Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36663C2/B390E9E8C78311ECB1982894F1222468/B3406C3EE06311EE9DC9645B775412E6.roa
File: B3406C3EE06311EE9DC9645B775412E6.roa (raw, json)
Hash identifier: ogaYGhijbZfnfBJbAW8m4J3DjXL9JovFwrfT8ageG8c=
Subject key identifier: BC:8D:50:0D:78:B2:19:65:41:B7:30:99:E2:FC:94:2D:49:AC:17:85
Certificate issuer: /CN=F36663C2AF/serialNumber=E0219D5A4CD8582C4F37E2D0DDD706B77EBD9F6C
Certificate serial: 02D6
Authority key identifier: E0:21:9D:5A:4C:D8:58:2C:4F:37:E2:D0:DD:D7:06:B7:7E:BD:9F:6C
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/4CGdWkzYWCxPN-LQ3dcGt369n2w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36663C2/B390E9E8C78311ECB1982894F1222468/B3406C3EE06311EE9DC9645B775412E6.roa
Signing time: Tue 12 Mar 2024 11:28:51 +0000
ROA not before: Tue 12 Mar 2024 11:28:48 +0000
ROA not after: Thu 21 Mar 2030 11:28:48 +0000
asID: 37183
IP address blocks: 196.43.100.0/23 maxlen: 24
2001:42b0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36663C2/B390E9E8C78311ECB1982894F1222468/4CGdWkzYWCxPN-LQ3dcGt369n2w.crl
rsync://rpki.afrinic.net/repository/member_repository/F36663C2/B390E9E8C78311ECB1982894F1222468/4CGdWkzYWCxPN-LQ3dcGt369n2w.mft
rsync://rpki.afrinic.net/repository/afrinic/4CGdWkzYWCxPN-LQ3dcGt369n2w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 726 (0x2d6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36663C2AF/serialNumber=E0219D5A4CD8582C4F37E2D0DDD706B77EBD9F6C
Validity
Not Before: Mar 12 11:28:48 2024 GMT
Not After : Mar 21 11:28:48 2030 GMT
Subject: CN=65f03c73-fb71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:52:42:7d:12:f4:1f:5c:9f:b7:45:69:ac:5e:
c6:d4:00:72:69:f1:b4:91:ef:77:8f:3f:72:88:3f:
d6:56:9c:a0:3e:6d:66:f6:a3:22:6a:c2:47:29:23:
ef:ce:b0:71:2f:86:98:bb:7b:8b:3b:ec:07:78:78:
a6:23:96:a4:ea:bc:db:05:2c:5b:85:dd:95:a7:7a:
1b:ee:b9:1e:86:2a:41:de:b4:21:c6:54:9b:21:6d:
bb:e8:35:e7:f3:ff:aa:a7:35:5b:a7:2f:ee:ee:99:
6c:89:10:b9:75:89:a2:ab:2d:5d:a6:44:ab:b0:63:
b8:ea:0d:b5:6b:2c:6b:4f:35:a4:1e:35:6b:75:59:
6a:fb:f8:e7:52:9e:bf:6b:9f:06:41:b1:de:a0:6d:
bc:48:c2:f4:13:45:14:52:04:7a:bb:5f:e7:35:b0:
21:db:63:ce:ad:5d:d2:c2:7d:04:7e:94:2e:d2:53:
b7:4c:e5:0e:ec:71:24:17:be:4d:93:13:69:9b:ce:
6d:42:68:2f:f4:1d:d5:a6:76:3f:8d:0c:f2:6b:b2:
47:7c:e6:30:ca:bf:3f:67:a6:ef:4a:c4:b7:98:11:
52:67:89:82:ae:78:dd:0f:13:6d:07:73:31:69:0a:
2a:ca:68:03:29:03:97:76:48:6f:aa:8c:55:9b:0d:
a0:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:8D:50:0D:78:B2:19:65:41:B7:30:99:E2:FC:94:2D:49:AC:17:85
X509v3 Authority Key Identifier:
keyid:E0:21:9D:5A:4C:D8:58:2C:4F:37:E2:D0:DD:D7:06:B7:7E:BD:9F:6C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36663C2/B390E9E8C78311ECB1982894F1222468/4CGdWkzYWCxPN-LQ3dcGt369n2w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/4CGdWkzYWCxPN-LQ3dcGt369n2w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36663C2/B390E9E8C78311ECB1982894F1222468/B3406C3EE06311EE9DC9645B775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
