Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/701698608C6611EB8F97ED51F8AEA228.roa
File: 701698608C6611EB8F97ED51F8AEA228.roa (raw, json)
Hash identifier: 9vfAp3KTMT30C/8mgzGLIs5rCIc52PEDJizuREiG3tE=
Subject key identifier: 8B:2F:42:81:42:22:40:06:38:ED:BF:1E:4A:F3:8C:3D:E9:49:18:33
Certificate issuer: /CN=F367B216AF/serialNumber=2F407FECD8B7DDDCA5D5B90A5E19589D06C101DC
Certificate serial: 67
Authority key identifier: 2F:40:7F:EC:D8:B7:DD:DC:A5:D5:B9:0A:5E:19:58:9D:06:C1:01:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/L0B_7Ni33dyl1bkKXhlYnQbBAdw.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/701698608C6611EB8F97ED51F8AEA228.roa
Signing time: Wed 24 Mar 2021 06:01:56 +0000
ROA not before: Wed 24 Mar 2021 06:01:52 +0000
ROA not after: Mon 24 Mar 2031 06:01:52 +0000
asID: 10474
IP address blocks: 196.28.32.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/L0B_7Ni33dyl1bkKXhlYnQbBAdw.crl
rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/L0B_7Ni33dyl1bkKXhlYnQbBAdw.mft
rsync://rpki.afrinic.net/repository/afrinic/L0B_7Ni33dyl1bkKXhlYnQbBAdw.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 May 2024 00:04:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 103 (0x67)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F367B216AF/serialNumber=2F407FECD8B7DDDCA5D5B90A5E19589D06C101DC
Validity
Not Before: Mar 24 06:01:52 2021 GMT
Not After : Mar 24 06:01:52 2031 GMT
Subject: CN=605ad5d4-8b33
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:9b:ce:51:c7:ad:3f:a8:ea:68:fd:58:42:22:
16:7d:91:e5:29:dd:4b:ee:66:9c:71:2b:71:a2:23:
49:18:b4:9b:a1:75:a8:cf:87:14:38:76:f8:36:2e:
4a:bd:b1:03:0a:ac:84:82:5f:07:9b:ce:2e:de:cd:
74:54:de:27:09:40:d5:66:a1:6b:f5:62:6d:7b:11:
98:7c:21:01:e8:80:e9:5b:e8:fb:ba:33:45:5b:6b:
96:00:bb:2b:31:b2:6b:23:be:ae:fb:d7:f5:9a:09:
34:4f:f4:cc:c5:f0:b6:04:95:90:8d:4f:d0:1f:ef:
5f:2b:2f:47:f6:6f:60:91:e5:aa:0d:74:91:b7:0f:
43:49:46:76:10:6a:d8:aa:36:69:41:db:ef:28:a1:
73:40:c0:89:70:84:fc:83:06:d1:1d:d5:10:39:05:
64:19:83:6b:0b:aa:33:2f:4d:71:40:1d:49:cf:58:
15:0d:fd:89:6e:4b:41:29:7c:9c:36:82:4c:18:54:
c2:0a:88:c5:29:cc:38:bf:cd:0d:0b:ab:23:d0:5d:
55:7d:1d:eb:1f:40:77:96:39:28:90:25:c8:be:ac:
89:73:5a:17:03:c1:9a:76:a0:2e:a1:b8:a2:5c:55:
97:fa:42:80:a7:09:59:af:cc:25:a4:b1:f3:f0:e2:
03:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:2F:42:81:42:22:40:06:38:ED:BF:1E:4A:F3:8C:3D:E9:49:18:33
X509v3 Authority Key Identifier:
keyid:2F:40:7F:EC:D8:B7:DD:DC:A5:D5:B9:0A:5E:19:58:9D:06:C1:01:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/L0B_7Ni33dyl1bkKXhlYnQbBAdw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/L0B_7Ni33dyl1bkKXhlYnQbBAdw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/701698608C6611EB8F97ED51F8AEA228.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
