Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36EF186/095B7A2A548011EE8C8F332D4AD9E6FC/35A2C592548111EEAEE811314AD9E6FC.roa
File: 35A2C592548111EEAEE811314AD9E6FC.roa (raw, json)
Hash identifier: 1eoXmWir/ADjiH6P13xfXbD6DlCaylmbXJCS83eS52M=
Subject key identifier: FA:0F:C6:E7:A9:74:41:BD:10:86:8A:0D:09:44:C1:05:A8:91:9F:78
Certificate issuer: /CN=F36EF186AF/serialNumber=F377D4D428F9465B15449C6AFD4532C422446964
Certificate serial: 02
Authority key identifier: F3:77:D4:D4:28:F9:46:5B:15:44:9C:6A:FD:45:32:C4:22:44:69:64
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/83fU1Cj5RlsVRJxq_UUyxCJEaWQ.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36EF186/095B7A2A548011EE8C8F332D4AD9E6FC/35A2C592548111EEAEE811314AD9E6FC.roa
Signing time: Sat 16 Sep 2023 11:07:22 +0000
ROA not before: Sat 16 Sep 2023 11:07:19 +0000
ROA not after: Fri 16 Sep 2033 11:07:19 +0000
asID: 328611
IP address blocks: 102.23.220.0/24 maxlen: 24
102.23.221.0/24 maxlen: 24
102.23.222.0/24 maxlen: 24
102.23.223.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36EF186/095B7A2A548011EE8C8F332D4AD9E6FC/83fU1Cj5RlsVRJxq_UUyxCJEaWQ.crl
rsync://rpki.afrinic.net/repository/member_repository/F36EF186/095B7A2A548011EE8C8F332D4AD9E6FC/83fU1Cj5RlsVRJxq_UUyxCJEaWQ.mft
rsync://rpki.afrinic.net/repository/afrinic/83fU1Cj5RlsVRJxq_UUyxCJEaWQ.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 27 Jun 2024 00:05:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36EF186AF/serialNumber=F377D4D428F9465B15449C6AFD4532C422446964
Validity
Not Before: Sep 16 11:07:19 2023 GMT
Not After : Sep 16 11:07:19 2033 GMT
Subject: CN=65058c6a-20ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:49:f0:a4:b2:44:70:95:ca:76:4a:88:e6:16:
2c:72:15:24:4d:b4:81:d3:03:e5:ca:f8:9e:6b:b8:
5e:49:e2:5c:6b:29:f8:06:b4:0b:7a:a9:30:66:ab:
c1:13:e2:39:c2:e9:66:93:e5:3a:c1:21:5b:0a:d4:
83:d0:cf:8c:33:88:4e:fa:42:7f:38:ef:f9:a6:76:
73:08:fd:44:bd:91:21:8b:58:5d:41:8a:b6:19:0d:
84:12:6c:f7:5a:02:6a:4a:f2:05:b8:35:63:a3:d0:
a9:b3:81:4f:dd:53:b3:3e:b7:47:9c:9b:f5:1b:3a:
51:a8:dd:94:0b:15:7c:9d:e8:d7:cc:71:92:c7:9e:
ac:31:17:44:de:d4:17:f6:7f:58:87:c5:63:9b:f5:
b0:96:3c:e6:73:f8:ce:5f:60:cc:89:39:45:1b:41:
9a:c2:b0:17:d8:fb:e7:7b:60:be:f9:d7:7c:26:74:
f0:7d:5e:05:e7:df:4e:5a:88:6c:af:6a:84:b4:06:
4c:b1:90:25:72:e0:69:d1:1f:f7:c3:79:a2:fd:11:
c9:c2:e8:4f:7d:c9:d4:1f:79:b7:67:9e:ac:a4:ca:
18:8a:94:43:17:08:8b:0d:5b:b3:26:32:4d:ee:59:
bf:e9:80:7f:00:1f:cb:21:ce:8f:2f:14:00:bf:3a:
e7:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:0F:C6:E7:A9:74:41:BD:10:86:8A:0D:09:44:C1:05:A8:91:9F:78
X509v3 Authority Key Identifier:
keyid:F3:77:D4:D4:28:F9:46:5B:15:44:9C:6A:FD:45:32:C4:22:44:69:64
