Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3655D2C/1D64C2FCC4C311EE9C41994C775412E6/3DF8B8D4C4D211EEB1EC7C65775412E6.roa
File: 3DF8B8D4C4D211EEB1EC7C65775412E6.roa (raw, json)
Hash identifier: 9LziG0V2OwJ9n1u0dLn4KBFXmSSOMd2hKZ8b5zKpu9c=
Subject key identifier: 88:D5:C2:7D:80:B9:75:F8:AB:D5:6C:C2:DF:10:BA:4E:CE:8B:8A:53
Certificate issuer: /CN=F3655D2CAF/serialNumber=FDF4BF0013B1F1AACA39551BA626CA24683DAE66
Certificate serial: 27
Authority key identifier: FD:F4:BF:00:13:B1:F1:AA:CA:39:55:1B:A6:26:CA:24:68:3D:AE:66
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/_fS_ABOx8arKOVUbpibKJGg9rmY.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3655D2C/1D64C2FCC4C311EE9C41994C775412E6/3DF8B8D4C4D211EEB1EC7C65775412E6.roa
Signing time: Tue 06 Feb 2024 09:29:36 +0000
ROA not before: Tue 06 Feb 2024 09:29:32 +0000
ROA not after: Sat 06 Feb 2027 09:29:32 +0000
asID: 36905
IP address blocks: 154.126.177.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3655D2C/1D64C2FCC4C311EE9C41994C775412E6/_fS_ABOx8arKOVUbpibKJGg9rmY.crl
rsync://rpki.afrinic.net/repository/member_repository/F3655D2C/1D64C2FCC4C311EE9C41994C775412E6/_fS_ABOx8arKOVUbpibKJGg9rmY.mft
rsync://rpki.afrinic.net/repository/afrinic/_fS_ABOx8arKOVUbpibKJGg9rmY.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 39 (0x27)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3655D2CAF/serialNumber=FDF4BF0013B1F1AACA39551BA626CA24683DAE66
Validity
Not Before: Feb 6 09:29:32 2024 GMT
Not After : Feb 6 09:29:32 2027 GMT
Subject: CN=65c1fc00-30c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:96:46:8e:7e:a3:ee:18:85:50:19:3e:ab:7b:
d4:00:f8:fe:b2:84:7d:4c:3b:4e:2c:d0:76:b0:e0:
4f:21:f2:7e:4b:1a:25:48:8e:a2:78:4f:14:13:d3:
6e:ef:e1:fa:69:f7:45:af:ae:f5:44:2d:90:82:ed:
ea:c8:6c:3f:bc:5c:db:96:e2:4e:72:e7:75:4e:9f:
dc:9f:7b:d5:9f:f8:9e:82:14:38:b2:11:99:70:53:
b1:cc:3a:06:d7:dc:11:ae:a5:c7:87:9c:3d:82:c1:
98:e1:45:b1:8e:9d:1c:9f:63:c5:b8:27:53:2f:4c:
d8:05:4d:a8:40:fe:70:09:06:fe:f3:92:0d:bc:e6:
66:d1:04:42:26:94:29:cd:ae:f5:9c:53:8a:a7:99:
a6:98:c6:de:cc:91:81:c7:5c:c3:6e:12:77:61:ec:
4b:ff:c3:b9:98:3f:f6:15:32:2d:18:49:14:7a:67:
9e:a3:3c:a0:5a:ae:e8:e0:d0:81:86:59:d0:8a:79:
38:d9:e9:ff:da:b4:9d:d4:09:04:7c:39:50:55:a2:
20:e7:30:0d:c5:0e:1a:fd:c3:25:92:ad:74:15:f2:
0b:b6:e5:2d:a6:5b:bb:8a:db:6c:10:e5:23:86:7e:
ec:95:74:a2:27:56:f7:b3:7f:3c:54:f2:b9:1f:69:
7a:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:D5:C2:7D:80:B9:75:F8:AB:D5:6C:C2:DF:10:BA:4E:CE:8B:8A:53
X509v3 Authority Key Identifier:
keyid:FD:F4:BF:00:13:B1:F1:AA:CA:39:55:1B:A6:26:CA:24:68:3D:AE:66