196.28.32.0/20
Signature Algorithm: sha256WithRSAEncryption
ad:3a:e5:fd:87:20:d9:2c:ed:00:51:29:85:5c:34:25:42:7f:
d3:a0:dc:8e:b8:81:9c:60:ec:94:25:73:35:fd:14:9f:6c:4d:
1e:11:06:6a:91:80:90:b9:48:dd:14:e7:8c:70:54:e9:4a:67:
4a:4b:15:b5:ac:a5:73:af:10:c1:6c:38:e4:50:88:d9:36:03:
80:d6:95:e3:34:da:87:70:75:53:df:b0:3b:aa:9c:b2:69:5e:
cd:8a:58:59:0a:67:d6:58:ac:b6:b9:4e:8d:b6:80:2a:cc:0a:
1c:5f:f6:23:73:e2:ec:80:c4:15:5f:82:e5:ec:4b:a4:2f:b6:
cc:f3:65:23:73:fa:94:38:8b:e6:32:97:8e:5e:ae:1e:93:76:
c1:bb:f6:c5:3b:fe:95:3a:79:ae:22:2a:d1:37:6d:d4:f0:66:
87:f7:1c:38:25:e2:e7:18:43:b2:c5:aa:48:68:3a:95:af:d1:
08:c4:78:6f:c4:ef:9d:5f:ec:2a:d4:cd:73:4a:d6:3f:48:18:
66:5c:7e:70:1d:b3:b8:94:a4:77:84:df:86:1c:51:b3:27:44:
94:c0:2b:35:a9:36:ef:cb:34:38:8a:cb:68:36:4f:e2:c2:1b:
49:8c:e9:a3:a5:e1:2d:04:03:35:42:af:9e:48:b5:19:0b:8b:
23:a6:94:d2
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBZzANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY3
QjIxNkFGMTEwLwYDVQQFEygyRjQwN0ZFQ0Q4QjdERERDQTVENUI5MEE1RTE5NTg5
RDA2QzEwMURDMB4XDTIxMDMyNDA2MDE1MloXDTMxMDMyNDA2MDE1MlowGDEWMBQG
A1UEAxMNNjA1YWQ1ZDQtOGIzMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMybzlHHrT+o6mj9WEIiFn2R5SndS+5mnHErcaIjSRi0m6F1qM+HFDh2+DYu
Sr2xAwqshIJfB5vOLt7NdFTeJwlA1Waha/VibXsRmHwhAeiA6Vvo+7ozRVtrlgC7
KzGyayO+rvvX9ZoJNE/0zMXwtgSVkI1P0B/vXysvR/ZvYJHlqg10kbcPQ0lGdhBq
2Ko2aUHb7yihc0DAiXCE/IMG0R3VEDkFZBmDawuqMy9NcUAdSc9YFQ39iW5LQSl8
nDaCTBhUwgqIxSnMOL/NDQurI9BdVX0d6x9Ad5Y5KJAlyL6siXNaFwPBmnagLqG4
olxVl/pCgKcJWa/MJaSx8/DiAwMCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBSLL0KB
QiJABjjtvx5K84w96UkYMzAfBgNVHSMEGDAWgBQvQH/s2Lfd3KXVuQpeGVidBsEB
3DAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2N0IyMTYvMzZBQzBGOTY4N0Q1MTFFQkFBRkYzNDQ3RjhBRUEyMjgvTDBCXzdO
aTMzZHlsMWJrS1hobFluUWJCQWR3LmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvTDBCXzdOaTMzZHlsMWJrS1hobFluUWJCQWR3LmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2N0IyMTYvMzZBQzBGOTY4N0Q1MTFFQkFBRkYzNDQ3RjhB
RUEyMjgvNzAxNjk4NjA4QzY2MTFFQjhGOTdFRDUxRjhBRUEyMjgucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBMQcIDANBgkqhkiG9w0BAQsF
AAOCAQEArTrl/Ycg2SztAFEphVw0JUJ/06DcjriBnGDslCVzNf0Un2xNHhEGapGA
kLlI3RTnjHBU6UpnSksVtaylc68QwWw45FCI2TYDgNaV4zTah3B1U9+wO6qcsmle
zYpYWQpn1listrlOjbaAKswKHF/2I3Pi7IDEFV+C5exLpC+2zPNlI3P6lDiL5jKX
jl6uHpN2wbv2xTv+lTp5riIq0Tdt1PBmh/ccOCXi5xhDssWqSGg6la/RCMR4b8Tv
nV/sKtTNc0rWP0gYZlx+cB2zuJSkd4TfhhxRsydElMArNak278s0OIrLaDZP4sIb
SYzpo6XhLQQDNUKvnki1GQuLI6aU0g==
-----END CERTIFICATE-----
Generated at Sun May 19 02:39:31 2024 by rpki-client on console-fra.rpki-client.org