Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3681ED0/5251C078CE2411EDA092D0ACF1222468/F8481206047B11EE91F2EF354AD9E6FC.roa
File: F8481206047B11EE91F2EF354AD9E6FC.roa (raw, json)
Hash identifier: jtUAjy0+9QV2iQ02jzkoPCkRiaIb/F60j3I68U9pgH4=
Subject key identifier: 15:95:C7:CF:3E:C7:D9:F8:78:E0:E6:7E:B7:D5:A8:1F:33:05:D0:E2
Certificate issuer: /CN=F3681ED0AF/serialNumber=4A83F31B1B0604CA6D0B72A453DAA3EB587B4C82
Certificate serial: 4C
Authority key identifier: 4A:83:F3:1B:1B:06:04:CA:6D:0B:72:A4:53:DA:A3:EB:58:7B:4C:82
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/SoPzGxsGBMptC3KkU9qj61h7TII.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3681ED0/5251C078CE2411EDA092D0ACF1222468/F8481206047B11EE91F2EF354AD9E6FC.roa
Signing time: Tue 06 Jun 2023 15:08:19 +0000
ROA not before: Tue 06 Jun 2023 15:08:15 +0000
ROA not after: Thu 06 Jun 2030 15:08:15 +0000
asID: 30986
IP address blocks: 154.160.0.0/12 maxlen: 12
154.160.0.0/20 maxlen: 24
154.160.16.0/20 maxlen: 24
2c0f:f7c0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3681ED0/5251C078CE2411EDA092D0ACF1222468/SoPzGxsGBMptC3KkU9qj61h7TII.crl
rsync://rpki.afrinic.net/repository/member_repository/F3681ED0/5251C078CE2411EDA092D0ACF1222468/SoPzGxsGBMptC3KkU9qj61h7TII.mft
rsync://rpki.afrinic.net/repository/afrinic/SoPzGxsGBMptC3KkU9qj61h7TII.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 04 Jun 2024 00:04:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 76 (0x4c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3681ED0AF/serialNumber=4A83F31B1B0604CA6D0B72A453DAA3EB587B4C82
Validity
Not Before: Jun 6 15:08:15 2023 GMT
Not After : Jun 6 15:08:15 2030 GMT
Subject: CN=647f4be3-1ce2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:63:fa:82:e1:da:2c:a2:bb:84:eb:c9:3d:33:
21:3d:30:28:7f:ca:5d:0d:8b:7f:a2:9d:12:e8:e5:
79:c5:cd:d4:c5:e7:8e:ad:23:c3:ca:ae:6b:06:c3:
66:15:9b:fc:d2:25:4c:c1:d6:b0:28:79:0f:6d:13:
5d:ad:ae:b0:01:75:b4:1b:81:76:9e:ef:70:ca:d6:
ec:42:6c:37:37:54:95:d9:d0:f2:e9:a5:8c:bd:71:
7b:f1:2d:8f:7a:d1:b8:23:56:45:32:90:2f:45:2f:
8f:8d:5f:77:f6:89:c8:75:5a:d9:d9:4d:fd:3b:f7:
3b:0b:82:04:88:43:69:b2:84:a1:d0:2d:ba:09:ab:
db:9d:d0:7b:0b:13:1e:35:8f:b7:44:8a:33:9c:65:
c0:ac:ec:04:46:41:a7:b6:56:d0:96:81:00:bd:d8:
33:a8:38:02:08:ab:f0:7c:2a:58:1f:0b:9a:0b:45:
35:d5:40:ae:94:01:52:3a:68:cd:fe:9e:d0:cb:94:
f2:6a:d3:53:1c:b7:27:1b:93:94:44:37:23:8e:3a:
dc:5e:c1:45:ef:68:ba:cb:b9:25:be:81:73:d1:b6:
43:f9:33:39:c4:39:e4:d1:8e:6a:55:1a:f4:d4:bd:
a0:0c:db:64:0a:ae:ae:38:a2:be:e8:fe:59:bb:8b:
73:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:95:C7:CF:3E:C7:D9:F8:78:E0:E6:7E:B7:D5:A8:1F:33:05:D0:E2
X509v3 Authority Key Identifier:
keyid:4A:83:F3:1B:1B:06:04:CA:6D:0B:72:A4:53:DA:A3:EB:58:7B:4C:82
