Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36549B1/DF788C98561311E5B1A0E360F8AEA228/DAD32A825DD911EE908D0E884AD9E6FC.roa
File: DAD32A825DD911EE908D0E884AD9E6FC.roa (raw, json)
Hash identifier: jYCM5n5GYzsPy5dOD3c0IJ0ltyMzwLsK1AtouHVwLZ0=
Subject key identifier: E8:39:36:6E:AF:E5:7F:41:CD:6E:99:21:96:58:E8:20:4E:AB:7C:B8
Certificate issuer: /CN=F36549B1AF/serialNumber=9F17383EB667E547BA00CFB7F914F4284C5849CC
Certificate serial: 0BC6
Authority key identifier: 9F:17:38:3E:B6:67:E5:47:BA:00:CF:B7:F9:14:F4:28:4C:58:49:CC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/nxc4PrZn5Ue6AM-3-RT0KExYScw.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36549B1/DF788C98561311E5B1A0E360F8AEA228/DAD32A825DD911EE908D0E884AD9E6FC.roa
Signing time: Thu 28 Sep 2023 08:34:36 +0000
ROA not before: Thu 28 Sep 2023 08:34:33 +0000
ROA not after: Wed 01 Dec 2049 08:34:33 +0000
asID: 0
IP address blocks: 196.223.22.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36549B1/DF788C98561311E5B1A0E360F8AEA228/nxc4PrZn5Ue6AM-3-RT0KExYScw.crl
rsync://rpki.afrinic.net/repository/member_repository/F36549B1/DF788C98561311E5B1A0E360F8AEA228/nxc4PrZn5Ue6AM-3-RT0KExYScw.mft
rsync://rpki.afrinic.net/repository/afrinic/nxc4PrZn5Ue6AM-3-RT0KExYScw.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 28 Apr 2024 00:38:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3014 (0xbc6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36549B1AF/serialNumber=9F17383EB667E547BA00CFB7F914F4284C5849CC
Validity
Not Before: Sep 28 08:34:33 2023 GMT
Not After : Dec 1 08:34:33 2049 GMT
Subject: CN=65153a9b-6905
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:1f:54:e7:89:7f:ef:51:e6:e0:e7:5f:67:ec:
bd:18:af:c7:ec:e2:20:a0:ce:9b:cc:45:17:cd:b4:
e5:bf:8c:11:b9:c5:3a:fc:4b:73:d1:c8:8e:f4:93:
c5:52:b6:f4:23:e6:0e:76:a9:94:04:13:17:ec:ab:
fb:22:f2:7b:a7:16:27:60:52:0f:b8:18:d1:9c:6b:
ed:78:bc:46:dd:26:56:c4:d7:a4:14:69:a1:76:ad:
ad:e4:68:53:cb:2b:37:74:c9:6c:10:82:c0:77:a5:
bb:29:91:72:05:13:91:ce:70:c6:08:49:7b:dc:46:
84:20:a0:4b:e8:35:ef:9b:a8:fd:b5:5e:34:35:c4:
cc:a2:4c:9c:46:49:b4:8e:af:77:06:dc:94:45:5a:
83:5d:bd:bf:3c:32:6b:08:08:3f:0c:f2:34:b4:57:
51:d1:70:5b:52:56:81:3c:bd:aa:0c:00:88:9b:3c:
06:c1:72:bf:b0:c9:42:b0:da:40:d0:82:4b:2a:dd:
8b:b0:3e:4a:b6:ad:a9:07:35:ba:f0:48:b6:85:f5:
07:5d:39:6b:72:4e:38:b5:86:1d:37:35:92:2d:4a:
24:03:46:28:06:33:8a:a5:40:8b:6d:84:2d:b6:d8:
1d:2a:ad:74:7b:34:01:f9:60:fc:ed:5b:da:fc:c3:
84:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:39:36:6E:AF:E5:7F:41:CD:6E:99:21:96:58:E8:20:4E:AB:7C:B8
X509v3 Authority Key Identifier:
