Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/29EB70C08C6D11EB98F6A659F8AEA228.roa
File: 29EB70C08C6D11EB98F6A659F8AEA228.roa (raw, json)
Hash identifier: RnvntS6cJCS4l7t3t+u1YY3gxc4qqc9Qa//AzBOYQxA=
Subject key identifier: D1:EB:86:38:9A:E6:C6:05:3A:FF:DF:B2:11:AD:D6:A3:E7:4F:F4:8F
Certificate issuer: /CN=F367B216AF/serialNumber=2F407FECD8B7DDDCA5D5B90A5E19589D06C101DC
Certificate serial: 7D
Authority key identifier: 2F:40:7F:EC:D8:B7:DD:DC:A5:D5:B9:0A:5E:19:58:9D:06:C1:01:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/L0B_7Ni33dyl1bkKXhlYnQbBAdw.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/29EB70C08C6D11EB98F6A659F8AEA228.roa
Signing time: Wed 24 Mar 2021 06:50:05 +0000
ROA not before: Wed 24 Mar 2021 06:49:58 +0000
ROA not after: Mon 24 Mar 2031 06:49:58 +0000
asID: 3741
IP address blocks: 197.94.28.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/L0B_7Ni33dyl1bkKXhlYnQbBAdw.crl
rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/L0B_7Ni33dyl1bkKXhlYnQbBAdw.mft
rsync://rpki.afrinic.net/repository/afrinic/L0B_7Ni33dyl1bkKXhlYnQbBAdw.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 125 (0x7d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F367B216AF/serialNumber=2F407FECD8B7DDDCA5D5B90A5E19589D06C101DC
Validity
Not Before: Mar 24 06:49:58 2021 GMT
Not After : Mar 24 06:49:58 2031 GMT
Subject: CN=605ae11d-5773
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:ff:25:dc:12:79:ec:b9:e6:ac:07:2c:5f:2c:
c6:8a:f6:98:c8:ec:68:6b:e5:69:89:e7:4a:26:4f:
ed:36:48:0d:46:91:41:29:cf:a1:b4:10:14:aa:e8:
6e:fd:ba:07:d8:83:ac:83:f3:96:58:62:8f:02:e4:
e8:21:12:44:28:df:c6:11:c3:1b:1f:ba:82:8a:1a:
2c:f9:04:cd:11:f3:fc:76:04:d2:be:30:42:92:22:
9d:09:64:c4:2d:c2:b1:8b:83:22:82:8b:03:a1:1e:
41:b3:0b:73:7c:0f:f4:a7:a3:8b:2b:b7:08:cf:41:
2f:9e:80:0c:e5:59:08:f6:26:fd:da:1d:6d:5f:43:
16:fd:44:fe:78:1e:b5:40:59:c4:cd:ad:3d:d2:9b:
5c:50:94:26:0f:4e:93:d3:23:c0:48:4b:67:b2:10:
c0:b8:93:25:f8:99:00:ff:21:9b:da:09:58:a1:6c:
6c:2f:fa:c0:10:b8:3f:fa:e3:71:b1:0a:22:a2:b4:
bc:d7:9c:41:ad:1d:0b:a5:f2:40:8b:a0:d1:43:07:
8d:73:80:21:f3:62:73:23:c7:33:e1:8c:a1:ec:c5:
24:36:46:8c:eb:86:89:11:2f:28:84:18:4b:2e:3b:
44:d2:e5:56:00:99:26:f1:1d:ec:0e:9c:92:0b:ef:
32:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:EB:86:38:9A:E6:C6:05:3A:FF:DF:B2:11:AD:D6:A3:E7:4F:F4:8F
X509v3 Authority Key Identifier:
keyid:2F:40:7F:EC:D8:B7:DD:DC:A5:D5:B9:0A:5E:19:58:9D:06:C1:01:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/L0B_7Ni33dyl1bkKXhlYnQbBAdw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/L0B_7Ni33dyl1bkKXhlYnQbBAdw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/29EB70C08C6D11EB98F6A659F8AEA228.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
