Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36EF78E/993956C85BC111EF8A43554E762E951A/67C1E6C25BC211EFB69DE054762E951A.roa
File: 67C1E6C25BC211EFB69DE054762E951A.roa (raw, json)
Hash identifier: YBb6s7P/xe4Rp31Y1/0OCerKUAL44djIVtQBiEpnlME=
Subject key identifier: CE:C1:7B:7E:F4:04:EC:EF:C8:3C:4E:63:DB:15:1F:1E:34:9A:E6:B6
Certificate issuer: /CN=F36EF78EAF/serialNumber=FF4E824985DC0FE9E6D52D1568FDBB170EF7104B
Certificate serial: 02
Authority key identifier: FF:4E:82:49:85:DC:0F:E9:E6:D5:2D:15:68:FD:BB:17:0E:F7:10:4B
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/_06CSYXcD-nm1S0VaP27Fw73EEs.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36EF78E/993956C85BC111EF8A43554E762E951A/67C1E6C25BC211EFB69DE054762E951A.roa
Signing time: Fri 16 Aug 2024 11:26:39 +0000
ROA not before: Fri 16 Aug 2024 11:26:36 +0000
ROA not after: Thu 31 Aug 2034 11:26:36 +0000
asID: 201811
IP address blocks: 102.223.110.0/24 maxlen: 24
2c0f:e8a0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36EF78E/993956C85BC111EF8A43554E762E951A/_06CSYXcD-nm1S0VaP27Fw73EEs.crl
rsync://rpki.afrinic.net/repository/member_repository/F36EF78E/993956C85BC111EF8A43554E762E951A/_06CSYXcD-nm1S0VaP27Fw73EEs.mft
rsync://rpki.afrinic.net/repository/afrinic/_06CSYXcD-nm1S0VaP27Fw73EEs.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36EF78EAF/serialNumber=FF4E824985DC0FE9E6D52D1568FDBB170EF7104B
Validity
Not Before: Aug 16 11:26:36 2024 GMT
Not After : Aug 31 11:26:36 2034 GMT
Subject: CN=66bf376f-5ac2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:5f:78:af:1d:ba:69:8c:af:30:ac:62:d7:0f:
c1:6f:09:e7:a7:36:c3:74:72:e1:5b:56:8e:d8:3c:
a5:04:b0:96:b5:b5:41:bd:05:f1:f0:27:60:95:cd:
cf:5e:c7:bc:51:ea:63:82:92:1c:7b:48:ae:75:26:
ba:b8:0c:84:aa:53:3a:e1:c5:c8:02:c8:2d:03:c5:
98:69:a3:48:1b:ce:77:c6:38:5e:0a:27:c5:80:fe:
d0:8c:e5:0f:ba:ea:bc:4a:53:71:94:db:6d:30:bb:
35:cc:62:cc:ff:11:d7:8b:db:04:32:49:e2:c7:9c:
25:cc:e9:b0:87:ff:25:b7:f5:c4:33:e1:cd:c0:f3:
00:d7:71:2e:30:26:d0:91:bb:0b:e1:02:a8:be:04:
6c:57:3b:13:83:8f:f3:de:7f:9a:4e:05:5f:ae:8d:
d3:a4:4b:45:e2:8f:12:3b:fa:11:05:60:4f:9c:4b:
6b:bf:99:4c:bd:f0:6d:ff:40:f8:81:4b:35:52:42:
c5:71:ad:95:64:73:54:76:ea:c5:9d:11:16:c2:e4:
59:15:14:ce:57:07:7a:62:18:f4:61:85:71:c9:a2:
7d:7c:65:8c:5c:82:51:41:1a:7f:97:aa:7f:89:2a:
03:8c:e0:0d:cb:96:1c:4c:16:48:4e:bd:8d:94:63:
b1:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:C1:7B:7E:F4:04:EC:EF:C8:3C:4E:63:DB:15:1F:1E:34:9A:E6:B6
X509v3 Authority Key Identifier:
keyid:FF:4E:82:49:85:DC:0F:E9:E6:D5:2D:15:68:FD:BB:17:0E:F7:10:4B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36EF78E/993956C85BC111EF8A43554E762E951A/_06CSYXcD-nm1S0VaP27Fw73EEs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/_06CSYXcD-nm1S0VaP27Fw73EEs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36EF78E/993956C85BC111EF8A43554E762E951A/67C1E6C25BC211EFB69DE054762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.223.110.0/24