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3655D2C/1D64C2FCC4C311EE9C41994C775412E6/_fS_ABOx8arKOVUbpibKJGg9rmY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/_fS_ABOx8arKOVUbpibKJGg9rmY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3655D2C/1D64C2FCC4C311EE9C41994C775412E6/3DF8B8D4C4D211EEB1EC7C65775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.126.177.0/24
Signature Algorithm: sha256WithRSAEncryption
aa:1e:06:c4:7c:c6:eb:ae:23:34:fc:9c:d7:3c:82:9a:9e:34:
48:e6:ae:06:b3:db:f7:fc:ca:e5:3b:bb:af:4d:3f:61:a9:3b:
45:58:b9:59:92:44:c9:24:fa:b7:60:39:bf:74:76:fb:27:b2:
02:0f:b2:b2:1f:59:e4:26:ab:11:33:25:2b:68:1c:84:c5:c6:
a0:ac:69:1d:9e:55:a0:a6:aa:9d:d9:59:57:0c:59:df:5b:a1:
0c:e6:db:2e:0c:e9:1b:e5:82:17:4b:7b:8b:04:f2:cf:9d:ef:
4a:02:61:3b:7c:50:8b:58:e5:62:d9:65:80:12:f8:eb:c3:d4:
f6:96:b3:88:53:fe:91:54:5c:b5:53:c2:9f:48:cd:a6:f9:af:
3b:53:bd:34:25:75:6b:d3:dc:b7:25:fb:38:18:51:5a:fa:3b:
c3:f2:50:cf:f9:ae:2b:99:98:72:4f:23:45:96:6e:69:35:91:
8c:56:fd:47:8e:61:6d:5b:13:07:38:37:de:b2:53:e9:06:88:
ba:e7:50:f2:01:1f:40:e0:ed:81:74:63:99:1e:b8:40:58:d7:
c6:0b:80:2d:fa:5e:40:01:7c:65:c7:c5:a9:2d:4d:3c:3b:66:
f0:e2:39:a5:be:44:9a:8b:63:2c:31:39:70:d4:35:78:24:d7:
6d:f8:7d:1f
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBJzANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY1
NUQyQ0FGMTEwLwYDVQQFEyhGREY0QkYwMDEzQjFGMUFBQ0EzOTU1MUJBNjI2Q0Ey
NDY4M0RBRTY2MB4XDTI0MDIwNjA5MjkzMloXDTI3MDIwNjA5MjkzMlowGDEWMBQG
A1UEAxMNNjVjMWZjMDAtMzBjOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALKWRo5+o+4YhVAZPqt71AD4/rKEfUw7TizQdrDgTyHyfksaJUiOonhPFBPT
bu/h+mn3Ra+u9UQtkILt6shsP7xc25biTnLndU6f3J971Z/4noIUOLIRmXBTscw6
BtfcEa6lx4ecPYLBmOFFsY6dHJ9jxbgnUy9M2AVNqED+cAkG/vOSDbzmZtEEQiaU
Kc2u9ZxTiqeZppjG3syRgcdcw24Sd2HsS//DuZg/9hUyLRhJFHpnnqM8oFqu6ODQ
gYZZ0Ip5ONnp/9q0ndQJBHw5UFWiIOcwDcUOGv3DJZKtdBXyC7blLaZbu4rbbBDl
I4Z+7JV0oidW97N/PFTyuR9pepcCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBSI1cJ9
gLl1+KvVbMLfELpOzouKUzAfBgNVHSMEGDAWgBT99L8AE7Hxqso5VRumJsokaD2u
ZjAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NTVEMkMvMUQ2NEMyRkNDNEMzMTFFRTlDNDE5OTRDNzc1NDEyRTYvX2ZTX0FC
T3g4YXJLT1ZVYnBpYktKR2c5cm1ZLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvX2ZTX0FCT3g4YXJLT1ZVYnBpYktKR2c5cm1ZLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2NTVEMkMvMUQ2NEMyRkNDNEMzMTFFRTlDNDE5OTRDNzc1
NDEyRTYvM0RGOEI4RDRDNEQyMTFFRUIxRUM3QzY1Nzc1NDEyRTYucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAJp+sTANBgkqhkiG9w0BAQsF
AAOCAQEAqh4GxHzG664jNPyc1zyCmp40SOauBrPb9/zK5Tu7r00/Yak7RVi5WZJE
yST6t2A5v3R2+yeyAg+ysh9Z5CarETMlK2gchMXGoKxpHZ5VoKaqndlZVwxZ31uh
DObbLgzpG+WCF0t7iwTyz53vSgJhO3xQi1jlYtllgBL468PU9paziFP+kVRctVPC
n0jNpvmvO1O9NCV1a9PctyX7OBhRWvo7w/JQz/muK5mYck8jRZZuaTWRjFb9R45h
bVsTBzg33rJT6QaIuudQ8gEfQODtgXRjmR64QFjXxguALfpeQAF8ZcfFqS1NPDtm
8OI5pb5EmotjLDE5cNQ1eCTXbfh9Hw==
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:52:54 2024 by rpki-client on console-fra.rpki-client.org