Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36E2B69/1B6AC538F67811EDA33672194AD9E6FC/14217AF4FD4611EDACE0A4484AD9E6FC.roa
File: 14217AF4FD4611EDACE0A4484AD9E6FC.roa (raw, json)
Hash identifier: scusLfpX0zDQtYPg/Gz0vTNJwugRyOQOlFnS4UEvDsE=
Subject key identifier: 4B:6F:A7:06:D0:8E:75:B0:A9:22:CB:46:91:E9:50:0C:5C:EE:58:51
Certificate issuer: /CN=F36E2B69AF/serialNumber=1CD966277511932D3AD1FD2D3014F6E168CC48E5
Certificate serial: 0B
Authority key identifier: 1C:D9:66:27:75:11:93:2D:3A:D1:FD:2D:30:14:F6:E1:68:CC:48:E5
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/HNlmJ3URky060f0tMBT24WjMSOU.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36E2B69/1B6AC538F67811EDA33672194AD9E6FC/14217AF4FD4611EDACE0A4484AD9E6FC.roa
Signing time: Sun 28 May 2023 10:54:55 +0000
ROA not before: Sun 28 May 2023 10:54:51 +0000
ROA not after: Fri 31 Dec 2049 10:54:51 +0000
asID: 328760
IP address blocks: 102.221.248.0/22 maxlen: 24
2c0f:1b80::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36E2B69/1B6AC538F67811EDA33672194AD9E6FC/HNlmJ3URky060f0tMBT24WjMSOU.crl
rsync://rpki.afrinic.net/repository/member_repository/F36E2B69/1B6AC538F67811EDA33672194AD9E6FC/HNlmJ3URky060f0tMBT24WjMSOU.mft
rsync://rpki.afrinic.net/repository/afrinic/HNlmJ3URky060f0tMBT24WjMSOU.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 03 Jun 2024 00:05:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 11 (0xb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36E2B69AF/serialNumber=1CD966277511932D3AD1FD2D3014F6E168CC48E5
Validity
Not Before: May 28 10:54:51 2023 GMT
Not After : Dec 31 10:54:51 2049 GMT
Subject: CN=647332fe-3592
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:25:ee:f1:a6:85:06:05:ef:ac:83:09:ce:d1:
21:32:a2:95:31:43:cd:2f:16:3d:2a:89:61:d4:69:
af:27:9a:e8:a9:d3:0d:e7:3a:09:15:1b:31:74:7e:
28:03:77:c8:ab:de:e8:a1:c2:ae:87:e4:08:04:a8:
42:ef:cd:8d:bc:05:82:44:f8:26:c9:6b:41:76:03:
fc:ff:86:77:0a:8f:df:4e:65:0c:e7:b0:44:ac:9a:
72:0a:31:d8:a7:fa:84:29:39:55:9f:99:e4:95:b0:
c2:db:30:7d:c4:d8:03:bd:18:f1:aa:6e:e9:e3:5b:
19:ad:6d:d5:09:6d:d2:4c:8c:2a:9d:85:75:92:bc:
e8:cd:c2:7d:89:40:ef:a3:2e:ff:24:45:9e:56:61:
74:c7:48:5a:70:47:ac:84:ed:1e:d9:7f:24:0e:f2:
d2:7f:3c:63:7f:fc:2a:f4:9a:cb:3b:f5:96:ed:28:
c0:ce:ec:b7:d8:52:85:56:d2:3b:3c:a7:26:48:31:
bd:bd:e6:34:1e:1f:a8:f3:51:ea:27:f0:66:b0:47:
a6:c9:d0:be:1a:02:23:85:fe:98:95:ca:96:56:ae:
e4:10:f8:2d:e4:da:ca:8d:69:15:04:a6:44:b3:5c:
b5:3e:10:c9:e2:af:2b:1a:c4:28:9c:6f:be:38:23:
2c:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:6F:A7:06:D0:8E:75:B0:A9:22:CB:46:91:E9:50:0C:5C:EE:58:51
X509v3 Authority Key Identifier:
