Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36886B3/3535CA1AB8EF11EDA9B341DAF1222468/9E8E161AB90E11ED9A8907B9F1222468.roa
File: 9E8E161AB90E11ED9A8907B9F1222468.roa (raw, json)
Hash identifier: H3Pq9ilGAR4aK1isd9uFYe7Pyx0ixqxwxPuUeqJSQs0=
Subject key identifier: C8:A5:76:5B:EF:4F:86:F7:A6:1D:DE:85:5B:52:FD:5E:1D:67:6D:1B
Certificate issuer: /CN=F36886B3AF/serialNumber=3D6ED905037C83C573780B0CCDC70D5D8CEF038B
Certificate serial: 27
Authority key identifier: 3D:6E:D9:05:03:7C:83:C5:73:78:0B:0C:CD:C7:0D:5D:8C:EF:03:8B
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/PW7ZBQN8g8VzeAsMzccNXYzvA4s.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36886B3/3535CA1AB8EF11EDA9B341DAF1222468/9E8E161AB90E11ED9A8907B9F1222468.roa
Signing time: Thu 02 Mar 2023 15:26:36 +0000
ROA not before: Thu 02 Mar 2023 15:26:32 +0000
ROA not after: Fri 01 Mar 2030 15:26:32 +0000
asID: 33763
IP address blocks: 197.234.112.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36886B3/3535CA1AB8EF11EDA9B341DAF1222468/PW7ZBQN8g8VzeAsMzccNXYzvA4s.crl
rsync://rpki.afrinic.net/repository/member_repository/F36886B3/3535CA1AB8EF11EDA9B341DAF1222468/PW7ZBQN8g8VzeAsMzccNXYzvA4s.mft
rsync://rpki.afrinic.net/repository/afrinic/PW7ZBQN8g8VzeAsMzccNXYzvA4s.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 39 (0x27)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36886B3AF/serialNumber=3D6ED905037C83C573780B0CCDC70D5D8CEF038B
Validity
Not Before: Mar 2 15:26:32 2023 GMT
Not After : Mar 1 15:26:32 2030 GMT
Subject: CN=6400c02c-5409
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:bd:72:b9:7f:02:46:53:4c:16:fa:8a:5f:19:
fb:91:d8:53:5d:ca:10:9a:7f:8c:16:f7:24:4a:c5:
e2:b2:9d:84:43:d1:24:48:dc:51:a0:4d:93:74:59:
b0:fb:b7:db:d1:1e:cd:0f:69:2d:49:75:81:30:51:
bd:93:4a:bc:73:ad:cc:9b:d0:40:01:a1:34:b9:f9:
43:5d:f4:e2:5a:53:d5:76:1e:47:65:8e:17:d6:47:
c1:e1:dd:5c:08:39:a9:f3:a4:6e:28:23:c1:9a:9b:
53:3f:a6:bb:37:bb:52:41:48:21:07:b9:b0:50:3f:
7d:42:f0:c4:60:3d:cd:53:c8:31:5a:07:54:86:b9:
d0:40:e3:6e:2e:53:8c:ee:20:a2:97:89:7d:2f:39:
e6:3f:07:77:67:c3:62:70:2a:a1:43:49:cc:b4:8f:
11:73:c6:6a:09:fc:db:64:7d:94:ed:9b:11:12:c9:
41:67:c2:7a:a5:c8:a8:76:7f:06:41:16:12:be:b7:
3d:d9:63:37:92:42:6f:a9:fe:79:6f:b3:9d:f5:af:
81:ba:59:b4:90:8f:d2:5e:7d:a1:24:20:96:7f:92:
5c:d4:af:4f:df:4a:ab:5a:d6:6d:6b:94:ed:5e:38:
40:30:da:09:bf:04:8c:21:71:48:75:bb:59:4d:2a:
58:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:A5:76:5B:EF:4F:86:F7:A6:1D:DE:85:5B:52:FD:5E:1D:67:6D:1B
X509v3 Authority Key Identifier:
keyid:3D:6E:D9:05:03:7C:83:C5:73:78:0B:0C:CD:C7:0D:5D:8C:EF:03:8B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36886B3/3535CA1AB8EF11EDA9B341DAF1222468/PW7ZBQN8g8VzeAsMzccNXYzvA4s.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/PW7ZBQN8g8VzeAsMzccNXYzvA4s.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36886B3/3535CA1AB8EF11EDA9B341DAF1222468/9E8E161AB90E11ED9A8907B9F1222468.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
