Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F366A8BF/DCA1C652A38D11EF92613781762E951A/0C2C5B02A38F11EF9EE69A89762E951A.roa
File: 0C2C5B02A38F11EF9EE69A89762E951A.roa (raw, json)
Hash identifier: ECtKxH32G5BPQeuP9KuP/2ILf6so8Vog6XvAyzLxNpo=
Subject key identifier: 50:36:B9:07:88:2A:7A:C5:E6:F4:74:B8:0E:80:A4:16:EE:3E:D6:AC
Certificate issuer: /CN=F366A8BFAF/serialNumber=DBBB672EDD07E05E45CC02855B01C813BE715E81
Certificate serial: 02
Authority key identifier: DB:BB:67:2E:DD:07:E0:5E:45:CC:02:85:5B:01:C8:13:BE:71:5E:81
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/27tnLt0H4F5FzAKFWwHIE75xXoE.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F366A8BF/DCA1C652A38D11EF92613781762E951A/0C2C5B02A38F11EF9EE69A89762E951A.roa
Signing time: Fri 15 Nov 2024 20:20:25 +0000
ROA not before: Fri 15 Nov 2024 20:20:21 +0000
ROA not after: Wed 15 Nov 2034 20:20:21 +0000
asID: 37399
IP address blocks: 196.216.192.0/22 maxlen: 24
2001:43f8:bc0::/48 maxlen: 64
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F366A8BF/DCA1C652A38D11EF92613781762E951A/27tnLt0H4F5FzAKFWwHIE75xXoE.crl
rsync://rpki.afrinic.net/repository/member_repository/F366A8BF/DCA1C652A38D11EF92613781762E951A/27tnLt0H4F5FzAKFWwHIE75xXoE.mft
rsync://rpki.afrinic.net/repository/afrinic/27tnLt0H4F5FzAKFWwHIE75xXoE.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F366A8BFAF/serialNumber=DBBB672EDD07E05E45CC02855B01C813BE715E81
Validity
Not Before: Nov 15 20:20:21 2024 GMT
Not After : Nov 15 20:20:21 2034 GMT
Subject: CN=6737ad09-38a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:66:cf:fd:e7:b4:bf:57:bc:7f:2d:99:dc:d3:
18:c5:d2:c6:93:98:b5:31:a9:84:b8:32:1e:88:07:
d5:5e:e8:92:aa:9a:72:96:e8:7d:37:34:d5:e5:12:
79:98:fa:c5:4c:95:48:9d:22:0f:49:bb:e1:12:99:
db:9d:10:34:68:33:92:d5:fe:29:0b:65:5e:9b:b6:
ab:c5:b7:ea:6e:a1:ee:b0:5e:f6:90:e4:f1:85:ad:
f7:06:53:8d:d0:43:87:f1:86:d4:ef:1d:b7:99:06:
4e:1f:cd:b6:bf:b4:64:fc:c9:79:d1:15:06:88:31:
ce:08:12:1a:df:1b:b5:f3:68:bc:87:cb:03:1d:e3:
0f:9a:d8:c4:ef:d9:b4:1b:1c:ac:b7:c5:c5:3b:50:
f9:6b:dc:ef:e2:5c:b7:cd:7b:18:62:5f:88:d7:ce:
50:cd:ce:b8:db:bd:f4:2d:e9:d7:c8:38:d9:13:6d:
b7:24:33:13:5d:4c:cf:1e:33:89:24:ee:65:4a:4f:
0b:76:c4:a9:cf:ef:58:08:22:3c:1d:93:6a:b4:12:
9b:6f:40:00:a0:c6:94:54:ef:b4:23:71:ed:b3:e2:
f8:09:b7:c4:76:fd:5d:a9:7a:3c:a8:e1:bd:8b:79:
7c:49:92:03:fb:43:27:da:58:ff:83:10:a2:1f:2c:
1c:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:36:B9:07:88:2A:7A:C5:E6:F4:74:B8:0E:80:A4:16:EE:3E:D6:AC
X509v3 Authority Key Identifier:
keyid:DB:BB:67:2E:DD:07:E0:5E:45:CC:02:85:5B:01:C8:13:BE:71:5E:81
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F366A8BF/DCA1C652A38D11EF92613781762E951A/27tnLt0H4F5FzAKFWwHIE75xXoE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/27tnLt0H4F5FzAKFWwHIE75xXoE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F366A8BF/DCA1C652A38D11EF92613781762E951A/0C2C5B02A38F11EF9EE69A89762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
