Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36886B3/3535CA1AB8EF11EDA9B341DAF1222468/0E435AD2B90B11EDA524C7AEF1222468.roa
File: 0E435AD2B90B11EDA524C7AEF1222468.roa (raw, json)
Hash identifier: 3pi1Vkolg9TLskhvKL2ooaCwse7gRq1ZH74gOxNR6rE=
Subject key identifier: CD:96:3A:BD:72:86:B7:11:03:36:66:1B:27:51:DA:3D:BC:5D:08:4E
Certificate issuer: /CN=F36886B3AF/serialNumber=3D6ED905037C83C573780B0CCDC70D5D8CEF038B
Certificate serial: 1B
Authority key identifier: 3D:6E:D9:05:03:7C:83:C5:73:78:0B:0C:CD:C7:0D:5D:8C:EF:03:8B
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/PW7ZBQN8g8VzeAsMzccNXYzvA4s.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36886B3/3535CA1AB8EF11EDA9B341DAF1222468/0E435AD2B90B11EDA524C7AEF1222468.roa
Signing time: Thu 02 Mar 2023 15:01:05 +0000
ROA not before: Thu 02 Mar 2023 15:01:02 +0000
ROA not after: Fri 01 Mar 2030 15:01:02 +0000
asID: 33763
IP address blocks: 196.216.48.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36886B3/3535CA1AB8EF11EDA9B341DAF1222468/PW7ZBQN8g8VzeAsMzccNXYzvA4s.crl
rsync://rpki.afrinic.net/repository/member_repository/F36886B3/3535CA1AB8EF11EDA9B341DAF1222468/PW7ZBQN8g8VzeAsMzccNXYzvA4s.mft
rsync://rpki.afrinic.net/repository/afrinic/PW7ZBQN8g8VzeAsMzccNXYzvA4s.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 27 (0x1b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36886B3AF/serialNumber=3D6ED905037C83C573780B0CCDC70D5D8CEF038B
Validity
Not Before: Mar 2 15:01:02 2023 GMT
Not After : Mar 1 15:01:02 2030 GMT
Subject: CN=6400ba31-bc28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:31:05:43:05:e4:8d:01:a5:de:66:43:9a:e2:
00:00:d2:3a:3e:07:20:6e:1e:3d:69:24:e8:96:06:
74:f3:9e:fd:7d:4a:6d:7d:18:42:e0:ca:86:9a:b4:
12:c2:ae:61:32:d5:00:33:2c:7a:33:48:7e:05:82:
da:09:5d:7e:99:3f:d4:43:71:be:e7:a0:2f:27:6c:
7c:03:07:7c:1c:bc:12:2f:74:83:65:f7:e5:f9:ea:
ea:14:1f:0f:9a:be:95:c4:d0:66:47:ae:f0:ef:2e:
f3:13:c3:e8:c8:8b:e7:44:69:12:7e:46:26:44:89:
79:1b:7a:a5:01:14:95:ba:81:f8:e2:13:e7:94:ed:
d7:cb:38:44:6a:cf:b7:aa:95:2d:c8:3f:80:e0:42:
d6:41:8a:97:48:87:a6:c2:06:93:1d:c9:a0:2e:da:
31:9d:48:a0:98:f1:4b:2b:b6:19:98:e0:eb:a3:56:
2a:4e:c9:ad:62:1d:5b:4e:ae:47:e1:f0:0d:58:26:
ef:82:fa:4d:7c:84:53:ec:c8:1f:42:a2:1b:3b:d2:
b6:a2:d7:bb:98:76:11:4b:38:32:9d:82:57:cf:9f:
1f:1a:fc:f6:96:d4:df:c1:3a:b9:11:93:d6:8b:99:
61:ef:ee:53:8a:ef:5b:82:24:e8:7e:d7:65:6d:6c:
eb:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:96:3A:BD:72:86:B7:11:03:36:66:1B:27:51:DA:3D:BC:5D:08:4E
X509v3 Authority Key Identifier:
keyid:3D:6E:D9:05:03:7C:83:C5:73:78:0B:0C:CD:C7:0D:5D:8C:EF:03:8B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36886B3/3535CA1AB8EF11EDA9B341DAF1222468/PW7ZBQN8g8VzeAsMzccNXYzvA4s.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/PW7ZBQN8g8VzeAsMzccNXYzvA4s.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36886B3/3535CA1AB8EF11EDA9B341DAF1222468/0E435AD2B90B11EDA524C7AEF1222468.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
