Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36CB1BE/F3228E86F0EE11EEA3BE0F58775412E6/ACB83E6242B211EFAFCCE28B762E951A.roa
File: ACB83E6242B211EFAFCCE28B762E951A.roa (raw, json)
Hash identifier: K3ivQ3+n4zlKylliwe/zTuRovNdpcW712O8vioTYjFg=
Subject key identifier: 50:8D:C9:1D:E2:90:52:71:03:07:30:A3:72:E7:66:F9:13:4F:D3:4A
Certificate issuer: /CN=F36CB1BEAF/serialNumber=A5F0A2BB8B79EDD6D37C077ADFEA082514C0420F
Certificate serial: 78
Authority key identifier: A5:F0:A2:BB:8B:79:ED:D6:D3:7C:07:7A:DF:EA:08:25:14:C0:42:0F
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/pfCiu4t57dbTfAd63-oIJRTAQg8.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36CB1BE/F3228E86F0EE11EEA3BE0F58775412E6/ACB83E6242B211EFAFCCE28B762E951A.roa
Signing time: Mon 15 Jul 2024 14:01:04 +0000
ROA not before: Mon 15 Jul 2024 14:01:00 +0000
ROA not after: Wed 15 Jul 2026 14:01:00 +0000
asID: 37577
IP address blocks: 102.180.228.0/22 maxlen: 22
102.180.252.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36CB1BE/F3228E86F0EE11EEA3BE0F58775412E6/pfCiu4t57dbTfAd63-oIJRTAQg8.crl
rsync://rpki.afrinic.net/repository/member_repository/F36CB1BE/F3228E86F0EE11EEA3BE0F58775412E6/pfCiu4t57dbTfAd63-oIJRTAQg8.mft
rsync://rpki.afrinic.net/repository/afrinic/pfCiu4t57dbTfAd63-oIJRTAQg8.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 120 (0x78)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36CB1BEAF/serialNumber=A5F0A2BB8B79EDD6D37C077ADFEA082514C0420F
Validity
Not Before: Jul 15 14:01:00 2024 GMT
Not After : Jul 15 14:01:00 2026 GMT
Subject: CN=66952ba0-c9b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:c0:0d:ec:5e:e1:41:00:45:90:0b:e9:55:89:
23:69:02:42:74:8d:73:d2:57:14:47:a9:52:06:b2:
82:4d:ff:cd:2e:36:d0:0f:c4:92:a6:5b:db:74:18:
d9:22:c6:17:51:b9:0a:fb:18:00:58:21:05:75:cc:
e2:3b:9a:8e:19:a8:68:01:09:ae:69:12:7e:ea:c0:
bf:2b:f1:f8:4b:fa:b9:39:67:02:4c:00:ed:27:18:
82:16:3e:61:8d:75:b7:67:c6:e7:1e:e4:eb:8e:16:
0a:ec:85:30:5d:8e:d0:46:2d:3a:99:6f:b1:df:8a:
d9:54:83:9c:aa:a2:dc:7b:b6:33:df:c5:17:e3:83:
5d:e0:04:02:dd:34:d8:77:04:45:c8:90:38:39:a6:
73:7e:c1:3b:9d:03:a1:91:8f:38:fc:0f:ea:7f:e8:
2a:ce:28:9a:8a:49:94:fd:75:31:f9:c6:03:9b:f5:
26:a5:8e:08:a8:7c:fe:20:15:a4:63:24:44:c6:dc:
94:91:c7:b4:be:41:82:66:3f:1a:01:6a:28:99:d4:
87:1b:a3:86:ff:4b:a6:73:42:52:e4:7f:66:66:20:
48:0e:1d:e1:4c:55:4f:7c:c7:22:55:da:25:5b:50:
37:46:a6:7e:22:e1:32:6a:ae:6e:94:2a:6b:59:27:
9b:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:8D:C9:1D:E2:90:52:71:03:07:30:A3:72:E7:66:F9:13:4F:D3:4A
X509v3 Authority Key Identifier:
keyid:A5:F0:A2:BB:8B:79:ED:D6:D3:7C:07:7A:DF:EA:08:25:14:C0:42:0F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36CB1BE/F3228E86F0EE11EEA3BE0F58775412E6/pfCiu4t57dbTfAd63-oIJRTAQg8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/pfCiu4t57dbTfAd63-oIJRTAQg8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36CB1BE/F3228E86F0EE11EEA3BE0F58775412E6/ACB83E6242B211EFAFCCE28B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.180.228.0/22
