Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36F8BC2/12B3179239E811EFAFB75F95762E951A/6CF3393C3ED711EF83115671762E951A.roa
File: 6CF3393C3ED711EF83115671762E951A.roa (raw, json)
Hash identifier: myl8UBqSLO+cOQuAB/8Bbg3EndkBKRz4UG5WpQxjvbg=
Subject key identifier: 45:09:DA:FC:91:9D:7F:F2:4C:62:80:64:8F:F4:6C:6F:3F:BD:C6:28
Certificate issuer: /CN=F36F8BC2AF/serialNumber=AFC0C16B805A4BB3AE73EDC24C538380FC0E9A49
Certificate serial: 0F
Authority key identifier: AF:C0:C1:6B:80:5A:4B:B3:AE:73:ED:C2:4C:53:83:80:FC:0E:9A:49
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/r8DBa4BaS7Ouc-3CTFODgPwOmkk.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36F8BC2/12B3179239E811EFAFB75F95762E951A/6CF3393C3ED711EF83115671762E951A.roa
Signing time: Wed 10 Jul 2024 16:14:04 +0000
ROA not before: Wed 10 Jul 2024 16:14:00 +0000
ROA not after: Thu 10 Jul 2025 16:14:00 +0000
asID: 329435
IP address blocks: 102.209.0.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36F8BC2/12B3179239E811EFAFB75F95762E951A/r8DBa4BaS7Ouc-3CTFODgPwOmkk.crl
rsync://rpki.afrinic.net/repository/member_repository/F36F8BC2/12B3179239E811EFAFB75F95762E951A/r8DBa4BaS7Ouc-3CTFODgPwOmkk.mft
rsync://rpki.afrinic.net/repository/afrinic/r8DBa4BaS7Ouc-3CTFODgPwOmkk.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 26 Nov 2024 00:05:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15 (0xf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36F8BC2AF/serialNumber=AFC0C16B805A4BB3AE73EDC24C538380FC0E9A49
Validity
Not Before: Jul 10 16:14:00 2024 GMT
Not After : Jul 10 16:14:00 2025 GMT
Subject: CN=668eb34c-47d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:13:11:6f:f2:de:28:ec:39:fa:59:e5:55:f6:
28:1f:02:33:d3:49:90:8f:83:81:d4:82:84:fe:42:
49:4b:d6:ac:c0:53:78:fa:e7:72:3c:0d:2a:a5:d0:
2c:e4:f1:ab:d9:6d:de:30:26:a2:4f:17:49:dd:e1:
c3:c2:7f:b5:99:73:0c:b6:92:6b:44:96:b3:fa:9a:
62:6e:35:ef:c3:48:7e:83:ff:26:e3:64:57:2e:f6:
83:88:c4:79:e5:1d:85:ae:34:0d:ca:c9:ae:52:d8:
e1:72:2d:09:37:83:c7:8d:bf:e1:30:63:7a:ee:9b:
6c:6c:77:99:d8:5c:86:d9:2e:d9:de:70:7f:a3:2f:
68:5e:42:2b:12:ca:d4:87:43:1d:79:be:50:f7:38:
09:03:4f:64:de:d4:d4:01:b4:c0:f3:b7:c9:1a:d5:
87:59:8d:72:ae:98:58:3b:15:ed:d9:e3:82:92:78:
f5:90:40:c8:1d:a8:d5:7e:26:03:ed:ca:3a:47:e8:
53:3e:43:b8:08:67:3f:cc:13:aa:ea:16:be:3a:cb:
ba:5c:11:a9:f4:9d:26:0c:27:1e:92:68:5f:a9:26:
d4:a0:5f:e2:85:6e:6b:49:19:96:19:a2:5a:0a:2c:
61:ee:8a:f2:d0:09:ce:a9:b2:c1:77:22:14:b3:d7:
c9:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:09:DA:FC:91:9D:7F:F2:4C:62:80:64:8F:F4:6C:6F:3F:BD:C6:28
X509v3 Authority Key Identifier:
keyid:AF:C0:C1:6B:80:5A:4B:B3:AE:73:ED:C2:4C:53:83:80:FC:0E:9A:49
