Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36FE19E/AB7E78BE48DF11EDA761B29CF1222468/CE07EBFC434F11EE9E338E5E4AD9E6FC.roa
File: CE07EBFC434F11EE9E338E5E4AD9E6FC.roa (raw, json)
Hash identifier: lLKF/LQUCJrjFGeoKrxD3GvZk7yNLfxsdpj4p8cAFcg=
Subject key identifier: 1D:89:E2:74:02:98:3A:98:80:8E:44:CA:0B:1A:0B:F5:CC:77:C3:A2
Certificate issuer: /CN=F36FE19EAF/serialNumber=C78CDC3B5D4B13675CB48AD3B63BE01EC5A807F8
Certificate serial: 0156
Authority key identifier: C7:8C:DC:3B:5D:4B:13:67:5C:B4:8A:D3:B6:3B:E0:1E:C5:A8:07:F8
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/x4zcO11LE2dctIrTtjvgHsWoB_g.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36FE19E/AB7E78BE48DF11EDA761B29CF1222468/CE07EBFC434F11EE9E338E5E4AD9E6FC.roa
Signing time: Fri 25 Aug 2023 14:00:53 +0000
ROA not before: Fri 25 Aug 2023 14:00:50 +0000
ROA not after: Sat 31 Dec 2033 14:00:50 +0000
asID: 328977
IP address blocks: 102.217.156.0/22 maxlen: 24
2c0f:6300::/32 maxlen: 56
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36FE19E/AB7E78BE48DF11EDA761B29CF1222468/x4zcO11LE2dctIrTtjvgHsWoB_g.crl
rsync://rpki.afrinic.net/repository/member_repository/F36FE19E/AB7E78BE48DF11EDA761B29CF1222468/x4zcO11LE2dctIrTtjvgHsWoB_g.mft
rsync://rpki.afrinic.net/repository/afrinic/x4zcO11LE2dctIrTtjvgHsWoB_g.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 342 (0x156)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36FE19EAF/serialNumber=C78CDC3B5D4B13675CB48AD3B63BE01EC5A807F8
Validity
Not Before: Aug 25 14:00:50 2023 GMT
Not After : Dec 31 14:00:50 2033 GMT
Subject: CN=64e8b415-3c87
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:72:3e:16:21:7a:86:7d:34:91:61:fd:cd:0f:
b4:9f:22:93:64:28:21:52:49:1a:83:ae:32:6c:6a:
b6:88:fc:38:07:cb:e7:85:e8:a9:ef:a0:48:ea:d5:
db:76:c4:de:23:66:4b:ea:8d:e6:2c:c6:50:28:de:
c3:c4:3a:3c:df:d8:83:1d:af:ac:99:a1:84:94:1b:
90:a4:35:43:ad:b3:87:0e:7c:ed:12:14:9a:17:7f:
ea:86:a4:49:10:7e:04:78:3d:e5:ab:15:61:64:71:
09:05:4e:9d:ab:ab:7d:c6:18:16:42:c5:6c:1e:61:
75:05:8f:55:2d:da:d8:25:b5:a1:aa:42:16:89:57:
45:9c:3c:1f:91:26:3f:10:f1:bf:13:58:d4:e2:03:
6f:d8:4b:7f:87:f8:cd:4c:00:6f:5d:3a:ec:fa:86:
95:6a:a2:d5:6f:56:e3:43:82:19:ed:40:30:f4:9d:
19:24:52:13:de:be:4d:9d:25:85:a8:35:3d:b9:92:
b2:c9:9a:ae:eb:25:cf:40:bb:0d:71:1d:66:fb:b1:
94:5f:0e:88:11:27:e4:da:45:51:f8:75:54:53:b8:
4f:4c:e3:57:87:73:c6:34:c1:cc:86:83:fb:25:2e:
f0:b7:ef:e1:18:0f:dd:86:04:01:81:6f:3a:56:20:
58:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:89:E2:74:02:98:3A:98:80:8E:44:CA:0B:1A:0B:F5:CC:77:C3:A2
X509v3 Authority Key Identifier:
keyid:C7:8C:DC:3B:5D:4B:13:67:5C:B4:8A:D3:B6:3B:E0:1E:C5:A8:07:F8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36FE19E/AB7E78BE48DF11EDA761B29CF1222468/x4zcO11LE2dctIrTtjvgHsWoB_g.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/x4zcO11LE2dctIrTtjvgHsWoB_g.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36FE19E/AB7E78BE48DF11EDA761B29CF1222468/CE07EBFC434F11EE9E338E5E4AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.217.156.0/22
