Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36DD1E2/54C9192AC02911EA91C3870AF8AEA228/9E5F4D20C02911EAA359D20AF8AEA228.roa
File: 9E5F4D20C02911EAA359D20AF8AEA228.roa (raw, json)
Hash identifier: mddgoRu4s2817HTK3OKl+Ig4JHtX0J/FyOyMNUGfu+I=
Subject key identifier: 8A:EA:2E:9A:05:E2:51:CD:85:F6:EA:3B:C8:40:0C:AF:4E:AE:A2:7D
Certificate issuer: /CN=F36DD1E2AF/serialNumber=5FD4C60AEC0F5B276DAAB9DB6911766589D8AA24
Certificate serial: 02
Authority key identifier: 5F:D4:C6:0A:EC:0F:5B:27:6D:AA:B9:DB:69:11:76:65:89:D8:AA:24
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/X9TGCuwPWydtqrnbaRF2ZYnYqiQ.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36DD1E2/54C9192AC02911EA91C3870AF8AEA228/9E5F4D20C02911EAA359D20AF8AEA228.roa
Signing time: Tue 07 Jul 2020 08:12:38 +0000
ROA not before: Tue 07 Jul 2020 08:12:32 +0000
ROA not after: Tue 31 Dec 2030 08:12:32 +0000
asID: 37724
IP address blocks: 102.222.66.0/23 maxlen: 24
2001:43f8:1800::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36DD1E2/54C9192AC02911EA91C3870AF8AEA228/X9TGCuwPWydtqrnbaRF2ZYnYqiQ.crl
rsync://rpki.afrinic.net/repository/member_repository/F36DD1E2/54C9192AC02911EA91C3870AF8AEA228/X9TGCuwPWydtqrnbaRF2ZYnYqiQ.mft
rsync://rpki.afrinic.net/repository/afrinic/X9TGCuwPWydtqrnbaRF2ZYnYqiQ.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 27 Nov 2024 00:05:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36DD1E2AF/serialNumber=5FD4C60AEC0F5B276DAAB9DB6911766589D8AA24
Validity
Not Before: Jul 7 08:12:32 2020 GMT
Not After : Dec 31 08:12:32 2030 GMT
Subject: CN=5f042e75-6771
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:39:a3:88:0f:4f:75:d1:d7:7e:e0:70:65:1a:
35:48:ec:14:72:cd:4e:ff:c4:d6:83:b8:62:d3:27:
0a:a5:fc:df:18:ab:57:cc:43:d3:dc:e7:27:af:fa:
f4:19:e6:aa:cd:b0:50:48:aa:cb:fa:03:c7:a0:1f:
b6:ab:cd:d8:71:77:e7:7a:f8:f8:b2:f5:b2:7e:ee:
9c:b1:5a:8d:65:dc:be:3c:d6:25:a9:2c:0e:6f:8a:
f0:39:f9:be:f5:60:e2:85:a3:b7:31:2e:eb:28:11:
cf:ac:87:f2:fa:d1:18:53:a4:23:33:82:a0:16:84:
8c:7f:43:e7:fe:b1:f4:c0:01:68:a3:9b:5a:c9:d4:
4c:db:06:7d:c2:6e:58:50:00:e5:49:47:49:6a:e2:
1c:b3:31:86:00:c9:c1:f2:c9:b7:bc:bd:4b:51:c1:
de:17:71:06:66:46:1f:69:0d:53:17:af:5b:d4:a2:
72:d8:18:29:7e:fd:fe:56:6c:ba:13:33:25:88:a8:
12:85:eb:a6:9d:f9:e0:3b:09:77:0e:77:2f:9b:cb:
0c:21:4c:7e:31:28:fa:07:cb:94:ea:3a:f0:53:33:
93:cf:9a:ab:b3:51:2b:e0:85:10:e6:40:dc:57:1d:
14:69:38:f5:eb:8f:9c:2e:2f:d7:40:ab:83:27:35:
1d:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:EA:2E:9A:05:E2:51:CD:85:F6:EA:3B:C8:40:0C:AF:4E:AE:A2:7D
X509v3 Authority Key Identifier:
keyid:5F:D4:C6:0A:EC:0F:5B:27:6D:AA:B9:DB:69:11:76:65:89:D8:AA:24
