Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36FC6C8/D37D2DA070E311EF84610147762E951A/DEC4576895B111EFBC40FC87762E951A.roa
File: DEC4576895B111EFBC40FC87762E951A.roa (raw, json)
Hash identifier: cNvNLmulr3q7Rbt/YZgFz6F9EsSZd5DaC0zf6Wecb04=
Subject key identifier: BB:C6:07:45:A3:33:72:09:31:63:E1:D9:F3:0C:8B:A2:50:BD:F4:03
Certificate issuer: /CN=F36FC6C8AF/serialNumber=2511BAD4078D4672ACF4324299218CE4855D039D
Certificate serial: 42
Authority key identifier: 25:11:BA:D4:07:8D:46:72:AC:F4:32:42:99:21:8C:E4:85:5D:03:9D
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JRG61AeNRnKs9DJCmSGM5IVdA50.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36FC6C8/D37D2DA070E311EF84610147762E951A/DEC4576895B111EFBC40FC87762E951A.roa
Signing time: Tue 29 Oct 2024 04:54:25 +0000
ROA not before: Tue 29 Oct 2024 04:54:21 +0000
ROA not after: Sun 29 Oct 2034 04:54:21 +0000
asID: 37680
IP address blocks: 102.132.160.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36FC6C8/D37D2DA070E311EF84610147762E951A/JRG61AeNRnKs9DJCmSGM5IVdA50.crl
rsync://rpki.afrinic.net/repository/member_repository/F36FC6C8/D37D2DA070E311EF84610147762E951A/JRG61AeNRnKs9DJCmSGM5IVdA50.mft
rsync://rpki.afrinic.net/repository/afrinic/JRG61AeNRnKs9DJCmSGM5IVdA50.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 26 Nov 2024 00:05:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66 (0x42)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36FC6C8AF/serialNumber=2511BAD4078D4672ACF4324299218CE4855D039D
Validity
Not Before: Oct 29 04:54:21 2024 GMT
Not After : Oct 29 04:54:21 2034 GMT
Subject: CN=67206a81-f8ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:5b:49:8a:02:8b:cb:f9:86:11:1b:fb:f5:86:
6b:a8:b9:89:ed:31:4c:2d:9f:74:30:1b:e0:97:44:
9e:f8:00:e8:73:c8:11:f8:05:34:e0:d9:a5:b3:97:
d8:a8:0c:f1:44:c0:68:c7:b6:55:d8:ff:75:ae:0e:
36:68:ca:8f:ea:d9:d0:bc:06:40:c9:e7:c0:e7:56:
5c:98:6b:cb:94:94:37:bb:15:1a:d4:8f:8d:c0:42:
dd:38:09:a1:b3:79:73:0c:eb:8c:71:ac:c9:f6:83:
a4:10:29:0c:c1:37:8a:cd:34:e8:39:a6:eb:10:00:
8e:31:c4:58:09:06:46:01:2b:fa:81:ba:9f:b8:6c:
7b:23:34:2b:fd:5c:67:18:b3:00:9f:c8:03:79:7b:
17:7a:17:52:50:f6:49:60:03:76:4f:0b:87:d9:71:
d9:4b:14:5d:5a:eb:44:42:54:db:3b:ca:25:19:27:
0b:a9:f8:99:db:c2:44:d0:46:e8:d0:f2:96:7e:5e:
e7:8f:84:4b:ac:84:d6:29:72:55:b1:06:93:82:61:
07:c8:8c:a4:56:44:c1:0b:a9:2b:95:d2:f8:03:ba:
88:53:2f:30:f7:59:cf:56:e4:2c:06:34:ed:98:9a:
62:d3:49:9e:3b:c0:41:b6:94:5e:2b:d3:56:d9:1f:
7a:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:C6:07:45:A3:33:72:09:31:63:E1:D9:F3:0C:8B:A2:50:BD:F4:03
X509v3 Authority Key Identifier:
keyid:25:11:BA:D4:07:8D:46:72:AC:F4:32:42:99:21:8C:E4:85:5D:03:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36FC6C8/D37D2DA070E311EF84610147762E951A/JRG61AeNRnKs9DJCmSGM5IVdA50.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JRG61AeNRnKs9DJCmSGM5IVdA50.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36FC6C8/D37D2DA070E311EF84610147762E951A/DEC4576895B111EFBC40FC87762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.132.160.0/20
Signature Algorithm: sha256WithRSAEncryption
c9:0b:e1:14:26:52:7d:04:ed:84:9b:6f:41:a2:fb:7f:c9:62:
02:8c:cd:82:1f:48:54:20:22:5a:39:3f:95:7f:98:a8:1d:60:
0c:22:40:59:0f:6f:6a:c0:5e:a4:30:f6:ed:88:68:cb:45:c3:
e0:6b:83:78:11:50:16:f3:32:65:cb:87:e3:0a:61:97:ec:f7:
c1:5e:b4:f6:2a:6e:d2:26:b2:8c:25:1c:6e:26:b7:43:49:d5:
42:a0:5f:44:99:32:03:4f:38:68:be:bb:21:31:42:7b:9b:a7:
16:fe:81:ab:9d:f6:a8:f4:4e:b7:b4:80:d6:a3:cb:94:4c:76:
e3:be:cc:e7:23:4c:21:fd:68:2e:ca:10:9a:5a:69:22:b6:46:
0e:d5:30:f7:2b:91:f2:78:3f:d5:77:7c:d3:15:cb:03:57:06:
90:86:c2:c3:55:37:ea:0f:06:0d:b2:e5:f8:9a:dc:9d:05:f9:
bf:50:27:e2:cf:bf:e1:44:16:ab:8d:1a:a0:40:90:7b:3f:1e:
7a:db:96:a6:76:6f:03:02:46:4b:58:c0:98:97:02:94:3f:1d:
d4:18:55:4d:f9:d3:72:2a:4b:cc:47:02:49:0f:04:bb:6f:ae:
cb:e2:cf:53:e6:2e:a6:fd:3b:da:b5:4a:3e:3d:76:a5:e8:00:
4f:42:1a:c1
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBQjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZG
QzZDOEFGMTEwLwYDVQQFEygyNTExQkFENDA3OEQ0NjcyQUNGNDMyNDI5OTIxOENF
NDg1NUQwMzlEMB4XDTI0MTAyOTA0NTQyMVoXDTM0MTAyOTA0NTQyMVowGDEWMBQG
A1UEAxMNNjcyMDZhODEtZjhjYTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKhbSYoCi8v5hhEb+/WGa6i5ie0xTC2fdDAb4JdEnvgA6HPIEfgFNODZpbOX
2KgM8UTAaMe2Vdj/da4ONmjKj+rZ0LwGQMnnwOdWXJhry5SUN7sVGtSPjcBC3TgJ
obN5cwzrjHGsyfaDpBApDME3is006Dmm6xAAjjHEWAkGRgEr+oG6n7hseyM0K/1c
ZxizAJ/IA3l7F3oXUlD2SWADdk8Lh9lx2UsUXVrrREJU2zvKJRknC6n4mdvCRNBG
6NDyln5e54+ES6yE1ilyVbEGk4JhB8iMpFZEwQupK5XS+AO6iFMvMPdZz1bkLAY0
7ZiaYtNJnjvAQbaUXivTVtkfelsCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBS7xgdF
ozNyCTFj4dnzDIuiUL30AzAfBgNVHSMEGDAWgBQlEbrUB41Gcqz0MkKZIYzkhV0D
nTAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2RkM2QzgvRDM3RDJEQTA3MEUzMTFFRjg0NjEwMTQ3NzYyRTk1MUEvSlJHNjFB
ZU5SbktzOURKQ21TR001SVZkQTUwLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvSlJHNjFBZU5SbktzOURKQ21TR001SVZkQTUwLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2RkM2QzgvRDM3RDJEQTA3MEUzMTFFRjg0NjEwMTQ3NzYy
RTk1MUEvREVDNDU3Njg5NUIxMTFFRkJDNDBGQzg3NzYyRTk1MUEucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBGaEoDANBgkqhkiG9w0BAQsF
AAOCAQEAyQvhFCZSfQTthJtvQaL7f8liAozNgh9IVCAiWjk/lX+YqB1gDCJAWQ9v
asBepDD27Yhoy0XD4GuDeBFQFvMyZcuH4wphl+z3wV609ipu0iayjCUcbia3Q0nV
QqBfRJkyA084aL67ITFCe5unFv6Bq532qPROt7SA1qPLlEx2477M5yNMIf1oLsoQ
mlppIrZGDtUw9yuR8ng/1Xd80xXLA1cGkIbCw1U36g8GDbLl+JrcnQX5v1An4s+/
4UQWq40aoECQez8eetuWpnZvAwJGS1jAmJcClD8d1BhVTfnTcipLzEcCSQ8Eu2+u
y+LPU+Yupv072rVKPj12pegAT0IawQ==
-----END CERTIFICATE-----
Generated at Sun Nov 24 04:29:40 2024 by rpki-client on console-fra.rpki-client.org