Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36DD92B/F4F4F3EA0BBD11EF8655910D017001B1/6AE274920BBE11EF8A25040F017001B1.roa
File: 6AE274920BBE11EF8A25040F017001B1.roa (raw, json)
Hash identifier: 5C1WjqwwGDR6D8+o0DVD1DCzkInrt9k6RbeLrYLWCSM=
Subject key identifier: 26:F5:A0:9D:8F:AB:C6:16:4B:02:E3:4F:BB:45:4C:08:EB:A0:A3:3B
Certificate issuer: /CN=F36DD92BAF/serialNumber=992CD319D7A515A56373294CE049153F8C3E004B
Certificate serial: 02
Authority key identifier: 99:2C:D3:19:D7:A5:15:A5:63:73:29:4C:E0:49:15:3F:8C:3E:00:4B
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/mSzTGdelFaVjcylM4EkVP4w-AEs.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36DD92B/F4F4F3EA0BBD11EF8655910D017001B1/6AE274920BBE11EF8A25040F017001B1.roa
Signing time: Mon 06 May 2024 15:36:34 +0000
ROA not before: Mon 06 May 2024 15:36:30 +0000
ROA not after: Sat 06 May 2034 15:36:30 +0000
asID: 328723
IP address blocks: 102.209.84.0/22 maxlen: 24
102.222.20.0/22 maxlen: 24
2c0f:e990::/32 maxlen: 36
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36DD92B/F4F4F3EA0BBD11EF8655910D017001B1/mSzTGdelFaVjcylM4EkVP4w-AEs.crl
rsync://rpki.afrinic.net/repository/member_repository/F36DD92B/F4F4F3EA0BBD11EF8655910D017001B1/mSzTGdelFaVjcylM4EkVP4w-AEs.mft
rsync://rpki.afrinic.net/repository/afrinic/mSzTGdelFaVjcylM4EkVP4w-AEs.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36DD92BAF/serialNumber=992CD319D7A515A56373294CE049153F8C3E004B
Validity
Not Before: May 6 15:36:30 2024 GMT
Not After : May 6 15:36:30 2034 GMT
Subject: CN=6638f902-0f8b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:cd:35:21:df:1e:4d:00:b4:b6:00:48:cb:10:
80:e3:72:5c:aa:a2:a7:f5:c3:4b:73:18:b6:7a:b0:
89:96:f0:28:85:8c:33:c1:89:34:61:44:78:08:de:
76:2a:42:bf:f8:39:f0:d6:f1:32:ab:cd:af:9e:7d:
ae:f1:12:78:3c:0e:c5:b4:3f:09:45:c1:84:67:79:
d3:fd:3f:8c:a1:69:8c:ab:ef:b2:dc:22:d2:7e:71:
35:ce:b0:96:8a:d0:8d:8a:10:51:88:a7:4a:9e:2b:
ca:45:5d:48:0a:9e:4d:cc:91:26:aa:f9:2b:d4:ed:
44:70:df:b0:e1:4c:bd:b6:46:bd:d8:6f:2d:9c:82:
c0:e4:c1:25:5f:04:d3:6e:1c:dc:b9:63:e0:9d:53:
0c:d8:cf:f4:59:32:43:2c:f9:c1:10:c2:0d:83:15:
24:44:c2:19:52:53:75:60:b3:7a:85:2f:57:a9:9e:
e4:11:35:d3:ef:d9:68:d0:ad:ac:10:db:70:56:99:
be:f7:03:41:a0:ea:91:a4:07:d6:b2:d8:f5:ec:89:
d7:f6:34:75:e1:ce:44:ae:9a:d9:00:83:7f:48:78:
0c:3a:8c:f9:fc:a9:22:f2:45:42:f7:9d:04:94:cc:
d8:3c:0a:28:e4:10:96:38:70:4f:2a:fb:d3:9f:2e:
e1:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:F5:A0:9D:8F:AB:C6:16:4B:02:E3:4F:BB:45:4C:08:EB:A0:A3:3B
X509v3 Authority Key Identifier:
keyid:99:2C:D3:19:D7:A5:15:A5:63:73:29:4C:E0:49:15:3F:8C:3E:00:4B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36DD92B/F4F4F3EA0BBD11EF8655910D017001B1/mSzTGdelFaVjcylM4EkVP4w-AEs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/mSzTGdelFaVjcylM4EkVP4w-AEs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36DD92B/F4F4F3EA0BBD11EF8655910D017001B1/6AE274920BBE11EF8A25040F017001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.209.84.0/22
