Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F361609C/8C1B615283EE11EABE7A3161F8AEA228/D7A1ECB283EF11EA9BA97462F8AEA228.roa
File: D7A1ECB283EF11EA9BA97462F8AEA228.roa (raw, json)
Hash identifier: TlTBwqHEQHiLLbQaXNnmF5UgaA5f3WCBAPGr0I+b64I=
Subject key identifier: 18:26:D5:D7:13:34:FA:13:7E:14:9E:29:FD:82:76:0F:33:AF:B6:9A
Certificate issuer: /CN=F361609CAF/serialNumber=DEDA4C4F3A3177BA236CE46BD7FF792E3C6BC3F4
Certificate serial: 03
Authority key identifier: DE:DA:4C:4F:3A:31:77:BA:23:6C:E4:6B:D7:FF:79:2E:3C:6B:C3:F4
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/3tpMTzoxd7ojbORr1_95Ljxrw_Q.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F361609C/8C1B615283EE11EABE7A3161F8AEA228/D7A1ECB283EF11EA9BA97462F8AEA228.roa
Signing time: Tue 21 Apr 2020 16:47:53 +0000
ROA not before: Tue 21 Apr 2020 16:47:48 +0000
ROA not after: Sun 21 Apr 2030 16:47:48 +0000
asID: 37627
IP address blocks: 154.65.0.0/22 maxlen: 24
196.61.56.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F361609C/8C1B615283EE11EABE7A3161F8AEA228/3tpMTzoxd7ojbORr1_95Ljxrw_Q.crl
rsync://rpki.afrinic.net/repository/member_repository/F361609C/8C1B615283EE11EABE7A3161F8AEA228/3tpMTzoxd7ojbORr1_95Ljxrw_Q.mft
rsync://rpki.afrinic.net/repository/afrinic/3tpMTzoxd7ojbORr1_95Ljxrw_Q.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3 (0x3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F361609CAF/serialNumber=DEDA4C4F3A3177BA236CE46BD7FF792E3C6BC3F4
Validity
Not Before: Apr 21 16:47:48 2020 GMT
Not After : Apr 21 16:47:48 2030 GMT
Subject: CN=5e9f23b9-f481
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:e4:04:c3:27:4c:b8:31:11:ce:31:96:88:c7:
9c:17:18:f7:38:2d:0e:3c:d7:14:be:0c:37:9f:af:
a9:93:5d:5b:d9:69:78:ce:7e:76:a2:89:87:86:17:
1e:d7:04:53:2b:73:96:8c:16:bf:6f:9f:84:b7:17:
e8:0a:db:5f:7f:3d:97:e4:0b:24:83:5e:e1:f1:87:
5d:a9:9f:d2:32:92:66:b0:d1:86:07:ce:eb:76:b1:
21:cb:aa:1d:b0:64:be:a2:41:1a:76:99:1a:d0:ec:
b7:35:4c:d5:5e:44:03:91:c0:c8:1e:35:ee:ca:dc:
37:35:18:db:9a:cd:74:97:b0:38:f4:26:ef:40:28:
d3:b6:9d:0c:81:8e:30:ed:79:e4:63:4f:73:c1:a4:
a8:e1:e2:ad:dc:54:90:c6:5b:65:17:c0:a8:12:78:
a4:41:5f:31:2c:3c:b1:df:a0:4f:3c:d0:d8:d8:14:
96:58:cd:ba:fe:34:e8:1e:43:7d:02:bc:0c:33:78:
d8:b6:27:24:3f:84:03:f3:79:2c:0a:c7:13:93:aa:
9e:5c:88:10:54:71:1a:3c:37:25:71:59:eb:01:67:
04:c9:d3:3c:aa:bb:cc:e5:4a:e0:26:13:e6:10:8a:
9d:94:f6:8f:c9:08:30:8f:6b:c8:b2:ca:d8:bc:90:
60:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:26:D5:D7:13:34:FA:13:7E:14:9E:29:FD:82:76:0F:33:AF:B6:9A
X509v3 Authority Key Identifier:
keyid:DE:DA:4C:4F:3A:31:77:BA:23:6C:E4:6B:D7:FF:79:2E:3C:6B:C3:F4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F361609C/8C1B615283EE11EABE7A3161F8AEA228/3tpMTzoxd7ojbORr1_95Ljxrw_Q.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/3tpMTzoxd7ojbORr1_95Ljxrw_Q.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F361609C/8C1B615283EE11EABE7A3161F8AEA228/D7A1ECB283EF11EA9BA97462F8AEA228.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.65.0.0/22