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36F8BC2/12B3179239E811EFAFB75F95762E951A/r8DBa4BaS7Ouc-3CTFODgPwOmkk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/r8DBa4BaS7Ouc-3CTFODgPwOmkk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36F8BC2/12B3179239E811EFAFB75F95762E951A/6CF3393C3ED711EF83115671762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.209.0.0/22
Signature Algorithm: sha256WithRSAEncryption
a6:f4:35:81:12:3b:8a:95:7e:a9:a8:7c:19:05:2c:4a:16:3a:
fc:94:0c:08:9e:72:17:1a:11:c1:f7:55:89:a3:be:cd:82:ee:
07:82:6c:c2:53:76:4d:b6:69:e7:87:ee:46:b4:b9:b9:d9:30:
a2:4c:86:1e:d3:ca:b9:25:33:62:e5:6d:5a:57:7b:8a:72:0e:
e2:8d:60:c6:25:55:e1:d5:4c:f2:9c:ff:57:bd:04:4f:d2:7c:
84:43:32:19:94:cc:65:e8:ed:68:93:81:eb:67:c6:e5:f5:57:
dd:05:66:f5:b0:d8:4b:43:c2:72:f4:00:90:38:db:1e:7a:7d:
0c:2f:12:e6:d4:90:ba:23:c9:9f:d0:7d:41:7a:c4:8f:2f:02:
4a:f5:8f:2f:a9:38:89:52:a3:50:43:c3:c0:af:35:bc:01:ef:
0e:df:46:67:e2:77:09:60:3f:e8:60:9a:c0:df:5f:fd:af:5b:
6a:e7:3c:ea:73:67:6d:d6:c2:75:32:10:dd:39:bd:c1:ae:17:
df:92:27:b8:42:82:55:a4:97:95:28:41:2d:28:b8:7e:86:77:
6f:29:32:32:87:e8:bc:d4:a4:5a:39:50:17:9d:08:93:ac:72:
15:27:70:12:46:04:ad:19:f5:c6:85:08:96:35:74:0b:aa:ce:
b4:c9:5b:99
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBDzANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZG
OEJDMkFGMTEwLwYDVQQFEyhBRkMwQzE2QjgwNUE0QkIzQUU3M0VEQzI0QzUzODM4
MEZDMEU5QTQ5MB4XDTI0MDcxMDE2MTQwMFoXDTI1MDcxMDE2MTQwMFowGDEWMBQG
A1UEAxMNNjY4ZWIzNGMtNDdkOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ4TEW/y3ijsOfpZ5VX2KB8CM9NJkI+DgdSChP5CSUvWrMBTePrncjwNKqXQ
LOTxq9lt3jAmok8XSd3hw8J/tZlzDLaSa0SWs/qaYm4178NIfoP/JuNkVy72g4jE
eeUdha40DcrJrlLY4XItCTeDx42/4TBjeu6bbGx3mdhchtku2d5wf6MvaF5CKxLK
1IdDHXm+UPc4CQNPZN7U1AG0wPO3yRrVh1mNcq6YWDsV7dnjgpJ49ZBAyB2o1X4m
A+3KOkfoUz5DuAhnP8wTquoWvjrLulwRqfSdJgwnHpJoX6km1KBf4oVua0kZlhmi
WgosYe6K8tAJzqmywXciFLPXyR8CAwEAAaOCAqUwggKhMB0GA1UdDgQWBBRFCdr8
kZ1/8kxigGSP9GxvP73GKDAfBgNVHSMEGDAWgBSvwMFrgFpLs65z7cJMU4OA/A6a
STAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2RjhCQzIvMTJCMzE3OTIzOUU4MTFFRkFGQjc1Rjk1NzYyRTk1MUEvcjhEQmE0
QmFTN091Yy0zQ1RGT0RnUHdPbWtrLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvcjhEQmE0QmFTN091Yy0zQ1RGT0RnUHdPbWtrLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2RjhCQzIvMTJCMzE3OTIzOUU4MTFFRkFGQjc1Rjk1NzYy
RTk1MUEvNkNGMzM5M0MzRUQ3MTFFRjgzMTE1NjcxNzYyRTk1MUEucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAmbRADANBgkqhkiG9w0BAQsF
AAOCAQEApvQ1gRI7ipV+qah8GQUsShY6/JQMCJ5yFxoRwfdViaO+zYLuB4JswlN2
TbZp54fuRrS5udkwokyGHtPKuSUzYuVtWld7inIO4o1gxiVV4dVM8pz/V70ET9J8
hEMyGZTMZejtaJOB62fG5fVX3QVm9bDYS0PCcvQAkDjbHnp9DC8S5tSQuiPJn9B9
QXrEjy8CSvWPL6k4iVKjUEPDwK81vAHvDt9GZ+J3CWA/6GCawN9f/a9bauc86nNn
bdbCdTIQ3Tm9wa4X35InuEKCVaSXlShBLSi4foZ3bykyMofovNSkWjlQF50Ik6xy
FSdwEkYErRn1xoUIljV0C6rOtMlbmQ==
-----END CERTIFICATE-----
Generated at Sun Nov 24 05:19:32 2024 by rpki-client on console-ams.rpki-client.org