Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36FE1EA/0781C770806F11EEADC9ED584AD9E6FC/F2BE8B0883BF11EEA35C316C4AD9E6FC.roa
File: F2BE8B0883BF11EEA35C316C4AD9E6FC.roa (raw, json)
Hash identifier: 7cVioDp5Djf3TE19QcUyNTeY86beb3OpiRF33Us6tMk=
Subject key identifier: 75:8B:48:B1:B6:EC:84:6B:76:95:9D:FF:D2:89:F9:0D:B7:2A:83:DA
Certificate issuer: /CN=F36FE1EAAF/serialNumber=07B87D94F04489356641339DE69164477D8FFA43
Certificate serial: 0A
Authority key identifier: 07:B8:7D:94:F0:44:89:35:66:41:33:9D:E6:91:64:47:7D:8F:FA:43
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/B7h9lPBEiTVmQTOd5pFkR32P-kM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36FE1EA/0781C770806F11EEADC9ED584AD9E6FC/F2BE8B0883BF11EEA35C316C4AD9E6FC.roa
Signing time: Wed 15 Nov 2023 14:04:53 +0000
ROA not before: Wed 15 Nov 2023 14:04:50 +0000
ROA not after: Wed 30 Nov 2033 14:04:50 +0000
asID: 328427
IP address blocks: 102.68.136.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36FE1EA/0781C770806F11EEADC9ED584AD9E6FC/B7h9lPBEiTVmQTOd5pFkR32P-kM.crl
rsync://rpki.afrinic.net/repository/member_repository/F36FE1EA/0781C770806F11EEADC9ED584AD9E6FC/B7h9lPBEiTVmQTOd5pFkR32P-kM.mft
rsync://rpki.afrinic.net/repository/afrinic/B7h9lPBEiTVmQTOd5pFkR32P-kM.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 27 Nov 2024 00:05:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10 (0xa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36FE1EAAF/serialNumber=07B87D94F04489356641339DE69164477D8FFA43
Validity
Not Before: Nov 15 14:04:50 2023 GMT
Not After : Nov 30 14:04:50 2033 GMT
Subject: CN=6554d005-2a7b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:3b:9d:19:10:37:68:6f:9b:35:ba:ea:66:e1:
13:f5:fd:ab:61:09:17:1f:82:32:df:93:5a:d1:3d:
a4:08:58:ee:1e:82:eb:8f:3f:e9:0e:fe:fd:94:49:
9e:ae:ed:91:1a:45:0f:18:43:ef:35:09:d7:cf:82:
2d:f3:f0:30:4b:b2:b3:4a:a2:b6:58:13:08:88:ff:
bf:85:4c:fb:cd:f3:64:14:3b:c0:26:96:fc:d3:86:
48:74:8f:1a:d3:65:cd:a3:3b:d0:71:6c:95:3c:bd:
12:19:fe:1c:bc:fc:76:bd:ad:c8:ca:6b:fc:41:83:
14:06:f9:ed:57:06:c2:a9:8b:d4:93:10:f8:d8:08:
a3:39:9c:c8:2c:70:8a:b8:a5:e9:4a:aa:25:57:8e:
5b:fb:b7:ba:2a:57:72:81:6a:d0:c3:8e:0b:97:16:
03:89:59:8d:02:6b:60:3d:90:60:20:48:97:c3:94:
a8:8d:56:74:76:99:1d:ef:9d:41:8c:e7:11:a3:4c:
5a:46:31:24:fc:2d:8d:82:a8:56:7e:a1:1f:e4:8a:
c6:36:f6:8f:c5:bd:27:12:9e:94:44:fa:4d:f9:d9:
73:d2:50:37:83:da:c5:83:a4:5a:8d:1b:80:c7:e7:
ae:20:58:40:e0:11:bd:92:3f:1d:f4:fd:cb:cc:b5:
01:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:8B:48:B1:B6:EC:84:6B:76:95:9D:FF:D2:89:F9:0D:B7:2A:83:DA
X509v3 Authority Key Identifier:
keyid:07:B8:7D:94:F0:44:89:35:66:41:33:9D:E6:91:64:47:7D:8F:FA:43
