Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36FB15E/AF1E2EC2B9C911EEB2D5515A775412E6/F22231EE58D611EF9480BB8A762E951A.roa
File: F22231EE58D611EF9480BB8A762E951A.roa (raw, json)
Hash identifier: 2wx44BaE5zLTLXu1cOcnoK2nKJGZI/F7fTamJz0/0pY=
Subject key identifier: 38:14:C7:08:8E:6A:7B:A1:4E:14:15:81:4D:BC:1D:51:8E:40:37:5B
Certificate issuer: /CN=F36FB15EAF/serialNumber=C9A59C63B70A8E12BD1C0B1577697171A3FEE0F1
Certificate serial: D5
Authority key identifier: C9:A5:9C:63:B7:0A:8E:12:BD:1C:0B:15:77:69:71:71:A3:FE:E0:F1
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/yaWcY7cKjhK9HAsVd2lxcaP-4PE.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36FB15E/AF1E2EC2B9C911EEB2D5515A775412E6/F22231EE58D611EF9480BB8A762E951A.roa
Signing time: Mon 12 Aug 2024 18:16:08 +0000
ROA not before: Mon 12 Aug 2024 18:16:05 +0000
ROA not after: Mon 11 Aug 2025 18:16:05 +0000
asID: 329386
IP address blocks: 102.210.53.0/24 maxlen: 24
2c0f:3c0::/32 maxlen: 32
2c0f:3c0:1010::/48 maxlen: 48
2c0f:3c0:3030::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36FB15E/AF1E2EC2B9C911EEB2D5515A775412E6/yaWcY7cKjhK9HAsVd2lxcaP-4PE.crl
rsync://rpki.afrinic.net/repository/member_repository/F36FB15E/AF1E2EC2B9C911EEB2D5515A775412E6/yaWcY7cKjhK9HAsVd2lxcaP-4PE.mft
rsync://rpki.afrinic.net/repository/afrinic/yaWcY7cKjhK9HAsVd2lxcaP-4PE.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 27 Nov 2024 00:05:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 213 (0xd5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36FB15EAF/serialNumber=C9A59C63B70A8E12BD1C0B1577697171A3FEE0F1
Validity
Not Before: Aug 12 18:16:05 2024 GMT
Not After : Aug 11 18:16:05 2025 GMT
Subject: CN=66ba5168-7014
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:4e:46:88:42:f3:da:a9:55:c9:35:e3:19:82:
d8:0a:5d:f6:36:9d:d9:29:0e:eb:b6:e1:fd:83:5f:
fe:d8:3e:26:43:5a:3f:4f:78:11:34:04:56:70:12:
d0:24:52:19:44:27:49:42:b1:45:68:11:88:71:10:
a8:25:c4:7c:4f:19:f2:9e:d4:28:77:76:17:dd:ea:
d4:bd:59:d1:b4:bf:e6:58:c0:13:17:b4:76:b0:00:
7a:9a:84:d3:3f:2e:0b:c3:26:a2:9c:78:30:cb:b7:
14:6d:6b:cb:b6:3b:73:72:d8:2a:cc:a8:d1:1e:b8:
21:91:a3:f4:a0:e1:28:d7:fb:ff:17:ba:51:e7:2f:
2a:e4:fc:87:47:3d:1c:42:20:96:df:a7:84:5e:ea:
49:00:02:41:4b:f9:64:ec:6b:18:87:98:83:90:30:
ef:6f:2c:00:9c:80:55:a6:ce:6c:2e:ad:a1:3e:3c:
c7:ab:c9:e5:33:37:de:d5:ab:b1:57:8f:46:15:60:
f0:36:b9:e8:75:9f:55:70:98:79:a6:b5:39:ef:2f:
66:8a:35:3d:c1:5e:ad:d9:55:ca:ff:52:a7:23:8a:
10:33:03:c7:8e:71:4b:3a:cf:f4:c3:a9:43:a6:0f:
81:92:ba:24:10:ec:c2:b9:1d:9c:46:f6:0f:58:b4:
3f:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:14:C7:08:8E:6A:7B:A1:4E:14:15:81:4D:BC:1D:51:8E:40:37:5B
X509v3 Authority Key Identifier:
keyid:C9:A5:9C:63:B7:0A:8E:12:BD:1C:0B:15:77:69:71:71:A3:FE:E0:F1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36FB15E/AF1E2EC2B9C911EEB2D5515A775412E6/yaWcY7cKjhK9HAsVd2lxcaP-4PE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/yaWcY7cKjhK9HAsVd2lxcaP-4PE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36FB15E/AF1E2EC2B9C911EEB2D5515A775412E6/F22231EE58D611EF9480BB8A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.210.53.0/24
IPv6:
2c0f:3c0::/32
Signature Algorithm: sha256WithRSAEncryption
3c:dd:66:2f:bd:36:0a:d7:73:f3:f0:d2:05:c2:a5:b6:d4:0d:
74:a8:14:d2:c4:aa:ff:59:9c:94:8d:fb:bb:3c:2f:05:69:c9:
2e:bd:14:47:8d:69:94:ea:e1:fe:d9:a0:66:e1:a6:94:23:58:
37:06:1b:67:5f:c6:e7:71:bc:4f:c3:ef:ab:50:ed:43:1f:7b:
52:4e:76:e7:a7:dd:39:9f:cb:6f:c9:e2:2b:e7:c6:58:05:11:
56:27:48:ea:ba:7e:b8:6a:4d:76:f3:51:66:48:55:58:f0:d9:
0e:cd:78:b1:e4:ed:0e:9f:b1:08:ef:70:32:72:d8:19:b5:2b:
25:88:b4:1a:43:f7:62:ed:23:f1:8e:06:60:af:fc:ff:f0:be:
9e:4e:54:f5:07:fc:f7:d2:d7:0d:f3:fa:70:00:02:f4:8e:15:
c3:68:d9:93:99:8a:5a:9d:4b:58:59:88:0d:67:db:59:a3:dd:
47:5f:14:7f:b9:b5:d9:dc:a0:a5:c9:11:66:1b:be:e7:98:52:
34:c7:1d:a3:8b:b4:9e:a6:59:45:81:60:9e:83:b6:5c:2c:1c:
e2:b7:5d:0f:da:bb:a6:5f:1b:88:cb:7a:cb:ae:4a:b8:b0:86:
87:00:bb:02:69:ef:af:c5:96:12:ec:eb:15:38:5e:70:19:cf:
ef:98:e0:6e
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgICANUwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
RkIxNUVBRjExMC8GA1UEBRMoQzlBNTlDNjNCNzBBOEUxMkJEMUMwQjE1Nzc2OTcx
NzFBM0ZFRTBGMTAeFw0yNDA4MTIxODE2MDVaFw0yNTA4MTExODE2MDVaMBgxFjAU
BgNVBAMTDTY2YmE1MTY4LTcwMTQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDjTkaIQvPaqVXJNeMZgtgKXfY2ndkpDuu24f2DX/7YPiZDWj9PeBE0BFZw
EtAkUhlEJ0lCsUVoEYhxEKglxHxPGfKe1Ch3dhfd6tS9WdG0v+ZYwBMXtHawAHqa
hNM/LgvDJqKceDDLtxRta8u2O3Ny2CrMqNEeuCGRo/Sg4SjX+/8XulHnLyrk/IdH
PRxCIJbfp4Re6kkAAkFL+WTsaxiHmIOQMO9vLACcgFWmzmwuraE+PMeryeUzN97V
q7FXj0YVYPA2ueh1n1VwmHmmtTnvL2aKNT3BXq3ZVcr/UqcjihAzA8eOcUs6z/TD
qUOmD4GSuiQQ7MK5HZxG9g9YtD+TAgMBAAGjggK0MIICsDAdBgNVHQ4EFgQUOBTH
CI5qe6FOFBWBTbwdUY5AN1swHwYDVR0jBBgwFoAUyaWcY7cKjhK9HAsVd2lxcaP+
4PEwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkZCMTVFL0FGMUUyRUMyQjlDOTExRUVCMkQ1NTE1QTc3NTQxMkU2L3lhV2NZ
N2NLamhLOUhBc1ZkMmx4Y2FQLTRQRS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL3lhV2NZN2NLamhLOUhBc1ZkMmx4Y2FQLTRQRS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkZCMTVFL0FGMUUyRUMyQjlDOTExRUVCMkQ1NTE1QTc3
NTQxMkU2L0YyMjIzMUVFNThENjExRUY5NDgwQkI4QTc2MkU5NTFBLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBABm0jUwDQQCAAIwBwMFACwP
A8AwDQYJKoZIhvcNAQELBQADggEBADzdZi+9NgrXc/Pw0gXCpbbUDXSoFNLEqv9Z
nJSN+7s8LwVpyS69FEeNaZTq4f7ZoGbhppQjWDcGG2dfxudxvE/D76tQ7UMfe1JO
duen3Tmfy2/J4ivnxlgFEVYnSOq6frhqTXbzUWZIVVjw2Q7NeLHk7Q6fsQjvcDJy
2Bm1KyWItBpD92LtI/GOBmCv/P/wvp5OVPUH/PfS1w3z+nAAAvSOFcNo2ZOZilqd
S1hZiA1n21mj3UdfFH+5tdncoKXJEWYbvueYUjTHHaOLtJ6mWUWBYJ6DtlwsHOK3
XQ/au6ZfG4jLesuuSriwhocAuwJp76/FlhLs6xU4XnAZz++Y4G4=
-----END CERTIFICATE-----
Generated at Mon Nov 25 04:43:49 2024 by rpki-client on console-ams.rpki-client.org