197.94.28.0/22
Signature Algorithm: sha256WithRSAEncryption
8f:b1:a5:2c:06:11:45:0c:77:bb:d5:b0:b5:97:59:90:ff:76:
61:ae:96:9b:3e:16:49:6d:15:33:4a:69:65:c5:60:6e:66:a4:
d5:2d:48:77:b6:a3:a2:cc:c9:16:50:2b:29:55:0e:db:b7:8c:
fc:72:0a:6f:03:e1:81:4a:22:e3:44:1d:17:4b:de:3a:ae:15:
11:76:8b:32:25:d0:23:e2:9d:c3:30:84:a2:db:54:65:fe:38:
2a:0d:2b:b2:41:e3:5c:7e:b8:95:39:6a:9f:71:d7:4c:21:33:
c5:14:c2:98:c2:8b:d1:d3:24:d6:5f:0d:4b:bc:11:ef:19:6d:
92:77:b4:66:5e:1d:7d:e5:64:07:48:80:13:15:13:ac:7f:f2:
9c:40:c6:12:f9:fd:7c:44:5e:aa:41:92:e6:78:af:f7:0f:ae:
bf:39:7b:7b:c4:0b:29:e5:36:df:97:77:e1:b7:9a:e4:08:ed:
b1:bf:43:2d:f3:45:b6:51:44:e8:53:49:4b:b1:94:f3:1a:c9:
ad:b3:a5:54:13:54:4b:cd:14:08:b7:df:ca:1b:cf:fb:8c:7f:
a6:f9:e5:82:f2:c9:b1:0e:67:6a:51:c6:9f:03:a0:29:ac:90:
be:e1:b7:6b:49:55:35:9c:9e:8c:94:55:bb:a2:6b:b6:d6:52:
78:6d:0e:94
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBfTANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY3
QjIxNkFGMTEwLwYDVQQFEygyRjQwN0ZFQ0Q4QjdERERDQTVENUI5MEE1RTE5NTg5
RDA2QzEwMURDMB4XDTIxMDMyNDA2NDk1OFoXDTMxMDMyNDA2NDk1OFowGDEWMBQG
A1UEAxMNNjA1YWUxMWQtNTc3MzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALX/JdwSeey55qwHLF8sxor2mMjsaGvlaYnnSiZP7TZIDUaRQSnPobQQFKro
bv26B9iDrIPzllhijwLk6CESRCjfxhHDGx+6gooaLPkEzRHz/HYE0r4wQpIinQlk
xC3CsYuDIoKLA6EeQbMLc3wP9Kejiyu3CM9BL56ADOVZCPYm/dodbV9DFv1E/nge
tUBZxM2tPdKbXFCUJg9Ok9MjwEhLZ7IQwLiTJfiZAP8hm9oJWKFsbC/6wBC4P/rj
cbEKIqK0vNecQa0dC6XyQIug0UMHjXOAIfNicyPHM+GMoezFJDZGjOuGiREvKIQY
Sy47RNLlVgCZJvEd7A6ckgvvMl8CAwEAAaOCAqUwggKhMB0GA1UdDgQWBBTR64Y4
mubGBTr/37IRrdaj50/0jzAfBgNVHSMEGDAWgBQvQH/s2Lfd3KXVuQpeGVidBsEB
3DAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2N0IyMTYvMzZBQzBGOTY4N0Q1MTFFQkFBRkYzNDQ3RjhBRUEyMjgvTDBCXzdO
aTMzZHlsMWJrS1hobFluUWJCQWR3LmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvTDBCXzdOaTMzZHlsMWJrS1hobFluUWJCQWR3LmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2N0IyMTYvMzZBQzBGOTY4N0Q1MTFFQkFBRkYzNDQ3RjhB
RUEyMjgvMjlFQjcwQzA4QzZEMTFFQjk4RjZBNjU5RjhBRUEyMjgucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAsVeHDANBgkqhkiG9w0BAQsF
AAOCAQEAj7GlLAYRRQx3u9WwtZdZkP92Ya6Wmz4WSW0VM0ppZcVgbmak1S1Id7aj
oszJFlArKVUO27eM/HIKbwPhgUoi40QdF0veOq4VEXaLMiXQI+KdwzCEottUZf44
Kg0rskHjXH64lTlqn3HXTCEzxRTCmMKL0dMk1l8NS7wR7xltkne0Zl4dfeVkB0iA
ExUTrH/ynEDGEvn9fEReqkGS5niv9w+uvzl7e8QLKeU235d34bea5Ajtsb9DLfNF
tlFE6FNJS7GU8xrJrbOlVBNUS80UCLffyhvP+4x/pvnlgvLJsQ5nalHGnwOgKayQ
vuG3a0lVNZyejJRVu6JrttZSeG0OlA==
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:08:54 2024 by rpki-client on console-fra.rpki-client.org