Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3640C3C/C5A61844D2BE11EFAD56CC98762E951A/9E9AD310D2BF11EFBBD01F9D762E951A.roa
File: 9E9AD310D2BF11EFBBD01F9D762E951A.roa (raw, json)
Hash identifier: sKmiIxBHJPr3OGeB7htmDk2gGj7RAu5zKpegjCoJFAY=
Subject key identifier: 6B:09:C6:56:4A:0E:7B:42:28:84:85:D1:0F:B5:DB:5A:5F:57:1C:71
Certificate issuer: /CN=F3640C3CAF/serialNumber=7D4DF6F2F7DDB0737EDAAD848523F87176E7CE81
Certificate serial: 02
Authority key identifier: 7D:4D:F6:F2:F7:DD:B0:73:7E:DA:AD:84:85:23:F8:71:76:E7:CE:81
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/fU328vfdsHN-2q2EhSP4cXbnzoE.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3640C3C/C5A61844D2BE11EFAD56CC98762E951A/9E9AD310D2BF11EFBBD01F9D762E951A.roa
Signing time: Tue 14 Jan 2025 21:36:31 +0000
ROA not before: Tue 14 Jan 2025 21:36:28 +0000
ROA not after: Wed 31 Jan 2035 21:36:28 +0000
asID: 37676
IP address blocks: 196.40.160.0/20 maxlen: 20
196.47.96.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3640C3C/C5A61844D2BE11EFAD56CC98762E951A/fU328vfdsHN-2q2EhSP4cXbnzoE.crl
rsync://rpki.afrinic.net/repository/member_repository/F3640C3C/C5A61844D2BE11EFAD56CC98762E951A/fU328vfdsHN-2q2EhSP4cXbnzoE.mft
rsync://rpki.afrinic.net/repository/afrinic/fU328vfdsHN-2q2EhSP4cXbnzoE.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 03:23:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3640C3CAF
Validity
Not Before: Jan 14 21:36:28 2025 GMT
Not After : Jan 31 21:36:28 2035 GMT
Subject: CN=6786d8df-f7fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:c2:e1:be:f1:3b:68:1c:53:b8:39:eb:97:f3:
94:a7:f5:a5:5f:8d:87:11:c8:67:f1:09:96:f2:09:
cc:8e:4a:36:c1:b8:45:7c:52:01:e6:24:c8:9b:28:
7f:7b:3c:0a:60:29:d6:86:81:a1:46:85:cb:56:26:
e1:8d:67:7e:8d:c7:d7:4c:26:27:f2:4c:02:88:0b:
af:12:bb:2c:b0:f7:17:ab:ef:02:ee:d5:09:d1:cf:
d9:b2:c8:5a:dd:9d:fd:51:cc:56:fe:77:91:c9:9d:
23:70:ce:48:7d:78:e5:0a:d2:be:15:9c:c0:03:c9:
e2:ef:4e:82:69:d0:aa:e0:d3:1a:f1:f0:73:e2:9d:
2f:d3:07:45:8c:4e:3a:5d:76:30:61:d7:61:e2:5c:
bb:76:b6:58:c2:7d:70:b5:41:18:99:46:3e:20:ab:
3b:dd:0d:34:a3:61:34:22:77:b7:f8:35:17:4e:e6:
78:40:3d:52:92:b9:7c:8d:4a:ae:a9:47:9d:6a:de:
20:4a:bb:bb:cf:4b:62:2e:16:5f:a8:31:42:cc:01:
bf:fe:b2:1a:e7:9a:59:b4:63:93:53:07:ac:54:b8:
2e:95:5c:2f:91:18:72:28:19:10:f6:96:7c:ca:2a:
22:c6:da:bc:c7:fc:b3:3e:e4:21:87:b8:d7:b0:80:
46:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:09:C6:56:4A:0E:7B:42:28:84:85:D1:0F:B5:DB:5A:5F:57:1C:71
X509v3 Authority Key Identifier:
keyid:7D:4D:F6:F2:F7:DD:B0:73:7E:DA:AD:84:85:23:F8:71:76:E7:CE:81
