Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36114AA/86D6E57EBE8F11EE832F4491775412E6/18567D62BE9E11EEB4D3B4A9775412E6.roa
File: 18567D62BE9E11EEB4D3B4A9775412E6.roa (raw, json)
Hash identifier: Y3fBKAh78k5vI18fpOwm6xT2sIv2rQrR5n28MiwgGw0=
Subject key identifier: CB:8E:D0:A2:BF:86:51:2C:AD:9C:0F:0A:53:2D:A9:BF:88:63:22:2F
Certificate issuer: /CN=F36114AAAF/serialNumber=CD5232B63C6A832990C86707CB739BDC04DB9A59
Certificate serial: 1C
Authority key identifier: CD:52:32:B6:3C:6A:83:29:90:C8:67:07:CB:73:9B:DC:04:DB:9A:59
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/zVIytjxqgymQyGcHy3Ob3ATbmlk.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36114AA/86D6E57EBE8F11EE832F4491775412E6/18567D62BE9E11EEB4D3B4A9775412E6.roa
Signing time: Mon 29 Jan 2024 12:01:12 +0000
ROA not before: Mon 29 Jan 2024 12:01:08 +0000
ROA not after: Thu 29 Jan 2026 12:01:08 +0000
asID: 21003
IP address blocks: 154.73.29.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36114AA/86D6E57EBE8F11EE832F4491775412E6/zVIytjxqgymQyGcHy3Ob3ATbmlk.crl
rsync://rpki.afrinic.net/repository/member_repository/F36114AA/86D6E57EBE8F11EE832F4491775412E6/zVIytjxqgymQyGcHy3Ob3ATbmlk.mft
rsync://rpki.afrinic.net/repository/afrinic/zVIytjxqgymQyGcHy3Ob3ATbmlk.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 28 (0x1c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36114AAAF/serialNumber=CD5232B63C6A832990C86707CB739BDC04DB9A59
Validity
Not Before: Jan 29 12:01:08 2024 GMT
Not After : Jan 29 12:01:08 2026 GMT
Subject: CN=65b79388-e061
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:e6:79:98:15:6d:da:ac:66:6b:16:f9:2c:b7:
20:10:a1:7f:ea:08:c3:65:1c:a0:e2:44:5c:52:c9:
7d:04:fa:0e:b8:f4:a5:ad:e8:b2:55:16:27:48:17:
2b:95:10:51:83:c4:33:8f:64:ac:23:c9:0f:df:a3:
10:cc:88:c0:e7:65:0d:8e:50:9e:13:81:71:9e:c0:
70:95:18:e6:7b:e1:0f:ae:49:36:0c:75:a8:85:dd:
49:42:9d:5d:59:ba:8d:3f:af:e3:35:44:8f:6e:f0:
98:62:cf:3e:2b:72:36:2e:87:fa:e0:cb:07:a2:1d:
00:3d:5e:d5:64:13:7b:30:cb:6d:e5:ca:e0:89:f2:
3a:37:de:f9:7e:12:d5:e6:84:f9:6a:64:0a:f8:7c:
90:0c:44:c5:40:99:5e:c9:64:80:5a:4e:7d:6f:95:
06:fa:78:9e:ee:14:5a:a2:fd:d8:8e:ee:9f:7e:86:
75:86:ba:0c:0d:be:17:47:cc:85:dc:e1:d4:1a:00:
31:d5:dc:fd:6e:5c:72:94:73:c6:ab:e3:2f:66:80:
08:c7:55:1c:61:95:5d:7a:f2:05:14:3f:04:67:63:
53:7f:bf:b6:76:da:9d:c3:19:e4:c0:96:55:86:71:
1a:67:9f:f5:1c:ad:b5:e6:c5:95:a6:18:72:9d:be:
82:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:8E:D0:A2:BF:86:51:2C:AD:9C:0F:0A:53:2D:A9:BF:88:63:22:2F
X509v3 Authority Key Identifier:
keyid:CD:52:32:B6:3C:6A:83:29:90:C8:67:07:CB:73:9B:DC:04:DB:9A:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36114AA/86D6E57EBE8F11EE832F4491775412E6/zVIytjxqgymQyGcHy3Ob3ATbmlk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/zVIytjxqgymQyGcHy3Ob3ATbmlk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36114AA/86D6E57EBE8F11EE832F4491775412E6/18567D62BE9E11EEB4D3B4A9775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.73.29.0/24
