Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36DBAE4/858F2982732211E9AEBC3184F8AEA228/A99AE7C0DAC511E985EBCE09F8AEA228.roa
File: A99AE7C0DAC511E985EBCE09F8AEA228.roa (raw, json)
Hash identifier: OIGU7l2JXL8/haZu4eER9KuF5vp4/ZseEXDNYZByKwk=
Subject key identifier: 58:D1:12:EE:A4:40:88:50:38:A9:49:AB:8F:0C:77:75:7D:BC:7A:0C
Certificate issuer: /CN=F36DBAE4AF/serialNumber=40EE05FD0F31B5FB0ECC5625208AB50859F9E9F9
Certificate serial: 8C
Authority key identifier: 40:EE:05:FD:0F:31:B5:FB:0E:CC:56:25:20:8A:B5:08:59:F9:E9:F9
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/QO4F_Q8xtfsOzFYlIIq1CFn56fk.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36DBAE4/858F2982732211E9AEBC3184F8AEA228/A99AE7C0DAC511E985EBCE09F8AEA228.roa
Signing time: Thu 19 Sep 2019 10:10:10 +0000
ROA not before: Thu 19 Sep 2019 10:10:02 +0000
ROA not after: Wed 19 Sep 2029 10:10:02 +0000
asID: 328471
IP address blocks: 102.66.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36DBAE4/858F2982732211E9AEBC3184F8AEA228/QO4F_Q8xtfsOzFYlIIq1CFn56fk.crl
rsync://rpki.afrinic.net/repository/member_repository/F36DBAE4/858F2982732211E9AEBC3184F8AEA228/QO4F_Q8xtfsOzFYlIIq1CFn56fk.mft
rsync://rpki.afrinic.net/repository/afrinic/QO4F_Q8xtfsOzFYlIIq1CFn56fk.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 140 (0x8c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36DBAE4AF/serialNumber=40EE05FD0F31B5FB0ECC5625208AB50859F9E9F9
Validity
Not Before: Sep 19 10:10:02 2019 GMT
Not After : Sep 19 10:10:02 2029 GMT
Subject: CN=5d835402-d43d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:ab:30:d2:01:4f:2f:d7:91:83:f3:b2:52:36:
10:d8:50:33:41:13:33:49:8a:5b:48:dd:04:b8:6a:
67:bd:38:60:9d:ed:aa:db:c9:e7:9e:cf:97:3b:04:
f8:28:c1:90:14:cb:52:b0:43:62:a8:a9:81:31:14:
9e:ba:a7:f0:ef:c8:3b:f9:fa:b3:db:9a:fa:17:b0:
ed:9c:fa:90:e2:e7:f3:bb:e6:89:47:50:31:08:de:
cc:ef:73:77:ae:04:fc:6b:0b:a4:13:c1:f9:ca:8b:
a9:38:83:b1:21:c5:d6:cb:af:b8:ca:bc:a5:ec:02:
6a:c1:e5:28:23:7a:61:a8:d5:a4:ea:00:ef:4d:f1:
6f:c2:9e:a2:85:32:30:af:4b:41:8f:5e:c8:73:8e:
31:63:ec:bf:e0:fb:70:38:3c:85:92:65:c3:73:72:
ad:66:b9:2c:13:e3:fd:e8:e2:7b:fb:a5:b9:be:f5:
13:82:b7:33:b5:6d:d5:0e:a3:86:44:4c:81:e0:47:
2f:bc:3e:a3:f7:a8:cb:51:5d:93:dc:f8:0a:b9:d6:
af:1f:7f:b8:5d:87:c6:2f:06:c6:a6:8c:86:42:ee:
e8:74:e9:60:a7:e7:e3:71:cf:64:74:50:61:57:b1:
ed:73:d2:f3:0e:f9:51:1b:4b:60:f1:8c:9e:55:a6:
0f:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:D1:12:EE:A4:40:88:50:38:A9:49:AB:8F:0C:77:75:7D:BC:7A:0C
X509v3 Authority Key Identifier:
keyid:40:EE:05:FD:0F:31:B5:FB:0E:CC:56:25:20:8A:B5:08:59:F9:E9:F9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36DBAE4/858F2982732211E9AEBC3184F8AEA228/QO4F_Q8xtfsOzFYlIIq1CFn56fk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/QO4F_Q8xtfsOzFYlIIq1CFn56fk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36DBAE4/858F2982732211E9AEBC3184F8AEA228/A99AE7C0DAC511E985EBCE09F8AEA228.roa
