Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36CC7DD/A9306F4CC72211ED8F0703EEF1222468/450A6DF0C72311EDBD75E3EFF1222468.roa
File: 450A6DF0C72311EDBD75E3EFF1222468.roa (raw, json)
Hash identifier: SEDWrKPY/D7cGKMD0GoFMLH7bd89SS23zlgiBuTD+qE=
Subject key identifier: A2:BD:1B:3D:05:E7:24:72:15:C3:C7:77:C9:68:E5:38:2E:07:61:3E
Certificate issuer: /CN=F36CC7DDAF/serialNumber=619AA3642CB46F3BD2CB891CB67FFDDADE6736AE
Certificate serial: 02
Authority key identifier: 61:9A:A3:64:2C:B4:6F:3B:D2:CB:89:1C:B6:7F:FD:DA:DE:67:36:AE
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/YZqjZCy0bzvSy4kctn_92t5nNq4.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36CC7DD/A9306F4CC72211ED8F0703EEF1222468/450A6DF0C72311EDBD75E3EFF1222468.roa
Signing time: Mon 20 Mar 2023 13:29:42 +0000
ROA not before: Mon 20 Mar 2023 13:29:37 +0000
ROA not after: Thu 31 Mar 2033 13:29:37 +0000
asID: 328547
IP address blocks: 102.23.208.0/21 maxlen: 24
2c0f:ea90::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36CC7DD/A9306F4CC72211ED8F0703EEF1222468/YZqjZCy0bzvSy4kctn_92t5nNq4.crl
rsync://rpki.afrinic.net/repository/member_repository/F36CC7DD/A9306F4CC72211ED8F0703EEF1222468/YZqjZCy0bzvSy4kctn_92t5nNq4.mft
rsync://rpki.afrinic.net/repository/afrinic/YZqjZCy0bzvSy4kctn_92t5nNq4.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36CC7DDAF/serialNumber=619AA3642CB46F3BD2CB891CB67FFDDADE6736AE
Validity
Not Before: Mar 20 13:29:37 2023 GMT
Not After : Mar 31 13:29:37 2033 GMT
Subject: CN=64185fc5-16ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:c5:68:4f:b8:28:cc:f7:c8:97:22:95:d0:6c:
81:5f:47:58:b7:39:48:81:77:6e:f1:55:4d:b6:96:
bd:94:8f:4f:6d:fc:1e:ca:7d:10:4f:80:dc:72:37:
43:c0:78:b0:c7:c3:27:ea:86:99:be:b9:9a:16:de:
e7:fe:b5:a8:82:4a:88:f8:45:92:ab:b3:90:d5:82:
45:2d:d1:5e:da:dd:54:ff:38:7b:00:3f:80:97:43:
fa:26:d7:4d:a7:55:a5:cf:f4:3a:98:e6:32:5f:9f:
97:8f:3a:cc:84:9f:b2:94:01:6d:9f:f9:0f:3d:78:
18:6c:15:5c:ad:ac:83:98:47:ef:dd:9c:bf:d6:78:
b3:8c:16:37:46:06:c3:53:70:50:0d:d7:2a:7f:51:
f1:1d:a9:01:ee:a0:e2:21:9f:42:84:d9:1b:6f:49:
04:ef:9f:e2:e6:f0:a3:14:70:2b:1b:3a:75:1d:23:
55:53:cb:90:29:96:10:c0:dc:eb:5f:7b:2b:78:0e:
84:5e:64:57:de:91:f1:70:34:80:ee:03:7d:a4:15:
0b:70:f2:5a:fa:d2:dc:6d:3d:96:24:31:c7:e1:6f:
c4:55:0e:7a:ed:4a:0b:0c:cf:1b:fa:84:14:18:e5:
4f:d7:78:3e:e1:7d:76:af:a4:f6:0c:3a:10:3c:24:
66:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:BD:1B:3D:05:E7:24:72:15:C3:C7:77:C9:68:E5:38:2E:07:61:3E
X509v3 Authority Key Identifier:
keyid:61:9A:A3:64:2C:B4:6F:3B:D2:CB:89:1C:B6:7F:FD:DA:DE:67:36:AE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36CC7DD/A9306F4CC72211ED8F0703EEF1222468/YZqjZCy0bzvSy4kctn_92t5nNq4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/YZqjZCy0bzvSy4kctn_92t5nNq4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36CC7DD/A9306F4CC72211ED8F0703EEF1222468/450A6DF0C72311EDBD75E3EFF1222468.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.23.208.0/21
