Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/02A955968C6711EB8AA6B352F8AEA228.roa
File: 02A955968C6711EB8AA6B352F8AEA228.roa (raw, json)
Hash identifier: s1V5E/iejhATc5zPo9cbsKcKXxO0YncezLEUPpLIbjM=
Subject key identifier: 32:EF:E8:60:C6:29:E4:15:B2:69:39:27:76:37:0A:EC:C0:1F:7D:ED
Certificate issuer: /CN=F367B216AF/serialNumber=2F407FECD8B7DDDCA5D5B90A5E19589D06C101DC
Certificate serial: 6D
Authority key identifier: 2F:40:7F:EC:D8:B7:DD:DC:A5:D5:B9:0A:5E:19:58:9D:06:C1:01:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/L0B_7Ni33dyl1bkKXhlYnQbBAdw.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/02A955968C6711EB8AA6B352F8AEA228.roa
Signing time: Wed 24 Mar 2021 06:06:02 +0000
ROA not before: Wed 24 Mar 2021 06:05:56 +0000
ROA not after: Mon 24 Mar 2031 06:05:56 +0000
asID: 12258
IP address blocks: 196.2.32.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/L0B_7Ni33dyl1bkKXhlYnQbBAdw.crl
rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/L0B_7Ni33dyl1bkKXhlYnQbBAdw.mft
rsync://rpki.afrinic.net/repository/afrinic/L0B_7Ni33dyl1bkKXhlYnQbBAdw.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 109 (0x6d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F367B216AF/serialNumber=2F407FECD8B7DDDCA5D5B90A5E19589D06C101DC
Validity
Not Before: Mar 24 06:05:56 2021 GMT
Not After : Mar 24 06:05:56 2031 GMT
Subject: CN=605ad6ca-8846
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:1d:ad:0f:43:06:81:c2:cd:14:40:77:37:0d:
37:c2:cd:5c:15:9a:f0:8c:7f:57:1a:09:47:0c:31:
59:cd:ea:f4:94:87:6c:28:65:b2:57:52:86:8e:5a:
19:4f:37:98:39:93:a4:ba:81:cc:01:3f:d1:d2:93:
4e:fa:c7:03:21:0e:52:08:d2:3c:31:58:c6:f3:cc:
4f:e4:2a:62:50:7a:e9:f9:94:5e:55:a4:a9:45:1f:
78:b5:12:ed:b2:85:95:0e:71:51:91:23:3a:e2:9e:
48:c7:64:d9:8f:aa:b8:64:9e:5e:00:a1:90:f8:c4:
c9:29:3a:f1:ef:56:ef:67:36:cf:e6:a7:c4:db:a7:
1c:3e:73:47:3d:e1:75:a9:a3:58:a9:ba:28:fc:5f:
85:47:bd:e0:ff:16:08:a8:10:9f:a6:60:90:b1:9b:
80:c7:6c:66:9d:08:69:d2:12:93:16:3d:ea:31:a3:
14:e0:8f:d4:3e:27:8a:1a:8e:8c:34:bb:a0:7b:47:
e8:57:01:c1:97:ec:58:5f:6d:29:fd:bf:6f:8d:e7:
76:d4:fe:e1:62:01:0b:6a:fe:c1:9b:94:e8:28:ca:
58:f2:23:de:2b:c3:aa:30:ab:ee:a2:4e:d8:23:ab:
6e:da:1f:37:37:30:e9:67:7a:19:95:6a:97:51:9a:
79:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:EF:E8:60:C6:29:E4:15:B2:69:39:27:76:37:0A:EC:C0:1F:7D:ED
X509v3 Authority Key Identifier:
keyid:2F:40:7F:EC:D8:B7:DD:DC:A5:D5:B9:0A:5E:19:58:9D:06:C1:01:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/L0B_7Ni33dyl1bkKXhlYnQbBAdw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/L0B_7Ni33dyl1bkKXhlYnQbBAdw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/02A955968C6711EB8AA6B352F8AEA228.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