sbgp-ipAddrBlock: critical
IPv4:
102.66.0.0/16
Signature Algorithm: sha256WithRSAEncryption
98:95:e7:5b:fe:4d:ff:30:60:42:7b:ff:2e:01:1c:27:31:b7:
31:0f:ac:85:68:f1:63:76:0b:80:34:c5:9b:46:43:9e:fc:c7:
32:48:92:de:e5:4e:0c:3a:c6:dc:7c:4d:31:4a:15:07:72:5b:
39:5d:7b:ac:68:c7:d8:0a:54:75:aa:9b:48:37:49:16:79:c6:
c2:ad:6f:6d:5c:0e:fa:ae:01:77:5b:95:3b:b3:82:4d:23:c0:
d8:05:89:e4:fd:23:e8:f4:5a:b2:7a:55:dc:6c:9d:fe:9e:e1:
42:08:f4:09:17:8f:08:24:6b:b1:a5:e5:ed:10:ea:c9:3a:af:
7f:6d:08:93:66:a7:4b:0a:c5:c6:e7:84:26:20:09:7e:86:ae:
d8:4f:cb:21:3f:ab:85:a3:30:af:a8:2b:ba:5f:2b:a3:71:97:
08:10:89:5d:2c:f9:b0:31:04:90:05:8f:35:2a:b4:c3:1b:46:
86:3a:7b:c0:ed:01:44:05:33:10:f7:c7:85:65:a1:90:5d:f6:
cc:0d:3a:61:f9:85:a5:90:86:0e:48:13:12:17:ce:4e:00:d1:
dc:e5:83:fb:b5:d3:c9:eb:29:ca:35:06:42:81:ef:fc:d8:6b:
41:50:ca:37:bd:a6:d9:1e:10:63:c9:a9:4d:b2:43:c4:44:d5:
e3:f9:04:3d
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgICAIwwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
REJBRTRBRjExMC8GA1UEBRMoNDBFRTA1RkQwRjMxQjVGQjBFQ0M1NjI1MjA4QUI1
MDg1OUY5RTlGOTAeFw0xOTA5MTkxMDEwMDJaFw0yOTA5MTkxMDEwMDJaMBgxFjAU
BgNVBAMTDTVkODM1NDAyLWQ0M2QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDXqzDSAU8v15GD87JSNhDYUDNBEzNJiltI3QS4ame9OGCd7arbyeeez5c7
BPgowZAUy1KwQ2KoqYExFJ66p/DvyDv5+rPbmvoXsO2c+pDi5/O75olHUDEI3szv
c3euBPxrC6QTwfnKi6k4g7EhxdbLr7jKvKXsAmrB5SgjemGo1aTqAO9N8W/CnqKF
MjCvS0GPXshzjjFj7L/g+3A4PIWSZcNzcq1muSwT4/3o4nv7pbm+9ROCtzO1bdUO
o4ZETIHgRy+8PqP3qMtRXZPc+Aq51q8ff7hdh8YvBsamjIZC7uh06WCn5+Nxz2R0
UGFXse1z0vMO+VEbS2DxjJ5Vpg/XAgMBAAGjggJtMIICaTAdBgNVHQ4EFgQUWNES
7qRAiFA4qUmrjwx3dX28egwwHwYDVR0jBBgwFoAUQO4F/Q8xtfsOzFYlIIq1CFn5
6fkwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkRCQUU0Lzg1OEYyOTgyNzMyMjExRTlBRUJDMzE4NEY4QUVBMjI4L1FPNEZf
UTh4dGZzT3pGWWxJSXExQ0ZuNTZmay5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL1FPNEZfUTh4dGZzT3pGWWxJSXExQ0ZuNTZmay5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkRCQUU0Lzg1OEYyOTgyNzMyMjExRTlBRUJDMzE4NEY4
QUVBMjI4L0E5OUFFN0MwREFDNTExRTk4NUVCQ0UwOUY4QUVBMjI4LnJvYTAeBggr
BgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAGZCMA0GCSqGSIb3DQEBCwUAA4IBAQCY
ledb/k3/MGBCe/8uARwnMbcxD6yFaPFjdguANMWbRkOe/McySJLe5U4MOsbcfE0x
ShUHcls5XXusaMfYClR1qptIN0kWecbCrW9tXA76rgF3W5U7s4JNI8DYBYnk/SPo
9FqyelXcbJ3+nuFCCPQJF48IJGuxpeXtEOrJOq9/bQiTZqdLCsXG54QmIAl+hq7Y
T8shP6uFozCvqCu6XyujcZcIEIldLPmwMQSQBY81KrTDG0aGOnvA7QFEBTMQ98eF
ZaGQXfbMDTph+YWlkIYOSBMSF85OANHc5YP7tdPJ6ynKNQZCge/82GtBUMo3vabZ
HhBjyalNskPERNXj+QQ9
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:05:29 2024 by rpki-client on console-ams.rpki-client.org