Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36CB1BE/F3228E86F0EE11EEA3BE0F58775412E6/9BF619A8FCDC11EE8DA40146017001B1.roa
File: 9BF619A8FCDC11EE8DA40146017001B1.roa (raw, json)
Hash identifier: po7czQ/bhDV7w3+Oz4IVCSJosx6dgGFsaZotpFYiUzU=
Subject key identifier: 44:ED:96:AD:E4:B2:EE:33:B9:E1:EB:AA:33:53:B7:81:10:93:CE:0A
Certificate issuer: /CN=F36CB1BEAF/serialNumber=A5F0A2BB8B79EDD6D37C077ADFEA082514C0420F
Certificate serial: 19
Authority key identifier: A5:F0:A2:BB:8B:79:ED:D6:D3:7C:07:7A:DF:EA:08:25:14:C0:42:0F
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/pfCiu4t57dbTfAd63-oIJRTAQg8.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36CB1BE/F3228E86F0EE11EEA3BE0F58775412E6/9BF619A8FCDC11EE8DA40146017001B1.roa
Signing time: Wed 17 Apr 2024 17:04:53 +0000
ROA not before: Wed 17 Apr 2024 17:04:49 +0000
ROA not after: Fri 30 Apr 2027 17:04:49 +0000
asID: 37577
IP address blocks: 102.180.2.0/24 maxlen: 24
102.180.3.0/24 maxlen: 24
102.180.66.0/24 maxlen: 24
102.180.161.0/24 maxlen: 24
102.180.209.0/24 maxlen: 24
102.180.212.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36CB1BE/F3228E86F0EE11EEA3BE0F58775412E6/pfCiu4t57dbTfAd63-oIJRTAQg8.crl
rsync://rpki.afrinic.net/repository/member_repository/F36CB1BE/F3228E86F0EE11EEA3BE0F58775412E6/pfCiu4t57dbTfAd63-oIJRTAQg8.mft
rsync://rpki.afrinic.net/repository/afrinic/pfCiu4t57dbTfAd63-oIJRTAQg8.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 25 (0x19)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36CB1BEAF/serialNumber=A5F0A2BB8B79EDD6D37C077ADFEA082514C0420F
Validity
Not Before: Apr 17 17:04:49 2024 GMT
Not After : Apr 30 17:04:49 2027 GMT
Subject: CN=66200135-24a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:a5:98:57:d9:9a:38:d4:60:48:1c:a3:9b:14:
8b:c3:54:05:60:a8:e7:61:3a:22:e0:7a:cc:10:98:
f4:40:e0:37:de:c8:0f:a4:de:72:a3:98:f8:ce:4f:
03:db:01:bc:96:9a:66:53:0a:4a:14:02:96:4c:48:
6c:53:68:10:22:f4:0f:9b:6a:d4:62:2a:6f:3e:36:
68:34:a4:f8:75:22:03:bb:03:40:03:52:3e:d9:e7:
c7:c2:09:21:1a:35:64:cd:ec:76:46:f7:ee:d8:d8:
76:a2:24:4b:b4:5d:d2:14:18:31:46:40:ce:5b:96:
89:3c:8e:0d:3c:3e:c0:10:85:b5:50:f8:b1:72:02:
0c:9e:54:95:fc:44:83:e2:4e:99:3c:41:9f:2e:40:
93:64:41:4a:90:dc:95:83:71:d4:1c:15:52:d8:94:
57:11:c4:a8:67:82:a3:ca:c7:d8:f7:f5:3b:10:5d:
51:14:46:a4:fb:9c:46:87:3a:5d:31:77:53:f9:4e:
6e:80:cc:ad:0e:9f:4c:f4:c9:0c:78:03:fe:35:69:
7c:49:14:fe:e4:ed:42:9a:e8:76:43:48:e4:71:bf:
b3:ff:a5:9f:c3:68:03:4c:df:73:2d:e2:fd:d4:aa:
c0:ec:75:a9:20:b7:7e:51:68:cb:23:45:82:84:01:
98:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:ED:96:AD:E4:B2:EE:33:B9:E1:EB:AA:33:53:B7:81:10:93:CE:0A
X509v3 Authority Key Identifier:
keyid:A5:F0:A2:BB:8B:79:ED:D6:D3:7C:07:7A:DF:EA:08:25:14:C0:42:0F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36CB1BE/F3228E86F0EE11EEA3BE0F58775412E6/pfCiu4t57dbTfAd63-oIJRTAQg8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/pfCiu4t57dbTfAd63-oIJRTAQg8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36CB1BE/F3228E86F0EE11EEA3BE0F58775412E6/9BF619A8FCDC11EE8DA40146017001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.180.2.0/23