196.2.32.0/19
Signature Algorithm: sha256WithRSAEncryption
26:1d:f1:64:c1:1a:8c:c1:dc:6d:18:11:5b:71:b5:62:33:67:
2b:8b:c3:8d:72:f9:b4:e1:a4:0d:15:e8:b5:6a:35:0e:81:eb:
a4:4b:40:2d:c9:3e:6c:d2:ec:d3:e4:49:31:4c:9b:b9:6d:44:
c6:7e:7a:0f:4e:d0:9e:1d:5b:52:20:b1:a6:66:a1:9d:49:78:
0a:47:34:9a:24:6c:b2:36:f1:d7:7d:3e:71:67:76:1e:e3:ce:
63:0a:60:88:d5:6b:73:5e:21:86:e7:81:5c:70:2e:70:a2:b1:
fe:52:02:ae:61:84:f4:35:de:34:f5:df:f7:54:f7:a3:f5:33:
63:f0:46:ed:46:2e:04:34:bb:ef:77:af:6e:c1:18:25:52:2d:
58:68:13:f4:da:b1:a1:ec:3c:8f:15:1d:80:88:e5:9d:31:71:
60:d5:4b:34:51:b4:1a:c9:57:06:e7:ed:6f:db:3b:ed:1c:c2:
ff:e8:41:91:b2:43:bf:5e:7b:fd:a6:60:72:63:f8:67:da:9c:
9a:92:2a:c6:e7:a5:5f:e7:07:94:4b:e4:47:5c:94:a1:e8:fd:
fa:79:aa:a9:b9:ca:48:6d:66:5d:4f:96:2a:2c:70:37:e6:35:
69:f1:d1:b0:9d:7a:2c:bf:c0:92:17:50:74:6d:b8:05:9d:27:
50:0a:a2:0a
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBbTANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY3
QjIxNkFGMTEwLwYDVQQFEygyRjQwN0ZFQ0Q4QjdERERDQTVENUI5MEE1RTE5NTg5
RDA2QzEwMURDMB4XDTIxMDMyNDA2MDU1NloXDTMxMDMyNDA2MDU1NlowGDEWMBQG
A1UEAxMNNjA1YWQ2Y2EtODg0NjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM8drQ9DBoHCzRRAdzcNN8LNXBWa8Ix/VxoJRwwxWc3q9JSHbChlsldSho5a
GU83mDmTpLqBzAE/0dKTTvrHAyEOUgjSPDFYxvPMT+QqYlB66fmUXlWkqUUfeLUS
7bKFlQ5xUZEjOuKeSMdk2Y+quGSeXgChkPjEySk68e9W72c2z+anxNunHD5zRz3h
damjWKm6KPxfhUe94P8WCKgQn6ZgkLGbgMdsZp0IadISkxY96jGjFOCP1D4nihqO
jDS7oHtH6FcBwZfsWF9tKf2/b43ndtT+4WIBC2r+wZuU6CjKWPIj3ivDqjCr7qJO
2COrbtofNzcw6Wd6GZVql1Gaee0CAwEAAaOCAqUwggKhMB0GA1UdDgQWBBQy7+hg
xinkFbJpOSd2NwrswB997TAfBgNVHSMEGDAWgBQvQH/s2Lfd3KXVuQpeGVidBsEB
3DAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2N0IyMTYvMzZBQzBGOTY4N0Q1MTFFQkFBRkYzNDQ3RjhBRUEyMjgvTDBCXzdO
aTMzZHlsMWJrS1hobFluUWJCQWR3LmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvTDBCXzdOaTMzZHlsMWJrS1hobFluUWJCQWR3LmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2N0IyMTYvMzZBQzBGOTY4N0Q1MTFFQkFBRkYzNDQ3RjhB
RUEyMjgvMDJBOTU1OTY4QzY3MTFFQjhBQTZCMzUyRjhBRUEyMjgucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBcQCIDANBgkqhkiG9w0BAQsF
AAOCAQEAJh3xZMEajMHcbRgRW3G1YjNnK4vDjXL5tOGkDRXotWo1DoHrpEtALck+
bNLs0+RJMUybuW1Exn56D07Qnh1bUiCxpmahnUl4Ckc0miRssjbx130+cWd2HuPO
YwpgiNVrc14hhueBXHAucKKx/lICrmGE9DXeNPXf91T3o/UzY/BG7UYuBDS773ev
bsEYJVItWGgT9Nqxoew8jxUdgIjlnTFxYNVLNFG0GslXBuftb9s77RzC/+hBkbJD
v157/aZgcmP4Z9qcmpIqxuelX+cHlEvkR1yUoej9+nmqqbnKSG1mXU+WKixwN+Y1
afHRsJ16LL/AkhdQdG24BZ0nUAqiCg==
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:03:44 2024 by rpki-client on console-ams.rpki-client.org