Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36DF2C0/D50D7F0E5A0311EFABD2477A762E951A/66FDD6885A0A11EFBC9CDBA8762E951A.roa
File: 66FDD6885A0A11EFBC9CDBA8762E951A.roa (raw, json)
Hash identifier: aVnUgk3NY8yjcG/DFLWQpoxsTPLV3bCNwJvFvS9FExw=
Subject key identifier: B1:E0:AC:47:D0:7B:3A:0C:AA:5C:52:8B:5E:BB:E7:06:8B:61:B2:B8
Certificate issuer: /CN=F36DF2C0AF/serialNumber=92C0DD00D5702E390ED278F2A6FDC779EAB7BA8A
Certificate serial: 02
Authority key identifier: 92:C0:DD:00:D5:70:2E:39:0E:D2:78:F2:A6:FD:C7:79:EA:B7:BA:8A
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/ksDdANVwLjkO0njypv3Heeq3uoo.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36DF2C0/D50D7F0E5A0311EFABD2477A762E951A/66FDD6885A0A11EFBC9CDBA8762E951A.roa
Signing time: Wed 14 Aug 2024 06:57:00 +0000
ROA not before: Wed 14 Aug 2024 06:56:56 +0000
ROA not after: Thu 31 Aug 2034 06:56:56 +0000
asID: 8075
IP address blocks: 102.223.214.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36DF2C0/D50D7F0E5A0311EFABD2477A762E951A/ksDdANVwLjkO0njypv3Heeq3uoo.crl
rsync://rpki.afrinic.net/repository/member_repository/F36DF2C0/D50D7F0E5A0311EFABD2477A762E951A/ksDdANVwLjkO0njypv3Heeq3uoo.mft
rsync://rpki.afrinic.net/repository/afrinic/ksDdANVwLjkO0njypv3Heeq3uoo.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 26 Oct 2024 00:05:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36DF2C0AF/serialNumber=92C0DD00D5702E390ED278F2A6FDC779EAB7BA8A
Validity
Not Before: Aug 14 06:56:56 2024 GMT
Not After : Aug 31 06:56:56 2034 GMT
Subject: CN=66bc553b-3039
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:ea:47:7b:e6:93:17:37:19:2f:03:72:a9:1c:
ac:32:15:20:9a:cb:e3:1f:2c:a0:37:96:b4:66:cc:
fc:eb:69:55:e7:60:fb:3d:3f:5a:ca:79:b6:ab:c7:
50:fe:af:60:e7:5a:f5:80:84:ff:29:f2:61:bd:9e:
42:0a:65:96:29:81:1e:9e:5a:03:65:34:57:02:00:
05:2e:43:93:96:b0:84:48:cf:49:f1:dd:60:2c:ac:
44:e2:cc:5b:c7:8f:51:b8:94:53:92:0b:e0:89:11:
10:8d:ec:7a:24:ec:9e:1a:54:b0:2a:6f:a1:99:07:
55:95:d8:9b:64:48:62:ee:c7:5a:ee:f1:5a:d3:06:
22:81:cd:c2:c4:39:50:b3:3f:08:c1:6c:a1:75:e6:
95:92:c4:ff:22:8c:76:12:6c:34:16:83:ec:2d:50:
c8:9e:1e:6c:2e:c7:7f:14:fe:5d:92:e3:18:21:4b:
d5:12:89:2c:e2:d3:76:72:4b:6e:39:6c:59:34:41:
15:75:07:0a:13:f6:19:8e:b0:6b:54:ef:a6:01:ca:
08:da:2b:8d:df:84:3a:0d:da:d4:52:27:82:69:89:
36:66:19:0d:8e:51:4d:f1:28:6d:4b:55:a2:bc:04:
fc:46:2f:99:55:97:4d:92:49:2f:8b:de:91:76:17:
8a:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:E0:AC:47:D0:7B:3A:0C:AA:5C:52:8B:5E:BB:E7:06:8B:61:B2:B8
X509v3 Authority Key Identifier:
