Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36CF0F7/74C21A94BE0511EBAE0B5923F8AEA228/6CDEF3F0BE0611EB94B3C724F8AEA228.roa
File: 6CDEF3F0BE0611EB94B3C724F8AEA228.roa (raw, json)
Hash identifier: pshe4R+H6XbXOv48YBBEyNR6daZdIE4em2IXAs9CHN8=
Subject key identifier: 68:78:6B:8A:38:D7:E2:8C:4F:62:03:21:63:92:24:10:B2:AB:0F:95
Certificate issuer: /CN=F36CF0F7AF/serialNumber=07EDB2AC72FAE90A00B56B3AB3365D277EA18EFD
Certificate serial: 02
Authority key identifier: 07:ED:B2:AC:72:FA:E9:0A:00:B5:6B:3A:B3:36:5D:27:7E:A1:8E:FD
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/B-2yrHL66QoAtWs6szZdJ36hjv0.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36CF0F7/74C21A94BE0511EBAE0B5923F8AEA228/6CDEF3F0BE0611EB94B3C724F8AEA228.roa
Signing time: Wed 26 May 2021 09:40:37 +0000
ROA not before: Wed 26 May 2021 09:40:32 +0000
ROA not after: Tue 26 May 2026 09:40:32 +0000
asID: 328437
IP address blocks: 102.134.116.0/22 maxlen: 24
102.220.8.0/22 maxlen: 24
2c0f:ed38::/32 maxlen: 64
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36CF0F7/74C21A94BE0511EBAE0B5923F8AEA228/B-2yrHL66QoAtWs6szZdJ36hjv0.crl
rsync://rpki.afrinic.net/repository/member_repository/F36CF0F7/74C21A94BE0511EBAE0B5923F8AEA228/B-2yrHL66QoAtWs6szZdJ36hjv0.mft
rsync://rpki.afrinic.net/repository/afrinic/B-2yrHL66QoAtWs6szZdJ36hjv0.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 03 May 2024 00:04:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36CF0F7AF/serialNumber=07EDB2AC72FAE90A00B56B3AB3365D277EA18EFD
Validity
Not Before: May 26 09:40:32 2021 GMT
Not After : May 26 09:40:32 2026 GMT
Subject: CN=60ae1795-a791
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:33:c7:88:dd:24:f6:b1:0a:19:b6:3b:21:7f:
47:ec:ef:e4:0b:dc:54:8e:f7:cf:15:62:1c:c9:4c:
b6:04:74:98:28:1d:d1:65:e1:87:99:46:48:17:7c:
8f:48:3d:87:be:80:9b:9b:40:b9:0b:5f:ca:56:dc:
1c:00:b5:f9:09:32:c8:2c:73:28:ba:de:40:97:b6:
be:f7:1e:a9:a1:f1:2c:e6:01:a2:29:6d:97:93:01:
3a:b1:f8:bf:1a:0d:5d:7d:cc:cb:42:39:52:8c:df:
18:dd:66:70:f0:5f:3c:d1:1d:ef:b6:6d:96:38:01:
a1:82:a8:fc:33:40:d3:79:c6:ed:30:eb:b1:35:56:
51:2e:e7:f2:70:5c:0f:b5:ff:a6:7a:2d:3d:a9:ce:
2a:43:6a:b8:65:ac:51:42:85:07:af:36:fd:57:5c:
c6:da:21:b2:c7:b4:f5:ba:10:75:1e:a4:6c:70:5c:
53:88:0a:6e:2d:d5:77:5d:cc:2e:8c:2a:0f:b9:f9:
8f:43:7a:21:76:2f:b8:8d:bf:7f:5b:1e:54:80:2d:
ea:4a:3b:6c:3b:6b:04:30:5a:48:a3:2f:2e:91:01:
a3:54:ba:ed:11:2d:43:fe:0e:af:cf:fc:88:43:3c:
ef:1e:ee:1e:80:6a:ec:ea:90:af:bd:51:d2:1c:ed:
c4:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:78:6B:8A:38:D7:E2:8C:4F:62:03:21:63:92:24:10:B2:AB:0F:95
X509v3 Authority Key Identifier:
keyid:07:ED:B2:AC:72:FA:E9:0A:00:B5:6B:3A:B3:36:5D:27:7E:A1:8E:FD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36CF0F7/74C21A94BE0511EBAE0B5923F8AEA228/B-2yrHL66QoAtWs6szZdJ36hjv0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/B-2yrHL66QoAtWs6szZdJ36hjv0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36CF0F7/74C21A94BE0511EBAE0B5923F8AEA228/6CDEF3F0BE0611EB94B3C724F8AEA228.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.134.116.0/22
