Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36ED057/3455862086BD11E98D8DE82EF8AEA228/C96F4D9CC3F211ED8B3F1BD0F1222468.roa
File: C96F4D9CC3F211ED8B3F1BD0F1222468.roa (raw, json)
Hash identifier: o7cW1+3HMZb5Mpe6+lzxsb3ID9BGRwC3rWFdxd+zpDk=
Subject key identifier: 81:32:55:D1:7E:D7:AD:32:BF:EC:6F:7B:9D:13:85:88:5E:36:6F:7B
Certificate issuer: /CN=F36ED057AF/serialNumber=44BE4CE57E115E0BCB34E6B9EB0C5723AEBD2274
Certificate serial: 0587
Authority key identifier: 44:BE:4C:E5:7E:11:5E:0B:CB:34:E6:B9:EB:0C:57:23:AE:BD:22:74
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/RL5M5X4RXgvLNOa56wxXI669InQ.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36ED057/3455862086BD11E98D8DE82EF8AEA228/C96F4D9CC3F211ED8B3F1BD0F1222468.roa
Signing time: Thu 16 Mar 2023 12:05:05 +0000
ROA not before: Thu 16 Mar 2023 12:04:59 +0000
ROA not after: Wed 30 Nov 2033 12:04:59 +0000
asID: 328423
IP address blocks: 102.68.180.0/22 maxlen: 24
2c0f:ecb0::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36ED057/3455862086BD11E98D8DE82EF8AEA228/RL5M5X4RXgvLNOa56wxXI669InQ.crl
rsync://rpki.afrinic.net/repository/member_repository/F36ED057/3455862086BD11E98D8DE82EF8AEA228/RL5M5X4RXgvLNOa56wxXI669InQ.mft
rsync://rpki.afrinic.net/repository/afrinic/RL5M5X4RXgvLNOa56wxXI669InQ.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 06 May 2024 00:04:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1415 (0x587)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36ED057AF/serialNumber=44BE4CE57E115E0BCB34E6B9EB0C5723AEBD2274
Validity
Not Before: Mar 16 12:04:59 2023 GMT
Not After : Nov 30 12:04:59 2033 GMT
Subject: CN=641305f1-a524
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:a1:4b:91:31:d4:80:5f:24:0a:c3:1f:a9:f9:
24:77:39:3b:1b:49:d8:9c:e2:7a:f8:28:4a:de:38:
30:d0:e2:7e:13:36:32:9a:99:19:df:bd:05:34:53:
0a:f2:f6:ff:22:79:6a:bc:71:a6:32:e9:ab:7a:fc:
73:9e:3a:2b:65:6b:3f:89:86:cf:46:16:3d:a1:5f:
39:99:90:4d:7a:5c:6b:c2:7c:94:92:71:08:38:6b:
8d:6f:58:e5:94:3e:15:27:43:e3:56:b0:be:77:fc:
f1:6b:df:ef:76:06:77:71:9e:e7:fa:79:f6:ad:7b:
8a:11:f4:a6:3d:26:42:1a:64:95:72:61:62:37:f8:
6c:47:92:e6:8e:58:ef:d9:79:42:27:ee:7a:ff:a2:
16:8d:8b:16:fa:1b:b0:56:c5:29:f4:cf:a9:86:4d:
63:bc:e6:84:e5:cf:01:39:7d:e4:ff:d6:19:94:c5:
25:18:01:2b:67:28:c4:71:00:65:e7:28:d3:e7:8c:
50:b2:80:9e:bb:36:43:0f:98:d9:28:03:3a:b8:7e:
9f:48:81:52:bd:58:e0:d8:ae:ca:1b:2f:92:67:94:
21:1f:aa:07:eb:b6:96:bd:3c:6a:1c:98:9a:3d:91:
64:41:8b:ff:94:27:b7:44:ee:6e:18:f7:c1:ba:93:
a6:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:32:55:D1:7E:D7:AD:32:BF:EC:6F:7B:9D:13:85:88:5E:36:6F:7B
X509v3 Authority Key Identifier:
keyid:44:BE:4C:E5:7E:11:5E:0B:CB:34:E6:B9:EB:0C:57:23:AE:BD:22:74