IPv6:
2c0f:e8a0::/32
Signature Algorithm: sha256WithRSAEncryption
1a:1b:37:36:63:bc:74:43:12:8f:b0:f2:96:a8:43:de:d8:fb:
1f:5e:ae:e1:d1:6d:dc:a5:92:09:90:80:af:27:5c:c3:55:41:
f3:d0:76:40:87:c6:10:99:0e:f8:64:9e:a4:24:0b:36:5a:bb:
05:cb:e1:ae:07:c2:16:a5:e5:52:75:f5:cd:89:8b:b4:22:82:
a9:24:de:3d:f2:c1:cd:93:18:0e:48:ae:f9:a7:4a:c3:15:06:
ac:05:32:97:f3:6f:c5:91:dc:69:6b:5a:c1:f4:24:45:9f:bc:
31:c9:77:9b:f8:0e:79:da:d9:f7:a3:28:e9:a5:dc:85:d4:73:
df:49:95:e8:df:9a:b8:9e:43:1b:d8:15:2f:b1:cc:76:7e:e0:
84:38:33:ad:7e:b1:ad:38:1a:8f:fe:31:2f:de:b6:81:cf:0d:
f4:01:80:33:9f:b9:1a:81:ee:63:e1:18:47:02:64:2a:45:c4:
3d:6e:03:2a:5e:06:a4:97:64:70:cb:3a:9d:f7:e7:ff:39:ba:
9e:31:02:f8:7b:bc:84:2c:3a:55:93:76:a4:36:10:61:55:34:
9b:91:44:25:f2:9f:fc:93:30:10:63:7a:1f:83:5d:28:d1:e2:
bc:d4:d3:a0:58:79:7f:fb:3d:64:82:d0:c7:7e:58:de:9c:0e:
06:30:b9:4b
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZF
Rjc4RUFGMTEwLwYDVQQFEyhGRjRFODI0OTg1REMwRkU5RTZENTJEMTU2OEZEQkIx
NzBFRjcxMDRCMB4XDTI0MDgxNjExMjYzNloXDTM0MDgzMTExMjYzNlowGDEWMBQG
A1UEAxMNNjZiZjM3NmYtNWFjMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ1feK8dummMrzCsYtcPwW8J56c2w3Ry4VtWjtg8pQSwlrW1Qb0F8fAnYJXN
z17HvFHqY4KSHHtIrnUmurgMhKpTOuHFyALILQPFmGmjSBvOd8Y4XgonxYD+0Izl
D7rqvEpTcZTbbTC7NcxizP8R14vbBDJJ4secJczpsIf/Jbf1xDPhzcDzANdxLjAm
0JG7C+ECqL4EbFc7E4OP895/mk4FX66N06RLReKPEjv6EQVgT5xLa7+ZTL3wbf9A
+IFLNVJCxXGtlWRzVHbqxZ0RFsLkWRUUzlcHemIY9GGFccmifXxljFyCUUEaf5eq
f4kqA4zgDcuWHEwWSE69jZRjsb0CAwEAAaOCArQwggKwMB0GA1UdDgQWBBTOwXt+
9ATs78g8TmPbFR8eNJrmtjAfBgNVHSMEGDAWgBT/ToJJhdwP6ebVLRVo/bsXDvcQ
SzAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2RUY3OEUvOTkzOTU2Qzg1QkMxMTFFRjhBNDM1NTRFNzYyRTk1MUEvXzA2Q1NZ
WGNELW5tMVMwVmFQMjdGdzczRUVzLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvXzA2Q1NZWGNELW5tMVMwVmFQMjdGdzczRUVzLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2RUY3OEUvOTkzOTU2Qzg1QkMxMTFFRjhBNDM1NTRFNzYy
RTk1MUEvNjdDMUU2QzI1QkMyMTFFRkI2OURFMDU0NzYyRTk1MUEucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAGbfbjANBAIAAjAHAwUALA/o
oDANBgkqhkiG9w0BAQsFAAOCAQEAGhs3NmO8dEMSj7DylqhD3tj7H16u4dFt3KWS
CZCArydcw1VB89B2QIfGEJkO+GSepCQLNlq7BcvhrgfCFqXlUnX1zYmLtCKCqSTe
PfLBzZMYDkiu+adKwxUGrAUyl/NvxZHcaWtawfQkRZ+8Mcl3m/gOedrZ96Mo6aXc
hdRz30mV6N+auJ5DG9gVL7HMdn7ghDgzrX6xrTgaj/4xL962gc8N9AGAM5+5GoHu
Y+EYRwJkKkXEPW4DKl4GpJdkcMs6nffn/zm6njEC+Hu8hCw6VZN2pDYQYVU0m5FE
JfKf/JMwEGN6H4NdKNHivNTToFh5f/s9ZILQx35Y3pwOBjC5Sw==
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:05:31 2024 by rpki-client on console-ams.rpki-client.org