IPv6:
2c0f:6300::/32
Signature Algorithm: sha256WithRSAEncryption
05:15:85:29:fd:bf:9b:ff:97:d2:39:c3:79:03:a8:41:2b:af:
bd:b5:ea:ec:4a:7e:43:5d:21:d1:09:1f:0a:03:31:38:76:e3:
e0:8c:34:af:cf:63:22:9a:a7:f8:2a:90:7c:34:d0:59:97:b9:
9d:19:61:cf:66:e9:15:61:67:59:7f:39:c9:b1:d7:f6:1d:00:
f2:03:c4:09:4c:8e:6b:46:8b:f8:67:35:c1:d9:b0:d6:9c:99:
88:dc:f1:73:70:9b:df:aa:ce:37:8c:93:a6:31:b3:7f:d0:b6:
2d:87:9f:0d:df:9a:8f:d1:d4:00:09:00:a0:14:a5:37:ca:d4:
6d:c6:3f:69:eb:0c:86:36:38:12:5f:a8:38:93:2a:06:81:45:
19:60:87:ee:8f:f1:c4:16:b8:a4:df:19:fa:75:ac:7c:af:3b:
6d:77:7f:15:82:69:0f:73:16:7a:22:6e:11:79:a2:5b:bd:52:
64:b0:6c:13:f5:55:60:eb:db:c9:07:5a:9f:db:9d:f0:bf:e5:
1b:6e:13:1a:dd:69:f7:3a:57:fa:15:82:a1:7b:ec:a2:78:6a:
c0:f4:43:d9:d4:8b:c1:cf:e3:8e:06:75:c0:63:53:c2:4d:82:
b0:fc:9f:79:0d:ac:10:db:de:65:9b:40:52:4d:b5:bd:6b:fe:
26:e5:7b:18
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgICAVYwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
RkUxOUVBRjExMC8GA1UEBRMoQzc4Q0RDM0I1RDRCMTM2NzVDQjQ4QUQzQjYzQkUw
MUVDNUE4MDdGODAeFw0yMzA4MjUxNDAwNTBaFw0zMzEyMzExNDAwNTBaMBgxFjAU
BgNVBAMTDTY0ZThiNDE1LTNjODcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC7cj4WIXqGfTSRYf3ND7SfIpNkKCFSSRqDrjJsaraI/DgHy+eF6KnvoEjq
1dt2xN4jZkvqjeYsxlAo3sPEOjzf2IMdr6yZoYSUG5CkNUOts4cOfO0SFJoXf+qG
pEkQfgR4PeWrFWFkcQkFTp2rq33GGBZCxWweYXUFj1Ut2tgltaGqQhaJV0WcPB+R
Jj8Q8b8TWNTiA2/YS3+H+M1MAG9dOuz6hpVqotVvVuNDghntQDD0nRkkUhPevk2d
JYWoNT25krLJmq7rJc9Auw1xHWb7sZRfDogRJ+TaRVH4dVRTuE9M41eHc8Y0wcyG
g/slLvC37+EYD92GBAGBbzpWIFi/AgMBAAGjggK0MIICsDAdBgNVHQ4EFgQUHYni
dAKYOpiAjkTKCxoL9cx3w6IwHwYDVR0jBBgwFoAUx4zcO11LE2dctIrTtjvgHsWo
B/gwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkZFMTlFL0FCN0U3OEJFNDhERjExRURBNzYxQjI5Q0YxMjIyNDY4L3g0emNP
MTFMRTJkY3RJclR0anZnSHNXb0JfZy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL3g0emNPMTFMRTJkY3RJclR0anZnSHNXb0JfZy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkZFMTlFL0FCN0U3OEJFNDhERjExRURBNzYxQjI5Q0Yx
MjIyNDY4L0NFMDdFQkZDNDM0RjExRUU5RTMzOEU1RTRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBAJm2ZwwDQQCAAIwBwMFACwP
YwAwDQYJKoZIhvcNAQELBQADggEBAAUVhSn9v5v/l9I5w3kDqEErr7216uxKfkNd
IdEJHwoDMTh24+CMNK/PYyKap/gqkHw00FmXuZ0ZYc9m6RVhZ1l/Ocmx1/YdAPID
xAlMjmtGi/hnNcHZsNacmYjc8XNwm9+qzjeMk6Yxs3/Qti2Hnw3fmo/R1AAJAKAU
pTfK1G3GP2nrDIY2OBJfqDiTKgaBRRlgh+6P8cQWuKTfGfp1rHyvO213fxWCaQ9z
FnoibhF5olu9UmSwbBP1VWDr28kHWp/bnfC/5RtuExrdafc6V/oVgqF77KJ4asD0
Q9nUi8HP444GdcBjU8JNgrD8n3kNrBDb3mWbQFJNtb1r/iblexg=
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:53:01 2024 by rpki-client on console-fra.rpki-client.org