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36FE1EA/0781C770806F11EEADC9ED584AD9E6FC/B7h9lPBEiTVmQTOd5pFkR32P-kM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/B7h9lPBEiTVmQTOd5pFkR32P-kM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36FE1EA/0781C770806F11EEADC9ED584AD9E6FC/F2BE8B0883BF11EEA35C316C4AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.68.136.0/22
Signature Algorithm: sha256WithRSAEncryption
89:99:7f:18:f2:2f:fc:1a:ae:64:72:8e:69:7d:3c:c9:9e:48:
20:c3:30:f9:7f:7b:e1:8e:e5:fe:65:e2:f2:32:d1:9e:fb:2f:
e2:bc:b0:4a:32:3f:cd:1f:2b:d5:9d:3f:64:91:ee:9e:d6:ec:
aa:a5:b3:63:8f:5c:5b:a5:5f:49:56:ab:07:89:cd:aa:9b:a7:
ac:ce:8b:01:43:dd:1e:8f:23:39:30:ba:6e:24:11:10:f2:e1:
94:95:48:dd:ae:21:7e:12:f4:0b:e0:f0:0a:bc:04:59:72:f8:
97:d8:b3:d7:3e:7e:c4:ca:1c:92:32:ee:3e:9c:0d:06:11:1a:
c0:e2:b9:3f:04:6d:67:16:ac:74:d4:71:d8:6e:77:00:af:09:
dc:bc:ad:57:de:4c:79:ee:cc:db:f7:83:b3:17:19:66:18:bb:
7f:19:4f:21:a5:46:75:e1:c0:b5:c3:89:7b:1c:4f:41:50:b3:
4c:ec:40:7c:8a:9e:ee:31:0e:10:43:25:9a:68:bc:f1:a0:17:
b4:41:8f:da:f1:0e:ef:57:a8:93:68:ba:71:96:36:96:24:dc:
3e:df:b5:ab:5f:29:25:60:c4:bb:11:0f:79:98:eb:a2:84:45:
5d:2d:1e:8e:dd:e7:6c:6f:52:a7:0a:8f:3c:59:62:4d:99:8f:
5f:b7:5e:e5
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBCjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZG
RTFFQUFGMTEwLwYDVQQFEygwN0I4N0Q5NEYwNDQ4OTM1NjY0MTMzOURFNjkxNjQ0
NzdEOEZGQTQzMB4XDTIzMTExNTE0MDQ1MFoXDTMzMTEzMDE0MDQ1MFowGDEWMBQG
A1UEAxMNNjU1NGQwMDUtMmE3YjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAME7nRkQN2hvmzW66mbhE/X9q2EJFx+CMt+TWtE9pAhY7h6C648/6Q7+/ZRJ
nq7tkRpFDxhD7zUJ18+CLfPwMEuys0qitlgTCIj/v4VM+83zZBQ7wCaW/NOGSHSP
GtNlzaM70HFslTy9Ehn+HLz8dr2tyMpr/EGDFAb57VcGwqmL1JMQ+NgIozmcyCxw
iril6UqqJVeOW/u3uipXcoFq0MOOC5cWA4lZjQJrYD2QYCBIl8OUqI1WdHaZHe+d
QYznEaNMWkYxJPwtjYKoVn6hH+SKxjb2j8W9JxKelET6TfnZc9JQN4PaxYOkWo0b
gMfnriBYQOARvZI/HfT9y8y1AY0CAwEAAaOCAqUwggKhMB0GA1UdDgQWBBR1i0ix
tuyEa3aVnf/SifkNtyqD2jAfBgNVHSMEGDAWgBQHuH2U8ESJNWZBM53mkWRHfY/6
QzAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2RkUxRUEvMDc4MUM3NzA4MDZGMTFFRUFEQzlFRDU4NEFEOUU2RkMvQjdoOWxQ
QkVpVFZtUVRPZDVwRmtSMzJQLWtNLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvQjdoOWxQQkVpVFZtUVRPZDVwRmtSMzJQLWtNLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2RkUxRUEvMDc4MUM3NzA4MDZGMTFFRUFEQzlFRDU4NEFE
OUU2RkMvRjJCRThCMDg4M0JGMTFFRUEzNUMzMTZDNEFEOUU2RkMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAmZEiDANBgkqhkiG9w0BAQsF
AAOCAQEAiZl/GPIv/BquZHKOaX08yZ5IIMMw+X974Y7l/mXi8jLRnvsv4rywSjI/
zR8r1Z0/ZJHuntbsqqWzY49cW6VfSVarB4nNqpunrM6LAUPdHo8jOTC6biQREPLh
lJVI3a4hfhL0C+DwCrwEWXL4l9iz1z5+xMockjLuPpwNBhEawOK5PwRtZxasdNRx
2G53AK8J3LytV95Mee7M2/eDsxcZZhi7fxlPIaVGdeHAtcOJexxPQVCzTOxAfIqe
7jEOEEMlmmi88aAXtEGP2vEO71eok2i6cZY2liTcPt+1q18pJWDEuxEPeZjrooRF
XS0ejt3nbG9SpwqPPFliTZmPX7de5Q==
-----END CERTIFICATE-----
Generated at Mon Nov 25 04:43:49 2024 by rpki-client on console-ams.rpki-client.org