Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36D7B70/311539A0AD6111ED8C82DB9DF1222468/BE9F0310ADB511ED9BFAA497F1222468.roa
File: BE9F0310ADB511ED9BFAA497F1222468.roa (raw, json)
Hash identifier: QYIDCJXoNqvHg1YdgKjgPsS1L4uv/2EzjaMHwhM8yjk=
Subject key identifier: 35:79:3B:EC:18:D1:7C:D5:6F:AC:91:89:E3:03:49:C3:59:0F:D1:9B
Certificate issuer: /CN=F36D7B70AF/serialNumber=D5DBEBCD7C1BEFF284357FF0647AC8B749620FD4
Certificate serial: 06
Authority key identifier: D5:DB:EB:CD:7C:1B:EF:F2:84:35:7F:F0:64:7A:C8:B7:49:62:0F:D4
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/1dvrzXwb7_KENX_wZHrIt0liD9Q.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36D7B70/311539A0AD6111ED8C82DB9DF1222468/BE9F0310ADB511ED9BFAA497F1222468.roa
Signing time: Thu 16 Feb 2023 04:52:42 +0000
ROA not before: Thu 16 Feb 2023 04:52:38 +0000
ROA not after: Mon 28 Feb 2033 04:52:38 +0000
asID: 328670
IP address blocks: 102.223.2.0/24 maxlen: 24
2c0f:1600::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36D7B70/311539A0AD6111ED8C82DB9DF1222468/1dvrzXwb7_KENX_wZHrIt0liD9Q.crl
rsync://rpki.afrinic.net/repository/member_repository/F36D7B70/311539A0AD6111ED8C82DB9DF1222468/1dvrzXwb7_KENX_wZHrIt0liD9Q.mft
rsync://rpki.afrinic.net/repository/afrinic/1dvrzXwb7_KENX_wZHrIt0liD9Q.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6 (0x6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36D7B70AF/serialNumber=D5DBEBCD7C1BEFF284357FF0647AC8B749620FD4
Validity
Not Before: Feb 16 04:52:38 2023 GMT
Not After : Feb 28 04:52:38 2033 GMT
Subject: CN=63edb69a-5436
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:e8:de:b6:a5:15:91:35:f3:78:7d:e4:2e:20:
d0:f4:ea:bd:23:8d:a9:ed:38:7a:37:36:b8:9e:cd:
1a:43:69:1d:65:8d:c1:0d:66:14:53:7f:65:d3:41:
52:17:0b:bd:b4:1d:14:f6:d5:fb:8e:01:32:51:e2:
d9:04:73:d4:8d:d9:ad:a8:1c:38:b1:6d:eb:8f:86:
ca:8f:25:70:96:6f:a4:11:7f:12:c3:64:cb:11:ae:
7d:24:5d:20:b1:02:2c:a9:36:26:53:02:01:ba:43:
d8:c7:da:67:93:6b:8f:27:09:b8:91:52:54:b0:9e:
c6:9f:62:ab:e2:8c:98:06:ea:3c:7f:dc:35:8b:c7:
a8:d2:85:f0:9a:0b:14:6e:63:f5:71:4b:af:bc:e2:
b8:ec:36:33:36:38:35:3d:c9:bb:c5:ba:11:ac:68:
e4:09:c5:6b:c7:4c:ba:26:c3:0d:ce:a1:ff:30:b1:
40:6e:b6:14:00:bc:ff:5d:f5:be:41:fa:63:b7:ff:
15:c1:c6:8e:01:4c:d1:91:b9:b0:e2:2a:79:20:3a:
c4:3b:b5:88:79:90:41:ff:70:fb:36:6a:15:07:06:
7c:7e:64:dc:d5:e4:c8:f3:ed:fc:de:f3:6f:00:3b:
0f:b0:43:4d:03:cb:32:ae:98:b0:c4:74:a6:f9:59:
90:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:79:3B:EC:18:D1:7C:D5:6F:AC:91:89:E3:03:49:C3:59:0F:D1:9B
X509v3 Authority Key Identifier:
keyid:D5:DB:EB:CD:7C:1B:EF:F2:84:35:7F:F0:64:7A:C8:B7:49:62:0F:D4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36D7B70/311539A0AD6111ED8C82DB9DF1222468/1dvrzXwb7_KENX_wZHrIt0liD9Q.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/1dvrzXwb7_KENX_wZHrIt0liD9Q.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36D7B70/311539A0AD6111ED8C82DB9DF1222468/BE9F0310ADB511ED9BFAA497F1222468.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.223.2.0/24
