Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3652C3A/D607CF289A8111EE8A7BF12BD25BE465/9DB45F1AAEF411EEBD21E1A2775412E6.roa
File: 9DB45F1AAEF411EEBD21E1A2775412E6.roa (raw, json)
Hash identifier: zk4qjNpUR6ox7pi92CW344nHF3kKf96YYdu89XzhQ3o=
Subject key identifier: 61:C9:75:2E:24:B5:92:E7:EF:EE:DC:3E:EC:72:04:EE:DA:E2:E1:98
Certificate issuer: /CN=F3652C3AAF/serialNumber=3F0EEA59196D14A32AF35DA1710F150D5F9DDDD8
Certificate serial: 20
Authority key identifier: 3F:0E:EA:59:19:6D:14:A3:2A:F3:5D:A1:71:0F:15:0D:5F:9D:DD:D8
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/Pw7qWRltFKMq812hcQ8VDV-d3dg.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3652C3A/D607CF289A8111EE8A7BF12BD25BE465/9DB45F1AAEF411EEBD21E1A2775412E6.roa
Signing time: Tue 09 Jan 2024 13:40:14 +0000
ROA not before: Tue 09 Jan 2024 13:40:10 +0000
ROA not after: Sun 31 Dec 2028 13:40:10 +0000
asID: 396982
IP address blocks: 154.65.66.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3652C3A/D607CF289A8111EE8A7BF12BD25BE465/Pw7qWRltFKMq812hcQ8VDV-d3dg.crl
rsync://rpki.afrinic.net/repository/member_repository/F3652C3A/D607CF289A8111EE8A7BF12BD25BE465/Pw7qWRltFKMq812hcQ8VDV-d3dg.mft
rsync://rpki.afrinic.net/repository/afrinic/Pw7qWRltFKMq812hcQ8VDV-d3dg.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 07 May 2024 00:04:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 32 (0x20)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3652C3AAF/serialNumber=3F0EEA59196D14A32AF35DA1710F150D5F9DDDD8
Validity
Not Before: Jan 9 13:40:10 2024 GMT
Not After : Dec 31 13:40:10 2028 GMT
Subject: CN=659d4cbd-2746
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:86:80:0c:55:0e:ba:0d:70:f5:78:34:26:69:
de:e3:35:71:cd:8d:28:90:f0:0b:49:66:c7:b2:3c:
ea:b3:e5:af:34:a2:f4:61:73:46:0c:0e:7d:4a:48:
ed:0b:4d:a9:33:69:75:ff:3c:c3:d0:bf:68:ed:cf:
b0:24:90:d2:5b:e7:8e:a0:ad:4c:8a:b5:2f:1d:33:
56:f4:a8:01:76:17:58:42:18:b1:b4:85:17:eb:8f:
65:e3:b8:d2:4b:3d:85:2a:01:5d:ed:78:12:3b:0d:
67:6a:4c:c1:87:21:34:8d:91:5e:54:9c:95:93:d0:
bb:dc:89:49:33:e9:d3:5b:61:28:05:dd:bc:17:52:
6e:5d:6a:29:87:ca:d4:f2:b5:5f:97:af:bf:2c:81:
ec:b6:89:fa:a1:5f:80:2b:a4:5f:f5:cf:0f:6d:d1:
b1:06:c0:da:cd:01:08:40:73:33:c5:b4:11:0f:a3:
07:74:fe:df:de:7f:d0:b4:90:ca:77:0d:8a:6c:ac:
d9:44:c5:02:17:d8:e1:96:cb:c3:94:1d:3f:7c:5a:
a6:ec:50:d8:e5:88:29:6e:ff:65:06:ae:ac:3e:fd:
7b:76:a5:4f:db:cb:7f:78:04:bb:16:b4:24:13:d7:
07:7b:56:08:07:65:71:75:f4:41:77:60:ae:86:f4:
8a:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:C9:75:2E:24:B5:92:E7:EF:EE:DC:3E:EC:72:04:EE:DA:E2:E1:98
X509v3 Authority Key Identifier:
