Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F365062A/D6AEAF64CD7211ED91BCCB8FF1222468/F9FA5CE6CD7411EDA8B70696F1222468.roa
File: F9FA5CE6CD7411EDA8B70696F1222468.roa (raw, json)
Hash identifier: 8eDGMcM6rbtGPj7+umoDH74//2ioLQd3MbdNouRQeVo=
Subject key identifier: 67:C7:3B:F2:4D:7C:E0:21:8A:8C:B1:5F:76:A0:48:A7:20:01:D6:E2
Certificate issuer: /CN=F365062AAF/serialNumber=5D254CBC9DCA24767E2486009680B743411F08F8
Certificate serial: 02
Authority key identifier: 5D:25:4C:BC:9D:CA:24:76:7E:24:86:00:96:80:B7:43:41:1F:08:F8
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/XSVMvJ3KJHZ-JIYAloC3Q0EfCPg.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F365062A/D6AEAF64CD7211ED91BCCB8FF1222468/F9FA5CE6CD7411EDA8B70696F1222468.roa
Signing time: Tue 28 Mar 2023 14:29:42 +0000
ROA not before: Tue 28 Mar 2023 14:29:37 +0000
ROA not after: Thu 31 Mar 2033 14:29:37 +0000
asID: 37309
IP address blocks: 197.242.128.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F365062A/D6AEAF64CD7211ED91BCCB8FF1222468/XSVMvJ3KJHZ-JIYAloC3Q0EfCPg.crl
rsync://rpki.afrinic.net/repository/member_repository/F365062A/D6AEAF64CD7211ED91BCCB8FF1222468/XSVMvJ3KJHZ-JIYAloC3Q0EfCPg.mft
rsync://rpki.afrinic.net/repository/afrinic/XSVMvJ3KJHZ-JIYAloC3Q0EfCPg.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 04 Jun 2024 00:04:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F365062AAF/serialNumber=5D254CBC9DCA24767E2486009680B743411F08F8
Validity
Not Before: Mar 28 14:29:37 2023 GMT
Not After : Mar 31 14:29:37 2033 GMT
Subject: CN=6422f9d5-830a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:52:9d:57:43:27:bf:d1:7e:1b:4d:6a:f1:57:
90:be:68:9b:ee:8a:2c:7b:b1:d9:2d:30:25:30:f2:
fc:05:6a:11:64:95:5f:89:c7:64:ca:43:5a:e5:50:
e1:30:a8:6b:6a:bf:a8:8b:f6:b8:d9:a9:92:c8:ec:
a3:7f:4c:25:9b:f0:30:ed:99:c7:fc:79:05:10:3f:
53:cb:88:82:54:6c:bf:27:a1:0d:8c:e1:39:d0:f9:
c6:0f:75:ad:e9:5e:93:82:48:bb:75:2d:93:f4:62:
5d:02:f3:aa:a1:5e:47:91:ed:5f:08:3c:82:f9:29:
ed:66:dc:20:30:da:2e:e2:88:22:9b:36:38:6e:a7:
81:33:db:1c:31:ff:c5:c2:ce:dd:78:8a:5e:05:48:
32:07:ea:bd:fd:3f:db:df:4f:3f:33:76:25:20:ea:
83:b5:85:66:81:fc:05:6d:c4:f0:aa:14:5b:f4:94:
7d:a2:76:78:c0:38:67:24:1d:df:a3:9d:c0:4d:33:
d9:ff:71:2d:51:57:76:55:7e:08:b4:8c:34:c4:0c:
e5:85:64:b5:01:8d:54:df:11:f6:47:ac:c3:58:90:
d4:28:95:89:66:9e:35:06:17:0f:5f:6e:f6:d5:4d:
7d:4f:4f:83:19:c5:61:7d:97:a4:df:b5:a8:e3:a6:
1d:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:C7:3B:F2:4D:7C:E0:21:8A:8C:B1:5F:76:A0:48:A7:20:01:D6:E2
X509v3 Authority Key Identifier:
keyid:5D:25:4C:BC:9D:CA:24:76:7E:24:86:00:96:80:B7:43:41:1F:08:F8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F365062A/D6AEAF64CD7211ED91BCCB8FF1222468/XSVMvJ3KJHZ-JIYAloC3Q0EfCPg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/XSVMvJ3KJHZ-JIYAloC3Q0EfCPg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F365062A/D6AEAF64CD7211ED91BCCB8FF1222468/F9FA5CE6CD7411EDA8B70696F1222468.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
197.242.128.0/20
Signature Algorithm: sha256WithRSAEncryption
7b:ee:b5:fe:c1:7a:88:7d:8d:83:e5:65:7f:4d:d8:5f:4d:36:
8d:77:a1:d8:ad:d6:41:15:9d:2d:3c:2a:0f:4d:dd:f8:cb:f3:
1c:0a:28:ae:d0:7e:62:f8:66:fb:12:f9:40:3e:b7:c3:95:1b:
2d:97:26:f1:07:b6:44:35:b5:d0:7c:5c:1b:71:16:77:2e:63:
bd:f4:59:ab:00:1b:08:28:f3:79:06:b3:29:9b:84:4c:43:23:
df:f9:8c:61:9e:34:47:e8:ca:5f:1a:dd:7f:3b:2d:d0:6f:25:
74:c7:27:8a:ee:82:5e:53:50:ff:52:54:2c:73:c1:ff:ae:4f:
7a:39:62:a4:59:3b:f3:c0:78:8b:78:8e:b7:bc:25:87:c3:e5:
d3:51:30:c3:ff:a9:5f:be:17:62:df:24:25:a1:5b:9f:4e:d6:
fa:3a:4c:31:65:1a:34:6f:90:13:ce:60:14:e9:cc:0f:93:1d:
b5:b6:a2:1b:16:0c:a7:92:bb:67:d0:ca:dd:c5:f0:99:51:1a:
1b:25:4f:42:88:ec:9a:50:89:b9:5e:9e:c5:7f:45:3a:41:7b:
6c:8e:a8:e1:a3:a8:74:03:58:1f:17:e2:c3:46:85:09:ff:4a:
bd:3b:94:c5:84:db:af:e7:a6:78:f0:2a:c4:d5:72:29:cf:a8:
71:ff:d4:ae
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDDApGMzY1
MDYyQUFGMTEwLwYDVQQFEyg1RDI1NENCQzlEQ0EyNDc2N0UyNDg2MDA5NjgwQjc0
MzQxMUYwOEY4MB4XDTIzMDMyODE0MjkzN1oXDTMzMDMzMTE0MjkzN1owGDEWMBQG
A1UEAwwNNjQyMmY5ZDUtODMwYTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJpSnVdDJ7/RfhtNavFXkL5om+6KLHux2S0wJTDy/AVqEWSVX4nHZMpDWuVQ
4TCoa2q/qIv2uNmpksjso39MJZvwMO2Zx/x5BRA/U8uIglRsvyehDYzhOdD5xg91
relek4JIu3Utk/RiXQLzqqFeR5HtXwg8gvkp7WbcIDDaLuKIIps2OG6ngTPbHDH/
xcLO3XiKXgVIMgfqvf0/299PPzN2JSDqg7WFZoH8BW3E8KoUW/SUfaJ2eMA4ZyQd
36OdwE0z2f9xLVFXdlV+CLSMNMQM5YVktQGNVN8R9kesw1iQ1CiViWaeNQYXD19u
9tVNfU9PgxnFYX2XpN+1qOOmHSkCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBRnxzvy
TXzgIYqMsV92oEinIAHW4jAfBgNVHSMEGDAWgBRdJUy8ncokdn4khgCWgLdDQR8I
+DAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NTA2MkEvRDZBRUFGNjRDRDcyMTFFRDkxQkNDQjhGRjEyMjI0NjgvWFNWTXZK
M0tKSFotSklZQWxvQzNRMEVmQ1BnLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvWFNWTXZKM0tKSFotSklZQWxvQzNRMEVmQ1BnLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2NTA2MkEvRDZBRUFGNjRDRDcyMTFFRDkxQkNDQjhGRjEy
MjI0NjgvRjlGQTVDRTZDRDc0MTFFREE4QjcwNjk2RjEyMjI0Njgucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBMXygDANBgkqhkiG9w0BAQsF
AAOCAQEAe+61/sF6iH2Ng+Vlf03YX002jXeh2K3WQRWdLTwqD03d+MvzHAoortB+
Yvhm+xL5QD63w5UbLZcm8Qe2RDW10HxcG3EWdy5jvfRZqwAbCCjzeQazKZuETEMj
3/mMYZ40R+jKXxrdfzst0G8ldMcniu6CXlNQ/1JULHPB/65PejlipFk788B4i3iO
t7wlh8Pl01Eww/+pX74XYt8kJaFbn07W+jpMMWUaNG+QE85gFOnMD5MdtbaiGxYM
p5K7Z9DK3cXwmVEaGyVPQojsmlCJuV6exX9FOkF7bI6o4aOodANYHxfiw0aFCf9K
vTuUxYTbr+emePAqxNVyKc+ocf/Urg==
-----END CERTIFICATE-----
Generated at Sun Jun 2 03:35:33 2024 by rpki-client on console-fra.rpki-client.org