Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36EE14C/5EA2D1DCDBE811EE89324E7F775412E6/A07BB004DBEA11EE8E03CC82775412E6.roa
File: A07BB004DBEA11EE8E03CC82775412E6.roa (raw, json)
Hash identifier: 5FeX+dqvUeIECgzm38Ru/fnBhkIsH4lq/tNWx1MCZM8=
Subject key identifier: 40:4D:89:92:5F:C7:10:65:19:20:A3:18:ED:59:07:F7:2B:25:24:88
Certificate issuer: /CN=F36EE14CAF/serialNumber=DD8EE0395EFB34C4098E576E1FA95612F0AE108C
Certificate serial: 04
Authority key identifier: DD:8E:E0:39:5E:FB:34:C4:09:8E:57:6E:1F:A9:56:12:F0:AE:10:8C
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/3Y7gOV77NMQJjlduH6lWEvCuEIw.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36EE14C/5EA2D1DCDBE811EE89324E7F775412E6/A07BB004DBEA11EE8E03CC82775412E6.roa
Signing time: Wed 06 Mar 2024 18:52:06 +0000
ROA not before: Wed 06 Mar 2024 18:52:02 +0000
ROA not after: Mon 06 Mar 2034 18:52:02 +0000
asID: 37594
IP address blocks: 102.64.72.0/24 maxlen: 24
102.64.73.0/24 maxlen: 24
102.64.74.0/24 maxlen: 24
102.64.75.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36EE14C/5EA2D1DCDBE811EE89324E7F775412E6/3Y7gOV77NMQJjlduH6lWEvCuEIw.crl
rsync://rpki.afrinic.net/repository/member_repository/F36EE14C/5EA2D1DCDBE811EE89324E7F775412E6/3Y7gOV77NMQJjlduH6lWEvCuEIw.mft
rsync://rpki.afrinic.net/repository/afrinic/3Y7gOV77NMQJjlduH6lWEvCuEIw.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4 (0x4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36EE14CAF/serialNumber=DD8EE0395EFB34C4098E576E1FA95612F0AE108C
Validity
Not Before: Mar 6 18:52:02 2024 GMT
Not After : Mar 6 18:52:02 2034 GMT
Subject: CN=65e8bb56-e4d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:4b:e0:d9:b3:fe:92:71:83:14:33:cf:a6:ff:
ca:eb:14:38:3d:67:52:c4:5c:42:0e:df:7e:2f:57:
69:d9:66:7e:ff:85:8f:36:9b:34:ff:57:24:93:87:
34:09:c5:9d:a1:35:ea:0c:19:33:ef:94:07:18:a3:
29:4d:06:f0:a0:6c:a1:ee:e5:3b:79:39:a6:c5:78:
4e:df:d6:17:4a:3b:fb:f2:24:47:ac:4b:3d:a9:ca:
4a:41:0a:79:43:2e:19:e2:ad:d3:4e:46:53:dc:0a:
75:43:f9:36:a1:a9:a5:9c:f3:b2:3f:33:ec:5f:aa:
ea:0e:36:d1:c7:e8:c9:ad:9d:38:62:25:ec:6c:c1:
64:f9:ac:5b:49:2c:bb:11:eb:a8:0a:c2:c7:fb:4a:
4f:45:29:95:65:aa:62:92:8d:52:fa:bc:ca:62:3a:
54:52:2e:c5:68:d9:cd:d8:7e:2c:20:3d:22:04:4f:
27:fb:20:c4:5a:4a:e1:7d:cf:74:be:86:62:a6:7b:
ce:27:90:fa:f2:6e:ff:d0:8b:c4:87:8d:25:78:21:
e7:62:0e:5d:86:ac:30:fe:e9:5b:47:c5:30:9c:ba:
24:35:ca:4a:1f:8a:be:c5:1e:3e:cc:4e:45:28:be:
3d:14:17:a6:ee:10:97:7f:04:5c:12:96:74:9e:2a:
ea:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:4D:89:92:5F:C7:10:65:19:20:A3:18:ED:59:07:F7:2B:25:24:88
X509v3 Authority Key Identifier:
keyid:DD:8E:E0:39:5E:FB:34:C4:09:8E:57:6E:1F:A9:56:12:F0:AE:10:8C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36EE14C/5EA2D1DCDBE811EE89324E7F775412E6/3Y7gOV77NMQJjlduH6lWEvCuEIw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/3Y7gOV77NMQJjlduH6lWEvCuEIw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36EE14C/5EA2D1DCDBE811EE89324E7F775412E6/A07BB004DBEA11EE8E03CC82775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.64.72.0/22
Signature Algorithm: sha256WithRSAEncryption
63:ef:15:f7:48:78:b7:95:cd:58:da:22:1c:3b:79:e2:71:27:
9f:d5:a7:b4:09:e0:f1:06:73:5f:c6:c7:0d:b6:92:9e:ae:ac:
3a:f0:18:20:2f:ca:29:d8:4c:c8:3d:1e:be:7a:22:43:0a:2d:
d9:88:18:b0:4c:b3:12:7e:e8:b0:59:4a:59:35:8e:d3:ef:6c:
0d:7f:08:d9:6e:a3:7e:0d:39:19:52:37:f7:9c:b7:1d:16:96:
a6:a9:b9:11:59:90:cb:fd:6f:20:3f:72:c3:f3:0c:70:05:a0:
40:3b:fe:f3:43:18:7f:e3:f6:eb:22:a5:be:ea:55:9b:3f:60:
a9:02:3e:0d:e2:03:bb:0e:f6:9b:e6:ca:36:ea:a8:11:04:c4:
5d:91:01:df:8d:80:02:af:b1:98:30:0b:cf:82:8d:f0:cf:7f:
cc:16:07:8a:0e:e8:e1:8e:63:42:7f:b3:ba:96:ee:f0:63:53:
31:b7:36:b0:f3:59:a0:34:e4:80:63:20:fd:59:14:ae:20:41:
d8:87:7a:9b:70:31:06:6a:2f:ea:e4:d2:d2:20:1d:9b:50:48:
c1:01:14:4f:af:6b:ec:83:17:f3:d1:7a:1e:4b:b4:9d:4a:bc:
ae:d5:3d:01:ae:36:52:c2:91:ea:24:fc:aa:94:2d:50:a9:58:
4b:84:0b:3e
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBBDANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZF
RTE0Q0FGMTEwLwYDVQQFEyhERDhFRTAzOTVFRkIzNEM0MDk4RTU3NkUxRkE5NTYx
MkYwQUUxMDhDMB4XDTI0MDMwNjE4NTIwMloXDTM0MDMwNjE4NTIwMlowGDEWMBQG
A1UEAxMNNjVlOGJiNTYtZTRkMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPFL4Nmz/pJxgxQzz6b/yusUOD1nUsRcQg7ffi9Xadlmfv+FjzabNP9XJJOH
NAnFnaE16gwZM++UBxijKU0G8KBsoe7lO3k5psV4Tt/WF0o7+/IkR6xLPanKSkEK
eUMuGeKt005GU9wKdUP5NqGppZzzsj8z7F+q6g420cfoya2dOGIl7GzBZPmsW0ks
uxHrqArCx/tKT0UplWWqYpKNUvq8ymI6VFIuxWjZzdh+LCA9IgRPJ/sgxFpK4X3P
dL6GYqZ7zieQ+vJu/9CLxIeNJXgh52IOXYasMP7pW0fFMJy6JDXKSh+KvsUePsxO
RSi+PRQXpu4Ql38EXBKWdJ4q6ikCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBRATYmS
X8cQZRkgoxjtWQf3KyUkiDAfBgNVHSMEGDAWgBTdjuA5Xvs0xAmOV24fqVYS8K4Q
jDAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2RUUxNEMvNUVBMkQxRENEQkU4MTFFRTg5MzI0RTdGNzc1NDEyRTYvM1k3Z09W
NzdOTVFKamxkdUg2bFdFdkN1RUl3LmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvM1k3Z09WNzdOTVFKamxkdUg2bFdFdkN1RUl3LmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2RUUxNEMvNUVBMkQxRENEQkU4MTFFRTg5MzI0RTdGNzc1
NDEyRTYvQTA3QkIwMDREQkVBMTFFRThFMDNDQzgyNzc1NDEyRTYucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAmZASDANBgkqhkiG9w0BAQsF
AAOCAQEAY+8V90h4t5XNWNoiHDt54nEnn9WntAng8QZzX8bHDbaSnq6sOvAYIC/K
KdhMyD0evnoiQwot2YgYsEyzEn7osFlKWTWO0+9sDX8I2W6jfg05GVI395y3HRaW
pqm5EVmQy/1vID9yw/MMcAWgQDv+80MYf+P26yKlvupVmz9gqQI+DeIDuw72m+bK
NuqoEQTEXZEB342AAq+xmDALz4KN8M9/zBYHig7o4Y5jQn+zupbu8GNTMbc2sPNZ
oDTkgGMg/VkUriBB2Id6m3AxBmov6uTS0iAdm1BIwQEUT69r7IMX89F6Hku0nUq8
rtU9Aa42UsKR6iT8qpQtUKlYS4QLPg==
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:53:00 2024 by rpki-client on console-fra.rpki-client.org