196.43.100.0/23
IPv6:
2001:42b0::/32
Signature Algorithm: sha256WithRSAEncryption
72:8c:0c:5d:8a:15:07:31:30:2a:32:c7:fa:bd:99:75:bf:ae:
d2:48:a1:0d:62:23:34:32:f1:02:11:fd:0f:6e:10:3c:32:ce:
35:2d:b9:9d:9c:0b:a6:12:fc:59:8a:c3:54:9e:b0:92:72:37:
c6:a5:85:8e:47:b0:d2:cd:6e:a6:0e:73:44:6a:11:b2:99:a0:
30:ff:9e:bf:c6:85:5f:65:ad:53:47:9b:d0:07:81:84:a6:73:
14:44:fe:92:80:f4:97:0b:c4:48:57:8c:a3:69:f2:72:b8:ef:
91:60:7b:1e:0b:7f:87:75:57:e1:3d:c2:43:20:2b:47:35:19:
42:ce:21:65:41:d0:e6:0d:88:4d:ef:8d:c7:66:54:da:c5:04:
f9:1a:08:14:cc:e0:35:74:09:da:99:19:b7:10:89:8c:a2:2c:
ff:21:04:12:d7:7d:30:59:43:38:bf:db:ee:c9:68:63:a0:4c:
3a:d3:f0:30:8e:bb:d3:37:1b:77:1e:eb:c5:bd:6a:9f:5a:78:
9a:51:a0:37:f0:e8:58:19:8b:dd:08:cc:9f:84:83:bb:0a:ef:
69:68:2b:c5:f1:df:08:4a:ca:c7:b3:18:67:a6:bf:29:f3:6d:
a6:96:54:e0:66:f5:7e:1d:f0:d9:00:a9:ed:23:82:dc:39:46:
7a:9b:79:35
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgICAtYwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
NjYzQzJBRjExMC8GA1UEBRMoRTAyMTlENUE0Q0Q4NTgyQzRGMzdFMkQwRERENzA2
Qjc3RUJEOUY2QzAeFw0yNDAzMTIxMTI4NDhaFw0zMDAzMjExMTI4NDhaMBgxFjAU
BgNVBAMTDTY1ZjAzYzczLWZiNzEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCzUkJ9EvQfXJ+3RWmsXsbUAHJp8bSR73ePP3KIP9ZWnKA+bWb2oyJqwkcp
I+/OsHEvhpi7e4s77Ad4eKYjlqTqvNsFLFuF3ZWnehvuuR6GKkHetCHGVJshbbvo
Nefz/6qnNVunL+7umWyJELl1iaKrLV2mRKuwY7jqDbVrLGtPNaQeNWt1WWr7+OdS
nr9rnwZBsd6gbbxIwvQTRRRSBHq7X+c1sCHbY86tXdLCfQR+lC7SU7dM5Q7scSQX
vk2TE2mbzm1CaC/0HdWmdj+NDPJrskd85jDKvz9npu9KxLeYEVJniYKueN0PE20H
czFpCirKaAMpA5d2SG+qjFWbDaBtAgMBAAGjggK0MIICsDAdBgNVHQ4EFgQUvI1Q
DXiyGWVBtzCZ4vyULUmsF4UwHwYDVR0jBBgwFoAU4CGdWkzYWCxPN+LQ3dcGt369
n2wwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjY2M0MyL0IzOTBFOUU4Qzc4MzExRUNCMTk4Mjg5NEYxMjIyNDY4LzRDR2RX
a3pZV0N4UE4tTFEzZGNHdDM2OW4ydy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljLzRDR2RXa3pZV0N4UE4tTFEzZGNHdDM2OW4ydy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjY2M0MyL0IzOTBFOUU4Qzc4MzExRUNCMTk4Mjg5NEYx
MjIyNDY4L0IzNDA2QzNFRTA2MzExRUU5REM5NjQ1Qjc3NTQxMkU2LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBAHEK2QwDQQCAAIwBwMFACAB
QrAwDQYJKoZIhvcNAQELBQADggEBAHKMDF2KFQcxMCoyx/q9mXW/rtJIoQ1iIzQy
8QIR/Q9uEDwyzjUtuZ2cC6YS/FmKw1SesJJyN8alhY5HsNLNbqYOc0RqEbKZoDD/
nr/GhV9lrVNHm9AHgYSmcxRE/pKA9JcLxEhXjKNp8nK475Fgex4Lf4d1V+E9wkMg
K0c1GULOIWVB0OYNiE3vjcdmVNrFBPkaCBTM4DV0CdqZGbcQiYyiLP8hBBLXfTBZ
Qzi/2+7JaGOgTDrT8DCOu9M3G3ce68W9ap9aeJpRoDfw6FgZi90IzJ+Eg7sK72lo
K8Xx3whKysezGGemvynzbaaWVOBm9X4d8NkAqe0jgtw5RnqbeTU=
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:03:41 2024 by rpki-client on console-ams.rpki-client.org