Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36886B3/3535CA1AB8EF11EDA9B341DAF1222468/17ABBADAB90E11ED91A064B7F1222468.roa
File: 17ABBADAB90E11ED91A064B7F1222468.roa (raw, json)
Hash identifier: 74bYn1UZ1KvUPzN2OSoZA6NmbYaUfQGtHKW8VwNxGn0=
Subject key identifier: C1:EF:8E:D8:71:B0:9E:EC:FD:F5:CC:6E:5A:F4:80:ED:90:2E:84:2D
Certificate issuer: /CN=F36886B3AF/serialNumber=3D6ED905037C83C573780B0CCDC70D5D8CEF038B
Certificate serial: 21
Authority key identifier: 3D:6E:D9:05:03:7C:83:C5:73:78:0B:0C:CD:C7:0D:5D:8C:EF:03:8B
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/PW7ZBQN8g8VzeAsMzccNXYzvA4s.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36886B3/3535CA1AB8EF11EDA9B341DAF1222468/17ABBADAB90E11ED91A064B7F1222468.roa
Signing time: Thu 02 Mar 2023 15:22:50 +0000
ROA not before: Thu 02 Mar 2023 15:22:46 +0000
ROA not after: Mon 02 Mar 2026 15:22:46 +0000
asID: 33763
IP address blocks: 197.234.96.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36886B3/3535CA1AB8EF11EDA9B341DAF1222468/PW7ZBQN8g8VzeAsMzccNXYzvA4s.crl
rsync://rpki.afrinic.net/repository/member_repository/F36886B3/3535CA1AB8EF11EDA9B341DAF1222468/PW7ZBQN8g8VzeAsMzccNXYzvA4s.mft
rsync://rpki.afrinic.net/repository/afrinic/PW7ZBQN8g8VzeAsMzccNXYzvA4s.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 20 May 2024 00:04:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 33 (0x21)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36886B3AF/serialNumber=3D6ED905037C83C573780B0CCDC70D5D8CEF038B
Validity
Not Before: Mar 2 15:22:46 2023 GMT
Not After : Mar 2 15:22:46 2026 GMT
Subject: CN=6400bf4a-d90d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:c6:8b:8b:67:59:11:43:8e:df:9c:8c:8d:ca:
96:d1:f5:e4:a0:ec:b1:5c:bc:bb:02:12:35:df:5f:
20:eb:d5:f4:fb:c2:2b:2d:eb:47:75:ee:78:f1:6d:
98:5a:d2:54:15:39:44:b3:0c:a0:81:1f:4a:62:c8:
44:50:ad:44:df:89:a6:87:61:c6:de:8e:53:55:1d:
68:9b:22:25:31:bf:7d:fd:17:41:58:d4:8a:4a:8d:
1d:a5:77:d0:dd:20:7c:f5:56:23:f7:86:97:cc:df:
5b:78:a9:cf:8b:c4:fc:e3:72:60:3e:23:90:4d:71:
0b:3c:b5:b8:6e:b1:fe:e2:f9:96:fb:6d:cf:31:80:
d6:b3:b7:b2:69:fc:bf:ef:3f:41:56:17:c8:c7:fa:
77:e4:5f:2f:04:6c:b4:bd:50:5f:8e:46:bc:24:49:
4f:57:46:b0:9b:d6:4c:58:17:67:9b:cc:ff:7c:0e:
23:6d:8e:48:1a:3c:f4:2a:7d:4b:8f:d1:44:7f:69:
d4:8d:9e:64:5f:7b:f3:06:b4:f3:5f:19:82:00:32:
a8:3a:b4:14:a8:31:2f:82:41:59:f0:ff:ee:b1:e7:
0d:cd:b2:12:81:b8:c7:3d:27:31:df:37:f5:bf:45:
76:00:d5:87:80:54:90:51:c5:8a:3f:ef:f9:22:2d:
41:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:EF:8E:D8:71:B0:9E:EC:FD:F5:CC:6E:5A:F4:80:ED:90:2E:84:2D
X509v3 Authority Key Identifier:
keyid:3D:6E:D9:05:03:7C:83:C5:73:78:0B:0C:CD:C7:0D:5D:8C:EF:03:8B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36886B3/3535CA1AB8EF11EDA9B341DAF1222468/PW7ZBQN8g8VzeAsMzccNXYzvA4s.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/PW7ZBQN8g8VzeAsMzccNXYzvA4s.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36886B3/3535CA1AB8EF11EDA9B341DAF1222468/17ABBADAB90E11ED91A064B7F1222468.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
197.234.96.0/21
Signature Algorithm: sha256WithRSAEncryption
b1:39:bd:13:37:93:4a:4d:cc:2d:13:cc:c4:79:14:c9:e5:43:
84:31:a3:be:39:d7:37:fc:f6:69:1d:77:a5:bd:37:cd:ba:dd:
22:4c:3f:39:aa:13:12:0b:6b:d6:d7:ec:50:93:0a:c1:da:60:
e3:4f:62:cf:86:a9:d4:4b:d6:41:ba:2d:d7:c7:44:5e:62:a7:
75:61:2e:3b:66:1f:c1:ed:91:fc:17:f0:bd:3d:89:63:d3:3d:
98:09:db:b6:dd:5a:15:0c:87:46:3b:f7:ea:3a:0b:41:81:fb:
48:6d:2d:4e:27:f1:17:f7:6f:1f:c3:ee:f2:58:dd:e6:94:75:
5d:d6:f1:8c:70:66:f9:52:50:54:d6:d4:78:18:41:71:4b:f1:
cc:15:39:ca:38:5d:10:76:ee:85:41:b8:c5:67:5c:c1:00:e0:
d9:26:74:64:f8:47:4e:0d:8d:92:96:5d:ca:75:2a:76:7d:7d:
d6:7e:e3:5d:0c:5f:7f:a5:9f:ef:6d:51:eb:8f:c2:10:34:75:
df:65:d1:a5:40:f9:1b:ed:c7:50:27:9f:bc:fa:33:d3:26:0c:
0d:f1:ea:c0:ea:85:73:30:d8:5e:5f:cf:5d:a2:65:57:83:e7:
20:5c:40:09:f3:eb:fa:12:b7:a3:cb:c3:2e:03:22:6b:f3:b0:
95:81:20:cf
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBITANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDDApGMzY4
ODZCM0FGMTEwLwYDVQQFEygzRDZFRDkwNTAzN0M4M0M1NzM3ODBCMENDREM3MEQ1
RDhDRUYwMzhCMB4XDTIzMDMwMjE1MjI0NloXDTI2MDMwMjE1MjI0NlowGDEWMBQG
A1UEAwwNNjQwMGJmNGEtZDkwZDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALfGi4tnWRFDjt+cjI3KltH15KDssVy8uwISNd9fIOvV9PvCKy3rR3XuePFt
mFrSVBU5RLMMoIEfSmLIRFCtRN+Jpodhxt6OU1UdaJsiJTG/ff0XQVjUikqNHaV3
0N0gfPVWI/eGl8zfW3ipz4vE/ONyYD4jkE1xCzy1uG6x/uL5lvttzzGA1rO3smn8
v+8/QVYXyMf6d+RfLwRstL1QX45GvCRJT1dGsJvWTFgXZ5vM/3wOI22OSBo89Cp9
S4/RRH9p1I2eZF978wa0818ZggAyqDq0FKgxL4JBWfD/7rHnDc2yEoG4xz0nMd83
9b9FdgDVh4BUkFHFij/v+SItQa0CAwEAAaOCAqUwggKhMB0GA1UdDgQWBBTB747Y
cbCe7P31zG5a9IDtkC6ELTAfBgNVHSMEGDAWgBQ9btkFA3yDxXN4CwzNxw1djO8D
izAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2ODg2QjMvMzUzNUNBMUFCOEVGMTFFREE5QjM0MURBRjEyMjI0NjgvUFc3WkJR
TjhnOFZ6ZUFzTXpjY05YWXp2QTRzLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvUFc3WkJRTjhnOFZ6ZUFzTXpjY05YWXp2QTRzLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2ODg2QjMvMzUzNUNBMUFCOEVGMTFFREE5QjM0MURBRjEy
MjI0NjgvMTdBQkJBREFCOTBFMTFFRDkxQTA2NEI3RjEyMjI0Njgucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA8XqYDANBgkqhkiG9w0BAQsF
AAOCAQEAsTm9EzeTSk3MLRPMxHkUyeVDhDGjvjnXN/z2aR13pb03zbrdIkw/OaoT
Egtr1tfsUJMKwdpg409iz4ap1EvWQbot18dEXmKndWEuO2Yfwe2R/BfwvT2JY9M9
mAnbtt1aFQyHRjv36joLQYH7SG0tTifxF/dvH8Pu8ljd5pR1XdbxjHBm+VJQVNbU
eBhBcUvxzBU5yjhdEHbuhUG4xWdcwQDg2SZ0ZPhHTg2NkpZdynUqdn191n7jXQxf
f6Wf721R64/CEDR132XRpUD5G+3HUCefvPoz0yYMDfHqwOqFczDYXl/PXaJlV4Pn
IFxACfPr+hK3o8vDLgMia/OwlYEgzw==
-----END CERTIFICATE-----
Generated at Sat May 18 04:03:40 2024 by rpki-client on console-ams.rpki-client.org