102.180.66.0/24
102.180.161.0/24
102.180.209.0/24
102.180.212.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:fa:98:b3:f0:ef:57:d9:79:a2:cd:73:d4:94:8a:36:bd:a7:
36:b2:60:3a:95:88:9b:87:53:26:3e:db:af:ba:a7:2e:a2:c3:
f4:2e:29:46:ad:4b:f4:83:d6:ce:c6:d1:ce:74:1a:ff:6c:78:
cf:26:4e:f5:f9:a9:e9:95:8a:e8:ab:3c:82:9a:6d:1b:f3:3c:
ff:fa:73:9e:2d:47:14:94:25:7b:6f:20:57:87:aa:e7:83:52:
dd:48:e4:fd:b2:c1:44:44:53:3c:f6:45:9a:df:e2:c6:23:b9:
47:f6:00:b6:ad:95:46:9d:7a:81:20:da:bc:ae:78:54:aa:bc:
42:b4:23:c5:fa:04:e1:6d:f3:f5:5a:84:0f:97:92:34:95:57:
00:8c:ae:87:0f:3e:9d:80:01:cd:07:52:44:2a:24:83:07:fc:
e7:93:77:25:30:ea:f6:8d:6b:53:73:9b:fa:28:da:12:24:c7:
70:46:c6:22:87:1e:20:a2:4b:2c:7e:ee:18:85:f8:93:ef:d7:
d1:34:ee:8c:7a:aa:55:0e:17:7b:ca:8c:91:33:bd:58:c8:67:
de:7a:62:69:7f:2f:af:8a:9c:03:e3:02:7b:ea:65:c9:8d:cb:
d1:bd:a5:fa:6b:52:32:a2:26:a1:33:65:30:4f:fc:86:16:ed:
51:8b:0d:f3
-----BEGIN CERTIFICATE-----
MIIFmjCCBIKgAwIBAgIBGTANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZD
QjFCRUFGMTEwLwYDVQQFEyhBNUYwQTJCQjhCNzlFREQ2RDM3QzA3N0FERkVBMDgy
NTE0QzA0MjBGMB4XDTI0MDQxNzE3MDQ0OVoXDTI3MDQzMDE3MDQ0OVowGDEWMBQG
A1UEAxMNNjYyMDAxMzUtMjRhNTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPClmFfZmjjUYEgco5sUi8NUBWCo52E6IuB6zBCY9EDgN97ID6TecqOY+M5P
A9sBvJaaZlMKShQClkxIbFNoECL0D5tq1GIqbz42aDSk+HUiA7sDQANSPtnnx8IJ
IRo1ZM3sdkb37tjYdqIkS7Rd0hQYMUZAzluWiTyODTw+wBCFtVD4sXICDJ5UlfxE
g+JOmTxBny5Ak2RBSpDclYNx1BwVUtiUVxHEqGeCo8rH2Pf1OxBdURRGpPucRoc6
XTF3U/lOboDMrQ6fTPTJDHgD/jVpfEkU/uTtQprodkNI5HG/s/+ln8NoA0zfcy3i
/dSqwOx1qSC3flFoyyNFgoQBmLECAwEAAaOCAr0wggK5MB0GA1UdDgQWBBRE7Zat
5LLuM7nh66ozU7eBEJPOCjAfBgNVHSMEGDAWgBSl8KK7i3nt1tN8B3rf6gglFMBC
DzAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2Q0IxQkUvRjMyMjhFODZGMEVFMTFFRUEzQkUwRjU4Nzc1NDEyRTYvcGZDaXU0
dDU3ZGJUZkFkNjMtb0lKUlRBUWc4LmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvcGZDaXU0dDU3ZGJUZkFkNjMtb0lKUlRBUWc4LmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2Q0IxQkUvRjMyMjhFODZGMEVFMTFFRUEzQkUwRjU4Nzc1
NDEyRTYvOUJGNjE5QThGQ0RDMTFFRThEQTQwMTQ2MDE3MDAxQjEucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDA3BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEAWa0AgMEAGa0QgMEAGa0oQME
AGa00QMEAGa01DANBgkqhkiG9w0BAQsFAAOCAQEAPfqYs/DvV9l5os1z1JSKNr2n
NrJgOpWIm4dTJj7br7qnLqLD9C4pRq1L9IPWzsbRznQa/2x4zyZO9fmp6ZWK6Ks8
gpptG/M8//pzni1HFJQle28gV4eq54NS3Ujk/bLBRERTPPZFmt/ixiO5R/YAtq2V
Rp16gSDavK54VKq8QrQjxfoE4W3z9VqED5eSNJVXAIyuhw8+nYABzQdSRCokgwf8
55N3JTDq9o1rU3Ob+ijaEiTHcEbGIoceIKJLLH7uGIX4k+/X0TTujHqqVQ4Xe8qM
kTO9WMhn3npiaX8vr4qcA+MCe+plyY3L0b2l+mtSMqImoTNlME/8hhbtUYsN8w==
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:52:59 2024 by rpki-client on console-fra.rpki-client.org