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36EF186/095B7A2A548011EE8C8F332D4AD9E6FC/83fU1Cj5RlsVRJxq_UUyxCJEaWQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/83fU1Cj5RlsVRJxq_UUyxCJEaWQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36EF186/095B7A2A548011EE8C8F332D4AD9E6FC/35A2C592548111EEAEE811314AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.23.220.0/22
Signature Algorithm: sha256WithRSAEncryption
86:8d:89:bc:3b:31:f0:23:1f:34:52:14:ad:f8:85:f0:5b:05:
0e:b2:f3:54:8e:76:93:b2:25:ed:4e:89:10:5f:93:d6:e2:55:
a9:ec:d1:4d:f6:f1:28:41:05:74:f3:11:bb:74:2a:d2:f9:1c:
dc:38:c2:fd:a2:ab:28:28:14:c8:2f:74:e3:91:d3:7e:d0:de:
c5:28:c4:1d:30:27:3c:9e:51:c3:f8:d9:69:c1:0a:35:6d:2b:
d1:e7:04:0e:64:9a:00:2d:ff:dc:7f:92:22:44:6d:20:e9:05:
f0:ed:9c:e5:db:8d:32:17:fb:4d:a8:9b:41:81:eb:9f:8b:c4:
b1:e6:c8:29:90:c0:10:9d:ed:97:81:cb:08:d7:d2:93:ff:63:
3d:c0:32:aa:25:c7:11:ba:c6:ed:f9:da:cc:6b:1a:1c:ec:53:
82:f8:46:b9:00:3c:15:ea:ec:c8:54:48:eb:5b:d9:c2:95:8d:
98:9d:cc:a2:6b:ec:ed:3f:be:cc:2d:9a:c0:74:7c:31:23:7d:
62:9a:88:ba:f5:3c:b8:b3:0e:d5:ca:6e:ff:b9:12:2e:af:ab:
53:78:7d:a7:16:9f:69:fa:d3:ec:fd:82:f4:63:6d:6c:35:a4:
d6:4d:17:a3:6d:b9:a8:ad:73:75:66:16:c7:3b:db:00:94:7b:
2d:76:d0:a4
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZF
RjE4NkFGMTEwLwYDVQQFEyhGMzc3RDRENDI4Rjk0NjVCMTU0NDlDNkFGRDQ1MzJD
NDIyNDQ2OTY0MB4XDTIzMDkxNjExMDcxOVoXDTMzMDkxNjExMDcxOVowGDEWMBQG
A1UEAxMNNjUwNThjNmEtMjBjZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ9J8KSyRHCVynZKiOYWLHIVJE20gdMD5cr4nmu4XkniXGsp+Aa0C3qpMGar
wRPiOcLpZpPlOsEhWwrUg9DPjDOITvpCfzjv+aZ2cwj9RL2RIYtYXUGKthkNhBJs
91oCakryBbg1Y6PQqbOBT91Tsz63R5yb9Rs6UajdlAsVfJ3o18xxkseerDEXRN7U
F/Z/WIfFY5v1sJY85nP4zl9gzIk5RRtBmsKwF9j753tgvvnXfCZ08H1eBeffTlqI
bK9qhLQGTLGQJXLgadEf98N5ov0RycLoT33J1B95t2eerKTKGIqUQxcIiw1bsyYy
Te5Zv+mAfwAfyyHOjy8UAL8659MCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBT6D8bn
qXRBvRCGig0JRMEFqJGfeDAfBgNVHSMEGDAWgBTzd9TUKPlGWxVEnGr9RTLEIkRp
ZDAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2RUYxODYvMDk1QjdBMkE1NDgwMTFFRThDOEYzMzJENEFEOUU2RkMvODNmVTFD
ajVSbHNWUkp4cV9VVXl4Q0pFYVdRLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvODNmVTFDajVSbHNWUkp4cV9VVXl4Q0pFYVdRLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2RUYxODYvMDk1QjdBMkE1NDgwMTFFRThDOEYzMzJENEFE
OUU2RkMvMzVBMkM1OTI1NDgxMTFFRUFFRTgxMTMxNEFEOUU2RkMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAmYX3DANBgkqhkiG9w0BAQsF
AAOCAQEAho2JvDsx8CMfNFIUrfiF8FsFDrLzVI52k7Il7U6JEF+T1uJVqezRTfbx
KEEFdPMRu3Qq0vkc3DjC/aKrKCgUyC9045HTftDexSjEHTAnPJ5Rw/jZacEKNW0r
0ecEDmSaAC3/3H+SIkRtIOkF8O2c5duNMhf7TaibQYHrn4vEsebIKZDAEJ3tl4HL
CNfSk/9jPcAyqiXHEbrG7fnazGsaHOxTgvhGuQA8FersyFRI61vZwpWNmJ3Momvs
7T++zC2awHR8MSN9YpqIuvU8uLMO1cpu/7kSLq+rU3h9pxafafrT7P2C9GNtbDWk
1k0Xo225qK1zdWYWxzvbAJR7LXbQpA==
-----END CERTIFICATE-----
Generated at Tue Jun 25 06:04:19 2024 by rpki-client on console-fra.rpki-client.org