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3640C3C/C5A61844D2BE11EFAD56CC98762E951A/fU328vfdsHN-2q2EhSP4cXbnzoE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/fU328vfdsHN-2q2EhSP4cXbnzoE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3640C3C/C5A61844D2BE11EFAD56CC98762E951A/9E9AD310D2BF11EFBBD01F9D762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
196.40.160.0/20
196.47.96.0/19
Signature Algorithm: sha256WithRSAEncryption
33:f0:76:b1:c5:04:fe:b9:a9:51:ca:a5:45:cf:60:42:4b:86:
f5:d7:d5:ab:83:97:c9:e5:2a:82:5f:bf:a3:58:3f:a0:ac:21:
c9:72:a5:3a:bd:ea:fd:d9:b6:a7:7b:62:f5:b9:30:67:b6:34:
c0:ed:e4:17:8c:84:f4:c2:d6:b7:27:e2:03:77:c6:c7:54:43:
24:5d:1d:f6:22:e3:43:7f:0f:90:82:51:c5:4b:92:c1:8d:10:
6d:ac:76:d6:87:36:ea:14:c8:f2:bf:b0:45:f4:57:52:3e:a9:
72:99:d9:8f:ae:0a:a1:45:94:62:92:b4:bd:13:55:c9:f6:f9:
59:13:a7:59:a7:92:7c:fe:28:b7:ed:47:c2:b4:78:63:2e:12:
aa:b1:04:28:5b:c5:f7:74:b2:61:64:f5:26:14:96:e4:c7:7e:
16:96:93:1c:d8:ba:a8:bc:c9:0e:71:05:de:fa:b1:6a:8d:1b:
33:cb:7f:36:cb:d6:a1:74:15:d8:c4:5b:d1:5c:02:25:7d:5b:
96:6e:98:e6:82:02:8f:cb:e6:ef:05:dd:37:d8:ee:86:43:bc:
b1:1b:44:fd:6c:e7:39:aa:5b:99:99:43:80:6c:4a:21:b4:96:
89:52:12:9c:22:19:2a:64:6a:e9:7f:0d:06:8b:9f:10:92:15:
3a:b8:e6:77
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY0
MEMzQ0FGMTEwLwYDVQQFEyg3RDRERjZGMkY3RERCMDczN0VEQUFEODQ4NTIzRjg3
MTc2RTdDRTgxMB4XDTI1MDExNDIxMzYyOFoXDTM1MDEzMTIxMzYyOFowGDEWMBQG
A1UEAxMNNjc4NmQ4ZGYtZjdmZDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALPC4b7xO2gcU7g565fzlKf1pV+NhxHIZ/EJlvIJzI5KNsG4RXxSAeYkyJso
f3s8CmAp1oaBoUaFy1Ym4Y1nfo3H10wmJ/JMAogLrxK7LLD3F6vvAu7VCdHP2bLI
Wt2d/VHMVv53kcmdI3DOSH145QrSvhWcwAPJ4u9OgmnQquDTGvHwc+KdL9MHRYxO
Ol12MGHXYeJcu3a2WMJ9cLVBGJlGPiCrO90NNKNhNCJ3t/g1F07meEA9UpK5fI1K
rqlHnWreIEq7u89LYi4WX6gxQswBv/6yGueaWbRjk1MHrFS4LpVcL5EYcigZEPaW
fMoqIsbavMf8sz7kIYe417CARiUCAwEAAaOCAqswggKnMB0GA1UdDgQWBBRrCcZW
Sg57QiiEhdEPtdtaX1cccTAfBgNVHSMEGDAWgBR9Tfby992wc37arYSFI/hxdufO
gTAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NDBDM0MvQzVBNjE4NDREMkJFMTFFRkFENTZDQzk4NzYyRTk1MUEvZlUzMjh2
ZmRzSE4tMnEyRWhTUDRjWGJuem9FLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvZlUzMjh2ZmRzSE4tMnEyRWhTUDRjWGJuem9FLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2NDBDM0MvQzVBNjE4NDREMkJFMTFFRkFENTZDQzk4NzYy
RTk1MUEvOUU5QUQzMTBEMkJGMTFFRkJCRDAxRjlENzYyRTk1MUEucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEBMQooAMEBcQvYDANBgkqhkiG
9w0BAQsFAAOCAQEAM/B2scUE/rmpUcqlRc9gQkuG9dfVq4OXyeUqgl+/o1g/oKwh
yXKlOr3q/dm2p3ti9bkwZ7Y0wO3kF4yE9MLWtyfiA3fGx1RDJF0d9iLjQ38PkIJR
xUuSwY0Qbax21oc26hTI8r+wRfRXUj6pcpnZj64KoUWUYpK0vRNVyfb5WROnWaeS
fP4ot+1HwrR4Yy4SqrEEKFvF93SyYWT1JhSW5Md+FpaTHNi6qLzJDnEF3vqxao0b
M8t/NsvWoXQV2MRb0VwCJX1blm6Y5oICj8vm7wXdN9juhkO8sRtE/WznOapbmZlD
gGxKIbSWiVISnCIZKmRq6X8NBoufEJIVOrjmdw==
-----END CERTIFICATE-----
Generated at Wed Feb 5 14:53:19 2025 by rpki-client