Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36DA693/0D2968C67D5F11E99565B87EF8AEA228/2A3ED73014EE11EA8694372AF8AEA228.roa
File: 2A3ED73014EE11EA8694372AF8AEA228.roa (raw, json)
Hash identifier: FBxa8Lun9k2Hzq6Q2hfcEGXCZPwxZGKNJqxPvNPWs2c=
Subject key identifier: 33:68:C7:6E:36:E7:B5:01:3E:CD:EA:F0:5D:84:5C:65:8D:56:FA:DE
Certificate issuer: /CN=F36DA693AF/serialNumber=089012F969A6200C9399B093447AA4EA2CFCA81E
Certificate serial: CB
Authority key identifier: 08:90:12:F9:69:A6:20:0C:93:99:B0:93:44:7A:A4:EA:2C:FC:A8:1E
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/CJAS-WmmIAyTmbCTRHqk6iz8qB4.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36DA693/0D2968C67D5F11E99565B87EF8AEA228/2A3ED73014EE11EA8694372AF8AEA228.roa
Signing time: Mon 02 Dec 2019 10:26:14 +0000
ROA not before: Mon 02 Dec 2019 10:26:06 +0000
ROA not after: Mon 31 Dec 2029 10:26:06 +0000
asID: 328317
IP address blocks: 102.22.192.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36DA693/0D2968C67D5F11E99565B87EF8AEA228/CJAS-WmmIAyTmbCTRHqk6iz8qB4.crl
rsync://rpki.afrinic.net/repository/member_repository/F36DA693/0D2968C67D5F11E99565B87EF8AEA228/CJAS-WmmIAyTmbCTRHqk6iz8qB4.mft
rsync://rpki.afrinic.net/repository/afrinic/CJAS-WmmIAyTmbCTRHqk6iz8qB4.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 27 Apr 2024 00:04:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 203 (0xcb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36DA693AF/serialNumber=089012F969A6200C9399B093447AA4EA2CFCA81E
Validity
Not Before: Dec 2 10:26:06 2019 GMT
Not After : Dec 31 10:26:06 2029 GMT
Subject: CN=5de4e6c5-4bcb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:04:7c:a4:fb:39:95:b0:69:8b:62:db:90:1f:
ec:ad:74:fc:92:23:ac:50:40:23:1a:84:97:cf:1f:
55:5f:66:9e:50:7b:b6:42:41:58:25:2f:9e:b3:8a:
91:eb:0d:20:f4:16:59:43:ca:8f:43:f3:a9:b8:a9:
09:49:f1:70:37:64:8e:ca:72:d9:d5:09:f1:05:5f:
c7:a2:9d:2e:f4:a9:5f:be:71:46:fa:24:64:9b:d7:
21:3e:15:96:43:3b:ff:c0:c3:99:07:13:3b:bc:36:
ab:e8:26:6d:0d:cd:e9:bd:70:87:8b:cb:c5:d4:f7:
ce:bd:31:51:81:d0:5f:eb:fc:d7:96:6c:ca:62:dd:
ec:7a:99:15:e6:98:15:01:50:3b:49:73:bd:1e:3a:
7d:5d:54:78:c5:d5:e5:f2:09:6f:9c:87:b6:c0:18:
c5:ed:95:68:2a:63:39:0d:de:7c:76:00:db:7a:f3:
53:0a:16:08:9f:24:ab:58:03:51:ed:f2:e4:2c:78:
6a:a7:74:c2:e4:3f:30:ae:b7:21:8b:5c:5b:0a:70:
ef:3e:35:7b:ef:3d:28:b5:38:ba:a2:cd:68:1e:1c:
58:2c:f1:4b:10:42:0b:62:9e:65:bb:2c:11:93:4f:
55:7e:23:f8:8a:5b:18:57:fc:67:13:be:9f:ae:cd:
a6:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:68:C7:6E:36:E7:B5:01:3E:CD:EA:F0:5D:84:5C:65:8D:56:FA:DE
X509v3 Authority Key Identifier:
keyid:08:90:12:F9:69:A6:20:0C:93:99:B0:93:44:7A:A4:EA:2C:FC:A8:1E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36DA693/0D2968C67D5F11E99565B87EF8AEA228/CJAS-WmmIAyTmbCTRHqk6iz8qB4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CJAS-WmmIAyTmbCTRHqk6iz8qB4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36DA693/0D2968C67D5F11E99565B87EF8AEA228/2A3ED73014EE11EA8694372AF8AEA228.roa
