Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3640DFD/B233BB2E909A11EFB949646B762E951A/70BD095E911A11EF82BB6497762E951A.roa
File: 70BD095E911A11EF82BB6497762E951A.roa (raw, json)
Hash identifier: 5fyS1GERhUUgdGRbwBe9ouhJvbIYLSd3rIAGNjMRUFs=
Subject key identifier: 98:A1:7F:F9:47:35:84:5D:5B:4B:29:25:A0:14:2A:3C:FD:F6:26:13
Certificate issuer: /CN=F3640DFDAF/serialNumber=C63DEF3E448945144273A3CE700493D2A0C5AD9A
Certificate serial: 03
Authority key identifier: C6:3D:EF:3E:44:89:45:14:42:73:A3:CE:70:04:93:D2:A0:C5:AD:9A
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/xj3vPkSJRRRCc6POcAST0qDFrZo.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3640DFD/B233BB2E909A11EFB949646B762E951A/70BD095E911A11EF82BB6497762E951A.roa
Signing time: Wed 23 Oct 2024 08:40:22 +0000
ROA not before: Wed 23 Oct 2024 08:40:18 +0000
ROA not after: Tue 31 Oct 2028 08:40:18 +0000
asID: 37629
IP address blocks: 154.65.4.0/22 maxlen: 24
196.1.176.0/20 maxlen: 24
2c0f:f128::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3640DFD/B233BB2E909A11EFB949646B762E951A/xj3vPkSJRRRCc6POcAST0qDFrZo.crl
rsync://rpki.afrinic.net/repository/member_repository/F3640DFD/B233BB2E909A11EFB949646B762E951A/xj3vPkSJRRRCc6POcAST0qDFrZo.mft
rsync://rpki.afrinic.net/repository/afrinic/xj3vPkSJRRRCc6POcAST0qDFrZo.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3 (0x3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3640DFDAF/serialNumber=C63DEF3E448945144273A3CE700493D2A0C5AD9A
Validity
Not Before: Oct 23 08:40:18 2024 GMT
Not After : Oct 31 08:40:18 2028 GMT
Subject: CN=6718b676-37db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:cc:ea:c5:34:5b:1c:66:21:03:c5:12:34:dc:
19:46:e5:03:1e:29:d4:f5:de:a2:c4:2a:97:94:4d:
36:85:e4:76:b0:eb:42:d0:8c:a4:a4:8e:0d:83:41:
2f:f4:39:e8:33:cf:d3:9f:44:f7:ef:5d:93:61:91:
84:a1:93:60:0d:bb:93:57:64:d6:c2:43:a5:31:bf:
10:48:cc:35:60:35:97:4e:28:e3:68:31:f7:96:c3:
07:ac:30:7f:2f:1c:eb:5c:a2:3c:e1:0d:d3:9b:23:
f9:aa:e6:42:86:18:30:7b:2a:46:53:3c:e8:a9:e3:
20:70:ec:f0:3c:5a:25:ee:56:57:0f:1c:45:d7:8e:
24:93:ba:ed:ed:02:af:f4:f5:75:d4:22:40:14:e7:
e6:3a:f6:18:65:78:a1:f1:1e:b2:05:87:4b:82:4f:
01:b5:6a:2f:a6:4a:ea:a7:ef:60:99:f3:fb:b9:6b:
2e:18:7d:5c:8a:f8:8f:34:ce:3b:12:bd:2a:df:f3:
ff:54:7f:6a:4f:b6:0a:06:18:b5:4d:c1:87:4f:ae:
a1:c7:a2:cc:43:9c:0b:18:f4:18:45:fd:bd:2c:be:
3d:85:ae:7f:90:b6:74:ed:91:7d:4b:ee:16:b1:7a:
54:be:98:9e:3e:ca:00:f1:f5:90:0c:44:8f:68:a9:
51:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:A1:7F:F9:47:35:84:5D:5B:4B:29:25:A0:14:2A:3C:FD:F6:26:13
X509v3 Authority Key Identifier:
keyid:C6:3D:EF:3E:44:89:45:14:42:73:A3:CE:70:04:93:D2:A0:C5:AD:9A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3640DFD/B233BB2E909A11EFB949646B762E951A/xj3vPkSJRRRCc6POcAST0qDFrZo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/xj3vPkSJRRRCc6POcAST0qDFrZo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3640DFD/B233BB2E909A11EFB949646B762E951A/70BD095E911A11EF82BB6497762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.65.4.0/22