102.222.20.0/22
IPv6:
2c0f:e990::/32
Signature Algorithm: sha256WithRSAEncryption
99:8a:45:de:44:45:2c:a8:db:1f:04:f3:b2:b7:63:b8:d3:b5:
ee:b0:2a:ac:e6:fc:6c:fd:7a:65:e1:d2:a8:25:ef:8b:30:9b:
80:10:4b:e4:c9:55:ae:9d:6b:22:40:db:95:d6:d2:f3:93:36:
ae:27:f9:17:b4:27:b0:23:e5:ba:6c:4a:0b:3b:4c:d5:08:03:
5b:17:e6:b0:fc:fc:10:0b:c3:9a:d7:37:9c:1c:9d:9e:ae:a1:
55:95:07:1d:44:49:cf:c7:49:3d:75:45:58:b6:49:af:13:2c:
4f:d7:0d:82:d0:88:ba:1f:6e:51:88:bd:a5:a6:bd:8f:fc:96:
7b:c9:8b:13:4e:39:1c:3c:4e:1c:54:b8:5b:5a:87:90:13:a3:
36:ad:75:e8:38:5c:10:c8:0d:f7:e8:fc:d2:7b:af:fe:ca:fb:
1d:e5:21:d2:8b:bc:32:89:4b:96:84:0f:ae:29:62:7e:cf:45:
11:9a:3f:1e:a8:cf:cd:e1:cb:07:50:60:78:0e:f2:a2:21:6d:
2f:45:98:47:a6:ec:c4:ce:e0:08:2a:6b:82:6d:c3:d0:63:63:
52:8f:dc:aa:98:85:b3:4c:dc:13:b7:86:27:e3:1e:98:fe:17:
09:84:4f:4c:a6:57:e2:02:6b:5d:b8:1e:5e:d9:c5:30:ea:69:
5b:19:8b:66
-----BEGIN CERTIFICATE-----
MIIFlzCCBH+gAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZE
RDkyQkFGMTEwLwYDVQQFEyg5OTJDRDMxOUQ3QTUxNUE1NjM3MzI5NENFMDQ5MTUz
RjhDM0UwMDRCMB4XDTI0MDUwNjE1MzYzMFoXDTM0MDUwNjE1MzYzMFowGDEWMBQG
A1UEAxMNNjYzOGY5MDItMGY4YjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAObNNSHfHk0AtLYASMsQgONyXKqip/XDS3MYtnqwiZbwKIWMM8GJNGFEeAje
dipCv/g58NbxMqvNr559rvESeDwOxbQ/CUXBhGd50/0/jKFpjKvvstwi0n5xNc6w
lorQjYoQUYinSp4rykVdSAqeTcyRJqr5K9TtRHDfsOFMvbZGvdhvLZyCwOTBJV8E
024c3Llj4J1TDNjP9FkyQyz5wRDCDYMVJETCGVJTdWCzeoUvV6me5BE10+/ZaNCt
rBDbcFaZvvcDQaDqkaQH1rLY9eyJ1/Y0deHORK6a2QCDf0h4DDqM+fypIvJFQved
BJTM2DwKKOQQljhwTyr7058u4UcCAwEAAaOCArowggK2MB0GA1UdDgQWBBQm9aCd
j6vGFksC40+7RUwI66CjOzAfBgNVHSMEGDAWgBSZLNMZ16UVpWNzKUzgSRU/jD4A
SzAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2REQ5MkIvRjRGNEYzRUEwQkJEMTFFRjg2NTU5MTBEMDE3MDAxQjEvbVN6VEdk
ZWxGYVZqY3lsTTRFa1ZQNHctQUVzLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvbVN6VEdkZWxGYVZqY3lsTTRFa1ZQNHctQUVzLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2REQ5MkIvRjRGNEYzRUEwQkJEMTFFRjg2NTU5MTBEMDE3
MDAxQjEvNkFFMjc0OTIwQkJFMTFFRjhBMjUwNDBGMDE3MDAxQjEucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDA0BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEAmbRVAMEAmbeFDANBAIAAjAH
AwUALA/pkDANBgkqhkiG9w0BAQsFAAOCAQEAmYpF3kRFLKjbHwTzsrdjuNO17rAq
rOb8bP16ZeHSqCXvizCbgBBL5MlVrp1rIkDbldbS85M2rif5F7QnsCPlumxKCztM
1QgDWxfmsPz8EAvDmtc3nBydnq6hVZUHHURJz8dJPXVFWLZJrxMsT9cNgtCIuh9u
UYi9paa9j/yWe8mLE045HDxOHFS4W1qHkBOjNq116DhcEMgN9+j80nuv/sr7HeUh
0ou8MolLloQPrilifs9FEZo/HqjPzeHLB1BgeA7yoiFtL0WYR6bsxM7gCCprgm3D
0GNjUo/cqpiFs0zcE7eGJ+MemP4XCYRPTKZX4gJrXbgeXtnFMOppWxmLZg==
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:52:59 2024 by rpki-client on console-fra.rpki-client.org