Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3668DF0/0DCD0F2AACB611EB999DC013F8AEA228/B513DD4EB12811EE845B43A3775412E6.roa
File: B513DD4EB12811EE845B43A3775412E6.roa (raw, json)
Hash identifier: 23iFyGrEDIoBPKpQ2K34ubdkhxpq5BHCXQKYTlSc7hU=
Subject key identifier: 2D:87:51:3E:02:FF:EC:F8:10:83:94:C8:19:DE:A9:07:21:BE:6D:5A
Certificate issuer: /CN=F3668DF0AF/serialNumber=7A85C90EA0A36626DB76D0818419717F5052A974
Certificate serial: 03F9
Authority key identifier: 7A:85:C9:0E:A0:A3:66:26:DB:76:D0:81:84:19:71:7F:50:52:A9:74
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/eoXJDqCjZibbdtCBhBlxf1BSqXQ.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3668DF0/0DCD0F2AACB611EB999DC013F8AEA228/B513DD4EB12811EE845B43A3775412E6.roa
Signing time: Fri 12 Jan 2024 08:58:09 +0000
ROA not before: Fri 12 Jan 2024 08:58:05 +0000
ROA not after: Fri 12 Jan 2029 08:58:05 +0000
asID: 36939
IP address blocks: 197.255.224.0/20 maxlen: 32
2c0f:f560::/32 maxlen: 128
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3668DF0/0DCD0F2AACB611EB999DC013F8AEA228/eoXJDqCjZibbdtCBhBlxf1BSqXQ.crl
rsync://rpki.afrinic.net/repository/member_repository/F3668DF0/0DCD0F2AACB611EB999DC013F8AEA228/eoXJDqCjZibbdtCBhBlxf1BSqXQ.mft
rsync://rpki.afrinic.net/repository/afrinic/eoXJDqCjZibbdtCBhBlxf1BSqXQ.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1017 (0x3f9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3668DF0AF/serialNumber=7A85C90EA0A36626DB76D0818419717F5052A974
Validity
Not Before: Jan 12 08:58:05 2024 GMT
Not After : Jan 12 08:58:05 2029 GMT
Subject: CN=65a0ff21-d8dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:11:7c:fa:62:d1:9f:47:53:62:91:1f:5c:42:
8f:26:cb:04:09:13:d3:20:12:87:1c:f2:db:48:07:
da:4e:31:93:6d:0b:e1:86:e2:ec:f6:85:de:3e:4b:
8d:74:f3:dc:7f:df:4f:91:2a:b5:09:22:b5:0f:43:
6c:6c:78:42:14:97:97:6e:2c:10:55:59:c0:39:89:
77:20:2a:60:80:a4:e0:9b:78:87:00:d7:34:9a:39:
87:15:ec:eb:7d:de:91:dd:16:b7:00:8b:dd:9c:0e:
28:96:be:ac:d6:76:db:9e:e0:fe:d7:1a:7d:cf:bd:
26:20:87:f8:b7:88:3f:1a:48:e4:5f:4d:ad:7f:72:
e7:d4:86:77:29:d7:94:a1:d2:52:68:f2:fb:3f:69:
61:4d:e1:28:64:37:fd:b0:ea:40:4d:2d:32:9e:2c:
0c:fc:bc:d7:00:bb:ec:98:30:70:4b:26:cd:3f:8d:
e9:cd:91:4a:81:b2:69:62:5c:8b:60:6f:98:f1:09:
36:b2:06:ad:d5:9e:cc:bc:15:2b:46:0e:6c:50:60:
0f:08:29:59:c0:46:01:e2:29:cb:1c:64:75:8f:c2:
73:01:6a:c2:a3:8e:36:f7:4c:fc:86:e2:8b:33:3b:
cd:a2:5e:3b:ff:aa:ae:eb:e1:38:4e:b0:7c:6a:1c:
2f:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:87:51:3E:02:FF:EC:F8:10:83:94:C8:19:DE:A9:07:21:BE:6D:5A
X509v3 Authority Key Identifier:
keyid:7A:85:C9:0E:A0:A3:66:26:DB:76:D0:81:84:19:71:7F:50:52:A9:74
