Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36FABDE/24291E08671711EE96B48F654AD9E6FC/D64EDDEE6E5F11EEBF42781C4AD9E6FC.roa
File: D64EDDEE6E5F11EEBF42781C4AD9E6FC.roa (raw, json)
Hash identifier: wwS9H3v6Oq2KT+bOS8yPt+2S5/l9UTYbItXO4BiUcNQ=
Subject key identifier: 24:E6:02:F2:EE:3D:02:87:7E:7C:AC:8B:12:6D:35:CA:2F:06:0A:A6
Certificate issuer: /CN=F36FABDEAF/serialNumber=78FCB2E6D0C820FBB9BD581061FA204A2D51F412
Certificate serial: 0B
Authority key identifier: 78:FC:B2:E6:D0:C8:20:FB:B9:BD:58:10:61:FA:20:4A:2D:51:F4:12
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/ePyy5tDIIPu5vVgQYfogSi1R9BI.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36FABDE/24291E08671711EE96B48F654AD9E6FC/D64EDDEE6E5F11EEBF42781C4AD9E6FC.roa
Signing time: Thu 19 Oct 2023 09:13:59 +0000
ROA not before: Thu 19 Oct 2023 09:13:56 +0000
ROA not after: Mon 31 Oct 2033 09:13:56 +0000
asID: 329331
IP address blocks: 102.211.36.0/22 maxlen: 24
2001:43ff:9000::/48 maxlen: 64
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36FABDE/24291E08671711EE96B48F654AD9E6FC/ePyy5tDIIPu5vVgQYfogSi1R9BI.crl
rsync://rpki.afrinic.net/repository/member_repository/F36FABDE/24291E08671711EE96B48F654AD9E6FC/ePyy5tDIIPu5vVgQYfogSi1R9BI.mft
rsync://rpki.afrinic.net/repository/afrinic/ePyy5tDIIPu5vVgQYfogSi1R9BI.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 11 (0xb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36FABDEAF/serialNumber=78FCB2E6D0C820FBB9BD581061FA204A2D51F412
Validity
Not Before: Oct 19 09:13:56 2023 GMT
Not After : Oct 31 09:13:56 2033 GMT
Subject: CN=6530f357-a81f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:54:7a:8e:91:72:c3:c4:97:19:5e:93:71:32:
c8:4c:40:b7:b3:cd:bc:6f:45:e4:f6:e3:79:6d:c6:
3e:30:f2:af:05:9a:82:65:24:27:3e:ae:37:51:a9:
96:4e:5d:ce:db:9e:84:d7:a4:4e:50:da:c8:a0:77:
42:4e:7c:bb:7b:38:fc:cb:98:b3:4e:48:06:14:eb:
a4:18:e0:ad:15:35:79:59:0a:f6:35:69:60:35:5b:
b1:9b:e6:22:a2:da:8d:d5:e5:45:12:44:a3:a7:e4:
4f:6c:a3:43:57:de:f8:6c:6e:01:0b:ed:95:cf:24:
ef:68:6f:58:eb:2d:98:92:59:d0:5f:3d:a5:f4:42:
47:7a:e5:80:53:cb:6c:0b:e5:84:1a:da:68:5b:f2:
6c:e5:a6:a7:b9:5a:3b:d7:25:9c:59:c8:33:64:e7:
7c:c2:e7:28:93:3b:b4:13:43:7c:b2:f6:ed:7c:2f:
23:2b:fc:f4:2d:a4:cf:88:95:63:ac:a0:8b:c9:90:
57:43:54:3d:e3:da:77:b4:6c:7d:a2:00:f2:63:99:
c6:30:f8:59:c5:12:07:ee:c0:21:a5:bc:b6:37:39:
4d:f8:d9:93:5e:ea:ae:7d:ea:13:1f:2a:17:33:e9:
73:ae:ed:92:d5:37:0e:24:60:87:fb:69:25:27:dc:
6f:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:E6:02:F2:EE:3D:02:87:7E:7C:AC:8B:12:6D:35:CA:2F:06:0A:A6
X509v3 Authority Key Identifier:
keyid:78:FC:B2:E6:D0:C8:20:FB:B9:BD:58:10:61:FA:20:4A:2D:51:F4:12
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36FABDE/24291E08671711EE96B48F654AD9E6FC/ePyy5tDIIPu5vVgQYfogSi1R9BI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/ePyy5tDIIPu5vVgQYfogSi1R9BI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36FABDE/24291E08671711EE96B48F654AD9E6FC/D64EDDEE6E5F11EEBF42781C4AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.211.36.0/22