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3681ED0/5251C078CE2411EDA092D0ACF1222468/SoPzGxsGBMptC3KkU9qj61h7TII.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/SoPzGxsGBMptC3KkU9qj61h7TII.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3681ED0/5251C078CE2411EDA092D0ACF1222468/F8481206047B11EE91F2EF354AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.160.0.0/12
IPv6:
2c0f:f7c0::/32
Signature Algorithm: sha256WithRSAEncryption
6c:c4:9d:11:56:8f:1d:b3:90:80:df:89:d7:ea:bf:f7:f8:87:
6c:c5:3a:ed:f8:70:6d:57:94:52:1f:12:d7:55:07:46:86:04:
5d:33:fe:c2:d9:04:8a:a3:84:c6:9f:87:3f:d2:87:17:82:4c:
b2:84:3c:32:2e:db:c4:56:b8:9a:e6:52:74:c5:ce:b8:11:ae:
be:8d:f1:c3:74:13:36:89:be:20:e6:c3:b0:8e:59:cb:27:0d:
c3:85:8a:70:74:bb:a5:78:61:36:c6:16:94:0b:7f:5d:9c:21:
01:51:3b:91:9a:a3:ee:b7:83:84:de:a9:a0:de:91:7b:69:2c:
22:8e:73:62:5d:34:39:70:c8:f1:a6:4a:84:77:9e:95:2a:2d:
ed:e5:c4:51:6b:52:96:92:55:d6:26:e6:28:fb:11:f3:58:88:
90:f0:5c:fa:3b:25:56:59:73:fa:05:d2:af:cd:2f:78:d5:27:
33:c3:c9:78:6c:bf:20:40:a2:52:d7:12:a5:a8:da:a7:85:cb:
cd:e1:24:b1:0f:26:8e:5c:a4:e6:2f:39:e4:cd:e0:bd:42:b8:
a1:5e:3c:31:61:55:2c:ba:bf:3c:07:ab:5a:5e:7c:eb:69:2c:
0b:71:3c:ab:5b:ae:b8:ae:fc:f9:b1:91:b7:b5:13:76:1d:38:
46:06:db:af
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgIBTDANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDDApGMzY4
MUVEMEFGMTEwLwYDVQQFEyg0QTgzRjMxQjFCMDYwNENBNkQwQjcyQTQ1M0RBQTNF
QjU4N0I0QzgyMB4XDTIzMDYwNjE1MDgxNVoXDTMwMDYwNjE1MDgxNVowGDEWMBQG
A1UEAxMNNjQ3ZjRiZTMtMWNlMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMVj+oLh2iyiu4TryT0zIT0wKH/KXQ2Lf6KdEujlecXN1MXnjq0jw8quawbD
ZhWb/NIlTMHWsCh5D20TXa2usAF1tBuBdp7vcMrW7EJsNzdUldnQ8umljL1xe/Et
j3rRuCNWRTKQL0Uvj41fd/aJyHVa2dlN/Tv3OwuCBIhDabKEodAtugmr253QewsT
HjWPt0SKM5xlwKzsBEZBp7ZW0JaBAL3YM6g4Agir8HwqWB8LmgtFNdVArpQBUjpo
zf6e0MuU8mrTUxy3JxuTlEQ3I4463F7BRe9ousu5Jb6Bc9G2Q/kzOcQ55NGOalUa
9NS9oAzbZAqurjiivuj+WbuLc6sCAwEAAaOCArMwggKvMB0GA1UdDgQWBBQVlcfP
PsfZ+Hjg5n631agfMwXQ4jAfBgNVHSMEGDAWgBRKg/MbGwYEym0LcqRT2qPrWHtM
gjAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2ODFFRDAvNTI1MUMwNzhDRTI0MTFFREEwOTJEMEFDRjEyMjI0NjgvU29Qekd4
c0dCTXB0QzNLa1U5cWo2MWg3VElJLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvU29Qekd4c0dCTXB0QzNLa1U5cWo2MWg3VElJLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2ODFFRDAvNTI1MUMwNzhDRTI0MTFFREEwOTJEMEFDRjEy
MjI0NjgvRjg0ODEyMDYwNDdCMTFFRTkxRjJFRjM1NEFEOUU2RkMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAtBggrBgEFBQcBBwEB/wQeMBwwCwQCAAEwBQMDBJqgMA0EAgACMAcDBQAsD/fA
MA0GCSqGSIb3DQEBCwUAA4IBAQBsxJ0RVo8ds5CA34nX6r/3+IdsxTrt+HBtV5RS
HxLXVQdGhgRdM/7C2QSKo4TGn4c/0ocXgkyyhDwyLtvEVria5lJ0xc64Ea6+jfHD
dBM2ib4g5sOwjlnLJw3DhYpwdLuleGE2xhaUC39dnCEBUTuRmqPut4OE3qmg3pF7
aSwijnNiXTQ5cMjxpkqEd56VKi3t5cRRa1KWklXWJuYo+xHzWIiQ8Fz6OyVWWXP6
BdKvzS941Sczw8l4bL8gQKJS1xKlqNqnhcvN4SSxDyaOXKTmLznkzeC9QrihXjwx
YVUsur88B6taXnzraSwLcTyrW664rvz5sZG3tRN2HThGBtuv
-----END CERTIFICATE-----
Generated at Sun Jun 2 03:35:34 2024 by rpki-client on console-fra.rpki-client.org