Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36F6A4D/AE1A00C89B3C11EF9E97257F762E951A/68314CFA9E6711EF831C3572762E951A.roa
File: 68314CFA9E6711EF831C3572762E951A.roa (raw, json)
Hash identifier: +2OyFRy+2ufdlClFPPFiOYpBXJw/swztJHB2roxpChk=
Subject key identifier: 65:0B:BE:0E:31:FA:59:FE:EC:E2:5E:5E:8B:D8:3B:F9:A1:6A:2F:94
Certificate issuer: /CN=F36F6A4DAF/serialNumber=CA941F10D8010F95C8049E0102DCCAA883D9A0DB
Certificate serial: 0F
Authority key identifier: CA:94:1F:10:D8:01:0F:95:C8:04:9E:01:02:DC:CA:A8:83:D9:A0:DB
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/ypQfENgBD5XIBJ4BAtzKqIPZoNs.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36F6A4D/AE1A00C89B3C11EF9E97257F762E951A/68314CFA9E6711EF831C3572762E951A.roa
Signing time: Sat 09 Nov 2024 06:54:04 +0000
ROA not before: Sat 09 Nov 2024 06:54:00 +0000
ROA not after: Sat 09 Nov 2030 06:54:00 +0000
asID: 329510
IP address blocks: 102.207.120.0/22 maxlen: 24
2c0f:51c0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36F6A4D/AE1A00C89B3C11EF9E97257F762E951A/ypQfENgBD5XIBJ4BAtzKqIPZoNs.crl
rsync://rpki.afrinic.net/repository/member_repository/F36F6A4D/AE1A00C89B3C11EF9E97257F762E951A/ypQfENgBD5XIBJ4BAtzKqIPZoNs.mft
rsync://rpki.afrinic.net/repository/afrinic/ypQfENgBD5XIBJ4BAtzKqIPZoNs.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15 (0xf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36F6A4DAF/serialNumber=CA941F10D8010F95C8049E0102DCCAA883D9A0DB
Validity
Not Before: Nov 9 06:54:00 2024 GMT
Not After : Nov 9 06:54:00 2030 GMT
Subject: CN=672f070c-54aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:c3:47:8f:be:18:33:83:72:d9:82:ba:d7:f9:
c5:4e:2a:14:03:4d:ae:48:5d:a4:de:3a:29:dd:ef:
84:37:1b:80:e8:ca:23:82:dd:39:89:63:f3:63:8f:
3b:f7:c1:23:be:6e:de:8a:01:5e:ee:08:a1:36:6c:
f5:f5:77:ce:78:49:64:44:51:7e:ec:a5:cd:32:71:
69:1e:c4:0c:a0:0a:01:38:fb:27:5c:ad:b3:88:21:
ba:31:5a:51:07:63:ed:3f:3f:87:64:2d:f4:5d:60:
5f:c4:17:69:8c:1b:03:71:e8:01:6b:68:d9:c5:d5:
de:9b:d1:27:74:97:0e:16:f2:5b:40:51:1d:16:71:
eb:f8:aa:14:70:23:8c:a1:6b:6e:3b:b2:ef:09:8d:
c3:21:4c:a5:07:a6:22:65:40:9a:e5:77:17:b2:4d:
7a:1e:36:a8:ca:5d:27:30:4e:f2:f0:91:0c:0d:9f:
c0:8c:ec:9d:10:ae:63:53:fa:9d:91:7c:9e:b1:ba:
fa:e3:b8:53:b2:5e:b6:e5:e9:63:99:df:af:78:c5:
18:b8:75:62:bc:ac:44:30:96:c1:19:f4:47:a4:2b:
0a:e6:c4:01:86:c7:dc:b2:34:4c:af:71:b9:1b:2b:
b9:a4:40:05:79:52:87:7c:d2:e4:68:14:02:33:f1:
2d:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:0B:BE:0E:31:FA:59:FE:EC:E2:5E:5E:8B:D8:3B:F9:A1:6A:2F:94
X509v3 Authority Key Identifier:
keyid:CA:94:1F:10:D8:01:0F:95:C8:04:9E:01:02:DC:CA:A8:83:D9:A0:DB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36F6A4D/AE1A00C89B3C11EF9E97257F762E951A/ypQfENgBD5XIBJ4BAtzKqIPZoNs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/ypQfENgBD5XIBJ4BAtzKqIPZoNs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36F6A4D/AE1A00C89B3C11EF9E97257F762E951A/68314CFA9E6711EF831C3572762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.207.120.0/22
