Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36FC6C8/D37D2DA070E311EF84610147762E951A/BC70865E8D4211EFBE3BA55F762E951A.roa
File: BC70865E8D4211EFBE3BA55F762E951A.roa (raw, json)
Hash identifier: ygJiWI8CLxpI8Mnxch81ngEKjW9oQB5oyM2fkOPOnZM=
Subject key identifier: 60:70:84:ED:00:F5:04:15:C9:A6:AA:EA:7D:DE:D8:E0:1B:16:BC:52
Certificate issuer: /CN=F36FC6C8AF/serialNumber=2511BAD4078D4672ACF4324299218CE4855D039D
Certificate serial: 2F
Authority key identifier: 25:11:BA:D4:07:8D:46:72:AC:F4:32:42:99:21:8C:E4:85:5D:03:9D
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JRG61AeNRnKs9DJCmSGM5IVdA50.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36FC6C8/D37D2DA070E311EF84610147762E951A/BC70865E8D4211EFBE3BA55F762E951A.roa
Signing time: Fri 18 Oct 2024 11:18:44 +0000
ROA not before: Fri 18 Oct 2024 11:18:40 +0000
ROA not after: Wed 18 Oct 2034 11:18:40 +0000
asID: 37680
IP address blocks: 102.223.148.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36FC6C8/D37D2DA070E311EF84610147762E951A/JRG61AeNRnKs9DJCmSGM5IVdA50.crl
rsync://rpki.afrinic.net/repository/member_repository/F36FC6C8/D37D2DA070E311EF84610147762E951A/JRG61AeNRnKs9DJCmSGM5IVdA50.mft
rsync://rpki.afrinic.net/repository/afrinic/JRG61AeNRnKs9DJCmSGM5IVdA50.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 26 Nov 2024 00:05:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 47 (0x2f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36FC6C8AF/serialNumber=2511BAD4078D4672ACF4324299218CE4855D039D
Validity
Not Before: Oct 18 11:18:40 2024 GMT
Not After : Oct 18 11:18:40 2034 GMT
Subject: CN=67124414-9527
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:1b:37:47:46:1a:8d:6b:50:80:ca:be:ef:ec:
33:7c:d6:79:af:c0:3b:e2:ab:c5:78:b5:be:bf:99:
f6:7a:c2:ec:a9:a0:70:af:1b:3c:c0:74:f5:5a:76:
1e:ee:48:15:88:3c:d0:1a:a6:f9:dc:dc:09:e6:04:
41:f7:49:ce:7b:88:40:52:c0:30:de:f1:95:04:a7:
ae:c4:2f:1a:19:f5:5c:75:2a:bb:97:15:99:2a:90:
41:8a:cc:47:7b:80:e3:19:6b:ca:d1:59:4b:9b:63:
4a:12:e0:ae:dc:b4:72:dc:5b:5b:68:61:ec:77:d0:
87:c1:e5:5e:28:91:d8:1f:a3:29:18:24:2c:5c:c0:
25:b3:89:19:a2:78:0c:4d:94:b1:84:c5:45:bd:d0:
65:56:66:08:da:90:0f:36:9d:f0:f8:53:80:98:8d:
a0:00:17:bf:71:66:bc:d1:59:fd:28:2b:32:9d:9c:
da:e8:d6:aa:8a:6f:87:18:c3:24:31:78:02:8b:ec:
13:93:1e:ea:7b:32:5e:3d:1c:57:c4:e0:33:ba:8b:
29:6e:28:e6:c1:42:74:9e:74:9a:82:5e:cf:e0:b1:
09:75:66:9c:ff:1a:f6:a3:2d:ef:42:38:c9:4c:f3:
a3:80:b8:39:1e:0f:39:1a:ea:fd:fc:c5:bf:81:04:
ea:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:70:84:ED:00:F5:04:15:C9:A6:AA:EA:7D:DE:D8:E0:1B:16:BC:52
X509v3 Authority Key Identifier:
keyid:25:11:BA:D4:07:8D:46:72:AC:F4:32:42:99:21:8C:E4:85:5D:03:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36FC6C8/D37D2DA070E311EF84610147762E951A/JRG61AeNRnKs9DJCmSGM5IVdA50.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JRG61AeNRnKs9DJCmSGM5IVdA50.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36FC6C8/D37D2DA070E311EF84610147762E951A/BC70865E8D4211EFBE3BA55F762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.223.148.0/22
Signature Algorithm: sha256WithRSAEncryption
2f:1b:b0:94:ba:eb:94:b9:e1:ef:64:6a:aa:96:d6:5a:da:69:
b6:a6:42:87:59:0e:09:a1:e5:90:c8:40:67:a9:b2:ca:b5:9d:
4f:d5:af:34:9b:85:c3:e4:15:da:77:f7:ce:cf:ec:5f:1a:d6:
21:4f:7a:98:d5:95:6f:73:e3:19:ea:6a:44:5b:d3:f7:f2:a8:
93:c2:5b:3d:fc:54:11:2a:17:cf:51:12:2c:39:98:95:1d:33:
1b:b3:88:9c:04:1e:ba:38:33:35:94:21:39:d6:20:f2:a9:7a:
86:7b:a1:bd:ee:68:0d:13:d0:2a:ae:93:21:ac:ff:5c:bd:ee:
46:e6:d9:d5:18:7d:db:9f:50:63:6b:b2:da:ff:9b:ac:6e:8e:
44:5f:1b:96:9c:21:75:db:92:b3:40:d0:0b:83:0b:24:34:ea:
e9:65:d4:c9:2d:e7:cd:13:37:9d:b6:7f:6b:40:ac:d6:b8:3d:
87:82:33:d8:09:30:34:a8:a4:47:35:45:1f:ab:58:22:c5:29:
d0:73:67:54:1e:b9:f6:07:43:66:49:2c:4c:c0:80:50:25:cc:
ef:60:95:a7:05:bb:32:06:d1:93:8f:b2:ec:b3:77:1a:35:06:
c8:cd:ed:6b:2a:8f:8c:5b:0e:3e:db:64:d6:2d:92:07:51:1c:
b6:36:7a:2d
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBLzANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZG
QzZDOEFGMTEwLwYDVQQFEygyNTExQkFENDA3OEQ0NjcyQUNGNDMyNDI5OTIxOENF
NDg1NUQwMzlEMB4XDTI0MTAxODExMTg0MFoXDTM0MTAxODExMTg0MFowGDEWMBQG
A1UEAxMNNjcxMjQ0MTQtOTUyNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMAbN0dGGo1rUIDKvu/sM3zWea/AO+KrxXi1vr+Z9nrC7KmgcK8bPMB09Vp2
Hu5IFYg80Bqm+dzcCeYEQfdJznuIQFLAMN7xlQSnrsQvGhn1XHUqu5cVmSqQQYrM
R3uA4xlrytFZS5tjShLgrty0ctxbW2hh7HfQh8HlXiiR2B+jKRgkLFzAJbOJGaJ4
DE2UsYTFRb3QZVZmCNqQDzad8PhTgJiNoAAXv3FmvNFZ/SgrMp2c2ujWqopvhxjD
JDF4AovsE5Me6nsyXj0cV8TgM7qLKW4o5sFCdJ50moJez+CxCXVmnP8a9qMt70I4
yUzzo4C4OR4PORrq/fzFv4EE6kkCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBRgcITt
APUEFcmmqup93tjgGxa8UjAfBgNVHSMEGDAWgBQlEbrUB41Gcqz0MkKZIYzkhV0D
nTAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2RkM2QzgvRDM3RDJEQTA3MEUzMTFFRjg0NjEwMTQ3NzYyRTk1MUEvSlJHNjFB
ZU5SbktzOURKQ21TR001SVZkQTUwLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvSlJHNjFBZU5SbktzOURKQ21TR001SVZkQTUwLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2RkM2QzgvRDM3RDJEQTA3MEUzMTFFRjg0NjEwMTQ3NzYy
RTk1MUEvQkM3MDg2NUU4RDQyMTFFRkJFM0JBNTVGNzYyRTk1MUEucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAmbflDANBgkqhkiG9w0BAQsF
AAOCAQEALxuwlLrrlLnh72RqqpbWWtpptqZCh1kOCaHlkMhAZ6myyrWdT9WvNJuF
w+QV2nf3zs/sXxrWIU96mNWVb3PjGepqRFvT9/Kok8JbPfxUESoXz1ESLDmYlR0z
G7OInAQeujgzNZQhOdYg8ql6hnuhve5oDRPQKq6TIaz/XL3uRubZ1Rh9259QY2uy
2v+brG6ORF8blpwhdduSs0DQC4MLJDTq6WXUyS3nzRM3nbZ/a0Cs1rg9h4Iz2Akw
NKikRzVFH6tYIsUp0HNnVB659gdDZkksTMCAUCXM72CVpwW7MgbRk4+y7LN3GjUG
yM3tayqPjFsOPttk1i2SB1EctjZ6LQ==
-----END CERTIFICATE-----
Generated at Sun Nov 24 04:29:40 2024 by rpki-client on console-fra.rpki-client.org