Signature Algorithm: sha256WithRSAEncryption
11:6f:b6:c1:98:6a:d4:a5:d4:2b:37:66:dd:e4:20:b0:e6:ca:
6f:12:96:55:c9:4f:22:4c:43:52:1b:a0:f9:73:da:64:ca:bf:
a0:bd:aa:31:eb:2b:17:a1:99:96:88:c9:a0:36:ae:a7:5f:5c:
ab:37:0d:3d:9f:5a:e1:3b:71:b4:c7:24:05:85:96:b8:8c:16:
c4:60:94:68:35:ad:95:90:7a:d1:cc:75:d3:ec:ac:e8:e4:e7:
64:b1:aa:07:89:67:8e:70:d4:17:7e:d2:11:fd:e0:87:c5:1d:
dc:52:a7:a3:03:f3:5f:b4:83:b3:dc:08:66:92:b1:15:14:ba:
a1:07:ad:1f:3f:ff:17:62:17:40:89:b8:28:42:31:05:62:c1:
06:33:fe:d3:36:7a:f6:9e:56:da:48:c8:b6:ce:ca:3f:40:e2:
1b:a7:54:d7:11:70:b1:67:eb:0f:88:90:d4:37:0d:bc:35:d3:
ec:b7:68:97:dd:16:b7:ad:f3:04:fe:a3:7a:1c:4b:15:da:35:
8f:bf:7d:f3:c6:d0:52:b6:d7:9c:97:5f:29:5e:91:5b:22:cf:
92:13:a9:90:2d:f0:dd:2b:8c:1e:bc:dc:bc:7a:d3:4b:37:f7:
7b:7b:2a:e3:36:f0:36:14:b8:78:27:47:07:8b:0c:45:fd:fc:
da:58:b2:2e
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBHDANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzYx
MTRBQUFGMTEwLwYDVQQFEyhDRDUyMzJCNjNDNkE4MzI5OTBDODY3MDdDQjczOUJE
QzA0REI5QTU5MB4XDTI0MDEyOTEyMDEwOFoXDTI2MDEyOTEyMDEwOFowGDEWMBQG
A1UEAxMNNjViNzkzODgtZTA2MTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALfmeZgVbdqsZmsW+Sy3IBChf+oIw2UcoOJEXFLJfQT6Drj0pa3oslUWJ0gX
K5UQUYPEM49krCPJD9+jEMyIwOdlDY5QnhOBcZ7AcJUY5nvhD65JNgx1qIXdSUKd
XVm6jT+v4zVEj27wmGLPPityNi6H+uDLB6IdAD1e1WQTezDLbeXK4InyOjfe+X4S
1eaE+WpkCvh8kAxExUCZXslkgFpOfW+VBvp4nu4UWqL92I7un36GdYa6DA2+F0fM
hdzh1BoAMdXc/W5ccpRzxqvjL2aACMdVHGGVXXryBRQ/BGdjU3+/tnbancMZ5MCW
VYZxGmef9RyttebFlaYYcp2+gicCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBTLjtCi
v4ZRLK2cDwpTLam/iGMiLzAfBgNVHSMEGDAWgBTNUjK2PGqDKZDIZwfLc5vcBNua
WTAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2MTE0QUEvODZENkU1N0VCRThGMTFFRTgzMkY0NDkxNzc1NDEyRTYvelZJeXRq
eHFneW1ReUdjSHkzT2IzQVRibWxrLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvelZJeXRqeHFneW1ReUdjSHkzT2IzQVRibWxrLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2MTE0QUEvODZENkU1N0VCRThGMTFFRTgzMkY0NDkxNzc1
NDEyRTYvMTg1NjdENjJCRTlFMTFFRUI0RDNCNEE5Nzc1NDEyRTYucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAJpJHTANBgkqhkiG9w0BAQsF
AAOCAQEAEW+2wZhq1KXUKzdm3eQgsObKbxKWVclPIkxDUhug+XPaZMq/oL2qMesr
F6GZlojJoDaup19cqzcNPZ9a4TtxtMckBYWWuIwWxGCUaDWtlZB60cx10+ys6OTn
ZLGqB4lnjnDUF37SEf3gh8Ud3FKnowPzX7SDs9wIZpKxFRS6oQetHz//F2IXQIm4
KEIxBWLBBjP+0zZ69p5W2kjIts7KP0DiG6dU1xFwsWfrD4iQ1DcNvDXT7Ldol90W
t63zBP6jehxLFdo1j79988bQUrbXnJdfKV6RWyLPkhOpkC3w3SuMHrzcvHrTSzf3
e3sq4zbwNhS4eCdHB4sMRf382liyLg==
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:03:30 2024 by rpki-client on console-ams.rpki-client.org