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36DD1E2/54C9192AC02911EA91C3870AF8AEA228/X9TGCuwPWydtqrnbaRF2ZYnYqiQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/X9TGCuwPWydtqrnbaRF2ZYnYqiQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36DD1E2/54C9192AC02911EA91C3870AF8AEA228/9E5F4D20C02911EAA359D20AF8AEA228.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.222.66.0/23
IPv6:
2001:43f8:1800::/40
Signature Algorithm: sha256WithRSAEncryption
a6:5c:3d:e7:c8:82:86:a2:89:4e:e1:9c:02:10:87:03:e2:9c:
7f:2e:70:2e:4a:bf:2a:8f:83:c0:44:27:63:89:d0:7f:e8:26:
0d:21:dc:d0:5c:e3:14:c2:d4:dd:d0:5f:4c:79:a7:bd:8f:c8:
d5:e6:b0:a1:07:e1:9b:b8:b0:01:6b:db:e4:88:f9:95:11:17:
6b:5e:b8:72:aa:3c:5d:37:56:7f:67:9f:68:81:a1:15:35:d4:
49:c1:3c:94:d9:5e:7e:9a:7e:b9:21:06:e4:93:c0:2b:16:0d:
3c:be:72:81:48:7a:57:4f:eb:c2:b4:6d:a5:52:23:b6:45:51:
23:f8:db:8e:00:7c:0a:e0:6d:a2:14:7d:5a:f3:d4:66:a2:c0:
b1:ec:da:99:93:b1:63:2a:2a:7e:6a:0b:b8:44:99:69:f0:98:
a4:09:14:90:7f:e6:04:db:0c:43:09:2a:58:38:c6:15:40:02:
7b:56:78:e9:68:9b:8a:9c:4a:bc:31:7d:8a:cc:ea:ad:2e:0e:
bc:26:0a:6b:8f:01:21:36:f2:22:54:69:50:4f:8e:d5:e7:e4:
84:37:88:2e:af:4a:e7:05:e3:93:68:c0:ab:77:00:9c:95:cf:
eb:7a:f1:30:a6:60:2e:47:dc:6c:86:15:ca:be:c4:f5:af:48:
1b:84:7b:32
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZE
RDFFMkFGMTEwLwYDVQQFEyg1RkQ0QzYwQUVDMEY1QjI3NkRBQUI5REI2OTExNzY2
NTg5RDhBQTI0MB4XDTIwMDcwNzA4MTIzMloXDTMwMTIzMTA4MTIzMlowGDEWMBQG
A1UEAxMNNWYwNDJlNzUtNjc3MTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALY5o4gPT3XR137gcGUaNUjsFHLNTv/E1oO4YtMnCqX83xirV8xD09znJ6/6
9Bnmqs2wUEiqy/oDx6AftqvN2HF353r4+LL1sn7unLFajWXcvjzWJaksDm+K8Dn5
vvVg4oWjtzEu6ygRz6yH8vrRGFOkIzOCoBaEjH9D5/6x9MABaKObWsnUTNsGfcJu
WFAA5UlHSWriHLMxhgDJwfLJt7y9S1HB3hdxBmZGH2kNUxevW9SictgYKX79/lZs
uhMzJYioEoXrpp354DsJdw53L5vLDCFMfjEo+gfLlOo68FMzk8+aq7NRK+CFEOZA
3FcdFGk49euPnC4v10Crgyc1HR0CAwEAAaOCArUwggKxMB0GA1UdDgQWBBSK6i6a
BeJRzYX26jvIQAyvTq6ifTAfBgNVHSMEGDAWgBRf1MYK7A9bJ22qudtpEXZlidiq
JDAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2REQxRTIvNTRDOTE5MkFDMDI5MTFFQTkxQzM4NzBBRjhBRUEyMjgvWDlUR0N1
d1BXeWR0cXJuYmFSRjJaWW5ZcWlRLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvWDlUR0N1d1BXeWR0cXJuYmFSRjJaWW5ZcWlRLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2REQxRTIvNTRDOTE5MkFDMDI5MTFFQTkxQzM4NzBBRjhB
RUEyMjgvOUU1RjREMjBDMDI5MTFFQUEzNTlEMjBBRjhBRUEyMjgucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAvBggrBgEFBQcBBwEB/wQgMB4wDAQCAAEwBgMEAWbeQjAOBAIAAjAIAwYAIAFD
+BgwDQYJKoZIhvcNAQELBQADggEBAKZcPefIgoaiiU7hnAIQhwPinH8ucC5KvyqP
g8BEJ2OJ0H/oJg0h3NBc4xTC1N3QX0x5p72PyNXmsKEH4Zu4sAFr2+SI+ZURF2te
uHKqPF03Vn9nn2iBoRU11EnBPJTZXn6afrkhBuSTwCsWDTy+coFIeldP68K0baVS
I7ZFUSP4244AfArgbaIUfVrz1GaiwLHs2pmTsWMqKn5qC7hEmWnwmKQJFJB/5gTb
DEMJKlg4xhVAAntWeOlom4qcSrwxfYrM6q0uDrwmCmuPASE28iJUaVBPjtXn5IQ3
iC6vSucF45NowKt3AJyVz+t68TCmYC5H3GyGFcq+xPWvSBuEezI=
-----END CERTIFICATE-----
Generated at Mon Nov 25 02:48:47 2024 by rpki-client on console-ams.rpki-client.org