Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36886B3/3535CA1AB8EF11EDA9B341DAF1222468/A1485D08B90D11EDB7DC21B6F1222468.roa
File: A1485D08B90D11EDB7DC21B6F1222468.roa (raw, json)
Hash identifier: UL0BFEayVaVlnK7SHN/JGWP9FuMMQ0RUBTzgrpcNFxg=
Subject key identifier: 59:41:26:D9:31:0F:5C:50:E6:D8:A0:22:DC:DF:BB:F1:82:05:D5:8D
Certificate issuer: /CN=F36886B3AF/serialNumber=3D6ED905037C83C573780B0CCDC70D5D8CEF038B
Certificate serial: 1D
Authority key identifier: 3D:6E:D9:05:03:7C:83:C5:73:78:0B:0C:CD:C7:0D:5D:8C:EF:03:8B
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/PW7ZBQN8g8VzeAsMzccNXYzvA4s.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36886B3/3535CA1AB8EF11EDA9B341DAF1222468/A1485D08B90D11EDB7DC21B6F1222468.roa
Signing time: Thu 02 Mar 2023 15:19:31 +0000
ROA not before: Thu 02 Mar 2023 15:19:26 +0000
ROA not after: Fri 01 Mar 2030 15:19:26 +0000
asID: 33763
IP address blocks: 197.234.64.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36886B3/3535CA1AB8EF11EDA9B341DAF1222468/PW7ZBQN8g8VzeAsMzccNXYzvA4s.crl
rsync://rpki.afrinic.net/repository/member_repository/F36886B3/3535CA1AB8EF11EDA9B341DAF1222468/PW7ZBQN8g8VzeAsMzccNXYzvA4s.mft
rsync://rpki.afrinic.net/repository/afrinic/PW7ZBQN8g8VzeAsMzccNXYzvA4s.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 29 (0x1d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36886B3AF/serialNumber=3D6ED905037C83C573780B0CCDC70D5D8CEF038B
Validity
Not Before: Mar 2 15:19:26 2023 GMT
Not After : Mar 1 15:19:26 2030 GMT
Subject: CN=6400be83-114b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:03:fc:1b:ce:cd:14:2e:6e:70:97:3a:1c:c8:
58:c4:9b:cb:b0:27:3f:26:02:2d:8c:43:a5:c8:92:
88:e6:20:24:ec:54:0c:f4:45:22:be:d7:f4:a5:18:
dc:ca:e6:30:ef:b9:c3:e2:ba:e7:21:45:86:e5:03:
72:b7:32:eb:71:11:9c:a3:54:10:1a:83:b9:37:b9:
1f:19:7e:ab:35:e2:6f:f1:ab:71:0f:7a:cb:cd:94:
ec:52:eb:95:d3:65:87:27:f1:d1:44:62:22:e3:bc:
e0:7d:48:40:d8:7c:a9:68:04:23:31:ce:13:37:e7:
02:ae:6d:95:d5:8a:45:13:23:97:6c:4a:09:2a:67:
ab:c3:cf:a1:94:98:2b:78:e6:87:14:78:22:7c:d5:
b7:d3:e1:10:33:7e:8c:14:a3:e9:0b:ce:a4:ce:a2:
9d:a4:85:e2:03:1a:35:69:b5:2b:97:c6:53:17:40:
5a:57:df:39:11:2a:89:b5:57:1e:36:4d:7b:64:f3:
d5:d9:e7:9f:0d:7d:19:70:ea:85:6a:11:68:6d:21:
d7:be:b9:b1:bf:63:3d:7a:9a:b1:83:18:91:53:ba:
37:17:bd:50:46:69:36:88:57:f3:53:1e:c4:9a:7d:
31:4a:31:26:b3:16:fd:1d:9f:4f:6f:5c:9f:f5:77:
3a:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:41:26:D9:31:0F:5C:50:E6:D8:A0:22:DC:DF:BB:F1:82:05:D5:8D
X509v3 Authority Key Identifier:
keyid:3D:6E:D9:05:03:7C:83:C5:73:78:0B:0C:CD:C7:0D:5D:8C:EF:03:8B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36886B3/3535CA1AB8EF11EDA9B341DAF1222468/PW7ZBQN8g8VzeAsMzccNXYzvA4s.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/PW7ZBQN8g8VzeAsMzccNXYzvA4s.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36886B3/3535CA1AB8EF11EDA9B341DAF1222468/A1485D08B90D11EDB7DC21B6F1222468.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
