Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3650F65/0B593FC0498411EF8FCC9BB4762E951A/E0539FCE5A1211EF8F707262762E951A.roa
File: E0539FCE5A1211EF8F707262762E951A.roa (raw, json)
Hash identifier: bcfZ/95PQQlS2eDlkdUzWliC6UA2tyCBDeR/FA3hgqE=
Subject key identifier: 86:D7:BC:58:93:00:BC:18:8C:11:A4:9E:F7:68:D7:6F:AD:B2:82:C8
Certificate issuer: /CN=F3650F65RI/serialNumber=F2A9DC170D8F32A044C1AF1052045D6D4E2422EB
Certificate serial: 1E
Authority key identifier: F2:A9:DC:17:0D:8F:32:A0:44:C1:AF:10:52:04:5D:6D:4E:24:22:EB
Authority info access: rsync://rpki.afrinic.net/repository/ripe/8qncFw2PMqBEwa8QUgRdbU4kIus.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3650F65/0B593FC0498411EF8FCC9BB4762E951A/E0539FCE5A1211EF8F707262762E951A.roa
Signing time: Wed 14 Aug 2024 07:57:39 +0000
ROA not before: Wed 14 Aug 2024 07:57:36 +0000
ROA not after: Mon 14 Aug 2034 07:57:36 +0000
asID: 37114
IP address blocks: 212.96.20.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3650F65/0B593FC0498411EF8FCC9BB4762E951A/8qncFw2PMqBEwa8QUgRdbU4kIus.crl
rsync://rpki.afrinic.net/repository/member_repository/F3650F65/0B593FC0498411EF8FCC9BB4762E951A/8qncFw2PMqBEwa8QUgRdbU4kIus.mft
rsync://rpki.afrinic.net/repository/ripe/8qncFw2PMqBEwa8QUgRdbU4kIus.cer
rsync://rpki.afrinic.net/repository/ripe/f3rBgIl5g-Kek3wKGHgDwHJ1VUU.crl
rsync://rpki.afrinic.net/repository/ripe/f3rBgIl5g-Kek3wKGHgDwHJ1VUU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/ripe-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:30:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 30 (0x1e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3650F65RI/serialNumber=F2A9DC170D8F32A044C1AF1052045D6D4E2422EB
Validity
Not Before: Aug 14 07:57:36 2024 GMT
Not After : Aug 14 07:57:36 2034 GMT
Subject: CN=66bc6373-0887
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:63:db:99:46:4d:fc:87:01:ea:00:08:6f:a3:
27:42:38:f1:60:97:53:53:7d:58:a5:61:30:bd:fc:
71:fd:37:60:11:ee:d3:c3:8c:41:48:72:b1:94:79:
7c:e9:80:a1:27:57:a5:82:1e:ec:29:d6:bc:38:f5:
ab:cc:77:e3:fd:29:7b:fe:1e:cd:87:a2:d9:a2:50:
d8:9f:be:2c:7c:3f:72:6d:25:f2:de:6f:68:ad:aa:
f3:be:52:61:6e:26:7f:2c:42:85:0c:df:4b:c9:7a:
01:59:46:d1:45:53:0f:2d:4f:c2:10:67:35:29:8e:
67:f8:a9:d5:88:f7:0e:c8:1f:11:b1:33:57:7c:de:
e4:15:60:c4:69:db:67:91:35:59:4e:a7:93:55:bc:
36:88:55:68:4c:8f:03:5f:37:95:4b:e6:3d:2a:c3:
34:61:11:50:08:e4:dd:2d:18:d6:fd:b0:5d:09:52:
52:83:36:29:2b:c7:40:cf:7c:5a:25:06:5f:fb:dc:
15:b4:4d:1d:6a:f9:38:1b:e0:46:81:fe:22:ab:e1:
9c:4f:84:b6:b6:24:3a:6c:a6:88:bc:c0:a5:6a:bc:
26:9e:0a:fb:c3:42:9d:85:d7:e3:90:64:9f:94:15:
c2:dc:3a:b7:15:ee:ec:e9:64:a3:29:29:a2:34:a0:
19:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:D7:BC:58:93:00:BC:18:8C:11:A4:9E:F7:68:D7:6F:AD:B2:82:C8
X509v3 Authority Key Identifier:
keyid:F2:A9:DC:17:0D:8F:32:A0:44:C1:AF:10:52:04:5D:6D:4E:24:22:EB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3650F65/0B593FC0498411EF8FCC9BB4762E951A/8qncFw2PMqBEwa8QUgRdbU4kIus.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/ripe/8qncFw2PMqBEwa8QUgRdbU4kIus.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3650F65/0B593FC0498411EF8FCC9BB4762E951A/E0539FCE5A1211EF8F707262762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
212.96.20.0/24
Signature Algorithm: sha256WithRSAEncryption
aa:ce:79:24:85:52:4b:7b:32:38:34:c0:7e:6b:aa:da:e7:f6:
9e:e5:7c:70:fd:4e:fb:86:de:d0:29:a1:d2:c1:86:4f:63:a2:
fe:b6:e2:44:66:a0:3a:e7:70:0e:de:05:d6:4d:84:22:3c:80:
fc:50:aa:03:f2:8a:54:89:34:05:23:b8:6a:94:06:b4:ba:49:
17:1f:d1:38:f0:e4:71:98:e8:50:89:fa:30:1c:85:e3:52:26:
77:38:46:20:d9:fb:5a:e4:9c:ac:85:82:c9:e6:d9:44:f1:7c:
e1:db:34:4f:7f:a6:70:7b:c7:c3:33:c3:d3:b2:15:fc:b2:bd:
84:84:21:3d:8a:14:1c:ac:e7:7a:70:6a:c8:21:62:1b:cf:10:
6b:7e:1b:ad:a3:5a:b9:24:41:cd:df:91:94:c5:6d:96:2b:84:
0e:21:84:83:61:29:3f:75:12:ad:eb:9b:b7:d4:97:0b:f1:24:
22:ce:d1:f7:99:2d:ff:55:c2:61:34:8c:3b:86:28:23:52:c1:
97:a6:d5:13:73:17:37:01:49:0e:a6:f3:89:56:57:67:ab:c9:
da:5d:31:98:57:37:fc:b7:23:4f:c0:53:83:36:59:a2:25:12:
b8:4d:33:26:17:d8:01:1a:c1:4e:c5:da:44:e3:86:20:9f:ae:
8d:31:e5:ca
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgIBHjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY1
MEY2NVJJMTEwLwYDVQQFEyhGMkE5REMxNzBEOEYzMkEwNDRDMUFGMTA1MjA0NUQ2
RDRFMjQyMkVCMB4XDTI0MDgxNDA3NTczNloXDTM0MDgxNDA3NTczNlowGDEWMBQG
A1UEAxMNNjZiYzYzNzMtMDg4NzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMBj25lGTfyHAeoACG+jJ0I48WCXU1N9WKVhML38cf03YBHu08OMQUhysZR5
fOmAoSdXpYIe7CnWvDj1q8x34/0pe/4ezYei2aJQ2J++LHw/cm0l8t5vaK2q875S
YW4mfyxChQzfS8l6AVlG0UVTDy1PwhBnNSmOZ/ip1Yj3DsgfEbEzV3ze5BVgxGnb
Z5E1WU6nk1W8NohVaEyPA183lUvmPSrDNGERUAjk3S0Y1v2wXQlSUoM2KSvHQM98
WiUGX/vcFbRNHWr5OBvgRoH+IqvhnE+EtrYkOmymiLzApWq8Jp4K+8NCnYXX45Bk
n5QVwtw6txXu7OlkoykpojSgGQ8CAwEAAaOCAqIwggKeMB0GA1UdDgQWBBSG17xY
kwC8GIwRpJ73aNdvrbKCyDAfBgNVHSMEGDAWgBTyqdwXDY8yoETBrxBSBF1tTiQi
6zAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NTBGNjUvMEI1OTNGQzA0OTg0MTFFRjhGQ0M5QkI0NzYyRTk1MUEvOHFuY0Z3
MlBNcUJFd2E4UVVnUmRiVTRrSXVzLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L3JpcGUv
OHFuY0Z3MlBNcUJFd2E4UVVnUmRiVTRrSXVzLmNlcjBPBgNVHSABAf8ERTBDMEEG
CCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmljLm5l
dC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUFBzAL
hoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3Jl
cG9zaXRvcnkvRjM2NTBGNjUvMEI1OTNGQzA0OTg0MTFFRjhGQ0M5QkI0NzYyRTk1
MUEvRTA1MzlGQ0U1QTEyMTFFRjhGNzA3MjYyNzYyRTk1MUEucm9hMDUGCCsGAQUF
BzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANRgFDANBgkqhkiG9w0BAQsFAAOC
AQEAqs55JIVSS3syODTAfmuq2uf2nuV8cP1O+4be0Cmh0sGGT2Oi/rbiRGagOudw
Dt4F1k2EIjyA/FCqA/KKVIk0BSO4apQGtLpJFx/ROPDkcZjoUIn6MByF41ImdzhG
INn7WuScrIWCyebZRPF84ds0T3+mcHvHwzPD07IV/LK9hIQhPYoUHKznenBqyCFi
G88Qa34braNauSRBzd+RlMVtliuEDiGEg2EpP3USreubt9SXC/EkIs7R95kt/1XC
YTSMO4YoI1LBl6bVE3MXNwFJDqbziVZXZ6vJ2l0xmFc3/LcjT8BTgzZZoiUSuE0z
JhfYARrBTsXaROOGIJ+ujTHlyg==
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:03:34 2024 by rpki-client on console-ams.rpki-client.org