IPv6:
2c0f:ea90::/32
Signature Algorithm: sha256WithRSAEncryption
87:97:93:d9:6c:70:fa:3f:8d:8d:7f:95:a6:31:ce:88:fb:2e:
10:70:b8:5b:37:20:f4:ee:0b:ea:17:50:20:98:c3:55:bb:0a:
b1:d8:f7:4b:1c:e6:b1:07:53:29:cd:dd:e8:52:03:19:f2:7d:
0a:5e:da:1b:9d:c7:87:4f:d2:b5:11:59:3f:97:d1:3b:b2:aa:
4e:f7:a6:2c:4d:67:46:0d:3c:fa:49:31:b6:df:0c:d2:05:07:
1d:c9:d9:ee:70:b5:97:4e:e1:b1:f5:74:03:5e:a4:9b:88:5e:
77:2a:26:04:8b:ae:2e:09:0f:c6:88:b9:e9:10:50:ed:de:3f:
86:ba:3e:41:41:b2:83:c2:10:12:07:cd:c0:74:55:4e:db:50:
02:8d:12:0a:16:39:ac:32:34:93:71:4a:31:6d:24:62:91:85:
62:c5:e0:c1:4a:f2:05:b8:5c:e9:27:a6:29:cf:50:3c:69:77:
03:e2:d6:4b:e1:e7:7e:ca:a4:29:8e:93:d7:f0:7c:99:68:c1:
74:b8:07:ef:ce:99:3b:30:04:b9:5a:0e:a4:1c:19:61:f0:42:
d0:f5:73:c5:b1:a7:5c:7e:52:4b:76:c7:94:3f:40:27:6a:0c:
49:5f:88:52:7f:22:6c:8f:b6:a0:a1:b8:39:e9:8e:10:d6:00:
e2:ef:33:ed
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDDApGMzZD
QzdEREFGMTEwLwYDVQQFEyg2MTlBQTM2NDJDQjQ2RjNCRDJDQjg5MUNCNjdGRkRE
QURFNjczNkFFMB4XDTIzMDMyMDEzMjkzN1oXDTMzMDMzMTEzMjkzN1owGDEWMBQG
A1UEAwwNNjQxODVmYzUtMTZhYzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALPFaE+4KMz3yJcildBsgV9HWLc5SIF3bvFVTbaWvZSPT238Hsp9EE+A3HI3
Q8B4sMfDJ+qGmb65mhbe5/61qIJKiPhFkquzkNWCRS3RXtrdVP84ewA/gJdD+ibX
TadVpc/0OpjmMl+fl486zISfspQBbZ/5Dz14GGwVXK2sg5hH792cv9Z4s4wWN0YG
w1NwUA3XKn9R8R2pAe6g4iGfQoTZG29JBO+f4ubwoxRwKxs6dR0jVVPLkCmWEMDc
6197K3gOhF5kV96R8XA0gO4DfaQVC3DyWvrS3G09liQxx+FvxFUOeu1KCwzPG/qE
FBjlT9d4PuF9dq+k9gw6EDwkZn0CAwEAAaOCArQwggKwMB0GA1UdDgQWBBSivRs9
BeckchXDx3fJaOU4LgdhPjAfBgNVHSMEGDAWgBRhmqNkLLRvO9LLiRy2f/3a3mc2
rjAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2Q0M3REQvQTkzMDZGNENDNzIyMTFFRDhGMDcwM0VFRjEyMjI0NjgvWVpxalpD
eTBienZTeTRrY3RuXzkydDVuTnE0LmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvWVpxalpDeTBienZTeTRrY3RuXzkydDVuTnE0LmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2Q0M3REQvQTkzMDZGNENDNzIyMTFFRDhGMDcwM0VFRjEy
MjI0NjgvNDUwQTZERjBDNzIzMTFFREJENzVFM0VGRjEyMjI0Njgucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEA2YX0DANBAIAAjAHAwUALA/q
kDANBgkqhkiG9w0BAQsFAAOCAQEAh5eT2Wxw+j+NjX+VpjHOiPsuEHC4Wzcg9O4L
6hdQIJjDVbsKsdj3SxzmsQdTKc3d6FIDGfJ9Cl7aG53Hh0/StRFZP5fRO7KqTvem
LE1nRg08+kkxtt8M0gUHHcnZ7nC1l07hsfV0A16km4hedyomBIuuLgkPxoi56RBQ
7d4/hro+QUGyg8IQEgfNwHRVTttQAo0SChY5rDI0k3FKMW0kYpGFYsXgwUryBbhc
6SemKc9QPGl3A+LWS+HnfsqkKY6T1/B8mWjBdLgH786ZOzAEuVoOpBwZYfBC0PVz
xbGnXH5SS3bHlD9AJ2oMSV+IUn8ibI+2oKG4OemOENYA4u8z7Q==
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:52:59 2024 by rpki-client on console-fra.rpki-client.org