Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36E0972/C9BF12CE87C811EE816035264AD9E6FC/17B6FBFE87C911EEBD3EF6264AD9E6FC.roa
File: 17B6FBFE87C911EEBD3EF6264AD9E6FC.roa (raw, json)
Hash identifier: 5ZD1WUDmaiv05T51fwwZBTVbvUWprAEi25d+4iZwaOA=
Subject key identifier: EC:45:0F:9D:BA:50:7C:B5:F7:11:5B:FC:50:77:3A:86:EA:DF:01:BB
Certificate issuer: /CN=F36E0972AF/serialNumber=AAFF45ED82DCF5B8580389942D59E9D29F5BC2E1
Certificate serial: 02
Authority key identifier: AA:FF:45:ED:82:DC:F5:B8:58:03:89:94:2D:59:E9:D2:9F:5B:C2:E1
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/qv9F7YLc9bhYA4mULVnp0p9bwuE.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36E0972/C9BF12CE87C811EE816035264AD9E6FC/17B6FBFE87C911EEBD3EF6264AD9E6FC.roa
Signing time: Mon 20 Nov 2023 17:20:25 +0000
ROA not before: Mon 20 Nov 2023 17:20:22 +0000
ROA not after: Sun 20 Nov 2033 17:20:22 +0000
asID: 329333
IP address blocks: 102.211.23.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36E0972/C9BF12CE87C811EE816035264AD9E6FC/qv9F7YLc9bhYA4mULVnp0p9bwuE.crl
rsync://rpki.afrinic.net/repository/member_repository/F36E0972/C9BF12CE87C811EE816035264AD9E6FC/qv9F7YLc9bhYA4mULVnp0p9bwuE.mft
rsync://rpki.afrinic.net/repository/afrinic/qv9F7YLc9bhYA4mULVnp0p9bwuE.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 03 Jun 2024 00:05:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36E0972AF/serialNumber=AAFF45ED82DCF5B8580389942D59E9D29F5BC2E1
Validity
Not Before: Nov 20 17:20:22 2023 GMT
Not After : Nov 20 17:20:22 2033 GMT
Subject: CN=655b9559-33e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:c3:cc:c9:3b:fb:74:ee:60:04:fb:31:c4:6a:
3e:f7:26:5e:8b:12:e4:b9:00:da:a5:6f:00:56:d6:
dc:bc:cc:d2:c5:2b:99:43:9d:82:47:8a:3c:2c:37:
d1:8b:fa:10:4a:89:21:1f:b3:63:f1:70:8b:a1:6c:
72:82:ec:3d:39:68:19:cd:69:1c:97:43:bb:01:85:
6d:66:04:b9:0a:5a:13:f6:97:1c:d4:20:d5:89:ca:
0b:be:64:e6:11:65:4d:63:72:dd:c6:99:cb:8f:9d:
ea:ad:cd:25:19:17:35:5d:a6:1c:01:4b:b2:6a:14:
eb:ec:7b:b3:60:5b:48:83:92:04:af:b5:28:9e:97:
f1:4d:64:35:0e:fb:89:19:94:10:5e:03:92:1b:15:
59:a2:08:02:48:91:e6:51:80:fe:45:43:07:f8:ee:
31:90:0e:3f:c9:d3:dc:18:f0:36:c7:ff:b1:17:c9:
a4:9a:35:53:ca:98:79:7a:19:92:5f:4f:5a:03:96:
61:45:aa:c0:10:92:d2:a3:97:68:bc:c5:46:34:50:
1e:66:9d:34:10:99:66:60:b7:ba:c3:6f:e6:33:d3:
97:f0:0b:bd:60:39:43:d6:5b:45:61:3e:18:2f:7a:
d2:71:29:5c:47:fe:fd:3b:ef:1e:b4:22:d6:4d:9a:
fe:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:45:0F:9D:BA:50:7C:B5:F7:11:5B:FC:50:77:3A:86:EA:DF:01:BB
X509v3 Authority Key Identifier:
keyid:AA:FF:45:ED:82:DC:F5:B8:58:03:89:94:2D:59:E9:D2:9F:5B:C2:E1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36E0972/C9BF12CE87C811EE816035264AD9E6FC/qv9F7YLc9bhYA4mULVnp0p9bwuE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/qv9F7YLc9bhYA4mULVnp0p9bwuE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36E0972/C9BF12CE87C811EE816035264AD9E6FC/17B6FBFE87C911EEBD3EF6264AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.211.23.0/24
Signature Algorithm: sha256WithRSAEncryption
26:67:41:61:39:c6:10:1e:df:9f:3a:b9:60:55:d2:83:94:c9:
fa:d6:81:11:77:cd:bd:3c:74:88:ef:71:c1:55:e3:b5:7a:5d:
eb:4a:91:e5:51:c2:1f:77:d4:37:44:4b:fd:ab:c1:bd:b0:a2:
f5:1d:32:22:a1:f2:53:d8:c0:7a:e5:e8:27:25:03:8d:da:10:
7f:b3:dd:df:37:bf:a6:d1:dc:ac:c2:8d:99:50:c4:ab:9b:9b:
a7:91:c3:96:f6:a4:46:8c:1d:d3:56:f2:8a:b2:59:61:77:39:
34:a2:df:d1:5c:5b:72:8b:87:c7:b1:41:2f:39:d2:dd:93:e8:
bc:c1:92:4e:c7:57:b5:45:5d:e0:6a:8b:67:fb:33:e0:0f:73:
54:75:62:a5:47:05:d9:4f:53:ad:4f:05:91:ff:63:0c:f3:c5:
85:fb:9b:31:ec:5b:c7:7e:62:86:1c:cd:34:69:c2:53:9d:d0:
69:a9:ad:7b:b8:fd:e7:91:a2:35:c0:29:70:b9:ee:45:84:3a:
80:06:94:47:f0:6f:d9:38:fd:fe:2a:a2:73:b8:f3:34:04:94:
39:0b:61:c1:89:d1:38:39:58:08:5c:83:fe:3e:91:3f:31:ae:
44:50:e5:4d:19:1f:14:61:eb:dc:04:b9:8f:92:db:d3:b2:33:
69:3b:f1:ec
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZF
MDk3MkFGMTEwLwYDVQQFEyhBQUZGNDVFRDgyRENGNUI4NTgwMzg5OTQyRDU5RTlE
MjlGNUJDMkUxMB4XDTIzMTEyMDE3MjAyMloXDTMzMTEyMDE3MjAyMlowGDEWMBQG
A1UEAxMNNjU1Yjk1NTktMzNlNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKPDzMk7+3TuYAT7McRqPvcmXosS5LkA2qVvAFbW3LzM0sUrmUOdgkeKPCw3
0Yv6EEqJIR+zY/Fwi6FscoLsPTloGc1pHJdDuwGFbWYEuQpaE/aXHNQg1YnKC75k
5hFlTWNy3caZy4+d6q3NJRkXNV2mHAFLsmoU6+x7s2BbSIOSBK+1KJ6X8U1kNQ77
iRmUEF4DkhsVWaIIAkiR5lGA/kVDB/juMZAOP8nT3BjwNsf/sRfJpJo1U8qYeXoZ
kl9PWgOWYUWqwBCS0qOXaLzFRjRQHmadNBCZZmC3usNv5jPTl/ALvWA5Q9ZbRWE+
GC960nEpXEf+/TvvHrQi1k2a/g8CAwEAAaOCAqUwggKhMB0GA1UdDgQWBBTsRQ+d
ulB8tfcRW/xQdzqG6t8BuzAfBgNVHSMEGDAWgBSq/0Xtgtz1uFgDiZQtWenSn1vC
4TAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2RTA5NzIvQzlCRjEyQ0U4N0M4MTFFRTgxNjAzNTI2NEFEOUU2RkMvcXY5RjdZ
TGM5YmhZQTRtVUxWbnAwcDlid3VFLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvcXY5RjdZTGM5YmhZQTRtVUxWbnAwcDlid3VFLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2RTA5NzIvQzlCRjEyQ0U4N0M4MTFFRTgxNjAzNTI2NEFE
OUU2RkMvMTdCNkZCRkU4N0M5MTFFRUJEM0VGNjI2NEFEOUU2RkMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAGbTFzANBgkqhkiG9w0BAQsF
AAOCAQEAJmdBYTnGEB7fnzq5YFXSg5TJ+taBEXfNvTx0iO9xwVXjtXpd60qR5VHC
H3fUN0RL/avBvbCi9R0yIqHyU9jAeuXoJyUDjdoQf7Pd3ze/ptHcrMKNmVDEq5ub
p5HDlvakRowd01byirJZYXc5NKLf0VxbcouHx7FBLznS3ZPovMGSTsdXtUVd4GqL
Z/sz4A9zVHVipUcF2U9TrU8Fkf9jDPPFhfubMexbx35ihhzNNGnCU53Qaamte7j9
55GiNcApcLnuRYQ6gAaUR/Bv2Tj9/iqic7jzNASUOQthwYnRODlYCFyD/j6RPzGu
RFDlTRkfFGHr3AS5j5Lb07IzaTvx7A==
-----END CERTIFICATE-----
Generated at Sat Jun 1 04:58:59 2024 by rpki-client on console-fra.rpki-client.org