102.180.252.0/22
Signature Algorithm: sha256WithRSAEncryption
63:72:87:65:4e:c9:4c:fb:59:ea:8b:d4:a3:83:f4:0a:90:b2:
08:3f:e6:1e:b4:de:3d:69:f8:ad:15:e9:aa:94:34:24:e0:c5:
9d:47:33:51:95:c8:4f:94:38:20:f1:cc:b9:02:f8:20:c5:7d:
32:4d:61:71:5b:c8:7e:90:db:5d:5a:57:dc:0c:10:41:91:65:
e4:30:04:7d:ac:ae:06:85:be:e3:eb:28:25:13:c0:14:a1:d4:
fa:2e:a6:d0:d3:25:ed:18:0f:6f:8d:cf:e7:ca:e8:c0:2e:58:
df:0f:bf:10:46:23:6e:eb:39:44:04:47:52:03:7e:ad:c4:8a:
86:9f:b2:43:22:7b:4d:ab:25:b6:5a:ef:d1:fe:e7:96:7d:25:
d4:d6:74:d3:e4:02:ea:55:1e:1c:22:be:8a:94:76:87:4a:cb:
ed:94:a4:50:97:c6:93:8c:0f:d4:7c:f7:49:27:c0:8e:46:e8:
da:13:24:99:07:6a:00:c4:6e:18:cc:85:8b:6b:3a:5c:27:b7:
61:dc:d9:f3:61:75:9d:38:dc:b1:99:72:3c:bd:eb:29:25:24:
07:02:56:31:e6:b4:b4:b7:90:39:48:24:2e:d3:79:68:91:8d:
61:ba:c5:85:40:fa:62:43:0b:fd:08:99:18:ce:b4:d3:b6:08:
a5:84:e0:23
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgIBeDANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZD
QjFCRUFGMTEwLwYDVQQFEyhBNUYwQTJCQjhCNzlFREQ2RDM3QzA3N0FERkVBMDgy
NTE0QzA0MjBGMB4XDTI0MDcxNTE0MDEwMFoXDTI2MDcxNTE0MDEwMFowGDEWMBQG
A1UEAxMNNjY5NTJiYTAtYzliNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKTADexe4UEARZAL6VWJI2kCQnSNc9JXFEepUgaygk3/zS420A/EkqZb23QY
2SLGF1G5CvsYAFghBXXM4juajhmoaAEJrmkSfurAvyvx+Ev6uTlnAkwA7ScYghY+
YY11t2fG5x7k644WCuyFMF2O0EYtOplvsd+K2VSDnKqi3Hu2M9/FF+ODXeAEAt00
2HcERciQODmmc37BO50DoZGPOPwP6n/oKs4omopJlP11MfnGA5v1JqWOCKh8/iAV
pGMkRMbclJHHtL5BgmY/GgFqKJnUhxujhv9LpnNCUuR/ZmYgSA4d4UxVT3zHIlXa
JVtQN0amfiLhMmqubpQqa1knm78CAwEAAaOCAqswggKnMB0GA1UdDgQWBBRQjckd
4pBScQMHMKNy52b5E0/TSjAfBgNVHSMEGDAWgBSl8KK7i3nt1tN8B3rf6gglFMBC
DzAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2Q0IxQkUvRjMyMjhFODZGMEVFMTFFRUEzQkUwRjU4Nzc1NDEyRTYvcGZDaXU0
dDU3ZGJUZkFkNjMtb0lKUlRBUWc4LmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvcGZDaXU0dDU3ZGJUZkFkNjMtb0lKUlRBUWc4LmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2Q0IxQkUvRjMyMjhFODZGMEVFMTFFRUEzQkUwRjU4Nzc1
NDEyRTYvQUNCODNFNjI0MkIyMTFFRkFGQ0NFMjhCNzYyRTk1MUEucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAma05AMEAma0/DANBgkqhkiG
9w0BAQsFAAOCAQEAY3KHZU7JTPtZ6ovUo4P0CpCyCD/mHrTePWn4rRXpqpQ0JODF
nUczUZXIT5Q4IPHMuQL4IMV9Mk1hcVvIfpDbXVpX3AwQQZFl5DAEfayuBoW+4+so
JRPAFKHU+i6m0NMl7RgPb43P58rowC5Y3w+/EEYjbus5RARHUgN+rcSKhp+yQyJ7
Tasltlrv0f7nln0l1NZ00+QC6lUeHCK+ipR2h0rL7ZSkUJfGk4wP1Hz3SSfAjkbo
2hMkmQdqAMRuGMyFi2s6XCe3YdzZ82F1nTjcsZlyPL3rKSUkBwJWMea0tLeQOUgk
LtN5aJGNYbrFhUD6YkML/QiZGM6007YIpYTgIw==
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:52:59 2024 by rpki-client on console-fra.rpki-client.org