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36ED057/3455862086BD11E98D8DE82EF8AEA228/RL5M5X4RXgvLNOa56wxXI669InQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/RL5M5X4RXgvLNOa56wxXI669InQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36ED057/3455862086BD11E98D8DE82EF8AEA228/C96F4D9CC3F211ED8B3F1BD0F1222468.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.68.180.0/22
IPv6:
2c0f:ecb0::/32
Signature Algorithm: sha256WithRSAEncryption
6e:77:e3:ff:13:40:1c:69:86:8d:16:a4:92:94:91:aa:41:00:
e6:f2:7f:51:b2:19:35:01:47:8c:a2:95:a1:04:d9:f8:43:1e:
67:4d:89:84:9a:a8:66:ab:c8:b9:e5:82:22:2f:5d:2a:cf:e6:
23:2b:53:e4:2d:2b:57:f4:87:49:41:2e:15:36:97:ec:40:83:
fe:bb:36:68:9f:4b:56:10:6c:46:92:be:b6:08:c0:7f:11:b9:
96:d8:75:7c:08:b3:f9:71:5a:9d:51:19:70:40:be:e4:90:c7:
d9:00:dc:4a:fd:4f:c4:e8:59:3b:94:9f:3a:11:9e:56:02:3d:
49:07:d1:9a:c4:db:be:59:61:81:e0:d1:52:86:67:a2:e9:9e:
c4:08:4c:8f:7b:68:b8:c7:9a:3c:bd:3f:32:9b:6c:ca:02:53:
e5:bb:89:9b:a2:c0:f3:ed:e0:05:f0:4d:65:3f:c4:2a:1e:7c:
b6:51:5e:17:bd:90:be:6c:1b:97:86:61:48:66:cf:10:59:14:
89:82:03:0f:d7:bf:17:b2:3e:dd:d2:c3:2a:17:d5:b3:e8:1e:
a4:0e:b0:c5:31:76:7f:8b:3e:a1:72:2d:d6:bf:43:56:23:e1:
5a:cf:1b:bc:1e:2c:fc:e2:2d:eb:d2:00:9f:40:73:d4:3c:61:
03:c0:1a:1a
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgICBYcwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
RUQwNTdBRjExMC8GA1UEBRMoNDRCRTRDRTU3RTExNUUwQkNCMzRFNkI5RUIwQzU3
MjNBRUJEMjI3NDAeFw0yMzAzMTYxMjA0NTlaFw0zMzExMzAxMjA0NTlaMBgxFjAU
BgNVBAMMDTY0MTMwNWYxLWE1MjQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC8oUuRMdSAXyQKwx+p+SR3OTsbSdic4nr4KEreODDQ4n4TNjKamRnfvQU0
Uwry9v8ieWq8caYy6at6/HOeOitlaz+Jhs9GFj2hXzmZkE16XGvCfJSScQg4a41v
WOWUPhUnQ+NWsL53/PFr3+92Bndxnuf6efate4oR9KY9JkIaZJVyYWI3+GxHkuaO
WO/ZeUIn7nr/ohaNixb6G7BWxSn0z6mGTWO85oTlzwE5feT/1hmUxSUYAStnKMRx
AGXnKNPnjFCygJ67NkMPmNkoAzq4fp9IgVK9WODYrsobL5JnlCEfqgfrtpa9PGoc
mJo9kWRBi/+UJ7dE7m4Y98G6k6b5AgMBAAGjggK0MIICsDAdBgNVHQ4EFgQUgTJV
0X7XrTK/7G97nROFiF42b3swHwYDVR0jBBgwFoAURL5M5X4RXgvLNOa56wxXI669
InQwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkVEMDU3LzM0NTU4NjIwODZCRDExRTk4RDhERTgyRUY4QUVBMjI4L1JMNU01
WDRSWGd2TE5PYTU2d3hYSTY2OUluUS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL1JMNU01WDRSWGd2TE5PYTU2d3hYSTY2OUluUS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkVEMDU3LzM0NTU4NjIwODZCRDExRTk4RDhERTgyRUY4
QUVBMjI4L0M5NkY0RDlDQzNGMjExRUQ4QjNGMUJEMEYxMjIyNDY4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBAJmRLQwDQQCAAIwBwMFACwP
7LAwDQYJKoZIhvcNAQELBQADggEBAG534/8TQBxpho0WpJKUkapBAObyf1GyGTUB
R4yilaEE2fhDHmdNiYSaqGaryLnlgiIvXSrP5iMrU+QtK1f0h0lBLhU2l+xAg/67
NmifS1YQbEaSvrYIwH8RuZbYdXwIs/lxWp1RGXBAvuSQx9kA3Er9T8ToWTuUnzoR
nlYCPUkH0ZrE275ZYYHg0VKGZ6LpnsQITI97aLjHmjy9PzKbbMoCU+W7iZuiwPPt
4AXwTWU/xCoefLZRXhe9kL5sG5eGYUhmzxBZFImCAw/XvxeyPt3SwyoX1bPoHqQO
sMUxdn+LPqFyLda/Q1Yj4VrPG7weLPziLevSAJ9Ac9Q8YQPAGho=
-----END CERTIFICATE-----
Generated at Sat May 4 02:38:01 2024 by rpki-client on console-fra.rpki-client.org