Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36F1295/2F0EBC8C0F6611EE814E22364AD9E6FC/C66A8CFA0F6611EE86DEEA374AD9E6FC.roa
File: C66A8CFA0F6611EE86DEEA374AD9E6FC.roa (raw, json)
Hash identifier: CtMLiyHqHp/2c3885KFMX3Kp1Td1UoRIr2a2dfZo4lI=
Subject key identifier: 41:30:4C:CD:8B:ED:99:47:37:BE:FD:62:B9:EB:E0:11:C0:BD:14:0E
Certificate issuer: /CN=F36F1295AF/serialNumber=BDB1AF1F8B4EB6F3A42370F91E71C532C7F46005
Certificate serial: 02
Authority key identifier: BD:B1:AF:1F:8B:4E:B6:F3:A4:23:70:F9:1E:71:C5:32:C7:F4:60:05
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/vbGvH4tOtvOkI3D5HnHFMsf0YAU.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36F1295/2F0EBC8C0F6611EE814E22364AD9E6FC/C66A8CFA0F6611EE86DEEA374AD9E6FC.roa
Signing time: Tue 20 Jun 2023 12:34:19 +0000
ROA not before: Tue 20 Jun 2023 12:34:15 +0000
ROA not after: Thu 30 Jun 2033 12:34:15 +0000
asID: 329248
IP address blocks: 102.212.32.0/22 maxlen: 24
2c0f:440::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36F1295/2F0EBC8C0F6611EE814E22364AD9E6FC/vbGvH4tOtvOkI3D5HnHFMsf0YAU.crl
rsync://rpki.afrinic.net/repository/member_repository/F36F1295/2F0EBC8C0F6611EE814E22364AD9E6FC/vbGvH4tOtvOkI3D5HnHFMsf0YAU.mft
rsync://rpki.afrinic.net/repository/afrinic/vbGvH4tOtvOkI3D5HnHFMsf0YAU.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 04 Jun 2024 00:04:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36F1295AF/serialNumber=BDB1AF1F8B4EB6F3A42370F91E71C532C7F46005
Validity
Not Before: Jun 20 12:34:15 2023 GMT
Not After : Jun 30 12:34:15 2033 GMT
Subject: CN=64919cca-0335
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:3a:78:c3:93:5b:a5:fd:43:e8:ca:4f:52:e8:
b1:ff:0a:32:b2:b0:6b:e7:1b:8a:43:a0:69:b8:0e:
37:4a:dc:3a:c1:7e:b9:ca:10:92:81:d4:80:53:7f:
6b:2d:0a:93:a4:44:14:7f:6d:d2:49:21:c2:7d:fa:
f5:6e:a1:cb:ca:d1:33:ac:1a:83:b9:a6:94:59:bc:
2a:d0:ca:c4:4f:dd:86:ca:74:29:a9:24:82:e9:4c:
16:92:0b:fb:b3:db:e0:c8:42:42:56:93:4b:54:9d:
7b:c3:0c:e4:49:3e:ff:56:ff:55:d0:0e:3d:e1:22:
5a:7e:27:b1:f3:f7:cd:7c:71:74:2f:55:e5:79:b2:
22:88:67:5a:69:98:e5:7a:35:fc:fe:7c:1d:b2:a5:
57:8d:fc:13:db:00:56:5d:d3:90:fe:33:b3:3f:4f:
62:ed:96:02:c3:d5:c4:03:e4:a1:d2:8b:d1:b0:7e:
81:76:ca:37:51:64:1e:44:c7:96:42:d0:fe:31:ad:
70:a7:49:c2:a5:c2:5d:b4:64:07:d2:28:fd:df:48:
7b:59:96:b8:a0:e6:89:68:a6:58:1e:fe:9f:3b:1c:
31:37:66:be:10:68:a3:b2:2b:e0:b8:17:1c:4d:33:
08:ca:85:0f:f1:f2:7c:8d:eb:0e:b9:a4:09:98:92:
85:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:30:4C:CD:8B:ED:99:47:37:BE:FD:62:B9:EB:E0:11:C0:BD:14:0E
X509v3 Authority Key Identifier:
keyid:BD:B1:AF:1F:8B:4E:B6:F3:A4:23:70:F9:1E:71:C5:32:C7:F4:60:05
