Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36C01B9/895D9300DA2E11EEA0B0C4A6775412E6/D04FADA0DAF811EE840E8376775412E6.roa
File: D04FADA0DAF811EE840E8376775412E6.roa (raw, json)
Hash identifier: 4sg1Cltt73bhhRrOxJflmNF3Z0DjSzoXnaOO59Vo86w=
Subject key identifier: 6F:60:44:F5:8F:E2:51:EF:CB:98:4C:B6:AB:D1:D6:1B:29:C6:F2:90
Certificate issuer: /CN=F36C01B9AF/serialNumber=E2FB6437B4C94D5F51221B1650563A48FF54BE09
Certificate serial: 0B
Authority key identifier: E2:FB:64:37:B4:C9:4D:5F:51:22:1B:16:50:56:3A:48:FF:54:BE:09
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/4vtkN7TJTV9RIhsWUFY6SP9Uvgk.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36C01B9/895D9300DA2E11EEA0B0C4A6775412E6/D04FADA0DAF811EE840E8376775412E6.roa
Signing time: Tue 05 Mar 2024 14:01:08 +0000
ROA not before: Tue 05 Mar 2024 14:01:04 +0000
ROA not after: Thu 05 Mar 2026 14:01:04 +0000
asID: 25543
IP address blocks: 196.28.240.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36C01B9/895D9300DA2E11EEA0B0C4A6775412E6/4vtkN7TJTV9RIhsWUFY6SP9Uvgk.crl
rsync://rpki.afrinic.net/repository/member_repository/F36C01B9/895D9300DA2E11EEA0B0C4A6775412E6/4vtkN7TJTV9RIhsWUFY6SP9Uvgk.mft
rsync://rpki.afrinic.net/repository/afrinic/4vtkN7TJTV9RIhsWUFY6SP9Uvgk.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 28 Jun 2024 00:05:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 11 (0xb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36C01B9AF/serialNumber=E2FB6437B4C94D5F51221B1650563A48FF54BE09
Validity
Not Before: Mar 5 14:01:04 2024 GMT
Not After : Mar 5 14:01:04 2026 GMT
Subject: CN=65e725a4-42c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:66:a2:bd:93:cd:bd:46:87:b9:a4:ee:73:87:
b6:1f:ec:08:6b:33:01:82:d1:25:cf:95:b9:1b:f5:
b4:95:21:53:d1:94:be:3f:c5:fb:6d:0e:a7:77:30:
4d:31:e5:92:aa:c8:43:f4:fb:40:1d:22:47:02:9d:
d1:df:85:90:76:b3:29:42:72:ae:ad:17:f7:bc:ef:
95:15:c9:e8:53:05:fd:4a:77:a3:8a:ce:f2:c6:e1:
11:81:b6:d3:d8:52:5c:df:33:37:be:0d:3b:9a:e0:
a7:e2:1f:73:b0:4c:74:c8:6c:68:8c:e0:6c:30:06:
22:84:34:6a:28:04:6c:8b:be:d9:0a:55:09:2b:30:
6e:06:31:3c:e7:35:30:94:14:da:24:03:f3:9f:6a:
7b:17:5a:11:58:9a:ce:0e:35:dd:25:ef:be:61:2e:
c9:85:9d:00:53:e7:a9:1e:18:bf:29:c1:69:21:ae:
ce:28:0a:8b:5c:f2:2b:92:b2:ce:1c:4a:85:7c:ff:
20:a0:a3:a6:a0:36:b5:3f:3d:83:d4:5a:92:97:7b:
88:2e:ff:34:f5:ec:61:70:69:3c:6c:c6:16:40:43:
19:05:69:05:0f:2e:5b:53:33:40:b6:5a:7d:81:0b:
66:e8:c8:62:bd:a6:ce:c6:14:c8:3d:63:93:b0:e8:
68:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:60:44:F5:8F:E2:51:EF:CB:98:4C:B6:AB:D1:D6:1B:29:C6:F2:90
X509v3 Authority Key Identifier:
keyid:E2:FB:64:37:B4:C9:4D:5F:51:22:1B:16:50:56:3A:48:FF:54:BE:09