102.220.8.0/22
IPv6:
2c0f:ed38::/32
Signature Algorithm: sha256WithRSAEncryption
45:62:6f:d0:c7:79:25:40:95:46:86:59:d3:4b:38:3c:90:9f:
a7:83:67:51:5d:7e:cb:8d:3d:88:d6:03:ff:a4:21:46:b7:6b:
fe:79:65:a7:2a:71:93:04:43:4a:7a:06:18:2b:ae:12:41:06:
86:8c:10:12:7e:90:b9:ec:83:3a:10:7a:43:fe:a4:7d:ec:3b:
0b:dc:f3:4a:f6:ac:b8:11:68:0c:59:5c:cf:3e:13:ad:72:79:
34:92:c9:84:fa:0d:5b:60:20:8f:c9:b7:98:96:92:0d:45:82:
1a:b3:88:3f:01:ef:80:19:33:1b:a4:cf:e8:65:de:96:80:03:
12:bc:e1:64:f6:ef:06:59:a2:98:95:b0:d9:31:60:bc:14:99:
4d:e7:51:c9:0c:7a:e4:27:9b:9f:fe:53:b6:be:52:47:ca:68:
fb:39:75:aa:57:d6:5a:0d:03:61:ab:41:3f:dd:43:fe:4d:d0:
02:4b:81:0b:3c:e7:85:52:93:f4:7f:18:e3:e2:ce:cc:21:c7:
ec:a0:52:b1:9f:54:56:99:02:8e:9b:dd:85:06:f9:5a:5d:3e:
17:d7:b7:08:5e:b7:8a:c4:31:bf:cf:b6:6b:4b:3b:22:28:72:
5b:1b:1a:5d:f6:09:cf:55:25:21:0e:f7:9c:70:39:39:44:58:
79:6d:7a:0b
-----BEGIN CERTIFICATE-----
MIIFlzCCBH+gAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZD
RjBGN0FGMTEwLwYDVQQFEygwN0VEQjJBQzcyRkFFOTBBMDBCNTZCM0FCMzM2NUQy
NzdFQTE4RUZEMB4XDTIxMDUyNjA5NDAzMloXDTI2MDUyNjA5NDAzMlowGDEWMBQG
A1UEAxMNNjBhZTE3OTUtYTc5MTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANQzx4jdJPaxChm2OyF/R+zv5AvcVI73zxViHMlMtgR0mCgd0WXhh5lGSBd8
j0g9h76Am5tAuQtfylbcHAC1+QkyyCxzKLreQJe2vvceqaHxLOYBoiltl5MBOrH4
vxoNXX3My0I5UozfGN1mcPBfPNEd77ZtljgBoYKo/DNA03nG7TDrsTVWUS7n8nBc
D7X/pnotPanOKkNquGWsUUKFB682/Vdcxtohsse09boQdR6kbHBcU4gKbi3Vd13M
LowqD7n5j0N6IXYvuI2/f1seVIAt6ko7bDtrBDBaSKMvLpEBo1S67REtQ/4Or8/8
iEM87x7uHoBq7OqQr71R0hztxAMCAwEAAaOCArowggK2MB0GA1UdDgQWBBRoeGuK
ONfijE9iAyFjkiQQsqsPlTAfBgNVHSMEGDAWgBQH7bKscvrpCgC1azqzNl0nfqGO
/TAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2Q0YwRjcvNzRDMjFBOTRCRTA1MTFFQkFFMEI1OTIzRjhBRUEyMjgvQi0yeXJI
TDY2UW9BdFdzNnN6WmRKMzZoanYwLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvQi0yeXJITDY2UW9BdFdzNnN6WmRKMzZoanYwLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2Q0YwRjcvNzRDMjFBOTRCRTA1MTFFQkFFMEI1OTIzRjhB
RUEyMjgvNkNERUYzRjBCRTA2MTFFQjk0QjNDNzI0RjhBRUEyMjgucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDA0BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEAmaGdAMEAmbcCDANBAIAAjAH
AwUALA/tODANBgkqhkiG9w0BAQsFAAOCAQEARWJv0Md5JUCVRoZZ00s4PJCfp4Nn
UV1+y409iNYD/6QhRrdr/nllpypxkwRDSnoGGCuuEkEGhowQEn6QueyDOhB6Q/6k
few7C9zzSvasuBFoDFlczz4TrXJ5NJLJhPoNW2Agj8m3mJaSDUWCGrOIPwHvgBkz
G6TP6GXeloADErzhZPbvBlmimJWw2TFgvBSZTedRyQx65Cebn/5Ttr5SR8po+zl1
qlfWWg0DYatBP91D/k3QAkuBCzznhVKT9H8Y4+LOzCHH7KBSsZ9UVpkCjpvdhQb5
Wl0+F9e3CF63isQxv8+2a0s7IihyWxsaXfYJz1UlIQ73nHA5OURYeW16Cw==
-----END CERTIFICATE-----
Generated at Wed May 1 02:46:14 2024 by rpki-client on console-ams.rpki-client.org