Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36FC6C8/D37D2DA070E311EF84610147762E951A/22A1289E95B211EFADF2148A762E951A.roa
File: 22A1289E95B211EFADF2148A762E951A.roa (raw, json)
Hash identifier: 4IODTcXGKlttGrK6zyBSvRwDJ/nqdGbJxH8jhb0aFCM=
Subject key identifier: A8:FB:CD:65:0A:F6:1D:87:5C:3A:7D:8E:63:1A:EC:B7:D1:04:D5:44
Certificate issuer: /CN=F36FC6C8AF/serialNumber=2511BAD4078D4672ACF4324299218CE4855D039D
Certificate serial: 48
Authority key identifier: 25:11:BA:D4:07:8D:46:72:AC:F4:32:42:99:21:8C:E4:85:5D:03:9D
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JRG61AeNRnKs9DJCmSGM5IVdA50.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36FC6C8/D37D2DA070E311EF84610147762E951A/22A1289E95B211EFADF2148A762E951A.roa
Signing time: Tue 29 Oct 2024 04:56:19 +0000
ROA not before: Tue 29 Oct 2024 04:56:15 +0000
ROA not after: Sun 29 Oct 2034 04:56:15 +0000
asID: 37680
IP address blocks: 102.132.224.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36FC6C8/D37D2DA070E311EF84610147762E951A/JRG61AeNRnKs9DJCmSGM5IVdA50.crl
rsync://rpki.afrinic.net/repository/member_repository/F36FC6C8/D37D2DA070E311EF84610147762E951A/JRG61AeNRnKs9DJCmSGM5IVdA50.mft
rsync://rpki.afrinic.net/repository/afrinic/JRG61AeNRnKs9DJCmSGM5IVdA50.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 26 Nov 2024 00:05:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 72 (0x48)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36FC6C8AF/serialNumber=2511BAD4078D4672ACF4324299218CE4855D039D
Validity
Not Before: Oct 29 04:56:15 2024 GMT
Not After : Oct 29 04:56:15 2034 GMT
Subject: CN=67206af3-32ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:3c:fe:71:85:57:f6:58:f8:a3:d3:48:d5:59:
1b:2c:1b:fb:5b:3d:0b:35:79:14:f9:6a:f8:4d:2f:
42:92:2c:5a:4a:4d:7f:62:9e:aa:1e:da:b8:f3:7f:
ab:ce:e1:99:6c:d5:ab:68:94:cb:45:c8:87:5a:a3:
82:2d:93:91:fe:ee:3c:d4:16:d2:7b:5d:20:d0:c4:
44:46:1b:75:2c:54:87:a2:78:2e:cd:f4:10:fc:7c:
4d:1d:00:12:08:d1:61:21:6c:bb:4a:79:af:15:ed:
c6:16:a6:61:cc:33:8a:d7:a5:00:93:f0:7b:50:bf:
51:09:72:0b:0a:d7:ff:3d:bc:a5:fc:86:01:58:09:
13:e6:54:31:f2:51:8d:76:15:6f:b6:96:94:37:8c:
02:36:8d:49:9c:a7:93:76:7e:cb:29:b0:3f:56:0c:
e0:37:28:e8:27:bb:b1:4e:56:4c:d2:18:e4:ab:35:
72:62:61:10:86:c1:92:c0:dd:9b:85:e1:35:42:7c:
c3:17:01:5f:3b:67:6f:55:e1:e7:62:3b:8a:2b:3d:
17:3e:54:68:23:62:86:ad:1c:e5:a8:23:6f:21:28:
b8:5c:ed:10:da:38:da:91:eb:67:fd:98:a4:65:a8:
16:70:e8:80:80:5d:02:3a:f8:99:cd:3e:27:23:88:
e6:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:FB:CD:65:0A:F6:1D:87:5C:3A:7D:8E:63:1A:EC:B7:D1:04:D5:44
X509v3 Authority Key Identifier:
keyid:25:11:BA:D4:07:8D:46:72:AC:F4:32:42:99:21:8C:E4:85:5D:03:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36FC6C8/D37D2DA070E311EF84610147762E951A/JRG61AeNRnKs9DJCmSGM5IVdA50.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JRG61AeNRnKs9DJCmSGM5IVdA50.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36FC6C8/D37D2DA070E311EF84610147762E951A/22A1289E95B211EFADF2148A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.132.224.0/20
Signature Algorithm: sha256WithRSAEncryption
84:85:b8:1c:48:b1:20:04:54:67:f7:79:12:a4:2b:20:1f:de:
ae:a6:1a:3c:81:01:14:84:bb:f5:db:24:2f:3f:9a:9c:a7:dc:
05:6e:3a:ab:22:63:1e:0c:8c:31:c3:c9:0f:11:6a:9d:2f:a4:
c4:fd:8c:f0:a8:56:5d:6a:bb:b7:7e:2f:9a:68:ff:4d:c1:d9:
b2:9a:fc:ca:a5:22:22:18:7d:2d:d2:c5:75:bd:7c:8f:1f:e1:
cf:b7:b9:ab:98:4b:f6:b4:c4:47:94:3a:dc:18:b9:83:f7:e9:
df:7b:7c:c4:a9:bd:3c:d8:37:bb:fc:05:05:c2:07:0b:39:96:
32:76:88:6c:d0:75:e2:29:0d:48:71:0d:59:72:78:c7:ac:32:
7a:22:98:f7:e9:7c:8c:87:6b:c5:ef:25:d6:ae:07:39:0a:89:
2c:6c:21:c6:80:a8:b2:5c:48:b7:88:12:58:53:42:f1:72:4e:
f1:9e:0c:58:9a:0d:fd:21:a6:9b:ff:10:af:39:5f:e0:dc:f0:
f1:9e:80:ce:53:86:03:94:a3:fa:77:5f:1d:75:08:d4:87:e8:
b8:4e:d6:cb:c8:64:a6:2a:99:85:fa:8f:c6:52:80:ce:2c:98:
8f:e9:9d:a1:4b:9a:d9:5d:d2:86:69:67:c7:35:e4:73:70:27:
63:08:02:0b
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBSDANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZG
QzZDOEFGMTEwLwYDVQQFEygyNTExQkFENDA3OEQ0NjcyQUNGNDMyNDI5OTIxOENF
NDg1NUQwMzlEMB4XDTI0MTAyOTA0NTYxNVoXDTM0MTAyOTA0NTYxNVowGDEWMBQG
A1UEAxMNNjcyMDZhZjMtMzJjYTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANs8/nGFV/ZY+KPTSNVZGywb+1s9CzV5FPlq+E0vQpIsWkpNf2Keqh7auPN/
q87hmWzVq2iUy0XIh1qjgi2Tkf7uPNQW0ntdINDEREYbdSxUh6J4Ls30EPx8TR0A
EgjRYSFsu0p5rxXtxhamYcwzitelAJPwe1C/UQlyCwrX/z28pfyGAVgJE+ZUMfJR
jXYVb7aWlDeMAjaNSZynk3Z+yymwP1YM4Dco6Ce7sU5WTNIY5Ks1cmJhEIbBksDd
m4XhNUJ8wxcBXztnb1Xh52I7iis9Fz5UaCNihq0c5agjbyEouFztENo42pHrZ/2Y
pGWoFnDogIBdAjr4mc0+JyOI5ucCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBSo+81l
CvYdh1w6fY5jGuy30QTVRDAfBgNVHSMEGDAWgBQlEbrUB41Gcqz0MkKZIYzkhV0D
nTAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2RkM2QzgvRDM3RDJEQTA3MEUzMTFFRjg0NjEwMTQ3NzYyRTk1MUEvSlJHNjFB
ZU5SbktzOURKQ21TR001SVZkQTUwLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvSlJHNjFBZU5SbktzOURKQ21TR001SVZkQTUwLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2RkM2QzgvRDM3RDJEQTA3MEUzMTFFRjg0NjEwMTQ3NzYy
RTk1MUEvMjJBMTI4OUU5NUIyMTFFRkFERjIxNDhBNzYyRTk1MUEucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBGaE4DANBgkqhkiG9w0BAQsF
AAOCAQEAhIW4HEixIARUZ/d5EqQrIB/erqYaPIEBFIS79dskLz+anKfcBW46qyJj
HgyMMcPJDxFqnS+kxP2M8KhWXWq7t34vmmj/TcHZspr8yqUiIhh9LdLFdb18jx/h
z7e5q5hL9rTER5Q63Bi5g/fp33t8xKm9PNg3u/wFBcIHCzmWMnaIbNB14ikNSHEN
WXJ4x6wyeiKY9+l8jIdrxe8l1q4HOQqJLGwhxoCoslxIt4gSWFNC8XJO8Z4MWJoN
/SGmm/8Qrzlf4Nzw8Z6AzlOGA5Sj+ndfHXUI1IfouE7Wy8hkpiqZhfqPxlKAziyY
j+mdoUua2V3ShmlnxzXkc3AnYwgCCw==
-----END CERTIFICATE-----
Generated at Sun Nov 24 04:29:40 2024 by rpki-client on console-fra.rpki-client.org