Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/BC8EC4D68C5E11EBB4E2C347F8AEA228.roa
File: BC8EC4D68C5E11EBB4E2C347F8AEA228.roa (raw, json)
Hash identifier: tN8jTaH3gpNwgiUQj5F3zKEemzyql3BFUQZOMcaNnBs=
Subject key identifier: 4F:62:49:6D:20:FB:D1:CD:FD:FC:94:26:A9:CC:1B:B9:09:62:A0:7F
Certificate issuer: /CN=F367B216AF/serialNumber=2F407FECD8B7DDDCA5D5B90A5E19589D06C101DC
Certificate serial: 3D
Authority key identifier: 2F:40:7F:EC:D8:B7:DD:DC:A5:D5:B9:0A:5E:19:58:9D:06:C1:01:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/L0B_7Ni33dyl1bkKXhlYnQbBAdw.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/BC8EC4D68C5E11EBB4E2C347F8AEA228.roa
Signing time: Wed 24 Mar 2021 05:06:49 +0000
ROA not before: Wed 24 Mar 2021 05:06:43 +0000
ROA not after: Mon 24 Mar 2031 05:06:43 +0000
asID: 10474
IP address blocks: 197.88.0.0/13 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/L0B_7Ni33dyl1bkKXhlYnQbBAdw.crl
rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/L0B_7Ni33dyl1bkKXhlYnQbBAdw.mft
rsync://rpki.afrinic.net/repository/afrinic/L0B_7Ni33dyl1bkKXhlYnQbBAdw.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 61 (0x3d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F367B216AF/serialNumber=2F407FECD8B7DDDCA5D5B90A5E19589D06C101DC
Validity
Not Before: Mar 24 05:06:43 2021 GMT
Not After : Mar 24 05:06:43 2031 GMT
Subject: CN=605ac8e9-c300
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:db:8f:b0:33:09:27:9f:15:4f:0e:59:71:16:
2c:07:75:13:c3:d1:7e:57:80:cd:f4:35:4a:03:a1:
98:ef:ba:28:58:21:1e:98:fd:c5:74:fe:dc:6b:ab:
16:84:68:2d:58:f5:9f:4a:13:ca:3d:d9:4f:88:c6:
4d:43:5d:67:52:4a:9f:b9:d2:be:9e:63:40:ff:d3:
73:68:18:d3:ee:08:84:78:ec:d1:da:bd:70:f8:88:
69:9c:4b:6d:79:c2:d3:6f:bc:29:ba:0e:71:e6:cc:
3f:4d:b8:d2:98:19:b7:fe:b4:bc:6f:db:7e:c9:40:
e7:af:ef:af:0e:83:e9:2e:5c:29:55:9b:af:38:ee:
a5:80:38:f5:6f:15:47:ea:0d:88:dd:a9:e6:51:71:
cc:64:c5:b1:f9:45:d6:ca:3d:60:bb:90:60:ea:39:
49:56:78:4b:62:3b:9f:6e:1b:c5:c1:9c:fb:28:6f:
2e:39:52:2d:4f:0c:81:80:21:b4:fd:77:00:d0:ee:
de:a3:28:f9:3f:f6:ff:28:b0:21:0f:e3:f5:ed:45:
03:79:8a:a9:c7:1a:b9:4d:40:ba:a4:f2:ef:aa:ec:
7e:55:70:c0:73:6e:1a:1b:b0:d5:0b:fc:a5:24:57:
dc:cf:2b:33:91:a1:4c:42:e9:13:88:04:03:09:3a:
84:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:62:49:6D:20:FB:D1:CD:FD:FC:94:26:A9:CC:1B:B9:09:62:A0:7F
X509v3 Authority Key Identifier:
keyid:2F:40:7F:EC:D8:B7:DD:DC:A5:D5:B9:0A:5E:19:58:9D:06:C1:01:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/L0B_7Ni33dyl1bkKXhlYnQbBAdw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/L0B_7Ni33dyl1bkKXhlYnQbBAdw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/BC8EC4D68C5E11EBB4E2C347F8AEA228.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
