Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/36E1EB1CA7ED11EE985B3AC7775412E6.roa
File: 36E1EB1CA7ED11EE985B3AC7775412E6.roa (raw, json)
Hash identifier: qQcsjx5VC/YsyArNQ6dMBJO5Vn7qvlQ0rAcPfIchm5c=
Subject key identifier: 53:11:CB:17:6C:50:9F:A2:27:6C:47:2C:97:BE:A9:04:00:29:72:F8
Certificate issuer: /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial: 1432
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/36E1EB1CA7ED11EE985B3AC7775412E6.roa
Signing time: Sun 31 Dec 2023 14:59:37 +0000
ROA not before: Sun 31 Dec 2023 14:59:33 +0000
ROA not after: Wed 29 Jan 2025 14:59:33 +0000
asID: 20473
IP address blocks: 154.16.86.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 08:48:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5170 (0x1432)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Validity
Not Before: Dec 31 14:59:33 2023 GMT
Not After : Jan 29 14:59:33 2025 GMT
Subject: CN=659181d8-ad3d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:15:5e:6a:37:ba:cb:76:16:5f:30:00:6d:f6:
93:c9:e2:6b:6d:e0:8b:e3:68:b8:04:e3:90:bb:51:
17:c1:b4:99:de:84:a7:9b:a6:3f:69:0f:56:c6:e0:
b4:5e:51:a3:8e:31:53:3f:fb:ec:0b:c4:77:4f:6b:
09:5a:16:f2:bc:dc:f8:68:e2:75:5a:03:12:ca:84:
ce:79:6e:dd:f8:82:1e:3a:01:86:3a:fd:01:3c:fd:
e8:eb:a4:61:3b:60:ba:5f:ab:25:89:2a:20:67:b1:
0a:17:b5:0c:12:22:72:ad:4d:80:b9:32:a5:dc:4a:
87:72:ad:9f:eb:47:65:12:1c:c8:ef:1f:94:7d:8c:
e6:b7:2c:d8:05:9b:5d:4d:5a:1f:de:b9:62:a2:10:
e0:c1:a2:08:39:8d:73:54:f0:0e:01:fb:44:84:af:
6d:ec:94:70:a3:9c:f1:3a:10:b5:4b:06:72:db:c1:
40:b1:c2:4c:57:55:7f:22:5e:91:f8:d0:bd:a3:d3:
bf:38:48:46:f3:55:98:ae:cb:91:fc:0a:eb:0a:83:
11:83:fa:59:3d:5c:9e:dd:d8:2d:4e:9a:58:05:0d:
27:f4:db:82:d9:65:63:04:16:a4:71:56:21:51:1a:
4a:3a:4b:a8:2e:1b:f7:27:93:93:d6:8b:d3:cb:9f:
5e:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:11:CB:17:6C:50:9F:A2:27:6C:47:2C:97:BE:A9:04:00:29:72:F8
X509v3 Authority Key Identifier:
keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/36E1EB1CA7ED11EE985B3AC7775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.16.86.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:62:5e:5d:ca:9c:b5:e3:8d:af:fb:c4:54:a6:16:73:d3:0f:
4b:21:e0:01:15:65:50:1c:71:67:b6:85:9d:d7:10:4a:a2:e0:
1c:79:d7:15:72:71:00:c9:da:82:a3:84:94:97:3d:6a:4d:ae:
db:07:b5:89:10:bd:fd:7f:b7:85:5e:26:fb:80:63:be:76:9e:
7d:23:c3:b3:74:9f:3d:db:63:f1:43:77:d7:a1:f0:c1:b0:d2:
63:93:3b:6b:44:f5:30:5d:ca:e8:07:bb:dd:35:67:42:a3:da:
27:ea:79:0f:2f:b3:70:71:36:7b:78:30:32:f5:17:62:1a:fe:
ab:ae:ef:b4:6f:3f:ed:ce:d4:5a:02:d2:b1:3d:d4:f3:0f:bf:
53:d3:70:ec:7c:f3:7b:0c:1d:8e:34:61:f8:7e:02:01:8c:20:
5c:a7:02:66:88:0a:3e:d5:37:fc:f5:e4:c4:d1:1a:ed:ee:d4:
b8:38:2e:e2:ee:42:61:b7:6e:ff:32:b3:93:94:26:27:8a:27:
58:27:0e:dc:0e:46:38:4b:40:02:b1:25:1d:d4:0c:a3:a5:fa:
d2:8c:f3:05:50:db:4b:d4:69:a6:0f:0b:62:d9:be:df:4b:d1:
fc:78:ce:fa:95:de:23:a1:44:81:4d:bc:9c:cf:9e:2d:57:04:
cd:d6:87:60
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICFDIwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMzEyMzExNDU5MzNaFw0yNTAxMjkxNDU5MzNaMBgxFjAU
BgNVBAMTDTY1OTE4MWQ4LWFkM2QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDwFV5qN7rLdhZfMABt9pPJ4mtt4IvjaLgE45C7URfBtJnehKebpj9pD1bG
4LReUaOOMVM/++wLxHdPawlaFvK83Pho4nVaAxLKhM55bt34gh46AYY6/QE8/ejr
pGE7YLpfqyWJKiBnsQoXtQwSInKtTYC5MqXcSodyrZ/rR2USHMjvH5R9jOa3LNgF
m11NWh/euWKiEODBogg5jXNU8A4B+0SEr23slHCjnPE6ELVLBnLbwUCxwkxXVX8i
XpH40L2j0784SEbzVZiuy5H8CusKgxGD+lk9XJ7d2C1OmlgFDSf024LZZWMEFqRx
ViFRGko6S6guG/cnk5PWi9PLn17JAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUUxHL
F2xQn6InbEcsl76pBAApcvgwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzM2RTFFQjFDQTdFRDExRUU5ODVCM0FDNzc3NTQxMkU2LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEFYwDQYJKoZIhvcNAQEL
BQADggEBAJtiXl3KnLXjja/7xFSmFnPTD0sh4AEVZVAccWe2hZ3XEEqi4Bx51xVy
cQDJ2oKjhJSXPWpNrtsHtYkQvf1/t4VeJvuAY752nn0jw7N0nz3bY/FDd9eh8MGw
0mOTO2tE9TBdyugHu901Z0Kj2ifqeQ8vs3BxNnt4MDL1F2Ia/quu77RvP+3O1FoC
0rE91PMPv1PTcOx883sMHY40Yfh+AgGMIFynAmaICj7VN/z15MTRGu3u1Lg4LuLu
QmG3bv8ys5OUJieKJ1gnDtwORjhLQAKxJR3UDKOl+tKM8wVQ20vUaaYPC2LZvt9L
0fx4zvqV3iOhRIFNvJzPni1XBM3Wh2A=
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:09:23 2024 by rpki-client on console-ams.rpki-client.org