196.61.56.0/21
Signature Algorithm: sha256WithRSAEncryption
4e:dd:54:57:f1:c3:f9:96:57:51:31:38:12:ba:2b:c9:1b:40:
d8:c0:53:ff:97:31:19:62:0e:96:ff:1f:95:71:fe:d6:6e:40:
75:43:a8:7b:13:3a:ee:1c:38:40:f7:c5:f2:2a:52:ce:a8:03:
09:fc:73:69:42:b2:ad:16:07:b8:b0:68:b7:1f:b4:51:c0:96:
d5:62:e2:89:c8:3f:56:5c:2d:0e:49:cd:92:09:ab:8a:a0:e6:
3e:24:55:a4:85:de:b5:6a:af:fe:fb:a0:03:78:a1:ad:71:01:
6a:7b:c3:82:2d:99:3d:df:f7:ac:b6:cd:d9:c6:7e:83:26:9d:
1d:4d:55:a5:23:d0:1e:96:a2:d0:0d:c7:d0:a1:23:9d:de:59:
13:6e:04:aa:ca:6d:df:7b:a8:36:59:98:18:1a:b0:10:92:c1:
92:a8:b5:38:7c:e5:7c:e2:c2:4c:09:2b:12:f8:a4:3a:f3:8b:
80:d4:ae:e6:e4:24:e5:06:bd:ef:04:5f:24:2c:41:86:bb:09:
9e:e3:f1:0e:f1:49:dc:00:75:54:6b:b8:af:fa:50:ec:5c:28:
a0:e2:d6:1b:36:25:0d:66:ff:12:90:8b:d8:3b:5f:ad:64:d7:
ab:be:9c:89:d5:32:d6:6f:0d:6b:69:df:b8:a6:ae:04:32:4a:
f4:7b:13:e7
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgIBAzANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzYx
NjA5Q0FGMTEwLwYDVQQFEyhERURBNEM0RjNBMzE3N0JBMjM2Q0U0NkJEN0ZGNzky
RTNDNkJDM0Y0MB4XDTIwMDQyMTE2NDc0OFoXDTMwMDQyMTE2NDc0OFowGDEWMBQG
A1UEAxMNNWU5ZjIzYjktZjQ4MTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKHkBMMnTLgxEc4xlojHnBcY9zgtDjzXFL4MN5+vqZNdW9lpeM5+dqKJh4YX
HtcEUytzlowWv2+fhLcX6ArbX389l+QLJINe4fGHXamf0jKSZrDRhgfO63axIcuq
HbBkvqJBGnaZGtDstzVM1V5EA5HAyB417srcNzUY25rNdJewOPQm70Ao07adDIGO
MO155GNPc8GkqOHirdxUkMZbZRfAqBJ4pEFfMSw8sd+gTzzQ2NgUlljNuv406B5D
fQK8DDN42LYnJD+EA/N5LArHE5OqnlyIEFRxGjw3JXFZ6wFnBMnTPKq7zOVK4CYT
5hCKnZT2j8kIMI9ryLLK2LyQYLECAwEAAaOCAqswggKnMB0GA1UdDgQWBBQYJtXX
EzT6E34Unin9gnYPM6+2mjAfBgNVHSMEGDAWgBTe2kxPOjF3uiNs5GvX/3kuPGvD
9DAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2MTYwOUMvOEMxQjYxNTI4M0VFMTFFQUJFN0EzMTYxRjhBRUEyMjgvM3RwTVR6
b3hkN29qYk9ScjFfOTVManhyd19RLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvM3RwTVR6b3hkN29qYk9ScjFfOTVManhyd19RLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2MTYwOUMvOEMxQjYxNTI4M0VFMTFFQUJFN0EzMTYxRjhB
RUEyMjgvRDdBMUVDQjI4M0VGMTFFQTlCQTk3NDYyRjhBRUEyMjgucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAppBAAMEA8Q9ODANBgkqhkiG
9w0BAQsFAAOCAQEATt1UV/HD+ZZXUTE4EroryRtA2MBT/5cxGWIOlv8flXH+1m5A
dUOoexM67hw4QPfF8ipSzqgDCfxzaUKyrRYHuLBotx+0UcCW1WLiicg/VlwtDknN
kgmriqDmPiRVpIXetWqv/vugA3ihrXEBanvDgi2ZPd/3rLbN2cZ+gyadHU1VpSPQ
Hpai0A3H0KEjnd5ZE24Eqspt33uoNlmYGBqwEJLBkqi1OHzlfOLCTAkrEvikOvOL
gNSu5uQk5Qa97wRfJCxBhrsJnuPxDvFJ3AB1VGu4r/pQ7FwooOLWGzYlDWb/EpCL
2DtfrWTXq76cidUy1m8Na2nfuKauBDJK9HsT5w==
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:08:51 2024 by rpki-client on console-fra.rpki-client.org