keyid:3F:0E:EA:59:19:6D:14:A3:2A:F3:5D:A1:71:0F:15:0D:5F:9D:DD:D8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3652C3A/D607CF289A8111EE8A7BF12BD25BE465/Pw7qWRltFKMq812hcQ8VDV-d3dg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/Pw7qWRltFKMq812hcQ8VDV-d3dg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3652C3A/D607CF289A8111EE8A7BF12BD25BE465/9DB45F1AAEF411EEBD21E1A2775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.65.66.0/23
Signature Algorithm: sha256WithRSAEncryption
90:b2:1d:e4:cd:5f:76:7e:df:88:59:65:cb:61:b7:b6:44:81:
f2:db:22:32:f1:47:69:0e:2f:e8:1d:f5:0f:39:ca:ac:17:56:
8d:39:72:bb:34:08:4b:43:e4:54:39:9b:1f:af:1e:24:60:80:
5b:35:7f:8e:4a:f7:0e:f3:59:ff:c4:6a:93:f6:f2:f5:bc:04:
7f:7f:38:04:fa:df:97:e5:d9:d2:b2:fd:0f:27:9a:6c:c0:44:
73:64:89:dd:0c:df:91:49:e6:7f:98:21:7d:6d:c9:c6:65:45:
7c:29:c5:bf:77:bc:49:28:92:34:34:74:f8:c6:31:88:6e:be:
9a:41:3a:32:e3:da:b2:bb:b0:0b:2c:47:ff:bc:6d:02:d6:8c:
fb:98:b1:33:7f:e9:a5:89:25:66:c1:4e:f1:d9:0a:ca:7c:1e:
78:58:03:2a:9c:a3:80:23:cb:57:2e:59:3c:94:cc:85:ec:4a:
04:9d:c5:14:24:b7:36:33:b4:62:52:e6:38:a4:e3:e2:33:ff:
95:be:2d:1a:6f:fb:d5:50:6c:72:ad:d9:f0:23:77:8c:cb:17:
94:14:66:bf:d5:27:0b:89:90:0b:ba:6e:98:4e:06:ae:1c:b6:
a9:cb:52:da:26:d8:68:69:0a:a2:65:0b:4b:36:a2:00:7a:94:
c6:64:ed:21
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBIDANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY1
MkMzQUFGMTEwLwYDVQQFEygzRjBFRUE1OTE5NkQxNEEzMkFGMzVEQTE3MTBGMTUw
RDVGOUREREQ4MB4XDTI0MDEwOTEzNDAxMFoXDTI4MTIzMTEzNDAxMFowGDEWMBQG
A1UEAxMNNjU5ZDRjYmQtMjc0NjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALyGgAxVDroNcPV4NCZp3uM1cc2NKJDwC0lmx7I86rPlrzSi9GFzRgwOfUpI
7QtNqTNpdf88w9C/aO3PsCSQ0lvnjqCtTIq1Lx0zVvSoAXYXWEIYsbSFF+uPZeO4
0ks9hSoBXe14EjsNZ2pMwYchNI2RXlSclZPQu9yJSTPp01thKAXdvBdSbl1qKYfK
1PK1X5evvyyB7LaJ+qFfgCukX/XPD23RsQbA2s0BCEBzM8W0EQ+jB3T+395/0LSQ
yncNimys2UTFAhfY4ZbLw5QdP3xapuxQ2OWIKW7/ZQaurD79e3alT9vLf3gEuxa0
JBPXB3tWCAdlcXX0QXdgrob0in0CAwEAAaOCAqUwggKhMB0GA1UdDgQWBBRhyXUu
JLWS5+/u3D7scgTu2uLhmDAfBgNVHSMEGDAWgBQ/DupZGW0UoyrzXaFxDxUNX53d
2DAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NTJDM0EvRDYwN0NGMjg5QTgxMTFFRThBN0JGMTJCRDI1QkU0NjUvUHc3cVdS
bHRGS01xODEyaGNROFZEVi1kM2RnLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvUHc3cVdSbHRGS01xODEyaGNROFZEVi1kM2RnLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2NTJDM0EvRDYwN0NGMjg5QTgxMTFFRThBN0JGMTJCRDI1
QkU0NjUvOURCNDVGMUFBRUY0MTFFRUJEMjFFMUEyNzc1NDEyRTYucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAZpBQjANBgkqhkiG9w0BAQsF
AAOCAQEAkLId5M1fdn7fiFlly2G3tkSB8tsiMvFHaQ4v6B31DznKrBdWjTlyuzQI
S0PkVDmbH68eJGCAWzV/jkr3DvNZ/8Rqk/by9bwEf384BPrfl+XZ0rL9DyeabMBE
c2SJ3QzfkUnmf5ghfW3JxmVFfCnFv3e8SSiSNDR0+MYxiG6+mkE6MuPasruwCyxH
/7xtAtaM+5ixM3/ppYklZsFO8dkKynweeFgDKpyjgCPLVy5ZPJTMhexKBJ3FFCS3
NjO0YlLmOKTj4jP/lb4tGm/71VBscq3Z8CN3jMsXlBRmv9UnC4mQC7pumE4Grhy2
qctS2ibYaGkKomULSzaiAHqUxmTtIQ==
-----END CERTIFICATE-----
Generated at Sun May 5 03:47:36 2024 by rpki-client on console-fra.rpki-client.org