69:8B:18:9A:B9:62:0A:B1:3A:A3:0B:9B:D0:D8:E4
Certificate issuer: /CN=F36CAE5AAF/serialNumber=0646A998D6CD5D5BEEB50F4C9291315536F7C5B4
Certificate serial: 02
Authority key identifier: 06:46:A9:98:D6:CD:5D:5B:EE:B5:0F:4C:92:91:31:55:36:F7:C5:B4
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/BkapmNbNXVvutQ9MkpExVTb3xbQ.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36CAE5A/92819FDE439C11EBB864D94AF8AEA228/7F048B62439F11EB9C0BC24DF8AEA228.roa
Signing time: Mon 21 Dec 2020 15:16:28 +0000
ROA not before: Mon 21 Dec 2020 15:16:22 +0000
ROA not after: Fri 31 Jan 2025 15:16:22 +0000
asID: 328496
IP address blocks: 102.68.70.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36CAE5A/92819FDE439C11EBB864D94AF8AEA228/BkapmNbNXVvutQ9MkpExVTb3xbQ.crl
rsync://rpki.afrinic.net/repository/member_repository/F36CAE5A/92819FDE439C11EBB864D94AF8AEA228/BkapmNbNXVvutQ9MkpExVTb3xbQ.mft
rsync://rpki.afrinic.net/repository/afrinic/BkapmNbNXVvutQ9MkpExVTb3xbQ.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 09 May 2024 00:04:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36CAE5AAF/serialNumber=0646A998D6CD5D5BEEB50F4C9291315536F7C5B4
Validity
Not Before: Dec 21 15:16:22 2020 GMT
Not After : Jan 31 15:16:22 2025 GMT
Subject: CN=5fe0bc4c-bcf9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:b3:c2:c2:09:ff:a2:31:10:2f:0f:83:00:c6:
b5:c1:ab:e9:a0:fb:46:a7:7b:29:49:b2:15:10:4b:
ad:12:cf:2a:1a:19:04:6d:33:f3:ba:d0:2a:9b:25:
80:99:12:e1:1f:4d:eb:66:28:ee:21:ee:02:db:86:
5e:06:77:24:f4:bb:45:cc:9e:e2:d9:cc:0e:24:d7:
b7:26:cc:5f:36:71:b4:3e:62:b7:d7:b5:c6:a9:fe:
76:18:30:96:67:39:ca:51:41:63:cc:10:af:1a:8f:
5b:18:7e:95:91:b8:ab:1d:66:3f:d5:53:70:0a:69:
07:ac:49:b6:a9:37:ca:e5:5f:e7:74:e2:3d:e9:12:
b1:c7:0e:9b:fa:7e:27:83:2c:ce:87:af:be:fb:f1:
b5:65:3e:7f:37:4e:d9:ba:9c:a9:ec:aa:89:80:95:
9e:91:01:21:5a:c3:63:28:2c:e4:3f:ce:fe:cc:a4:
1b:75:78:b5:45:e8:22:44:4b:c4:4a:19:5b:c2:ea:
11:7d:70:2e:71:45:e8:a6:b9:af:de:52:93:67:bd:
00:7b:d2:9c:32:8c:76:9b:a9:e1:c0:6b:f4:0d:76:
28:00:23:db:91:c0:36:72:c0:0e:89:3e:0d:a7:6b:
51:d3:10:f7:6d:c8:c3:94:4d:e5:ef:c3:e2:b3:36:
d2:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:85:02:54:66:69:8B:18:9A:B9:62:0A:B1:3A:A3:0B:9B:D0:D8:E4
X509v3 Authority Key Identifier:
keyid:06:46:A9:98:D6:CD:5D:5B:EE:B5:0F:4C:92:91:31:55:36:F7:C5:B4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36CAE5A/92819FDE439C11EBB864D94AF8AEA228/BkapmNbNXVvutQ9MkpExVTb3xbQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/BkapmNbNXVvutQ9MkpExVTb3xbQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36CAE5A/92819FDE439C11EBB864D94AF8AEA228/7F048B62439F11EB9C0BC24DF8AEA228.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.68.70.0/24
