Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36F273D/3E265EFEA8A911EFA5E2C2A0762E951A/8612CEC8A8A911EFB887DDA0762E951A.roa
File: 8612CEC8A8A911EFB887DDA0762E951A.roa (raw, json)
Hash identifier: GTU21iNyjdIeL6dIGxKDjmWXXd/5ZvujPdaZWrQ4o/0=
Subject key identifier: AC:C9:01:64:C1:BE:24:48:84:20:CA:C1:2F:81:C9:3E:A1:50:80:51
Certificate issuer: /CN=F36F273DAF/serialNumber=D8AA00AB159519A6D65670DE9E598B73DF6AB2C1
Certificate serial: 02
Authority key identifier: D8:AA:00:AB:15:95:19:A6:D6:56:70:DE:9E:59:8B:73:DF:6A:B2:C1
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/2KoAqxWVGabWVnDenlmLc99qssE.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36F273D/3E265EFEA8A911EFA5E2C2A0762E951A/8612CEC8A8A911EFB887DDA0762E951A.roa
Signing time: Fri 22 Nov 2024 08:12:32 +0000
ROA not before: Fri 22 Nov 2024 08:12:29 +0000
ROA not after: Thu 30 Nov 2034 08:12:29 +0000
asID: 328699
IP address blocks: 102.222.104.0/22 maxlen: 24
2c0f:e8f8::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36F273D/3E265EFEA8A911EFA5E2C2A0762E951A/2KoAqxWVGabWVnDenlmLc99qssE.crl
rsync://rpki.afrinic.net/repository/member_repository/F36F273D/3E265EFEA8A911EFA5E2C2A0762E951A/2KoAqxWVGabWVnDenlmLc99qssE.mft
rsync://rpki.afrinic.net/repository/afrinic/2KoAqxWVGabWVnDenlmLc99qssE.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 03:20:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36F273DAF
Validity
Not Before: Nov 22 08:12:29 2024 GMT
Not After : Nov 30 08:12:29 2034 GMT
Subject: CN=67403cf0-dd3c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:f1:84:94:4c:37:ba:e9:59:fe:db:4d:aa:27:
ca:b6:db:99:be:b5:62:be:68:8e:66:f9:e4:a3:d3:
16:b7:90:ec:18:0a:85:32:c6:1f:0b:a7:91:a0:ad:
b9:a5:a0:78:c7:25:a4:a4:c0:81:a5:c5:e4:de:fd:
4b:77:18:fe:8d:83:82:d9:54:19:b7:47:60:9f:ec:
80:b5:d3:61:7b:f7:6e:f1:f1:dd:68:c9:e0:76:d0:
ef:75:c0:43:bc:e4:83:aa:db:fb:1e:93:71:27:4d:
a0:fa:50:47:0b:df:0d:df:cf:a7:3b:2a:f5:5a:6b:
04:fc:d7:b4:c4:0e:67:c4:4d:f3:2f:2a:91:87:86:
6d:21:7d:4d:9b:f1:21:95:8d:92:ef:42:9a:f4:91:
12:87:f4:79:27:78:db:bd:4c:2d:13:a7:19:79:dc:
cc:18:1e:26:26:0e:29:1c:14:fb:65:82:da:ec:58:
08:5c:f6:2d:52:96:50:bb:14:cf:c6:fd:db:0b:78:
b6:c7:ac:ac:03:33:d9:14:62:f6:ea:85:4b:e3:0e:
21:ae:08:0f:f5:0a:9f:4c:94:66:37:fe:39:e4:f0:
cb:ae:d8:11:f9:65:a5:e8:ab:b3:04:6b:67:a2:67:
a7:51:ac:6a:d5:98:5a:36:6c:13:b2:36:0e:81:c5:
59:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:C9:01:64:C1:BE:24:48:84:20:CA:C1:2F:81:C9:3E:A1:50:80:51
X509v3 Authority Key Identifier:
keyid:D8:AA:00:AB:15:95:19:A6:D6:56:70:DE:9E:59:8B:73:DF:6A:B2:C1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36F273D/3E265EFEA8A911EFA5E2C2A0762E951A/2KoAqxWVGabWVnDenlmLc99qssE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/2KoAqxWVGabWVnDenlmLc99qssE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36F273D/3E265EFEA8A911EFA5E2C2A0762E951A/8612CEC8A8A911EFB887DDA0762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.222.104.0/22
IPv6:
2c0f:e8f8::/32
Signature Algorithm: sha256WithRSAEncryption
8a:e0:9c:7c:c7:03:16:78:0d:ec:1f:84:3d:91:a7:94:56:fa:
03:02:de:e3:eb:44:64:1f:51:62:88:36:2f:8e:52:6c:0e:54:
3d:1b:44:e9:8d:a4:46:66:ae:fa:68:2e:fb:e3:31:79:bf:a4:
72:66:30:6c:75:ca:e4:c4:75:7f:e5:93:80:7d:6e:63:01:91:
c9:ec:c0:c0:e7:85:89:c6:90:e0:ff:31:65:6e:c0:33:83:f6:
6a:16:cf:ba:2f:4d:ea:75:ab:14:d1:a2:01:70:3a:96:6f:90:
be:77:91:1d:56:d6:fe:20:87:9a:5e:99:99:e0:29:37:7c:a5:
3e:1f:98:81:dc:57:51:aa:42:26:85:5b:94:36:4e:14:34:e7:
fa:34:3a:8f:26:bd:9c:90:da:0c:83:99:68:91:25:6d:05:f5:
e9:7b:ea:58:98:0e:56:5e:6a:82:2a:75:b6:b5:dd:5a:20:9b:
5a:d7:56:ff:23:96:48:66:aa:9d:74:d6:ad:d7:22:b7:c5:5b:
01:c7:db:84:31:12:4e:37:34:24:97:e6:70:8c:d3:63:6e:22:
90:78:88:67:ab:d9:2b:e9:90:aa:26:6c:0c:34:05:df:c4:65:
38:41:bf:03:89:82:f0:51:32:24:46:76:ec:69:26:18:90:76:
62:c2:b0:62
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZG
MjczREFGMTEwLwYDVQQFEyhEOEFBMDBBQjE1OTUxOUE2RDY1NjcwREU5RTU5OEI3
M0RGNkFCMkMxMB4XDTI0MTEyMjA4MTIyOVoXDTM0MTEzMDA4MTIyOVowGDEWMBQG
A1UEAxMNNjc0MDNjZjAtZGQzYzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPPxhJRMN7rpWf7bTaonyrbbmb61Yr5ojmb55KPTFreQ7BgKhTLGHwunkaCt
uaWgeMclpKTAgaXF5N79S3cY/o2DgtlUGbdHYJ/sgLXTYXv3bvHx3WjJ4HbQ73XA
Q7zkg6rb+x6TcSdNoPpQRwvfDd/Ppzsq9VprBPzXtMQOZ8RN8y8qkYeGbSF9TZvx
IZWNku9CmvSREof0eSd4271MLROnGXnczBgeJiYOKRwU+2WC2uxYCFz2LVKWULsU
z8b92wt4tsesrAMz2RRi9uqFS+MOIa4ID/UKn0yUZjf+OeTwy67YEfllpeirswRr
Z6Jnp1GsatWYWjZsE7I2DoHFWaECAwEAAaOCArQwggKwMB0GA1UdDgQWBBSsyQFk
wb4kSIQgysEvgck+oVCAUTAfBgNVHSMEGDAWgBTYqgCrFZUZptZWcN6eWYtz32qy
wTAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2RjI3M0QvM0UyNjVFRkVBOEE5MTFFRkE1RTJDMkEwNzYyRTk1MUEvMktvQXF4
V1ZHYWJXVm5EZW5sbUxjOTlxc3NFLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvMktvQXF4V1ZHYWJXVm5EZW5sbUxjOTlxc3NFLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2RjI3M0QvM0UyNjVFRkVBOEE5MTFFRkE1RTJDMkEwNzYy
RTk1MUEvODYxMkNFQzhBOEE5MTFFRkI4ODdEREEwNzYyRTk1MUEucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAmbeaDANBAIAAjAHAwUALA/o
+DANBgkqhkiG9w0BAQsFAAOCAQEAiuCcfMcDFngN7B+EPZGnlFb6AwLe4+tEZB9R
Yog2L45SbA5UPRtE6Y2kRmau+mgu++Mxeb+kcmYwbHXK5MR1f+WTgH1uYwGRyezA
wOeFicaQ4P8xZW7AM4P2ahbPui9N6nWrFNGiAXA6lm+QvneRHVbW/iCHml6ZmeAp
N3ylPh+YgdxXUapCJoVblDZOFDTn+jQ6jya9nJDaDIOZaJElbQX16XvqWJgOVl5q
gip1trXdWiCbWtdW/yOWSGaqnXTWrdcit8VbAcfbhDESTjc0JJfmcIzTY24ikHiI
Z6vZK+mQqiZsDDQF38RlOEG/A4mC8FEyJEZ27GkmGJB2YsKwYg==
-----END CERTIFICATE-----
Generated at Wed Feb 5 16:01:13 2025 by rpki-client