Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36549B1/DF788C98561311E5B1A0E360F8AEA228/3EB8BE4ED22611EDAF3CB0D4F1222468.roa
File: 3EB8BE4ED22611EDAF3CB0D4F1222468.roa (raw, json)
Hash identifier: 8rUeH5+hrD/1gu9Yu/+gBbmACyJtB7cXUwPkrzQinJI=
Subject key identifier: 17:63:ED:88:B8:B7:F2:72:D0:2C:81:43:B3:92:CE:7B:FE:35:5F:54
Certificate issuer: /CN=F36549B1AF/serialNumber=9F17383EB667E547BA00CFB7F914F4284C5849CC
Certificate serial: 0B0C
Authority key identifier: 9F:17:38:3E:B6:67:E5:47:BA:00:CF:B7:F9:14:F4:28:4C:58:49:CC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/nxc4PrZn5Ue6AM-3-RT0KExYScw.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36549B1/DF788C98561311E5B1A0E360F8AEA228/3EB8BE4ED22611EDAF3CB0D4F1222468.roa
Signing time: Mon 03 Apr 2023 13:48:42 +0000
ROA not before: Mon 03 Apr 2023 13:48:37 +0000
ROA not after: Wed 01 Dec 2049 13:48:37 +0000
asID: 329234
IP address blocks: 196.49.100.0/24 maxlen: 24
2001:43f8:691::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36549B1/DF788C98561311E5B1A0E360F8AEA228/nxc4PrZn5Ue6AM-3-RT0KExYScw.crl
rsync://rpki.afrinic.net/repository/member_repository/F36549B1/DF788C98561311E5B1A0E360F8AEA228/nxc4PrZn5Ue6AM-3-RT0KExYScw.mft
rsync://rpki.afrinic.net/repository/afrinic/nxc4PrZn5Ue6AM-3-RT0KExYScw.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 May 2024 00:04:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2828 (0xb0c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36549B1AF/serialNumber=9F17383EB667E547BA00CFB7F914F4284C5849CC
Validity
Not Before: Apr 3 13:48:37 2023 GMT
Not After : Dec 1 13:48:37 2049 GMT
Subject: CN=642ad93a-f015
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:c8:50:cc:17:16:f2:c7:fe:72:0d:90:d6:a6:
5a:31:bd:39:19:ba:6d:09:0d:ed:99:a1:1e:cb:92:
2f:1e:3d:a4:12:3a:66:76:63:88:a3:40:78:43:50:
95:2a:23:4f:6b:80:f8:a6:66:38:ec:a8:be:d7:bf:
70:de:56:a2:35:59:bd:90:1f:fc:be:b9:f4:78:ef:
d7:b1:8d:5a:9d:6d:c3:a0:aa:84:80:7b:a5:f5:bd:
31:6d:fc:09:58:8f:7b:a1:0b:31:6a:5b:b5:7d:7f:
0c:bd:73:78:fe:c4:8f:59:57:87:c8:16:81:cf:ef:
2e:86:6d:be:42:f3:11:d5:44:59:54:e0:e6:d3:25:
c0:c7:a9:78:45:40:c9:af:77:4b:9d:16:3b:35:4f:
62:78:af:11:92:1f:43:6f:a0:4e:2e:3a:0a:a5:90:
d9:b0:39:64:42:85:ae:73:b5:4a:ef:da:b4:ee:31:
e4:a1:ee:08:73:c3:4d:9e:42:35:8e:35:98:61:66:
e1:e6:31:a9:79:99:17:08:d6:0b:ee:71:b4:0e:0d:
08:46:df:b4:92:d6:5c:ee:4a:15:26:28:f6:eb:61:
cf:75:6e:fd:3c:b6:0a:01:07:02:2b:9d:72:50:97:
75:b5:51:e9:34:f9:33:7f:5c:92:d6:02:d6:e6:e8:
1e:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:63:ED:88:B8:B7:F2:72:D0:2C:81:43:B3:92:CE:7B:FE:35:5F:54
X509v3 Authority Key Identifier:
keyid:9F:17:38:3E:B6:67:E5:47:BA:00:CF:B7:F9:14:F4:28:4C:58:49:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36549B1/DF788C98561311E5B1A0E360F8AEA228/nxc4PrZn5Ue6AM-3-RT0KExYScw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/nxc4PrZn5Ue6AM-3-RT0KExYScw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36549B1/DF788C98561311E5B1A0E360F8AEA228/3EB8BE4ED22611EDAF3CB0D4F1222468.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
