Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36E68C0/3ECE895E48EF11EFBAB935BF762E951A/A30290B4490311EFAD6D6848762E951A.roa
File: A30290B4490311EFAD6D6848762E951A.roa (raw, json)
Hash identifier: 9DJDNrHzZVxc5zuNzgDbveKnN6iPIU3B9BicWnmYCZQ=
Subject key identifier: 6C:57:D5:26:D9:54:CE:8D:09:80:D1:91:F2:93:D8:DA:B7:F5:1C:6F
Certificate issuer: /CN=F36E68C0AF/serialNumber=8C4E77FA322349C0B27F01763233AE47B0DC9AF3
Certificate serial: 05
Authority key identifier: 8C:4E:77:FA:32:23:49:C0:B2:7F:01:76:32:33:AE:47:B0:DC:9A:F3
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/jE53-jIjScCyfwF2MjOuR7DcmvM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36E68C0/3ECE895E48EF11EFBAB935BF762E951A/A30290B4490311EFAD6D6848762E951A.roa
Signing time: Tue 23 Jul 2024 14:55:44 +0000
ROA not before: Tue 23 Jul 2024 14:55:41 +0000
ROA not after: Thu 25 Jul 2030 14:55:41 +0000
asID: 328464
IP address blocks: 102.222.240.0/22 maxlen: 24
2c0f:4f80::/32 maxlen: 128
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36E68C0/3ECE895E48EF11EFBAB935BF762E951A/jE53-jIjScCyfwF2MjOuR7DcmvM.crl
rsync://rpki.afrinic.net/repository/member_repository/F36E68C0/3ECE895E48EF11EFBAB935BF762E951A/jE53-jIjScCyfwF2MjOuR7DcmvM.mft
rsync://rpki.afrinic.net/repository/afrinic/jE53-jIjScCyfwF2MjOuR7DcmvM.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 26 Oct 2024 00:05:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5 (0x5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36E68C0AF/serialNumber=8C4E77FA322349C0B27F01763233AE47B0DC9AF3
Validity
Not Before: Jul 23 14:55:41 2024 GMT
Not After : Jul 25 14:55:41 2030 GMT
Subject: CN=669fc470-6ca9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:ec:f4:58:7a:0c:b7:73:93:11:dc:e5:93:70:
80:0c:84:78:88:6e:5a:a4:07:1e:28:fe:c1:55:bb:
dd:de:a9:27:6c:66:a4:5c:1b:33:b5:c8:70:3d:64:
93:6d:7c:a8:31:3e:39:07:99:b2:e7:af:5c:21:ae:
24:6b:32:4e:b8:13:f1:95:39:21:88:d3:56:a3:07:
a2:0e:82:cc:06:b6:2e:2f:44:af:3c:5e:2e:3b:bd:
c4:ae:43:4b:15:79:21:72:e8:cf:81:49:77:f1:38:
68:01:0c:6d:3a:0c:4b:c5:85:39:d2:82:2e:25:0e:
1d:12:f2:93:c3:f3:16:04:10:ba:ec:ca:e6:6b:ee:
ee:6e:47:b9:21:a2:2b:13:a3:e2:61:89:00:8f:ba:
ac:7e:0f:d2:4b:8b:72:3f:b7:e2:20:d7:24:48:c2:
78:8b:8c:67:7c:36:9f:1d:81:06:ba:a8:a4:36:15:
33:32:26:2c:7e:5f:c4:3a:94:db:80:e2:16:c0:33:
ae:65:17:42:3f:5c:08:11:08:1d:fc:1d:85:f5:ec:
f1:9e:44:dd:0f:20:f3:ae:3b:11:5b:65:0e:87:d9:
fb:4e:fb:79:a2:32:a2:60:f4:97:27:6a:bb:c0:b8:
4e:2a:b8:ca:f4:f5:86:fb:d8:47:b2:fc:cd:5a:e2:
81:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:57:D5:26:D9:54:CE:8D:09:80:D1:91:F2:93:D8:DA:B7:F5:1C:6F
X509v3 Authority Key Identifier:
keyid:8C:4E:77:FA:32:23:49:C0:B2:7F:01:76:32:33:AE:47:B0:DC:9A:F3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36E68C0/3ECE895E48EF11EFBAB935BF762E951A/jE53-jIjScCyfwF2MjOuR7DcmvM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/jE53-jIjScCyfwF2MjOuR7DcmvM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36E68C0/3ECE895E48EF11EFBAB935BF762E951A/A30290B4490311EFAD6D6848762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.222.240.0/22
IPv6:
2c0f:4f80::/32
Signature Algorithm: sha256WithRSAEncryption
35:31:10:c2:cc:a9:bd:74:e0:df:f8:d6:24:01:e0:2d:6c:f3:
4f:5b:3d:16:53:c7:1f:b3:05:54:25:71:c3:98:a5:c3:d0:35:
b0:e6:94:a7:80:1f:69:d3:e9:a4:a7:83:eb:0a:94:1a:61:4e:
3f:6e:a9:8e:72:1a:64:3a:b5:c6:4b:49:13:cd:b9:cd:b3:f8:
7b:d0:bd:af:aa:33:74:63:32:b6:5a:08:6f:16:3b:f1:62:c5:
03:bb:43:f4:c0:2d:de:d8:13:5e:78:2e:3b:c4:97:65:39:d5:
c1:53:93:51:c0:66:3a:85:be:2c:9f:a1:19:67:30:03:5f:18:
77:11:91:15:39:6f:a4:af:c5:52:54:c4:b1:34:65:c5:eb:fc:
04:b0:06:19:92:c1:bb:bb:51:29:77:7a:b4:03:65:4b:2b:c7:
4f:8f:07:23:17:4b:bc:61:98:d5:84:6f:f7:33:5f:05:6e:b2:
9d:64:15:b1:6b:82:e4:ae:c9:2e:49:7f:fb:3a:b2:9a:a1:55:
a1:27:e3:3e:15:80:3c:74:9f:fc:f0:32:f8:98:76:3f:75:d1:
d1:b5:e9:71:63:a9:1d:1a:f5:f0:2d:20:32:9b:03:ff:0b:6a:
40:e4:f1:1b:93:aa:94:f4:69:2a:2d:e6:4a:36:d5:0d:78:c5:
e7:b4:cf:22
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgIBBTANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZF
NjhDMEFGMTEwLwYDVQQFEyg4QzRFNzdGQTMyMjM0OUMwQjI3RjAxNzYzMjMzQUU0
N0IwREM5QUYzMB4XDTI0MDcyMzE0NTU0MVoXDTMwMDcyNTE0NTU0MVowGDEWMBQG
A1UEAxMNNjY5ZmM0NzAtNmNhOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALzs9Fh6DLdzkxHc5ZNwgAyEeIhuWqQHHij+wVW73d6pJ2xmpFwbM7XIcD1k
k218qDE+OQeZsuevXCGuJGsyTrgT8ZU5IYjTVqMHog6CzAa2Li9ErzxeLju9xK5D
SxV5IXLoz4FJd/E4aAEMbToMS8WFOdKCLiUOHRLyk8PzFgQQuuzK5mvu7m5HuSGi
KxOj4mGJAI+6rH4P0kuLcj+34iDXJEjCeIuMZ3w2nx2BBrqopDYVMzImLH5fxDqU
24DiFsAzrmUXQj9cCBEIHfwdhfXs8Z5E3Q8g8647EVtlDofZ+077eaIyomD0lydq
u8C4Tiq4yvT1hvvYR7L8zVrigWECAwEAAaOCArQwggKwMB0GA1UdDgQWBBRsV9Um
2VTOjQmA0ZHyk9jat/UcbzAfBgNVHSMEGDAWgBSMTnf6MiNJwLJ/AXYyM65HsNya
8zAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2RTY4QzAvM0VDRTg5NUU0OEVGMTFFRkJBQjkzNUJGNzYyRTk1MUEvakU1My1q
SWpTY0N5ZndGMk1qT3VSN0RjbXZNLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvakU1My1qSWpTY0N5ZndGMk1qT3VSN0RjbXZNLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2RTY4QzAvM0VDRTg5NUU0OEVGMTFFRkJBQjkzNUJGNzYy
RTk1MUEvQTMwMjkwQjQ0OTAzMTFFRkFENkQ2ODQ4NzYyRTk1MUEucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAmbe8DANBAIAAjAHAwUALA9P
gDANBgkqhkiG9w0BAQsFAAOCAQEANTEQwsypvXTg3/jWJAHgLWzzT1s9FlPHH7MF
VCVxw5ilw9A1sOaUp4AfadPppKeD6wqUGmFOP26pjnIaZDq1xktJE825zbP4e9C9
r6ozdGMytloIbxY78WLFA7tD9MAt3tgTXnguO8SXZTnVwVOTUcBmOoW+LJ+hGWcw
A18YdxGRFTlvpK/FUlTEsTRlxev8BLAGGZLBu7tRKXd6tANlSyvHT48HIxdLvGGY
1YRv9zNfBW6ynWQVsWuC5K7JLkl/+zqymqFVoSfjPhWAPHSf/PAy+Jh2P3XR0bXp
cWOpHRr18C0gMpsD/wtqQOTxG5OqlPRpKi3mSjbVDXjF57TPIg==
-----END CERTIFICATE-----
Generated at Thu Oct 24 06:47:51 2024 by rpki-client on console-fra.rpki-client.org