Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36FC8A0/F10926A256E611EEA95B26534AD9E6FC/333100CC56E711EEB82D22544AD9E6FC.roa
File: 333100CC56E711EEB82D22544AD9E6FC.roa (raw, json)
Hash identifier: iWB0O9f+LLwbK/f70tuWF05AYGrsYH+zV7rCgvpguSc=
Subject key identifier: D7:AF:49:1C:AF:58:E9:BA:E7:46:50:18:9F:D3:A5:91:A7:05:BE:2D
Certificate issuer: /CN=F36FC8A0AF/serialNumber=2E60F961314AA7D6FDDDEE9DBAB312374705E6CB
Certificate serial: 02
Authority key identifier: 2E:60:F9:61:31:4A:A7:D6:FD:DD:EE:9D:BA:B3:12:37:47:05:E6:CB
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/LmD5YTFKp9b93e6durMSN0cF5ss.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36FC8A0/F10926A256E611EEA95B26534AD9E6FC/333100CC56E711EEB82D22544AD9E6FC.roa
Signing time: Tue 19 Sep 2023 12:22:29 +0000
ROA not before: Tue 19 Sep 2023 12:22:24 +0000
ROA not after: Sat 31 Dec 2033 12:22:24 +0000
asID: 329284
IP address blocks: 102.211.236.0/22 maxlen: 24
2c0f:e40::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36FC8A0/F10926A256E611EEA95B26534AD9E6FC/LmD5YTFKp9b93e6durMSN0cF5ss.crl
rsync://rpki.afrinic.net/repository/member_repository/F36FC8A0/F10926A256E611EEA95B26534AD9E6FC/LmD5YTFKp9b93e6durMSN0cF5ss.mft
rsync://rpki.afrinic.net/repository/afrinic/LmD5YTFKp9b93e6durMSN0cF5ss.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36FC8A0AF/serialNumber=2E60F961314AA7D6FDDDEE9DBAB312374705E6CB
Validity
Not Before: Sep 19 12:22:24 2023 GMT
Not After : Dec 31 12:22:24 2033 GMT
Subject: CN=65099285-8548
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:cb:b9:de:45:61:50:c9:29:46:12:77:5a:a5:
81:99:22:8b:e9:9b:ae:25:39:0f:81:44:fd:a0:d8:
55:61:72:86:a1:c2:98:54:ab:fe:4f:69:a2:db:63:
01:6c:94:fc:ac:51:4e:0a:03:51:24:5a:da:20:a4:
ac:77:38:2c:82:7e:71:cd:90:82:da:c5:03:df:20:
f4:f9:36:86:1f:ce:55:84:1e:a3:3f:0e:1a:6f:7b:
15:e3:13:0b:06:f2:dd:9a:6d:55:3d:21:eb:4f:f3:
7b:a8:6d:d7:63:91:25:f5:07:12:c4:7b:5d:75:a0:
29:14:be:66:1a:4a:9f:2a:23:7e:ef:96:29:9b:b5:
0c:49:3d:91:48:9c:e0:5b:d0:ad:8a:d5:40:d9:77:
9c:30:b5:05:95:fc:e9:f8:95:18:fa:86:da:2f:af:
c8:e3:2a:ba:93:a2:7b:65:ef:6b:df:9a:80:9d:31:
c6:e9:96:39:53:a3:5f:54:02:08:7a:0e:85:06:aa:
b3:d6:a0:8f:51:1f:c2:aa:4f:2a:4c:0d:27:b2:58:
53:f6:4e:87:18:37:a4:1f:3e:d7:50:da:95:dd:ea:
1c:61:a7:3c:2a:65:b4:12:0a:17:59:db:b2:d6:a8:
b8:22:39:74:13:dc:39:87:a5:f3:31:8a:9c:a1:6b:
0d:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:AF:49:1C:AF:58:E9:BA:E7:46:50:18:9F:D3:A5:91:A7:05:BE:2D
X509v3 Authority Key Identifier:
keyid:2E:60:F9:61:31:4A:A7:D6:FD:DD:EE:9D:BA:B3:12:37:47:05:E6:CB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36FC8A0/F10926A256E611EEA95B26534AD9E6FC/LmD5YTFKp9b93e6durMSN0cF5ss.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/LmD5YTFKp9b93e6durMSN0cF5ss.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36FC8A0/F10926A256E611EEA95B26534AD9E6FC/333100CC56E711EEB82D22544AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.211.236.0/22