196.216.48.0/20
Signature Algorithm: sha256WithRSAEncryption
11:28:3b:d4:1d:29:39:2c:75:85:20:dd:e3:3d:2d:9c:b8:27:
43:84:fe:f1:df:e0:db:77:8a:0f:66:c8:6e:76:60:0e:e5:05:
f9:e2:a1:36:b1:0a:3f:53:e2:e4:f8:31:e2:47:cc:f5:c0:3b:
b7:c0:12:8d:38:af:ce:ee:8e:ce:d8:8a:60:e9:55:06:3f:bd:
19:1d:94:9e:49:50:87:99:77:6e:58:93:4e:88:2b:dd:1d:6e:
23:09:4d:a8:a8:33:fd:2b:95:3a:56:39:19:88:a3:7f:86:30:
d7:c6:e1:9c:b5:5d:09:2d:51:87:d4:59:c7:4d:a1:6b:ea:3f:
98:3a:79:b8:fc:54:18:b3:e5:fb:ef:7a:6d:f5:88:17:79:77:
9b:f6:ba:3a:c3:df:a9:4e:7a:37:2f:d0:96:a1:62:04:56:12:
d7:17:65:b0:13:f5:53:18:c7:e0:18:c7:35:a1:fb:5d:7a:7f:
d0:e3:f3:51:79:f2:db:18:4b:46:39:29:9f:45:0e:49:83:72:
6f:65:a4:a3:66:f9:63:1a:e2:8b:2d:24:08:64:49:95:32:4e:
f6:55:62:b1:b2:d9:86:c8:a9:20:8b:18:ae:4f:9d:7e:d8:9c:
b5:ef:11:b9:34:d2:d1:c5:d9:5d:e8:b5:ba:02:b5:60:b6:02:
9a:f9:78:2c
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBGzANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDDApGMzY4
ODZCM0FGMTEwLwYDVQQFEygzRDZFRDkwNTAzN0M4M0M1NzM3ODBCMENDREM3MEQ1
RDhDRUYwMzhCMB4XDTIzMDMwMjE1MDEwMloXDTMwMDMwMTE1MDEwMlowGDEWMBQG
A1UEAwwNNjQwMGJhMzEtYmMyODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL0xBUMF5I0Bpd5mQ5riAADSOj4HIG4ePWkk6JYGdPOe/X1KbX0YQuDKhpq0
EsKuYTLVADMsejNIfgWC2gldfpk/1ENxvuegLydsfAMHfBy8Ei90g2X35fnq6hQf
D5q+lcTQZkeu8O8u8xPD6MiL50RpEn5GJkSJeRt6pQEUlbqB+OIT55Tt18s4RGrP
t6qVLcg/gOBC1kGKl0iHpsIGkx3JoC7aMZ1IoJjxSyu2GZjg66NWKk7JrWIdW06u
R+HwDVgm74L6TXyEU+zIH0KiGzvStqLXu5h2EUs4Mp2CV8+fHxr89pbU38E6uRGT
1ouZYe/uU4rvW4Ik6H7XZW1s6+0CAwEAAaOCAqUwggKhMB0GA1UdDgQWBBTNljq9
coa3EQM2ZhsnUdo9vF0ITjAfBgNVHSMEGDAWgBQ9btkFA3yDxXN4CwzNxw1djO8D
izAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2ODg2QjMvMzUzNUNBMUFCOEVGMTFFREE5QjM0MURBRjEyMjI0NjgvUFc3WkJR
TjhnOFZ6ZUFzTXpjY05YWXp2QTRzLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvUFc3WkJRTjhnOFZ6ZUFzTXpjY05YWXp2QTRzLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2ODg2QjMvMzUzNUNBMUFCOEVGMTFFREE5QjM0MURBRjEy
MjI0NjgvMEU0MzVBRDJCOTBCMTFFREE1MjRDN0FFRjEyMjI0Njgucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBMTYMDANBgkqhkiG9w0BAQsF
AAOCAQEAESg71B0pOSx1hSDd4z0tnLgnQ4T+8d/g23eKD2bIbnZgDuUF+eKhNrEK
P1Pi5Pgx4kfM9cA7t8ASjTivzu6OztiKYOlVBj+9GR2UnklQh5l3bliTTogr3R1u
IwlNqKgz/SuVOlY5GYijf4Yw18bhnLVdCS1Rh9RZx02ha+o/mDp5uPxUGLPl++96
bfWIF3l3m/a6OsPfqU56Ny/QlqFiBFYS1xdlsBP1UxjH4BjHNaH7XXp/0OPzUXny
2xhLRjkpn0UOSYNyb2Wko2b5Yxriiy0kCGRJlTJO9lVisbLZhsipIIsYrk+dftic
te8RuTTS0cXZXei1ugK1YLYCmvl4LA==
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:03:47 2024 by rpki-client on console-ams.rpki-client.org