keyid:92:C0:DD:00:D5:70:2E:39:0E:D2:78:F2:A6:FD:C7:79:EA:B7:BA:8A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36DF2C0/D50D7F0E5A0311EFABD2477A762E951A/ksDdANVwLjkO0njypv3Heeq3uoo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/ksDdANVwLjkO0njypv3Heeq3uoo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36DF2C0/D50D7F0E5A0311EFABD2477A762E951A/66FDD6885A0A11EFBC9CDBA8762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.223.214.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:9d:14:86:7d:6f:e0:8d:f9:22:9d:ad:09:4a:1a:b7:3d:6a:
14:67:74:db:04:51:61:01:b0:26:03:32:d3:10:1d:2c:70:da:
df:67:dd:63:7b:79:c0:f2:56:07:11:a0:0e:40:9f:68:1c:c7:
53:89:0d:f5:8a:2f:56:00:25:56:c6:b7:06:2e:6c:44:27:39:
86:36:e2:1c:da:74:15:f6:dc:ff:7a:df:98:48:b3:e2:ba:9b:
fd:0c:9a:dc:3d:3f:6a:77:eb:50:e0:fc:60:cf:a7:71:35:6d:
74:e5:34:5d:56:6c:2b:03:80:3b:d4:a4:29:86:4d:5d:4f:31:
cd:5c:aa:10:cb:87:e2:f0:95:e7:e4:f5:e1:ce:d3:67:d5:de:
52:29:4c:db:9b:13:c3:51:ac:86:1f:b2:c5:8c:41:53:a8:f9:
e4:0f:01:be:15:c8:2f:f6:40:6b:8d:5c:de:07:b6:e5:46:ee:
db:f2:c9:25:16:cc:48:26:ef:45:dc:0e:29:4b:ff:8b:97:f7:
cf:d0:a7:eb:72:3d:95:8b:dd:b6:10:03:25:30:8d:4f:8d:a3:
cb:ae:97:a4:15:31:6f:c9:f8:31:e3:78:d5:36:1e:c0:0c:0d:
4c:76:85:e1:30:0c:fb:ad:32:e4:ac:b9:04:de:fb:08:d6:e8:
e7:02:1f:b0
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZE
RjJDMEFGMTEwLwYDVQQFEyg5MkMwREQwMEQ1NzAyRTM5MEVEMjc4RjJBNkZEQzc3
OUVBQjdCQThBMB4XDTI0MDgxNDA2NTY1NloXDTM0MDgzMTA2NTY1NlowGDEWMBQG
A1UEAxMNNjZiYzU1M2ItMzAzOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL3qR3vmkxc3GS8DcqkcrDIVIJrL4x8soDeWtGbM/OtpVedg+z0/Wsp5tqvH
UP6vYOda9YCE/ynyYb2eQgpllimBHp5aA2U0VwIABS5Dk5awhEjPSfHdYCysROLM
W8ePUbiUU5IL4IkREI3seiTsnhpUsCpvoZkHVZXYm2RIYu7HWu7xWtMGIoHNwsQ5
ULM/CMFsoXXmlZLE/yKMdhJsNBaD7C1QyJ4ebC7HfxT+XZLjGCFL1RKJLOLTdnJL
bjlsWTRBFXUHChP2GY6wa1TvpgHKCNorjd+EOg3a1FIngmmJNmYZDY5RTfEobUtV
orwE/EYvmVWXTZJJL4vekXYXinkCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBSx4KxH
0Hs6DKpcUoteu+cGi2GyuDAfBgNVHSMEGDAWgBSSwN0A1XAuOQ7SePKm/cd56re6
ijAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2REYyQzAvRDUwRDdGMEU1QTAzMTFFRkFCRDI0NzdBNzYyRTk1MUEva3NEZEFO
VndMamtPMG5qeXB2M0hlZXEzdW9vLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMva3NEZEFOVndMamtPMG5qeXB2M0hlZXEzdW9vLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2REYyQzAvRDUwRDdGMEU1QTAzMTFFRkFCRDI0NzdBNzYy
RTk1MUEvNjZGREQ2ODg1QTBBMTFFRkJDOUNEQkE4NzYyRTk1MUEucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAGbf1jANBgkqhkiG9w0BAQsF
AAOCAQEAS50Uhn1v4I35Ip2tCUoatz1qFGd02wRRYQGwJgMy0xAdLHDa32fdY3t5
wPJWBxGgDkCfaBzHU4kN9YovVgAlVsa3Bi5sRCc5hjbiHNp0Ffbc/3rfmEiz4rqb
/Qya3D0/anfrUOD8YM+ncTVtdOU0XVZsKwOAO9SkKYZNXU8xzVyqEMuH4vCV5+T1
4c7TZ9XeUilM25sTw1Gshh+yxYxBU6j55A8BvhXIL/ZAa41c3ge25Ubu2/LJJRbM
SCbvRdwOKUv/i5f3z9Cn63I9lYvdthADJTCNT42jy66XpBUxb8n4MeN41TYewAwN
THaF4TAM+60y5Ky5BN77CNbo5wIfsA==
-----END CERTIFICATE-----
Generated at Thu Oct 24 06:47:51 2024 by rpki-client on console-fra.rpki-client.org