IPv6:
2c0f:1600::/32
Signature Algorithm: sha256WithRSAEncryption
63:1c:42:c6:56:f6:6e:7f:a0:ea:2a:c8:11:70:e9:fd:e0:b7:
a4:51:c8:4e:e6:e2:e9:4b:78:5f:13:72:95:9b:8d:62:6e:4a:
f8:10:30:33:39:cc:eb:f5:cc:3d:85:e0:fe:66:de:40:51:78:
31:ff:98:f1:9f:6e:e5:f0:e5:3d:7f:a8:0d:3e:46:d9:ae:c3:
b4:dd:0f:32:f2:60:30:ad:94:0a:7e:6a:b9:55:46:a7:b6:4a:
94:00:76:f3:21:1d:f0:75:57:fe:ad:47:8f:ab:4a:3c:61:3f:
0d:ae:74:44:52:cc:83:e2:45:cd:bc:42:77:06:17:cb:f9:6d:
ae:e1:1d:10:28:13:18:ce:58:b1:26:04:fc:a5:52:b6:67:b6:
db:fc:e1:6b:eb:67:44:5f:07:f4:b0:e3:08:09:38:0d:ce:2d:
40:4b:aa:0d:b4:83:d8:72:73:e0:50:3c:53:e5:dc:a7:db:db:
c9:02:3f:44:4e:a7:cb:45:11:47:fc:0d:db:84:cc:44:66:57:
f7:5c:37:a2:f8:53:b2:e1:c6:42:34:48:b2:51:49:11:f6:56:
dd:8a:0a:15:c5:22:9e:ff:ad:99:7c:76:ec:e7:7b:b1:30:3e:
ce:ba:07:72:41:a7:30:e6:25:57:d1:9c:d5:32:dc:1b:e4:b1:
32:aa:7d:49
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgIBBjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDDApGMzZE
N0I3MEFGMTEwLwYDVQQFEyhENURCRUJDRDdDMUJFRkYyODQzNTdGRjA2NDdBQzhC
NzQ5NjIwRkQ0MB4XDTIzMDIxNjA0NTIzOFoXDTMzMDIyODA0NTIzOFowGDEWMBQG
A1UEAwwNNjNlZGI2OWEtNTQzNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAODo3ralFZE183h95C4g0PTqvSONqe04ejc2uJ7NGkNpHWWNwQ1mFFN/ZdNB
UhcLvbQdFPbV+44BMlHi2QRz1I3ZragcOLFt64+Gyo8lcJZvpBF/EsNkyxGufSRd
ILECLKk2JlMCAbpD2MfaZ5NrjycJuJFSVLCexp9iq+KMmAbqPH/cNYvHqNKF8JoL
FG5j9XFLr7ziuOw2MzY4NT3Ju8W6Eaxo5AnFa8dMuibDDc6h/zCxQG62FAC8/131
vkH6Y7f/FcHGjgFM0ZG5sOIqeSA6xDu1iHmQQf9w+zZqFQcGfH5k3NXkyPPt/N7z
bwA7D7BDTQPLMq6YsMR0pvlZkMUCAwEAAaOCArQwggKwMB0GA1UdDgQWBBQ1eTvs
GNF81W+skYnjA0nDWQ/RmzAfBgNVHSMEGDAWgBTV2+vNfBvv8oQ1f/Bkesi3SWIP
1DAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2RDdCNzAvMzExNTM5QTBBRDYxMTFFRDhDODJEQjlERjEyMjI0NjgvMWR2cnpY
d2I3X0tFTlhfd1pIckl0MGxpRDlRLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvMWR2cnpYd2I3X0tFTlhfd1pIckl0MGxpRDlRLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2RDdCNzAvMzExNTM5QTBBRDYxMTFFRDhDODJEQjlERjEy
MjI0NjgvQkU5RjAzMTBBREI1MTFFRDlCRkFBNDk3RjEyMjI0Njgucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAGbfAjANBAIAAjAHAwUALA8W
ADANBgkqhkiG9w0BAQsFAAOCAQEAYxxCxlb2bn+g6irIEXDp/eC3pFHITubi6Ut4
XxNylZuNYm5K+BAwMznM6/XMPYXg/mbeQFF4Mf+Y8Z9u5fDlPX+oDT5G2a7DtN0P
MvJgMK2UCn5quVVGp7ZKlAB28yEd8HVX/q1Hj6tKPGE/Da50RFLMg+JFzbxCdwYX
y/ltruEdECgTGM5YsSYE/KVStme22/zha+tnRF8H9LDjCAk4Dc4tQEuqDbSD2HJz
4FA8U+Xcp9vbyQI/RE6ny0URR/wN24TMRGZX91w3ovhTsuHGQjRIslFJEfZW3YoK
FcUinv+tmXx27Od7sTA+zroHckGnMOYlV9Gc1TLcG+SxMqp9SQ==
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:52:59 2024 by rpki-client on console-fra.rpki-client.org