keyid:9F:17:38:3E:B6:67:E5:47:BA:00:CF:B7:F9:14:F4:28:4C:58:49:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36549B1/DF788C98561311E5B1A0E360F8AEA228/nxc4PrZn5Ue6AM-3-RT0KExYScw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/nxc4PrZn5Ue6AM-3-RT0KExYScw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36549B1/DF788C98561311E5B1A0E360F8AEA228/DAD32A825DD911EE908D0E884AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
196.223.22.0/23
Signature Algorithm: sha256WithRSAEncryption
85:e7:26:00:f9:82:e5:f7:79:6e:d1:45:e5:e0:b5:ca:02:1a:
c6:5d:b8:ee:e8:05:e0:14:4d:d9:45:f6:89:01:52:10:28:8a:
1d:eb:51:74:df:9f:43:f5:69:ae:ba:f0:f7:6e:9e:da:cf:31:
3c:45:0e:c3:0a:13:0f:d5:a7:92:f6:8c:92:bd:e4:58:30:31:
51:c6:55:88:5a:3e:b7:d9:04:27:81:17:b1:95:3c:4f:ab:71:
22:17:15:8f:f9:cb:40:1e:99:16:3e:c8:b4:fd:c3:12:59:f7:
16:91:58:a7:82:65:15:cf:38:57:12:77:45:18:6b:c3:0b:87:
22:33:b8:80:b4:dc:47:60:8a:1c:0c:96:8f:eb:07:9a:db:28:
97:65:0c:e7:f7:21:6d:a3:22:fb:25:a9:22:05:e8:9d:42:d6:
10:bb:c3:85:88:10:a4:5d:9b:cd:8e:af:3b:45:60:ff:fd:39:
db:8e:c3:61:4f:7c:81:d8:71:df:2c:fc:56:50:d4:4d:c2:0c:
8a:d4:77:e5:ad:9b:af:a3:16:4b:cd:12:8b:19:76:c7:34:9d:
52:d6:31:1c:cc:10:d8:c9:06:40:28:ff:72:2e:4b:18:28:53:
e1:06:7c:9e:7a:bd:c3:ea:38:9f:db:2a:57:6d:48:2d:ef:d8:
88:3c:5d:8b
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICC8YwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
NTQ5QjFBRjExMC8GA1UEBRMoOUYxNzM4M0VCNjY3RTU0N0JBMDBDRkI3RjkxNEY0
Mjg0QzU4NDlDQzAeFw0yMzA5MjgwODM0MzNaFw00OTEyMDEwODM0MzNaMBgxFjAU
BgNVBAMTDTY1MTUzYTliLTY5MDUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC7H1TniX/vUebg519n7L0Yr8fs4iCgzpvMRRfNtOW/jBG5xTr8S3PRyI70
k8VStvQj5g52qZQEExfsq/si8nunFidgUg+4GNGca+14vEbdJlbE16QUaaF2ra3k
aFPLKzd0yWwQgsB3pbspkXIFE5HOcMYISXvcRoQgoEvoNe+bqP21XjQ1xMyiTJxG
SbSOr3cG3JRFWoNdvb88MmsICD8M8jS0V1HRcFtSVoE8vaoMAIibPAbBcr+wyUKw
2kDQgksq3YuwPkq2rakHNbrwSLaF9QddOWtyTji1hh03NZItSiQDRigGM4qlQItt
hC222B0qrXR7NAH5YPztW9r8w4SJAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQU6Dk2
bq/lf0HNbpkhlljoIE6rfLgwHwYDVR0jBBgwFoAUnxc4PrZn5Ue6AM+3+RT0KExY
ScwwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjU0OUIxL0RGNzg4Qzk4NTYxMzExRTVCMUEwRTM2MEY4QUVBMjI4L254YzRQ
clpuNVVlNkFNLTMtUlQwS0V4WVNjdy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL254YzRQclpuNVVlNkFNLTMtUlQwS0V4WVNjdy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjU0OUIxL0RGNzg4Qzk4NTYxMzExRTVCMUEwRTM2MEY4
QUVBMjI4L0RBRDMyQTgyNUREOTExRUU5MDhEMEU4ODRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAHE3xYwDQYJKoZIhvcNAQEL
BQADggEBAIXnJgD5guX3eW7RReXgtcoCGsZduO7oBeAUTdlF9okBUhAoih3rUXTf
n0P1aa668PduntrPMTxFDsMKEw/Vp5L2jJK95FgwMVHGVYhaPrfZBCeBF7GVPE+r
cSIXFY/5y0AemRY+yLT9wxJZ9xaRWKeCZRXPOFcSd0UYa8MLhyIzuIC03EdgihwM
lo/rB5rbKJdlDOf3IW2jIvslqSIF6J1C1hC7w4WIEKRdm82OrztFYP/9OduOw2FP
fIHYcd8s/FZQ1E3CDIrUd+Wtm6+jFkvNEosZdsc0nVLWMRzMENjJBkAo/3IuSxgo
U+EGfJ56vcPqOJ/bKldtSC3v2Ig8XYs=
-----END CERTIFICATE-----
Generated at Fri Apr 26 13:36:08 2024 by rpki-client on console-ams.rpki-client.org