196.49.100.0/24
IPv6:
2001:43f8:691::/48
Signature Algorithm: sha256WithRSAEncryption
29:66:98:b2:1b:73:64:5a:c0:05:5d:e0:b7:f3:f3:51:04:2f:
1f:f7:fb:77:77:8f:71:54:e0:38:d2:04:f0:36:d2:91:c0:2a:
ea:4f:f8:30:9c:f9:48:a7:19:c2:08:a8:29:75:24:02:5b:a1:
ee:7f:0a:01:e5:03:88:8a:13:74:a1:c0:40:45:ab:1d:3e:19:
aa:62:38:7b:a6:54:64:fb:ec:c6:9a:40:39:62:4a:1a:83:36:
1e:76:a6:11:3a:6d:c8:c9:14:60:8e:5a:8d:52:23:d4:4e:4f:
0e:c6:d1:05:00:0c:a4:69:aa:15:08:0d:30:a9:fc:47:7c:a1:
04:2f:2c:14:43:ed:89:d8:64:03:c9:5b:d0:68:09:7c:dc:30:
e0:f7:8d:3e:93:f9:0a:e0:b5:aa:5e:73:3f:05:c3:17:19:b6:
d8:a2:b2:00:a9:6c:74:ff:df:53:7e:a4:1c:21:58:94:21:09:
4a:a4:37:c1:2f:d2:6d:c5:fb:7e:06:ab:de:42:6c:17:76:e7:
84:04:e4:66:41:34:06:ca:74:dc:ab:1e:52:3f:c5:84:3d:8d:
d1:fc:61:18:e6:93:53:cb:ae:b4:ab:90:f0:21:82:b3:d1:ef:
77:55:6a:60:4c:0e:dc:24:ed:b9:ea:ad:3b:b7:96:26:33:f6:
19:91:c1:be
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgICCwwwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
NTQ5QjFBRjExMC8GA1UEBRMoOUYxNzM4M0VCNjY3RTU0N0JBMDBDRkI3RjkxNEY0
Mjg0QzU4NDlDQzAeFw0yMzA0MDMxMzQ4MzdaFw00OTEyMDExMzQ4MzdaMBgxFjAU
BgNVBAMMDTY0MmFkOTNhLWYwMTUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC4yFDMFxbyx/5yDZDWploxvTkZum0JDe2ZoR7Lki8ePaQSOmZ2Y4ijQHhD
UJUqI09rgPimZjjsqL7Xv3DeVqI1Wb2QH/y+ufR479exjVqdbcOgqoSAe6X1vTFt
/AlYj3uhCzFqW7V9fwy9c3j+xI9ZV4fIFoHP7y6Gbb5C8xHVRFlU4ObTJcDHqXhF
QMmvd0udFjs1T2J4rxGSH0NvoE4uOgqlkNmwOWRCha5ztUrv2rTuMeSh7ghzw02e
QjWONZhhZuHmMal5mRcI1gvucbQODQhG37SS1lzuShUmKPbrYc91bv08tgoBBwIr
nXJQl3W1Uek0+TN/XJLWAtbm6B4/AgMBAAGjggK2MIICsjAdBgNVHQ4EFgQUF2Pt
iLi38nLQLIFDs5LOe/41X1QwHwYDVR0jBBgwFoAUnxc4PrZn5Ue6AM+3+RT0KExY
ScwwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjU0OUIxL0RGNzg4Qzk4NTYxMzExRTVCMUEwRTM2MEY4QUVBMjI4L254YzRQ
clpuNVVlNkFNLTMtUlQwS0V4WVNjdy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL254YzRQclpuNVVlNkFNLTMtUlQwS0V4WVNjdy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjU0OUIxL0RGNzg4Qzk4NTYxMzExRTVCMUEwRTM2MEY4
QUVBMjI4LzNFQjhCRTRFRDIyNjExRURBRjNDQjBENEYxMjIyNDY4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwMAYIKwYBBQUHAQcBAf8EITAfMAwEAgABMAYDBADEMWQwDwQCAAIwCQMHACAB
Q/gGkTANBgkqhkiG9w0BAQsFAAOCAQEAKWaYshtzZFrABV3gt/PzUQQvH/f7d3eP
cVTgONIE8DbSkcAq6k/4MJz5SKcZwgioKXUkAluh7n8KAeUDiIoTdKHAQEWrHT4Z
qmI4e6ZUZPvsxppAOWJKGoM2HnamETptyMkUYI5ajVIj1E5PDsbRBQAMpGmqFQgN
MKn8R3yhBC8sFEPtidhkA8lb0GgJfNww4PeNPpP5CuC1ql5zPwXDFxm22KKyAKls
dP/fU36kHCFYlCEJSqQ3wS/SbcX7fgar3kJsF3bnhATkZkE0Bsp03KseUj/FhD2N
0fxhGOaTU8uutKuQ8CGCs9Hvd1VqYEwO3CTtueqtO7eWJjP2GZHBvg==
-----END CERTIFICATE-----
Generated at Sun May 19 01:46:29 2024 by rpki-client on console-ams.rpki-client.org