196.216.192.0/22
IPv6:
2001:43f8:bc0::/48
Signature Algorithm: sha256WithRSAEncryption
4a:16:d2:1e:58:64:bb:a9:1a:1d:60:58:c7:e9:f1:7b:30:6f:
fe:0e:94:51:78:6c:b4:1d:55:f9:49:ae:12:c3:35:ba:ef:c0:
ce:4b:44:76:3b:0c:2a:80:af:2e:21:c4:e2:9e:35:e7:cd:8c:
67:cd:d2:d3:e8:cb:76:61:a9:3f:3e:85:6a:b1:96:2e:fc:9b:
81:fc:75:54:45:e3:88:ee:c5:ca:ff:09:c8:22:51:a8:b6:a5:
9c:cb:9d:57:fd:86:85:19:3c:50:38:8b:c4:65:9e:19:03:9d:
13:e2:11:99:0f:88:32:d8:b0:e3:6d:8d:14:36:39:cf:92:f1:
33:f0:cd:ee:7f:e2:0f:5b:dc:93:cd:da:84:80:b5:cd:9e:da:
dc:1d:18:5d:33:81:51:d2:1c:d9:e2:b7:85:35:ae:55:51:5d:
a2:e4:73:c2:5f:dc:f6:09:d6:c1:b1:af:54:ea:19:ee:d8:ce:
0c:a4:55:8b:93:5d:1e:89:35:d3:b2:41:74:a7:17:77:b4:14:
fb:34:0a:77:7a:13:9b:cc:3c:1b:7b:cf:e1:ed:1d:c5:61:fd:
ee:10:b4:a6:69:c6:3f:5c:c7:e5:25:bb:db:4c:52:aa:18:9d:
42:d9:a6:83:6e:a5:28:45:fe:6a:77:1a:06:dc:86:78:d5:fc:
d5:bf:cf:4e
-----BEGIN CERTIFICATE-----
MIIFkzCCBHugAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY2
QThCRkFGMTEwLwYDVQQFEyhEQkJCNjcyRUREMDdFMDVFNDVDQzAyODU1QjAxQzgx
M0JFNzE1RTgxMB4XDTI0MTExNTIwMjAyMVoXDTM0MTExNTIwMjAyMVowGDEWMBQG
A1UEAxMNNjczN2FkMDktMzhhNTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANdmz/3ntL9XvH8tmdzTGMXSxpOYtTGphLgyHogH1V7okqqacpbofTc01eUS
eZj6xUyVSJ0iD0m74RKZ250QNGgzktX+KQtlXpu2q8W36m6h7rBe9pDk8YWt9wZT
jdBDh/GG1O8dt5kGTh/Ntr+0ZPzJedEVBogxzggSGt8btfNovIfLAx3jD5rYxO/Z
tBscrLfFxTtQ+Wvc7+Jct817GGJfiNfOUM3OuNu99C3p18g42RNttyQzE11Mzx4z
iSTuZUpPC3bEqc/vWAgiPB2TarQSm29AAKDGlFTvtCNx7bPi+Am3xHb9Xal6PKjh
vYt5fEmSA/tDJ9pY/4MQoh8sHFkCAwEAAaOCArYwggKyMB0GA1UdDgQWBBRQNrkH
iCp6xeb0dLgOgKQW7j7WrDAfBgNVHSMEGDAWgBTbu2cu3QfgXkXMAoVbAcgTvnFe
gTAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NkE4QkYvRENBMUM2NTJBMzhEMTFFRjkyNjEzNzgxNzYyRTk1MUEvMjd0bkx0
MEg0RjVGekFLRld3SElFNzV4WG9FLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvMjd0bkx0MEg0RjVGekFLRld3SElFNzV4WG9FLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2NkE4QkYvRENBMUM2NTJBMzhEMTFFRjkyNjEzNzgxNzYy
RTk1MUEvMEMyQzVCMDJBMzhGMTFFRjlFRTY5QTg5NzYyRTk1MUEucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAwBggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEAsTYwDAPBAIAAjAJAwcAIAFD
+AvAMA0GCSqGSIb3DQEBCwUAA4IBAQBKFtIeWGS7qRodYFjH6fF7MG/+DpRReGy0
HVX5Sa4SwzW678DOS0R2OwwqgK8uIcTinjXnzYxnzdLT6Mt2Yak/PoVqsZYu/JuB
/HVUReOI7sXK/wnIIlGotqWcy51X/YaFGTxQOIvEZZ4ZA50T4hGZD4gy2LDjbY0U
NjnPkvEz8M3uf+IPW9yTzdqEgLXNntrcHRhdM4FR0hzZ4reFNa5VUV2i5HPCX9z2
CdbBsa9U6hnu2M4MpFWLk10eiTXTskF0pxd3tBT7NAp3ehObzDwbe8/h7R3FYf3u
ELSmacY/XMflJbvbTFKqGJ1C2aaDbqUoRf5qdxoG3IZ41fzVv89O
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:52:55 2024 by rpki-client on console-fra.rpki-client.org