196.1.176.0/20
IPv6:
2c0f:f128::/32
Signature Algorithm: sha256WithRSAEncryption
99:6b:09:e4:86:57:e9:e8:fa:6f:e0:b5:4b:ad:5d:4a:4e:1c:
1e:58:88:bd:f9:78:df:27:87:2d:b1:12:26:bc:17:48:b2:77:
89:30:2a:5d:70:ab:c4:f8:48:65:51:d8:a3:1f:20:4b:65:12:
ab:d9:8e:c5:ed:b8:b3:b5:d0:ec:db:d6:6a:dd:94:3e:d7:80:
e8:cc:c1:df:1f:f7:b8:1d:66:2b:52:cd:75:88:6a:93:f7:14:
8f:c9:ad:3a:03:2b:5c:ae:dc:d8:d0:40:62:f8:5e:43:02:d3:
76:35:01:ae:77:12:ec:0c:ad:60:54:70:7a:30:51:24:86:58:
47:22:c3:8d:26:35:96:ac:e4:8f:b8:8e:f9:1d:dd:92:0d:eb:
13:69:ab:4b:73:6f:5d:bb:c7:b5:48:30:6b:bf:d8:f1:24:8a:
43:6b:b4:e5:ce:93:e7:7a:8e:83:93:00:10:12:0f:b0:2f:48:
c5:fc:0f:66:93:cd:0b:50:df:7a:5d:a8:df:e9:38:36:89:f0:
94:c2:fe:4d:b8:e9:ca:52:ea:5d:57:23:24:f6:43:67:1e:8b:
e9:e7:67:1a:e9:4e:77:f7:1c:e2:03:63:c7:fe:13:2d:a3:8f:
f0:1a:3f:f6:be:49:c7:2e:92:bd:d2:6d:ea:49:64:d5:c4:0b:
63:5e:8a:96
-----BEGIN CERTIFICATE-----
MIIFlzCCBH+gAwIBAgIBAzANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY0
MERGREFGMTEwLwYDVQQFEyhDNjNERUYzRTQ0ODk0NTE0NDI3M0EzQ0U3MDA0OTNE
MkEwQzVBRDlBMB4XDTI0MTAyMzA4NDAxOFoXDTI4MTAzMTA4NDAxOFowGDEWMBQG
A1UEAxMNNjcxOGI2NzYtMzdkYjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMPM6sU0WxxmIQPFEjTcGUblAx4p1PXeosQql5RNNoXkdrDrQtCMpKSODYNB
L/Q56DPP059E9+9dk2GRhKGTYA27k1dk1sJDpTG/EEjMNWA1l04o42gx95bDB6ww
fy8c61yiPOEN05sj+armQoYYMHsqRlM86KnjIHDs8DxaJe5WVw8cRdeOJJO67e0C
r/T1ddQiQBTn5jr2GGV4ofEesgWHS4JPAbVqL6ZK6qfvYJnz+7lrLhh9XIr4jzTO
OxK9Kt/z/1R/ak+2CgYYtU3Bh0+uoceizEOcCxj0GEX9vSy+PYWuf5C2dO2RfUvu
FrF6VL6Ynj7KAPH1kAxEj2ipUZ0CAwEAAaOCArowggK2MB0GA1UdDgQWBBSYoX/5
RzWEXVtLKSWgFCo8/fYmEzAfBgNVHSMEGDAWgBTGPe8+RIlFFEJzo85wBJPSoMWt
mjAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NDBERkQvQjIzM0JCMkU5MDlBMTFFRkI5NDk2NDZCNzYyRTk1MUEveGozdlBr
U0pSUlJDYzZQT2NBU1QwcURGclpvLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMveGozdlBrU0pSUlJDYzZQT2NBU1QwcURGclpvLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2NDBERkQvQjIzM0JCMkU5MDlBMTFFRkI5NDk2NDZCNzYy
RTk1MUEvNzBCRDA5NUU5MTFBMTFFRjgyQkI2NDk3NzYyRTk1MUEucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDA0BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEAppBBAMEBMQBsDANBAIAAjAH
AwUALA/xKDANBgkqhkiG9w0BAQsFAAOCAQEAmWsJ5IZX6ej6b+C1S61dSk4cHliI
vfl43yeHLbESJrwXSLJ3iTAqXXCrxPhIZVHYox8gS2USq9mOxe24s7XQ7NvWat2U
PteA6MzB3x/3uB1mK1LNdYhqk/cUj8mtOgMrXK7c2NBAYvheQwLTdjUBrncS7Ayt
YFRwejBRJIZYRyLDjSY1lqzkj7iO+R3dkg3rE2mrS3NvXbvHtUgwa7/Y8SSKQ2u0
5c6T53qOg5MAEBIPsC9IxfwPZpPNC1Dfel2o3+k4NonwlML+TbjpylLqXVcjJPZD
Zx6L6ednGulOd/cc4gNjx/4TLaOP8Bo/9r5Jxy6SvdJt6klk1cQLY16Klg==
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:03:33 2024 by rpki-client on console-ams.rpki-client.org