Signature Algorithm: sha256WithRSAEncryption
a5:4a:78:99:7d:3d:16:6e:e0:d7:72:a3:1b:90:4b:16:ef:ab:
23:42:3a:ba:2e:f0:03:ca:32:ab:8b:a8:58:41:cd:8c:e3:d6:
f0:7a:45:d0:fc:d1:01:3f:81:fa:71:54:60:da:dc:27:aa:6e:
40:37:e4:fb:9c:9a:90:35:b6:14:7d:ac:59:e8:19:11:9a:d1:
b9:16:82:90:aa:e3:fc:4f:5d:e2:c5:c2:13:e0:98:97:6f:f9:
c1:23:19:45:4c:e6:45:54:c9:53:49:a3:3a:8d:1e:db:02:ab:
19:0b:0f:5e:d2:f4:9a:92:8a:5f:a0:06:6f:dd:0b:26:c9:54:
fa:df:9a:90:bb:da:25:5f:0f:b1:5e:db:90:4a:24:ef:a3:d8:
43:08:4a:bd:43:44:38:0f:e7:6c:09:7d:c6:91:43:a1:8c:a0:
5d:e9:fa:24:52:da:22:8d:b7:91:69:c1:3c:e0:49:04:b4:1b:
0a:17:62:90:f7:04:dc:5f:d9:b2:7b:64:39:22:4d:34:53:88:
43:78:a0:fb:f7:ee:cf:3b:10:65:67:be:52:ce:ae:ef:c2:a0:
93:7e:c3:db:b9:2d:20:2e:17:ff:75:a0:57:68:a5:ce:16:6f:
a0:9d:42:17:fc:71:84:bd:8b:6d:cd:d9:cd:8b:7f:70:99:ad:
83:f9:72:7b
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZD
QUU1QUFGMTEwLwYDVQQFEygwNjQ2QTk5OEQ2Q0Q1RDVCRUVCNTBGNEM5MjkxMzE1
NTM2RjdDNUI0MB4XDTIwMTIyMTE1MTYyMloXDTI1MDEzMTE1MTYyMlowGDEWMBQG
A1UEAxMNNWZlMGJjNGMtYmNmOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALGzwsIJ/6IxEC8PgwDGtcGr6aD7Rqd7KUmyFRBLrRLPKhoZBG0z87rQKpsl
gJkS4R9N62Yo7iHuAtuGXgZ3JPS7Rcye4tnMDiTXtybMXzZxtD5it9e1xqn+dhgw
lmc5ylFBY8wQrxqPWxh+lZG4qx1mP9VTcAppB6xJtqk3yuVf53TiPekSsccOm/p+
J4MszoevvvvxtWU+fzdO2bqcqeyqiYCVnpEBIVrDYygs5D/O/sykG3V4tUXoIkRL
xEoZW8LqEX1wLnFF6Ka5r95Sk2e9AHvSnDKMdpup4cBr9A12KAAj25HANnLADok+
DadrUdMQ923Iw5RN5e/D4rM20tsCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBTYhQJU
ZmmLGJq5YgqxOqMLm9DY5DAfBgNVHSMEGDAWgBQGRqmY1s1dW+61D0ySkTFVNvfF
tDAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2Q0FFNUEvOTI4MTlGREU0MzlDMTFFQkI4NjREOTRBRjhBRUEyMjgvQmthcG1O
Yk5YVnZ1dFE5TWtwRXhWVGIzeGJRLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvQmthcG1OYk5YVnZ1dFE5TWtwRXhWVGIzeGJRLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2Q0FFNUEvOTI4MTlGREU0MzlDMTFFQkI4NjREOTRBRjhB
RUEyMjgvN0YwNDhCNjI0MzlGMTFFQjlDMEJDMjRERjhBRUEyMjgucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAGZERjANBgkqhkiG9w0BAQsF
AAOCAQEApUp4mX09Fm7g13KjG5BLFu+rI0I6ui7wA8oyq4uoWEHNjOPW8HpF0PzR
AT+B+nFUYNrcJ6puQDfk+5yakDW2FH2sWegZEZrRuRaCkKrj/E9d4sXCE+CYl2/5
wSMZRUzmRVTJU0mjOo0e2wKrGQsPXtL0mpKKX6AGb90LJslU+t+akLvaJV8PsV7b
kEok76PYQwhKvUNEOA/nbAl9xpFDoYygXen6JFLaIo23kWnBPOBJBLQbChdikPcE
3F/ZsntkOSJNNFOIQ3ig+/fuzzsQZWe+Us6u78Kgk37D27ktIC4X/3WgV2ilzhZv
oJ1CF/xxhL2Lbc3ZzYt/cJmtg/lyew==
-----END CERTIFICATE-----
Generated at Tue May 7 01:58:10 2024 by rpki-client on console-fra.rpki-client.org