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36C01B9/895D9300DA2E11EEA0B0C4A6775412E6/4vtkN7TJTV9RIhsWUFY6SP9Uvgk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/4vtkN7TJTV9RIhsWUFY6SP9Uvgk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36C01B9/895D9300DA2E11EEA0B0C4A6775412E6/D04FADA0DAF811EE840E8376775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
196.28.240.0/20
Signature Algorithm: sha256WithRSAEncryption
53:3e:9d:ae:9b:99:4f:3d:03:56:0a:58:96:47:6b:2d:e9:7d:
e9:a1:d0:36:5d:ac:64:dc:a3:cc:2c:bd:b9:54:42:91:de:07:
8a:d5:fc:b0:9f:50:14:f0:7e:b3:47:f6:93:20:85:f0:fe:be:
83:1d:25:fa:6f:2c:91:a6:e6:9f:d8:77:e1:e3:17:8d:6c:42:
84:ef:26:58:6b:d1:7f:ff:dd:f8:4f:c6:35:18:21:7b:79:9c:
e4:e0:b6:86:47:29:be:37:5f:19:2f:b5:d8:55:c3:d8:bb:5b:
72:f5:52:1d:33:94:38:d4:e4:82:62:dc:89:d5:82:e4:44:15:
c1:5d:00:d9:5b:73:03:82:04:c8:dd:36:37:be:a8:73:c7:73:
6e:1c:00:41:62:dd:f7:d7:cf:d2:ae:23:8e:86:a1:ed:82:7e:
25:4a:e4:6e:4e:2e:b6:97:ac:42:c4:a4:91:c7:20:0c:a4:17:
60:73:bc:bd:a2:be:85:5b:a1:4f:44:c5:c1:12:63:3a:b4:07:
68:a4:bd:05:d1:66:b8:35:d5:6c:c3:5c:b4:5c:0d:3e:a0:e8:
7b:9e:09:63:69:5d:53:e8:b3:80:ac:40:07:54:a4:c6:4c:aa:
e9:8e:79:02:d1:4f:82:d5:ff:ea:b7:7a:59:db:9a:df:b6:f3:
6d:a8:9a:71
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBCzANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZD
MDFCOUFGMTEwLwYDVQQFEyhFMkZCNjQzN0I0Qzk0RDVGNTEyMjFCMTY1MDU2M0E0
OEZGNTRCRTA5MB4XDTI0MDMwNTE0MDEwNFoXDTI2MDMwNTE0MDEwNFowGDEWMBQG
A1UEAxMNNjVlNzI1YTQtNDJjNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM1mor2Tzb1Gh7mk7nOHth/sCGszAYLRJc+VuRv1tJUhU9GUvj/F+20Op3cw
TTHlkqrIQ/T7QB0iRwKd0d+FkHazKUJyrq0X97zvlRXJ6FMF/Up3o4rO8sbhEYG2
09hSXN8zN74NO5rgp+Ifc7BMdMhsaIzgbDAGIoQ0aigEbIu+2QpVCSswbgYxPOc1
MJQU2iQD859qexdaEViazg413SXvvmEuyYWdAFPnqR4YvynBaSGuzigKi1zyK5Ky
zhxKhXz/IKCjpqA2tT89g9Rakpd7iC7/NPXsYXBpPGzGFkBDGQVpBQ8uW1MzQLZa
fYELZujIYr2mzsYUyD1jk7DoaJ8CAwEAAaOCAqUwggKhMB0GA1UdDgQWBBRvYET1
j+JR78uYTLar0dYbKcbykDAfBgNVHSMEGDAWgBTi+2Q3tMlNX1EiGxZQVjpI/1S+
CTAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2QzAxQjkvODk1RDkzMDBEQTJFMTFFRUEwQjBDNEE2Nzc1NDEyRTYvNHZ0a043
VEpUVjlSSWhzV1VGWTZTUDlVdmdrLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvNHZ0a043VEpUVjlSSWhzV1VGWTZTUDlVdmdrLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2QzAxQjkvODk1RDkzMDBEQTJFMTFFRUEwQjBDNEE2Nzc1
NDEyRTYvRDA0RkFEQTBEQUY4MTFFRTg0MEU4Mzc2Nzc1NDEyRTYucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBMQc8DANBgkqhkiG9w0BAQsF
AAOCAQEAUz6drpuZTz0DVgpYlkdrLel96aHQNl2sZNyjzCy9uVRCkd4HitX8sJ9Q
FPB+s0f2kyCF8P6+gx0l+m8skabmn9h34eMXjWxChO8mWGvRf//d+E/GNRghe3mc
5OC2hkcpvjdfGS+12FXD2LtbcvVSHTOUONTkgmLcidWC5EQVwV0A2VtzA4IEyN02
N76oc8dzbhwAQWLd99fP0q4jjoah7YJ+JUrkbk4utpesQsSkkccgDKQXYHO8vaK+
hVuhT0TFwRJjOrQHaKS9BdFmuDXVbMNctFwNPqDoe54JY2ldU+izgKxAB1Skxkyq
6Y55AtFPgtX/6rd6Wdua37bzbaiacQ==
-----END CERTIFICATE-----
Generated at Wed Jun 26 06:21:12 2024 by rpki-client on console-fra.rpki-client.org