197.88.0.0/13
Signature Algorithm: sha256WithRSAEncryption
02:c6:44:e1:27:84:2c:95:10:14:2a:35:30:2b:19:7e:ca:77:
60:6a:31:db:e1:94:16:31:05:bb:0a:b9:67:98:6f:4a:cb:f4:
fa:76:ff:c6:91:94:e0:7a:ec:8c:61:86:8d:46:08:c1:fe:c1:
87:44:16:e4:7e:48:22:69:2b:ea:36:f0:9b:c8:9e:f3:f6:29:
aa:c3:4e:d6:6d:80:0a:33:30:a6:75:13:16:a9:de:e3:4a:a5:
19:e9:b5:4d:01:c4:ed:b3:d1:0e:1e:53:cf:13:44:51:17:05:
08:e5:f1:21:28:24:c5:7a:32:56:95:bc:f4:cd:6c:4a:ae:ba:
9a:97:d7:7e:d4:c8:43:fa:1d:17:5a:76:43:63:ea:50:a2:45:
cd:3d:1b:f7:79:9f:83:17:ab:b5:f9:e6:76:ae:ae:f7:64:e8:
35:67:11:0a:17:21:8f:5a:54:90:30:d5:98:cc:6a:0c:fc:f4:
26:09:6e:08:fb:8c:bf:78:03:43:d8:6e:11:07:82:0f:b3:07:
fe:2a:a0:04:da:f9:87:ea:d5:c5:97:17:a3:54:46:77:c0:da:
c1:f0:bd:e5:d5:14:2b:72:36:13:1f:e0:c9:bb:c2:ab:75:14:
29:27:aa:6c:a9:7e:97:30:68:d8:80:8b:9f:65:75:4a:b6:50:
79:b7:4b:7b
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIBPTANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY3
QjIxNkFGMTEwLwYDVQQFEygyRjQwN0ZFQ0Q4QjdERERDQTVENUI5MEE1RTE5NTg5
RDA2QzEwMURDMB4XDTIxMDMyNDA1MDY0M1oXDTMxMDMyNDA1MDY0M1owGDEWMBQG
A1UEAxMNNjA1YWM4ZTktYzMwMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALbbj7AzCSefFU8OWXEWLAd1E8PRfleAzfQ1SgOhmO+6KFghHpj9xXT+3Gur
FoRoLVj1n0oTyj3ZT4jGTUNdZ1JKn7nSvp5jQP/Tc2gY0+4IhHjs0dq9cPiIaZxL
bXnC02+8KboOcebMP0240pgZt/60vG/bfslA56/vrw6D6S5cKVWbrzjupYA49W8V
R+oNiN2p5lFxzGTFsflF1so9YLuQYOo5SVZ4S2I7n24bxcGc+yhvLjlSLU8MgYAh
tP13ANDu3qMo+T/2/yiwIQ/j9e1FA3mKqccauU1AuqTy76rsflVwwHNuGhuw1Qv8
pSRX3M8rM5GhTELpE4gEAwk6hJUCAwEAAaOCAqQwggKgMB0GA1UdDgQWBBRPYklt
IPvRzf38lCapzBu5CWKgfzAfBgNVHSMEGDAWgBQvQH/s2Lfd3KXVuQpeGVidBsEB
3DAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2N0IyMTYvMzZBQzBGOTY4N0Q1MTFFQkFBRkYzNDQ3RjhBRUEyMjgvTDBCXzdO
aTMzZHlsMWJrS1hobFluUWJCQWR3LmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvTDBCXzdOaTMzZHlsMWJrS1hobFluUWJCQWR3LmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2N0IyMTYvMzZBQzBGOTY4N0Q1MTFFQkFBRkYzNDQ3RjhB
RUEyMjgvQkM4RUM0RDY4QzVFMTFFQkI0RTJDMzQ3RjhBRUEyMjgucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDA8VYMA0GCSqGSIb3DQEBCwUA
A4IBAQACxkThJ4QslRAUKjUwKxl+yndgajHb4ZQWMQW7CrlnmG9Ky/T6dv/GkZTg
euyMYYaNRgjB/sGHRBbkfkgiaSvqNvCbyJ7z9imqw07WbYAKMzCmdRMWqd7jSqUZ
6bVNAcTts9EOHlPPE0RRFwUI5fEhKCTFejJWlbz0zWxKrrqal9d+1MhD+h0XWnZD
Y+pQokXNPRv3eZ+DF6u1+eZ2rq73ZOg1ZxEKFyGPWlSQMNWYzGoM/PQmCW4I+4y/
eAND2G4RB4IPswf+KqAE2vmH6tXFlxejVEZ3wNrB8L3l1RQrcjYTH+DJu8KrdRQp
J6psqX6XMGjYgIufZXVKtlB5t0t7
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:08:54 2024 by rpki-client on console-fra.rpki-client.org