Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36DA3E9/3CBCB97259C011EC9B4364725A40D577/9FD9D4E6F35F11EE859BC06E775412E6.roa
File: 9FD9D4E6F35F11EE859BC06E775412E6.roa (raw, json)
Hash identifier: gidMA0u1Y1bDAE9ftxroc/rnJoOkFIpXZHib92UbY7g=
Subject key identifier: 7F:25:D3:3E:79:52:15:4C:C7:76:71:D4:17:A4:8F:06:CC:4D:94:F6
Certificate issuer: /CN=F36DA3E9AF/serialNumber=3D2C034F851F3715B2BA4C9C95E5285DAF2EE923
Certificate serial: 038B
Authority key identifier: 3D:2C:03:4F:85:1F:37:15:B2:BA:4C:9C:95:E5:28:5D:AF:2E:E9:23
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/PSwDT4UfNxWyukycleUoXa8u6SM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36DA3E9/3CBCB97259C011EC9B4364725A40D577/9FD9D4E6F35F11EE859BC06E775412E6.roa
Signing time: Fri 05 Apr 2024 15:17:32 +0000
ROA not before: Fri 05 Apr 2024 15:17:29 +0000
ROA not after: Wed 05 Apr 2034 15:17:29 +0000
asID: 15399
IP address blocks: 102.209.92.0/22 maxlen: 22
102.209.132.0/22 maxlen: 22
102.210.84.0/22 maxlen: 22
102.210.180.0/22 maxlen: 22
102.211.32.0/22 maxlen: 22
102.211.88.0/22 maxlen: 22
102.211.248.0/22 maxlen: 23
102.212.112.0/22 maxlen: 22
102.212.116.0/22 maxlen: 22
102.213.36.0/22 maxlen: 22
102.214.48.0/22 maxlen: 22
102.215.28.0/22 maxlen: 22
102.215.148.0/22 maxlen: 22
102.215.160.0/22 maxlen: 22
102.216.60.0/22 maxlen: 22
102.216.244.0/22 maxlen: 22
102.217.80.0/22 maxlen: 22
102.218.28.0/22 maxlen: 22
102.219.120.0/22 maxlen: 22
102.219.216.0/22 maxlen: 22
102.221.20.0/22 maxlen: 22
102.222.84.0/22 maxlen: 22
2c0f:e958::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36DA3E9/3CBCB97259C011EC9B4364725A40D577/PSwDT4UfNxWyukycleUoXa8u6SM.crl
rsync://rpki.afrinic.net/repository/member_repository/F36DA3E9/3CBCB97259C011EC9B4364725A40D577/PSwDT4UfNxWyukycleUoXa8u6SM.mft
rsync://rpki.afrinic.net/repository/afrinic/PSwDT4UfNxWyukycleUoXa8u6SM.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 907 (0x38b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36DA3E9AF/serialNumber=3D2C034F851F3715B2BA4C9C95E5285DAF2EE923
Validity
Not Before: Apr 5 15:17:29 2024 GMT
Not After : Apr 5 15:17:29 2034 GMT
Subject: CN=6610160c-3237
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:2d:55:01:1e:2e:36:fb:c4:d0:41:90:08:3a:
9e:f5:d1:18:93:fc:c8:db:6e:d5:a9:4b:23:29:e8:
71:2c:ab:91:7e:a3:74:d7:7a:08:8b:d6:e9:98:d6:
a9:0c:32:2f:e2:de:a0:0f:63:1a:0f:31:d1:78:09:
cf:24:73:ff:52:6e:a0:c0:f2:e1:62:64:9c:8d:5d:
ac:24:33:44:15:dd:35:6b:cb:04:60:bd:8a:30:41:
f0:86:f6:57:18:8b:e4:d5:03:1b:77:3e:0c:73:9a:
8b:a1:29:2e:25:9b:62:c8:c6:e6:87:6d:fd:3b:a7:
2e:f9:fb:33:50:da:35:10:eb:f8:59:9e:b1:e1:31:
53:64:6b:b9:cf:a6:89:77:30:46:b9:eb:b5:ab:dd:
42:ec:9c:51:e5:b9:20:fd:09:b5:06:5b:b5:32:13:
a1:20:40:c1:bd:dc:3d:41:36:be:6e:38:ac:f7:ad:
15:75:74:cf:2f:2d:68:62:f7:17:84:14:2e:3c:8a:
e0:02:86:dc:99:32:b8:cc:99:2c:4e:cb:c5:dd:18:
0a:4d:6f:5f:8a:ad:a8:5c:f9:c5:51:1b:f8:b1:b1:
bf:31:fe:10:e9:b5:b2:c5:40:a4:1e:14:52:87:27:
14:03:cb:4b:b6:75:23:6f:db:ec:ed:14:bd:9c:b4:
e5:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:25:D3:3E:79:52:15:4C:C7:76:71:D4:17:A4:8F:06:CC:4D:94:F6
X509v3 Authority Key Identifier:
keyid:3D:2C:03:4F:85:1F:37:15:B2:BA:4C:9C:95:E5:28:5D:AF:2E:E9:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36DA3E9/3CBCB97259C011EC9B4364725A40D577/PSwDT4UfNxWyukycleUoXa8u6SM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/PSwDT4UfNxWyukycleUoXa8u6SM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36DA3E9/3CBCB97259C011EC9B4364725A40D577/9FD9D4E6F35F11EE859BC06E775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.209.92.0/22
102.209.132.0/22
102.210.84.0/22
102.210.180.0/22
102.211.32.0/22
102.211.88.0/22
102.211.248.0/22
102.212.112.0/21
102.213.36.0/22
102.214.48.0/22
102.215.28.0/22
102.215.148.0/22
102.215.160.0/22
102.216.60.0/22
102.216.244.0/22
102.217.80.0/22
102.218.28.0/22
102.219.120.0/22
102.219.216.0/22
102.221.20.0/22
102.222.84.0/22
IPv6:
2c0f:e958::/32
Signature Algorithm: sha256WithRSAEncryption
4c:46:94:9f:ec:7c:91:91:b4:44:9c:70:77:f0:62:a0:e6:18:
8f:2c:17:de:c5:db:fb:71:db:e6:f9:b6:b8:3d:ea:03:84:81:
4e:5c:7d:d9:af:97:03:08:38:4d:59:1d:39:9d:56:2c:2d:5d:
7c:fe:f5:27:ee:47:fc:a6:8b:29:2d:41:dd:9f:1b:25:1d:94:
1b:b8:fe:8f:47:a2:41:a4:a3:87:49:c6:5b:e8:c3:d0:1f:65:
80:c8:3f:d9:50:0a:5d:3e:93:2a:4c:75:13:44:27:1c:14:ea:
77:e8:a9:d2:81:3f:dd:c8:34:40:0a:2d:0a:9f:a2:d2:b6:5a:
8c:c6:3e:92:3f:ca:7b:ca:d6:bd:8e:63:c9:0c:4d:31:cc:11:
cf:96:7c:e3:ce:4c:35:27:66:f4:bd:7b:78:82:40:5b:61:9f:
7f:47:7d:3e:c2:f6:3f:a6:a0:26:fc:e7:c6:aa:65:87:30:fd:
49:75:16:fa:06:72:10:5f:6e:7d:71:2c:fa:0c:b9:37:ab:41:
54:42:8c:cc:10:9c:27:28:fb:c7:9b:bd:4c:ea:c3:e3:d8:75:
e0:0d:2e:af:2a:71:97:5b:e8:d9:55:49:49:f0:75:ea:d5:95:
3c:33:f7:46:0c:40:99:d0:f9:28:19:34:88:9c:ab:c2:9e:8e:
70:4c:fe:1e
-----BEGIN CERTIFICATE-----
MIIGDjCCBPagAwIBAgICA4swDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
REEzRTlBRjExMC8GA1UEBRMoM0QyQzAzNEY4NTFGMzcxNUIyQkE0QzlDOTVFNTI4
NURBRjJFRTkyMzAeFw0yNDA0MDUxNTE3MjlaFw0zNDA0MDUxNTE3MjlaMBgxFjAU
BgNVBAMTDTY2MTAxNjBjLTMyMzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDFLVUBHi42+8TQQZAIOp710RiT/MjbbtWpSyMp6HEsq5F+o3TXegiL1umY
1qkMMi/i3qAPYxoPMdF4Cc8kc/9SbqDA8uFiZJyNXawkM0QV3TVrywRgvYowQfCG
9lcYi+TVAxt3PgxzmouhKS4lm2LIxuaHbf07py75+zNQ2jUQ6/hZnrHhMVNka7nP
pol3MEa567Wr3ULsnFHluSD9CbUGW7UyE6EgQMG93D1BNr5uOKz3rRV1dM8vLWhi
9xeEFC48iuAChtyZMrjMmSxOy8XdGApNb1+Krahc+cVRG/ixsb8x/hDptbLFQKQe
FFKHJxQDy0u2dSNv2+ztFL2ctOWtAgMBAAGjggMwMIIDLDAdBgNVHQ4EFgQUfyXT
PnlSFUzHdnHUF6SPBsxNlPYwHwYDVR0jBBgwFoAUPSwDT4UfNxWyukycleUoXa8u
6SMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkRBM0U5LzNDQkNCOTcyNTlDMDExRUM5QjQzNjQ3MjVBNDBENTc3L1BTd0RU
NFVmTnhXeXVreWNsZVVvWGE4dTZTTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL1BTd0RUNFVmTnhXeXVreWNsZVVvWGE4dTZTTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkRBM0U5LzNDQkNCOTcyNTlDMDExRUM5QjQzNjQ3MjVB
NDBENTc3LzlGRDlENEU2RjM1RjExRUU4NTlCQzA2RTc3NTQxMkU2LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwgakGCCsGAQUFBwEHAQH/BIGZMIGWMIGEBAIAATB+AwQCZtFcAwQCZtGEAwQC
ZtJUAwQCZtK0AwQCZtMgAwQCZtNYAwQCZtP4AwQDZtRwAwQCZtUkAwQCZtYwAwQC
ZtccAwQCZteUAwQCZtegAwQCZtg8AwQCZtj0AwQCZtlQAwQCZtocAwQCZtt4AwQC
ZtvYAwQCZt0UAwQCZt5UMA0EAgACMAcDBQAsD+lYMA0GCSqGSIb3DQEBCwUAA4IB
AQBMRpSf7HyRkbREnHB38GKg5hiPLBfexdv7cdvm+ba4PeoDhIFOXH3Zr5cDCDhN
WR05nVYsLV18/vUn7kf8pospLUHdnxslHZQbuP6PR6JBpKOHScZb6MPQH2WAyD/Z
UApdPpMqTHUTRCccFOp36KnSgT/dyDRACi0Kn6LStlqMxj6SP8p7yta9jmPJDE0x
zBHPlnzjzkw1J2b0vXt4gkBbYZ9/R30+wvY/pqAm/OfGqmWHMP1JdRb6BnIQX259
cSz6DLk3q0FUQozMEJwnKPvHm71M6sPj2HXgDS6vKnGXW+jZVUlJ8HXq1ZU8M/dG
DECZ0PkoGTSInKvCno5wTP4e
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:52:59 2024 by rpki-client on console-fra.rpki-client.org