IPv6:
2c0f:51c0::/32
Signature Algorithm: sha256WithRSAEncryption
12:b2:a5:02:be:82:18:c3:56:f7:fa:7a:30:d8:5e:2f:cf:c1:
09:8e:a4:91:36:2e:e4:f3:bf:b0:c3:46:6f:a6:5a:4a:5c:e1:
08:e1:68:0a:2e:2d:17:98:12:5c:26:94:c4:8b:7e:aa:ca:45:
23:64:92:c9:fc:35:63:d0:cc:a7:c3:d4:6e:1f:85:29:cf:16:
50:5a:d8:28:e3:d5:b6:74:c3:1d:4b:a7:76:fd:34:68:a5:1f:
fa:a8:9b:c2:75:4d:ce:37:7d:46:07:ae:a9:4e:50:9a:fe:29:
a4:32:b3:58:a2:a0:c8:a7:88:96:7c:a7:93:48:10:87:b6:74:
15:55:0e:ea:74:49:68:ce:5f:9e:0a:89:4e:26:b8:17:d2:76:
c4:98:25:f8:d5:be:46:09:b4:48:af:59:23:71:cd:9a:d3:5d:
d4:b2:be:29:cf:09:a0:c2:80:81:14:3e:0e:0f:96:d4:89:ff:
f2:53:20:9b:38:c4:b2:cd:6a:90:54:2c:74:a5:a9:9e:f6:8e:
31:23:7d:cc:21:a0:0c:de:c7:15:c1:a4:4a:0b:49:6e:61:18:
04:7d:89:3d:1c:6b:bb:61:06:79:bd:e8:3c:f1:6f:78:00:31:
6c:50:23:47:00:26:73:89:26:d9:6b:ed:30:fc:b6:bf:26:9e:
86:49:92:9d
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgIBDzANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZG
NkE0REFGMTEwLwYDVQQFEyhDQTk0MUYxMEQ4MDEwRjk1QzgwNDlFMDEwMkRDQ0FB
ODgzRDlBMERCMB4XDTI0MTEwOTA2NTQwMFoXDTMwMTEwOTA2NTQwMFowGDEWMBQG
A1UEAxMNNjcyZjA3MGMtNTRhYTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMbDR4++GDODctmCutf5xU4qFANNrkhdpN46Kd3vhDcbgOjKI4LdOYlj82OP
O/fBI75u3ooBXu4IoTZs9fV3znhJZERRfuylzTJxaR7EDKAKATj7J1yts4ghujFa
UQdj7T8/h2Qt9F1gX8QXaYwbA3HoAWto2cXV3pvRJ3SXDhbyW0BRHRZx6/iqFHAj
jKFrbjuy7wmNwyFMpQemImVAmuV3F7JNeh42qMpdJzBO8vCRDA2fwIzsnRCuY1P6
nZF8nrG6+uO4U7JetuXpY5nfr3jFGLh1YrysRDCWwRn0R6QrCubEAYbH3LI0TK9x
uRsruaRABXlSh3zS5GgUAjPxLVcCAwEAAaOCArQwggKwMB0GA1UdDgQWBBRlC74O
MfpZ/uziXl6L2Dv5oWovlDAfBgNVHSMEGDAWgBTKlB8Q2AEPlcgEngEC3Mqog9mg
2zAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2RjZBNEQvQUUxQTAwQzg5QjNDMTFFRjlFOTcyNTdGNzYyRTk1MUEveXBRZkVO
Z0JENVhJQko0QkF0ektxSVBab05zLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMveXBRZkVOZ0JENVhJQko0QkF0ektxSVBab05zLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2RjZBNEQvQUUxQTAwQzg5QjNDMTFFRjlFOTcyNTdGNzYy
RTk1MUEvNjgzMTRDRkE5RTY3MTFFRjgzMUMzNTcyNzYyRTk1MUEucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAmbPeDANBAIAAjAHAwUALA9R
wDANBgkqhkiG9w0BAQsFAAOCAQEAErKlAr6CGMNW9/p6MNheL8/BCY6kkTYu5PO/
sMNGb6ZaSlzhCOFoCi4tF5gSXCaUxIt+qspFI2SSyfw1Y9DMp8PUbh+FKc8WUFrY
KOPVtnTDHUundv00aKUf+qibwnVNzjd9RgeuqU5Qmv4ppDKzWKKgyKeIlnynk0gQ
h7Z0FVUO6nRJaM5fngqJTia4F9J2xJgl+NW+Rgm0SK9ZI3HNmtNd1LK+Kc8JoMKA
gRQ+Dg+W1In/8lMgmzjEss1qkFQsdKWpnvaOMSN9zCGgDN7HFcGkSgtJbmEYBH2J
PRxru2EGeb3oPPFveAAxbFAjRwAmc4km2WvtMPy2vyaehkmSnQ==
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:05:32 2024 by rpki-client on console-ams.rpki-client.org