IPv6:
2001:43ff:9000::/48
Signature Algorithm: sha256WithRSAEncryption
60:d5:28:c4:a2:b1:91:e2:8f:20:67:b0:eb:33:89:d2:33:8c:
32:43:e3:46:62:17:e2:74:f1:64:01:54:f1:91:2c:a4:a5:5c:
4d:48:e3:52:81:dd:04:ab:f3:d7:44:d1:5e:d5:56:4d:f4:de:
e1:72:3f:c0:63:d5:3b:97:e1:c3:11:e2:af:e6:54:21:45:fb:
86:c6:18:07:6f:a3:39:b5:f6:95:96:30:90:97:83:76:7c:5b:
09:27:96:f5:4c:19:22:f0:8e:03:bf:7e:70:af:9d:a4:6c:2f:
fb:1b:40:a3:e4:d0:32:27:b2:89:e4:03:4c:2b:b1:df:2f:02:
25:4a:70:8b:bb:d4:e5:ed:c3:19:1b:37:59:a1:d4:49:87:f9:
5f:20:6f:15:43:12:e4:76:dd:d7:5b:c7:62:54:8f:75:2c:c8:
91:5a:95:38:76:18:f9:ff:42:3b:68:57:ea:4c:0f:d1:97:06:
44:c9:6c:3f:af:81:7c:7a:e1:24:f5:a6:57:d4:d9:8d:ed:84:
d2:ac:34:65:90:a3:70:d0:8e:e4:ec:0d:7d:01:96:23:62:87:
55:c1:92:db:0d:3d:60:b3:9f:51:26:dd:09:43:94:68:8c:89:
cb:0e:21:23:42:16:10:f7:c9:03:e4:33:df:a2:02:22:fb:6e:
7d:89:41:9e
-----BEGIN CERTIFICATE-----
MIIFkzCCBHugAwIBAgIBCzANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZG
QUJERUFGMTEwLwYDVQQFEyg3OEZDQjJFNkQwQzgyMEZCQjlCRDU4MTA2MUZBMjA0
QTJENTFGNDEyMB4XDTIzMTAxOTA5MTM1NloXDTMzMTAzMTA5MTM1NlowGDEWMBQG
A1UEAxMNNjUzMGYzNTctYTgxZjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMBUeo6RcsPElxlek3EyyExAt7PNvG9F5PbjeW3GPjDyrwWagmUkJz6uN1Gp
lk5dztuehNekTlDayKB3Qk58u3s4/MuYs05IBhTrpBjgrRU1eVkK9jVpYDVbsZvm
IqLajdXlRRJEo6fkT2yjQ1fe+GxuAQvtlc8k72hvWOstmJJZ0F89pfRCR3rlgFPL
bAvlhBraaFvybOWmp7laO9clnFnIM2TnfMLnKJM7tBNDfLL27XwvIyv89C2kz4iV
Y6ygi8mQV0NUPePad7RsfaIA8mOZxjD4WcUSB+7AIaW8tjc5TfjZk17qrn3qEx8q
FzPpc67tktU3DiRgh/tpJSfcbxECAwEAAaOCArYwggKyMB0GA1UdDgQWBBQk5gLy
7j0Ch358rIsSbTXKLwYKpjAfBgNVHSMEGDAWgBR4/LLm0Mgg+7m9WBBh+iBKLVH0
EjAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2RkFCREUvMjQyOTFFMDg2NzE3MTFFRTk2QjQ4RjY1NEFEOUU2RkMvZVB5eTV0
RElJUHU1dlZnUVlmb2dTaTFSOUJJLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvZVB5eTV0RElJUHU1dlZnUVlmb2dTaTFSOUJJLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2RkFCREUvMjQyOTFFMDg2NzE3MTFFRTk2QjQ4RjY1NEFE
OUU2RkMvRDY0RURERUU2RTVGMTFFRUJGNDI3ODFDNEFEOUU2RkMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAwBggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEAmbTJDAPBAIAAjAJAwcAIAFD
/5AAMA0GCSqGSIb3DQEBCwUAA4IBAQBg1SjEorGR4o8gZ7DrM4nSM4wyQ+NGYhfi
dPFkAVTxkSykpVxNSONSgd0Eq/PXRNFe1VZN9N7hcj/AY9U7l+HDEeKv5lQhRfuG
xhgHb6M5tfaVljCQl4N2fFsJJ5b1TBki8I4Dv35wr52kbC/7G0Cj5NAyJ7KJ5ANM
K7HfLwIlSnCLu9Tl7cMZGzdZodRJh/lfIG8VQxLkdt3XW8diVI91LMiRWpU4dhj5
/0I7aFfqTA/RlwZEyWw/r4F8euEk9aZX1NmN7YTSrDRlkKNw0I7k7A19AZYjYodV
wZLbDT1gs59RJt0JQ5RojInLDiEjQhYQ98kD5DPfogIi+259iUGe
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:05:33 2024 by rpki-client on console-ams.rpki-client.org