IPv6:
2c0f:e40::/32
Signature Algorithm: sha256WithRSAEncryption
47:b0:01:67:f5:58:af:c4:6b:58:f7:dd:69:57:83:11:44:e3:
13:d0:07:3c:ad:7a:95:d2:97:0d:8d:7e:8b:45:7b:83:d3:18:
78:88:7f:e6:f4:6c:35:27:14:26:cb:cc:6b:28:b9:87:2c:8c:
ec:b3:fe:51:4b:25:1a:74:6d:58:02:89:eb:61:87:40:fe:ef:
50:77:1d:23:95:87:1b:3e:90:1c:27:5e:34:57:b6:55:7f:64:
87:f4:e7:31:ec:a2:96:a1:08:e2:d0:d4:05:a5:74:76:00:26:
17:6b:80:c3:a1:d1:29:38:9e:07:d8:fc:60:61:69:9d:ba:38:
37:bb:fc:c8:93:d4:ef:e5:90:b7:79:76:7e:42:a5:86:4d:d9:
f3:0e:2d:01:02:cb:c9:fe:9d:ba:ea:54:bf:f0:3d:61:a0:38:
76:91:f4:b1:6a:3c:bd:06:00:c2:cd:95:c1:ce:c2:9e:a0:0c:
49:7c:1a:81:08:ab:71:fb:bf:da:b5:2d:4c:56:ed:26:96:1d:
b1:4b:e0:6d:cc:68:69:e4:66:e4:a0:c4:2f:1b:c6:27:04:7d:
c3:7b:7b:8c:52:5c:ea:25:b0:00:c7:9c:03:ff:70:ef:e3:05:
82:48:6f:a0:eb:69:cb:41:9e:f7:0c:79:ea:09:55:95:04:52:
af:f7:34:d6
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZG
QzhBMEFGMTEwLwYDVQQFEygyRTYwRjk2MTMxNEFBN0Q2RkREREVFOURCQUIzMTIz
NzQ3MDVFNkNCMB4XDTIzMDkxOTEyMjIyNFoXDTMzMTIzMTEyMjIyNFowGDEWMBQG
A1UEAxMNNjUwOTkyODUtODU0ODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANbLud5FYVDJKUYSd1qlgZkii+mbriU5D4FE/aDYVWFyhqHCmFSr/k9pottj
AWyU/KxRTgoDUSRa2iCkrHc4LIJ+cc2QgtrFA98g9Pk2hh/OVYQeoz8OGm97FeMT
Cwby3ZptVT0h60/ze6ht12ORJfUHEsR7XXWgKRS+ZhpKnyojfu+WKZu1DEk9kUic
4FvQrYrVQNl3nDC1BZX86fiVGPqG2i+vyOMqupOie2Xva9+agJ0xxumWOVOjX1QC
CHoOhQaqs9agj1EfwqpPKkwNJ7JYU/ZOhxg3pB8+11Dald3qHGGnPCpltBIKF1nb
staouCI5dBPcOYel8zGKnKFrDakCAwEAAaOCArQwggKwMB0GA1UdDgQWBBTXr0kc
r1jpuudGUBif06WRpwW+LTAfBgNVHSMEGDAWgBQuYPlhMUqn1v3d7p26sxI3RwXm
yzAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2RkM4QTAvRjEwOTI2QTI1NkU2MTFFRUE5NUIyNjUzNEFEOUU2RkMvTG1ENVlU
RktwOWI5M2U2ZHVyTVNOMGNGNXNzLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvTG1ENVlURktwOWI5M2U2ZHVyTVNOMGNGNXNzLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2RkM4QTAvRjEwOTI2QTI1NkU2MTFFRUE5NUIyNjUzNEFE
OUU2RkMvMzMzMTAwQ0M1NkU3MTFFRUI4MkQyMjU0NEFEOUU2RkMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAmbT7DANBAIAAjAHAwUALA8O
QDANBgkqhkiG9w0BAQsFAAOCAQEAR7ABZ/VYr8RrWPfdaVeDEUTjE9AHPK16ldKX
DY1+i0V7g9MYeIh/5vRsNScUJsvMayi5hyyM7LP+UUslGnRtWAKJ62GHQP7vUHcd
I5WHGz6QHCdeNFe2VX9kh/TnMeyilqEI4tDUBaV0dgAmF2uAw6HRKTieB9j8YGFp
nbo4N7v8yJPU7+WQt3l2fkKlhk3Z8w4tAQLLyf6duupUv/A9YaA4dpH0sWo8vQYA
ws2Vwc7CnqAMSXwagQircfu/2rUtTFbtJpYdsUvgbcxoaeRm5KDELxvGJwR9w3t7
jFJc6iWwAMecA/9w7+MFgkhvoOtpy0Ge9wx56glVlQRSr/c01g==
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:53:01 2024 by rpki-client on console-fra.rpki-client.org