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3668DF0/0DCD0F2AACB611EB999DC013F8AEA228/eoXJDqCjZibbdtCBhBlxf1BSqXQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/eoXJDqCjZibbdtCBhBlxf1BSqXQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3668DF0/0DCD0F2AACB611EB999DC013F8AEA228/B513DD4EB12811EE845B43A3775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
197.255.224.0/20
IPv6:
2c0f:f560::/32
Signature Algorithm: sha256WithRSAEncryption
07:db:bb:25:61:e0:4c:25:e0:93:0e:35:8f:ee:8e:ed:9d:7f:
b7:ba:f8:57:95:aa:b5:ab:04:25:c0:3f:09:00:9b:e8:dd:5e:
6b:5f:39:09:5b:f2:14:05:86:65:2d:f8:ea:32:c8:13:56:d6:
4f:56:57:54:a2:73:fd:c3:a9:32:7b:88:24:6a:f2:ba:87:fe:
d6:df:b7:6d:f4:7d:e8:28:82:ca:7a:52:68:5a:c1:74:7a:01:
fe:b2:5c:73:d5:69:0e:15:82:1e:5e:fe:3e:34:dc:e4:ba:d4:
6f:c5:16:3f:39:70:a8:49:5f:3f:17:8e:6e:23:59:0e:dc:3c:
ee:1f:37:64:7b:c6:f6:a9:d7:38:4d:1f:2f:16:1c:b7:be:02:
c0:c0:ec:5b:5a:b9:49:d1:3b:97:65:0a:d5:df:a9:d5:c8:72:
dd:2d:34:9e:11:73:e4:74:a6:7f:3c:d5:a9:8c:c9:25:7a:0e:
ce:43:bc:aa:53:ab:43:70:c3:f1:3e:d4:1a:2d:e2:f1:f1:d6:
4f:6c:60:1c:49:b4:f5:d8:ca:77:78:93:05:e6:2c:d0:18:fb:
25:57:5f:4b:45:fd:34:d0:69:7c:e4:f9:8d:7f:dc:2d:4c:6e:
8d:f8:a9:cd:cc:68:8f:3f:ac:9b:d8:91:17:15:9c:40:b2:99:
ed:45:e1:b5
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgICA/kwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
NjhERjBBRjExMC8GA1UEBRMoN0E4NUM5MEVBMEEzNjYyNkRCNzZEMDgxODQxOTcx
N0Y1MDUyQTk3NDAeFw0yNDAxMTIwODU4MDVaFw0yOTAxMTIwODU4MDVaMBgxFjAU
BgNVBAMTDTY1YTBmZjIxLWQ4ZGQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDGEXz6YtGfR1NikR9cQo8mywQJE9MgEocc8ttIB9pOMZNtC+GG4uz2hd4+
S41089x/30+RKrUJIrUPQ2xseEIUl5duLBBVWcA5iXcgKmCApOCbeIcA1zSaOYcV
7Ot93pHdFrcAi92cDiiWvqzWdtue4P7XGn3PvSYgh/i3iD8aSORfTa1/cufUhncp
15Sh0lJo8vs/aWFN4ShkN/2w6kBNLTKeLAz8vNcAu+yYMHBLJs0/jenNkUqBsmli
XItgb5jxCTayBq3Vnsy8FStGDmxQYA8IKVnARgHiKcscZHWPwnMBasKjjjb3TPyG
4oszO82iXjv/qq7r4ThOsHxqHC9/AgMBAAGjggK0MIICsDAdBgNVHQ4EFgQULYdR
PgL/7PgQg5TIGd6pByG+bVowHwYDVR0jBBgwFoAUeoXJDqCjZibbdtCBhBlxf1BS
qXQwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjY4REYwLzBEQ0QwRjJBQUNCNjExRUI5OTlEQzAxM0Y4QUVBMjI4L2VvWEpE
cUNqWmliYmR0Q0JoQmx4ZjFCU3FYUS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL2VvWEpEcUNqWmliYmR0Q0JoQmx4ZjFCU3FYUS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjY4REYwLzBEQ0QwRjJBQUNCNjExRUI5OTlEQzAxM0Y4
QUVBMjI4L0I1MTNERDRFQjEyODExRUU4NDVCNDNBMzc3NTQxMkU2LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBATF/+AwDQQCAAIwBwMFACwP
9WAwDQYJKoZIhvcNAQELBQADggEBAAfbuyVh4Ewl4JMONY/uju2df7e6+FeVqrWr
BCXAPwkAm+jdXmtfOQlb8hQFhmUt+OoyyBNW1k9WV1Sic/3DqTJ7iCRq8rqH/tbf
t230fegogsp6UmhawXR6Af6yXHPVaQ4Vgh5e/j403OS61G/FFj85cKhJXz8Xjm4j
WQ7cPO4fN2R7xvap1zhNHy8WHLe+AsDA7FtauUnRO5dlCtXfqdXIct0tNJ4Rc+R0
pn881amMySV6Ds5DvKpTq0Nww/E+1Bot4vHx1k9sYBxJtPXYynd4kwXmLNAY+yVX
X0tF/TTQaXzk+Y1/3C1Mbo34qc3MaI8/rJvYkRcVnECyme1F4bU=
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:03:41 2024 by rpki-client on console-ams.rpki-client.org