sbgp-ipAddrBlock: critical
IPv4:
102.22.192.0/20
Signature Algorithm: sha256WithRSAEncryption
56:a7:5a:c8:d5:4a:23:52:b1:8a:9b:e3:84:37:9a:a3:bf:ad:
09:2a:7b:4c:9e:aa:65:7a:3b:be:ad:e4:61:b9:ac:2d:87:c0:
95:b2:07:ad:66:e2:6c:63:d6:2d:8e:2d:73:2a:cf:e5:c5:69:
25:6b:ad:9f:44:7e:2c:33:cb:62:9c:73:70:e1:2c:7a:87:48:
b4:7a:b4:0f:df:97:ab:4b:d7:dd:d2:82:37:24:53:31:57:0d:
53:75:51:2c:71:26:87:8f:4a:01:80:5f:4c:f0:56:e5:cf:89:
c5:88:4d:d8:79:c5:59:27:4f:b7:f1:bf:d4:9c:41:60:5c:d8:
c7:a7:2c:e7:ab:a7:05:ee:e2:45:15:a7:f2:59:19:70:63:7c:
ee:01:bf:c4:6a:1a:22:bb:32:61:84:83:83:22:69:d5:88:f3:
11:52:c9:c9:29:78:a5:40:44:b5:af:9c:87:1c:4b:57:3e:18:
7d:a7:44:c2:ef:e5:1c:22:f5:e2:54:bb:60:00:fb:93:25:f9:
42:21:ae:93:78:0f:44:d8:73:97:ce:70:4f:4b:4b:c6:e6:cf:
06:a8:d6:7b:80:f3:b7:83:d4:f2:b8:91:a4:c9:cd:a5:8a:57:
c3:d6:e4:0c:db:97:08:10:63:3d:d0:61:85:a9:7d:2e:42:d3:
99:b8:f9:26
-----BEGIN CERTIFICATE-----
MIIFTDCCBDSgAwIBAgICAMswDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
REE2OTNBRjExMC8GA1UEBRMoMDg5MDEyRjk2OUE2MjAwQzkzOTlCMDkzNDQ3QUE0
RUEyQ0ZDQTgxRTAeFw0xOTEyMDIxMDI2MDZaFw0yOTEyMzExMDI2MDZaMBgxFjAU
BgNVBAMTDTVkZTRlNmM1LTRiY2IwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDXBHyk+zmVsGmLYtuQH+ytdPySI6xQQCMahJfPH1VfZp5Qe7ZCQVglL56z
ipHrDSD0FllDyo9D86m4qQlJ8XA3ZI7KctnVCfEFX8einS70qV++cUb6JGSb1yE+
FZZDO//Aw5kHEzu8NqvoJm0Nzem9cIeLy8XU9869MVGB0F/r/NeWbMpi3ex6mRXm
mBUBUDtJc70eOn1dVHjF1eXyCW+ch7bAGMXtlWgqYzkN3nx2ANt681MKFgifJKtY
A1Ht8uQseGqndMLkPzCutyGLXFsKcO8+NXvvPSi1OLqizWgeHFgs8UsQQgtinmW7
LBGTT1V+I/iKWxhX/GcTvp+uzabFAgMBAAGjggJuMIICajAdBgNVHQ4EFgQUM2jH
bjbntQE+zerwXYRcZY1W+t4wHwYDVR0jBBgwFoAUCJAS+WmmIAyTmbCTRHqk6iz8
qB4wDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkRBNjkzLzBEMjk2OEM2N0Q1RjExRTk5NTY1Qjg3RUY4QUVBMjI4L0NKQVMt
V21tSUF5VG1iQ1RSSHFrNml6OHFCNC5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NKQVMtV21tSUF5VG1iQ1RSSHFrNml6OHFCNC5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkRBNjkzLzBEMjk2OEM2N0Q1RjExRTk5NTY1Qjg3RUY4
QUVBMjI4LzJBM0VENzMwMTRFRTExRUE4Njk0MzcyQUY4QUVBMjI4LnJvYTAfBggr
BgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBGYWwDANBgkqhkiG9w0BAQsFAAOCAQEA
VqdayNVKI1KxipvjhDeao7+tCSp7TJ6qZXo7vq3kYbmsLYfAlbIHrWbibGPWLY4t
cyrP5cVpJWutn0R+LDPLYpxzcOEseodItHq0D9+Xq0vX3dKCNyRTMVcNU3VRLHEm
h49KAYBfTPBW5c+JxYhN2HnFWSdPt/G/1JxBYFzYx6cs56unBe7iRRWn8lkZcGN8
7gG/xGoaIrsyYYSDgyJp1YjzEVLJySl4pUBEta+chxxLVz4YfadEwu/lHCL14lS7
YAD7kyX5QiGuk3gPRNhzl85wT0tLxubPBqjWe4Dzt4PU8riRpMnNpYpXw9bkDNuX
CBBjPdBhhal9LkLTmbj5Jg==
-----END CERTIFICATE-----
Generated at Thu Apr 25 02:05:23 2024 by rpki-client on console-fra.rpki-client.org