keyid:1C:D9:66:27:75:11:93:2D:3A:D1:FD:2D:30:14:F6:E1:68:CC:48:E5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36E2B69/1B6AC538F67811EDA33672194AD9E6FC/HNlmJ3URky060f0tMBT24WjMSOU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/HNlmJ3URky060f0tMBT24WjMSOU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36E2B69/1B6AC538F67811EDA33672194AD9E6FC/14217AF4FD4611EDACE0A4484AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.221.248.0/22
IPv6:
2c0f:1b80::/32
Signature Algorithm: sha256WithRSAEncryption
8d:56:44:1d:0c:ba:10:5e:11:13:b4:ca:ad:e3:33:41:56:c0:
14:9f:62:fc:06:8f:e4:d7:e0:91:c5:14:de:b0:e0:fa:45:b2:
8d:79:16:40:ba:1b:58:97:ea:b4:3a:c7:71:33:57:33:1e:f2:
46:e8:bc:a4:6c:7c:01:19:90:1d:fd:c6:58:22:ae:13:dd:c6:
80:b5:8c:f3:78:66:fc:39:c5:2c:36:1e:9a:48:1d:2c:06:0d:
31:36:c0:90:ee:1f:fa:e6:c0:f7:00:06:ad:9a:ed:19:1e:ea:
90:c1:b8:64:81:f2:cb:05:9c:d5:ad:19:2b:c3:7a:8d:94:66:
6c:98:88:fb:74:0e:52:67:b6:ed:aa:a7:3d:42:a9:f8:92:db:
ad:61:39:14:0e:21:b6:ee:17:fb:a1:fd:47:2a:2f:d5:23:cc:
0b:4c:db:63:15:ed:3d:59:cf:c4:36:31:87:87:91:45:8e:35:
e5:b2:6c:fe:88:c3:e7:57:23:22:70:2a:3c:73:5a:94:03:71:
26:db:fa:43:0d:f4:ef:5a:f6:19:e8:8d:02:69:e4:35:74:d9:
08:9d:11:76:fe:02:e5:9f:71:da:ad:d0:e2:ca:98:90:49:49:
c2:8b:93:6d:7c:a0:75:ef:75:bc:60:58:74:82:21:8a:ba:e0:
89:b2:d8:fe
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgIBCzANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZF
MkI2OUFGMTEwLwYDVQQFEygxQ0Q5NjYyNzc1MTE5MzJEM0FEMUZEMkQzMDE0RjZF
MTY4Q0M0OEU1MB4XDTIzMDUyODEwNTQ1MVoXDTQ5MTIzMTEwNTQ1MVowGDEWMBQG
A1UEAxMNNjQ3MzMyZmUtMzU5MjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN4l7vGmhQYF76yDCc7RITKilTFDzS8WPSqJYdRpryea6KnTDec6CRUbMXR+
KAN3yKve6KHCrofkCASoQu/NjbwFgkT4JslrQXYD/P+GdwqP305lDOewRKyacgox
2Kf6hCk5VZ+Z5JWwwtswfcTYA70Y8apu6eNbGa1t1Qlt0kyMKp2FdZK86M3CfYlA
76Mu/yRFnlZhdMdIWnBHrITtHtl/JA7y0n88Y3/8KvSayzv1lu0owM7st9hShVbS
OzynJkgxvb3mNB4fqPNR6ifwZrBHpsnQvhoCI4X+mJXKllau5BD4LeTayo1pFQSm
RLNctT4QyeKvKxrEKJxvvjgjLCcCAwEAAaOCArQwggKwMB0GA1UdDgQWBBRLb6cG
0I51sKkiy0aR6VAMXO5YUTAfBgNVHSMEGDAWgBQc2WYndRGTLTrR/S0wFPbhaMxI
5TAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2RTJCNjkvMUI2QUM1MzhGNjc4MTFFREEzMzY3MjE5NEFEOUU2RkMvSE5sbUoz
VVJreTA2MGYwdE1CVDI0V2pNU09VLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvSE5sbUozVVJreTA2MGYwdE1CVDI0V2pNU09VLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2RTJCNjkvMUI2QUM1MzhGNjc4MTFFREEzMzY3MjE5NEFE
OUU2RkMvMTQyMTdBRjRGRDQ2MTFFREFDRTBBNDQ4NEFEOUU2RkMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAmbd+DANBAIAAjAHAwUALA8b
gDANBgkqhkiG9w0BAQsFAAOCAQEAjVZEHQy6EF4RE7TKreMzQVbAFJ9i/AaP5Nfg
kcUU3rDg+kWyjXkWQLobWJfqtDrHcTNXMx7yRui8pGx8ARmQHf3GWCKuE93GgLWM
83hm/DnFLDYemkgdLAYNMTbAkO4f+ubA9wAGrZrtGR7qkMG4ZIHyywWc1a0ZK8N6
jZRmbJiI+3QOUme27aqnPUKp+JLbrWE5FA4htu4X+6H9Ryov1SPMC0zbYxXtPVnP
xDYxh4eRRY415bJs/ojD51cjInAqPHNalANxJtv6Qw3071r2GeiNAmnkNXTZCJ0R
dv4C5Z9x2q3Q4sqYkElJwouTbXygde91vGBYdIIhirrgibLY/g==
-----END CERTIFICATE-----
Generated at Sat Jun 1 04:07:19 2024 by rpki-client on console-ams.rpki-client.org