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36F1295/2F0EBC8C0F6611EE814E22364AD9E6FC/vbGvH4tOtvOkI3D5HnHFMsf0YAU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/vbGvH4tOtvOkI3D5HnHFMsf0YAU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36F1295/2F0EBC8C0F6611EE814E22364AD9E6FC/C66A8CFA0F6611EE86DEEA374AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.212.32.0/22
IPv6:
2c0f:440::/32
Signature Algorithm: sha256WithRSAEncryption
28:eb:97:09:ff:98:30:5c:38:dc:57:2e:4a:d9:54:d8:65:9c:
a0:c5:d8:9b:56:3a:e0:4f:5b:df:60:98:3d:0a:2b:bc:c2:b5:
19:c6:29:62:31:4d:2f:9d:c2:32:a1:94:2e:a5:a2:6d:48:b2:
b6:19:00:79:bb:e8:fa:a3:9d:04:50:25:af:e8:fa:48:c8:84:
98:f0:04:44:eb:25:fb:73:e6:20:a2:26:1e:ff:4f:20:46:32:
75:e4:a6:e5:d8:71:e7:71:6a:c3:fd:de:8a:70:82:41:70:84:
69:3b:a4:61:cc:06:3d:69:69:31:e6:f5:d4:ed:57:b2:6d:03:
03:40:02:29:7f:be:ed:ae:f5:5a:4c:0d:dd:4d:d5:a6:b4:c8:
9c:cc:2e:2c:09:19:d8:83:75:35:86:3b:16:93:25:8c:4d:6c:
50:d3:b0:80:13:1a:54:30:93:04:ee:1f:99:89:91:a7:02:f8:
e9:a6:56:a5:7e:51:cc:75:7a:01:e5:53:23:f0:b0:d8:aa:35:
46:fc:49:86:f2:05:81:f0:89:d3:07:9a:50:40:88:b7:c9:c9:
42:c7:ed:6f:b8:a7:43:a8:5e:e7:d5:50:ef:dd:84:59:d0:5a:
30:5c:8a:3b:41:2c:37:51:2d:81:ca:c3:bb:84:4a:60:54:2f:
41:00:23:f9
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZG
MTI5NUFGMTEwLwYDVQQFEyhCREIxQUYxRjhCNEVCNkYzQTQyMzcwRjkxRTcxQzUz
MkM3RjQ2MDA1MB4XDTIzMDYyMDEyMzQxNVoXDTMzMDYzMDEyMzQxNVowGDEWMBQG
A1UEAxMNNjQ5MTljY2EtMDMzNTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANQ6eMOTW6X9Q+jKT1Losf8KMrKwa+cbikOgabgON0rcOsF+ucoQkoHUgFN/
ay0Kk6REFH9t0kkhwn369W6hy8rRM6wag7mmlFm8KtDKxE/dhsp0KakkgulMFpIL
+7Pb4MhCQlaTS1Sde8MM5Ek+/1b/VdAOPeEiWn4nsfP3zXxxdC9V5XmyIohnWmmY
5Xo1/P58HbKlV438E9sAVl3TkP4zsz9PYu2WAsPVxAPkodKL0bB+gXbKN1FkHkTH
lkLQ/jGtcKdJwqXCXbRkB9Io/d9Ie1mWuKDmiWimWB7+nzscMTdmvhBoo7Ir4LgX
HE0zCMqFD/HyfI3rDrmkCZiShUsCAwEAAaOCArQwggKwMB0GA1UdDgQWBBRBMEzN
i+2ZRze+/WK56+ARwL0UDjAfBgNVHSMEGDAWgBS9sa8fi06286QjcPkeccUyx/Rg
BTAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2RjEyOTUvMkYwRUJDOEMwRjY2MTFFRTgxNEUyMjM2NEFEOUU2RkMvdmJHdkg0
dE90dk9rSTNENUhuSEZNc2YwWUFVLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvdmJHdkg0dE90dk9rSTNENUhuSEZNc2YwWUFVLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2RjEyOTUvMkYwRUJDOEMwRjY2MTFFRTgxNEUyMjM2NEFE
OUU2RkMvQzY2QThDRkEwRjY2MTFFRTg2REVFQTM3NEFEOUU2RkMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAmbUIDANBAIAAjAHAwUALA8E
QDANBgkqhkiG9w0BAQsFAAOCAQEAKOuXCf+YMFw43FcuStlU2GWcoMXYm1Y64E9b
32CYPQorvMK1GcYpYjFNL53CMqGULqWibUiythkAebvo+qOdBFAlr+j6SMiEmPAE
ROsl+3PmIKImHv9PIEYydeSm5dhx53Fqw/3einCCQXCEaTukYcwGPWlpMeb11O1X
sm0DA0ACKX++7a71WkwN3U3VprTInMwuLAkZ2IN1NYY7FpMljE1sUNOwgBMaVDCT
BO4fmYmRpwL46aZWpX5RzHV6AeVTI/Cw2Ko1RvxJhvIFgfCJ0weaUECIt8nJQsft
b7inQ6he59VQ792EWdBaMFyKO0EsN1EtgcrDu4RKYFQvQQAj+Q==
-----END CERTIFICATE-----
Generated at Sun Jun 2 03:35:36 2024 by rpki-client on console-fra.rpki-client.org