197.234.112.0/21
Signature Algorithm: sha256WithRSAEncryption
4e:53:a8:2f:31:0e:f6:c7:7b:3f:6f:78:1c:7e:fa:40:8d:89:
f4:00:3f:7d:55:1c:5e:35:97:03:2a:cb:84:b5:63:40:c6:a8:
21:2d:df:08:84:18:cb:11:7e:55:57:0c:03:2e:af:6a:87:20:
4a:b5:35:65:25:a7:07:89:6b:e3:b2:86:bb:6f:8e:1a:ae:94:
42:3f:5a:0a:a8:1c:2d:b5:3a:4b:9a:63:ba:be:d5:6b:2e:4f:
92:45:1a:d6:95:06:cd:d0:f5:aa:f5:49:53:d9:fd:67:d7:8f:
af:14:85:63:1e:ef:5e:f8:de:2a:56:dc:c6:e2:9d:ae:fd:7a:
fd:90:b3:1e:b8:d6:c0:56:25:d0:8a:34:b4:4c:4c:9c:e5:8a:
4f:c0:15:1a:4d:fc:0d:ac:eb:0d:95:d9:c1:3c:3a:cf:31:4a:
7b:f2:d2:7f:c5:11:ad:34:82:86:dd:4e:51:23:39:f5:f0:16:
ff:05:53:dd:e7:cf:5a:55:f6:9c:ce:40:84:52:3d:9b:9a:fa:
c0:55:d6:bb:cf:45:87:39:19:a0:37:5c:66:5e:7b:97:c9:83:
b3:45:54:01:e8:76:b0:9a:f3:ae:3d:73:7c:85:87:4b:c0:3f:
12:cb:05:4d:c0:70:29:07:09:d7:03:3b:bd:d2:e0:07:3c:6e:
03:ea:c0:f7
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBJzANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDDApGMzY4
ODZCM0FGMTEwLwYDVQQFEygzRDZFRDkwNTAzN0M4M0M1NzM3ODBCMENDREM3MEQ1
RDhDRUYwMzhCMB4XDTIzMDMwMjE1MjYzMloXDTMwMDMwMTE1MjYzMlowGDEWMBQG
A1UEAwwNNjQwMGMwMmMtNTQwOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKC9crl/AkZTTBb6il8Z+5HYU13KEJp/jBb3JErF4rKdhEPRJEjcUaBNk3RZ
sPu329EezQ9pLUl1gTBRvZNKvHOtzJvQQAGhNLn5Q1304lpT1XYeR2WOF9ZHweHd
XAg5qfOkbigjwZqbUz+muze7UkFIIQe5sFA/fULwxGA9zVPIMVoHVIa50EDjbi5T
jO4gopeJfS855j8Hd2fDYnAqoUNJzLSPEXPGagn822R9lO2bERLJQWfCeqXIqHZ/
BkEWEr63PdljN5JCb6n+eW+znfWvgbpZtJCP0l59oSQgln+SXNSvT99Kq1rWbWuU
7V44QDDaCb8EjCFxSHW7WU0qWJMCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBTIpXZb
70+G96Yd3oVbUv1eHWdtGzAfBgNVHSMEGDAWgBQ9btkFA3yDxXN4CwzNxw1djO8D
izAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2ODg2QjMvMzUzNUNBMUFCOEVGMTFFREE5QjM0MURBRjEyMjI0NjgvUFc3WkJR
TjhnOFZ6ZUFzTXpjY05YWXp2QTRzLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvUFc3WkJRTjhnOFZ6ZUFzTXpjY05YWXp2QTRzLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2ODg2QjMvMzUzNUNBMUFCOEVGMTFFREE5QjM0MURBRjEy
MjI0NjgvOUU4RTE2MUFCOTBFMTFFRDlBODkwN0I5RjEyMjI0Njgucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA8XqcDANBgkqhkiG9w0BAQsF
AAOCAQEATlOoLzEO9sd7P294HH76QI2J9AA/fVUcXjWXAyrLhLVjQMaoIS3fCIQY
yxF+VVcMAy6vaocgSrU1ZSWnB4lr47KGu2+OGq6UQj9aCqgcLbU6S5pjur7Vay5P
kkUa1pUGzdD1qvVJU9n9Z9ePrxSFYx7vXvjeKlbcxuKdrv16/ZCzHrjWwFYl0Io0
tExMnOWKT8AVGk38DazrDZXZwTw6zzFKe/LSf8URrTSCht1OUSM59fAW/wVT3efP
WlX2nM5AhFI9m5r6wFXWu89FhzkZoDdcZl57l8mDs0VUAeh2sJrzrj1zfIWHS8A/
EssFTcBwKQcJ1wM7vdLgBzxuA+rA9w==
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:03:47 2024 by rpki-client on console-ams.rpki-client.org