197.234.64.0/20
Signature Algorithm: sha256WithRSAEncryption
20:b4:3b:d8:54:9f:f3:28:ee:51:65:d8:35:ff:e1:25:9e:f4:
7c:79:be:90:12:60:d1:bc:08:1c:c4:db:96:58:a8:5a:3f:7a:
b7:a6:28:d8:f0:85:ab:c7:ef:5e:89:13:e2:b7:f4:1a:fc:fb:
32:a9:61:48:ff:7a:4c:7c:95:db:f2:68:df:7a:16:74:29:84:
4b:25:1b:0b:ff:8f:e3:e6:3e:b6:82:7c:46:bd:c1:fb:09:63:
35:c0:73:39:64:6f:fa:6c:c4:6f:29:e7:95:bc:fb:5d:be:d8:
99:fa:d9:f1:f0:25:02:47:51:51:da:07:a8:69:2f:29:fc:73:
31:9d:e9:c3:8c:08:ee:31:f2:2a:86:77:02:d4:65:dc:7a:ec:
70:69:f8:eb:70:68:75:eb:0d:7f:e4:e2:85:8b:01:90:9f:10:
4f:22:aa:43:aa:33:fe:e3:7e:cb:42:4e:55:69:56:a3:b8:eb:
4b:23:2d:87:35:dc:93:3d:fa:25:95:cf:a6:f0:1d:29:f3:5c:
e6:ce:77:9c:3e:84:b3:68:c5:7a:ed:19:5b:60:b1:71:c6:37:
50:9f:f6:1a:8c:48:46:d4:9a:d1:d1:53:86:b5:03:4b:d4:f4:
67:0e:8e:49:5e:83:61:50:73:f2:6d:f8:fd:81:b9:e7:23:8a:
6f:cf:d3:b0
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBHTANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDDApGMzY4
ODZCM0FGMTEwLwYDVQQFEygzRDZFRDkwNTAzN0M4M0M1NzM3ODBCMENDREM3MEQ1
RDhDRUYwMzhCMB4XDTIzMDMwMjE1MTkyNloXDTMwMDMwMTE1MTkyNlowGDEWMBQG
A1UEAwwNNjQwMGJlODMtMTE0YjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM0D/BvOzRQubnCXOhzIWMSby7AnPyYCLYxDpciSiOYgJOxUDPRFIr7X9KUY
3MrmMO+5w+K65yFFhuUDcrcy63ERnKNUEBqDuTe5Hxl+qzXib/GrcQ96y82U7FLr
ldNlhyfx0URiIuO84H1IQNh8qWgEIzHOEzfnAq5tldWKRRMjl2xKCSpnq8PPoZSY
K3jmhxR4InzVt9PhEDN+jBSj6QvOpM6inaSF4gMaNWm1K5fGUxdAWlffOREqibVX
HjZNe2Tz1dnnnw19GXDqhWoRaG0h1765sb9jPXqasYMYkVO6Nxe9UEZpNohX81Me
xJp9MUoxJrMW/R2fT29cn/V3OkkCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBRZQSbZ
MQ9cUObYoCLc37vxggXVjTAfBgNVHSMEGDAWgBQ9btkFA3yDxXN4CwzNxw1djO8D
izAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2ODg2QjMvMzUzNUNBMUFCOEVGMTFFREE5QjM0MURBRjEyMjI0NjgvUFc3WkJR
TjhnOFZ6ZUFzTXpjY05YWXp2QTRzLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvUFc3WkJRTjhnOFZ6ZUFzTXpjY05YWXp2QTRzLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2ODg2QjMvMzUzNUNBMUFCOEVGMTFFREE5QjM0MURBRjEy
MjI0NjgvQTE0ODVEMDhCOTBEMTFFREI3REMyMUI2RjEyMjI0Njgucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBMXqQDANBgkqhkiG9w0BAQsF
AAOCAQEAILQ72FSf8yjuUWXYNf/hJZ70fHm+kBJg0bwIHMTbllioWj96t6Yo2PCF
q8fvXokT4rf0Gvz7MqlhSP96THyV2/Jo33oWdCmESyUbC/+P4+Y+toJ8Rr3B+wlj
NcBzOWRv+mzEbynnlbz7Xb7YmfrZ8fAlAkdRUdoHqGkvKfxzMZ3pw4wI7jHyKoZ3
AtRl3HrscGn463BodesNf+TihYsBkJ8QTyKqQ6oz/uN+y0JOVWlWo7jrSyMthzXc
kz36JZXPpvAdKfNc5s53nD6Es2jFeu0ZW2CxccY3UJ/2GoxIRtSa0dFThrUDS9T0
Zw6OSV6DYVBz8m34/YG55yOKb8/TsA==
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:52:56 2024 by rpki-client on console-fra.rpki-client.org