Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36886B3/3535CA1AB8EF11EDA9B341DAF1222468/F4DE17FEB90E11ED9DADF2B9F1222468.roa
File: F4DE17FEB90E11ED9DADF2B9F1222468.roa (raw, json)
Hash identifier: tOXvv0qQ2rd5TLKqCJZzCM6weckNfsiTf+bbdsmvZM0=
Subject key identifier: A1:EC:83:74:0D:57:F1:A3:34:D1:72:F0:0F:5C:AF:23:73:66:23:3C
Certificate issuer: /CN=F36886B3AF/serialNumber=3D6ED905037C83C573780B0CCDC70D5D8CEF038B
Certificate serial: 2B
Authority key identifier: 3D:6E:D9:05:03:7C:83:C5:73:78:0B:0C:CD:C7:0D:5D:8C:EF:03:8B
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/PW7ZBQN8g8VzeAsMzccNXYzvA4s.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36886B3/3535CA1AB8EF11EDA9B341DAF1222468/F4DE17FEB90E11ED9DADF2B9F1222468.roa
Signing time: Thu 02 Mar 2023 15:29:01 +0000
ROA not before: Thu 02 Mar 2023 15:28:57 +0000
ROA not after: Mon 02 Mar 2026 15:28:57 +0000
asID: 33763
IP address blocks: 197.234.124.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36886B3/3535CA1AB8EF11EDA9B341DAF1222468/PW7ZBQN8g8VzeAsMzccNXYzvA4s.crl
rsync://rpki.afrinic.net/repository/member_repository/F36886B3/3535CA1AB8EF11EDA9B341DAF1222468/PW7ZBQN8g8VzeAsMzccNXYzvA4s.mft
rsync://rpki.afrinic.net/repository/afrinic/PW7ZBQN8g8VzeAsMzccNXYzvA4s.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 20 May 2024 00:04:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 43 (0x2b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36886B3AF/serialNumber=3D6ED905037C83C573780B0CCDC70D5D8CEF038B
Validity
Not Before: Mar 2 15:28:57 2023 GMT
Not After : Mar 2 15:28:57 2026 GMT
Subject: CN=6400c0bd-3437
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:7d:e4:f2:dd:23:2b:1c:72:a2:19:b0:a9:a0:
14:eb:2a:70:7c:01:f6:96:df:61:7d:6c:10:7d:c4:
c8:65:29:b4:22:18:78:d8:67:63:d5:ae:9a:cc:0d:
12:a2:a3:52:4b:b1:f5:6a:3b:f2:4e:8c:b0:08:15:
c1:11:59:07:8c:2d:a8:26:1c:3f:09:ea:8b:bc:52:
b7:c0:6d:9a:91:e4:64:42:62:8e:98:aa:c8:e1:73:
de:77:0e:27:64:a2:f1:c8:d1:28:60:cf:a6:63:d8:
16:d3:92:1c:17:10:23:e7:c3:ec:b1:ba:2d:da:13:
f0:22:39:ca:50:32:73:c6:25:90:17:46:29:e5:56:
aa:00:bf:3c:d5:63:45:4f:96:30:e0:81:95:68:5d:
e1:e1:3f:12:ae:54:f6:87:2e:f4:f8:80:cb:9b:4e:
93:7d:0b:a6:28:c8:9c:48:ef:d3:0b:50:3e:f3:3a:
d3:ca:5c:3b:92:73:da:76:89:41:6c:66:ad:d9:25:
0a:a7:92:a8:88:29:9b:84:6a:b7:2e:16:b4:cb:9d:
c6:b5:82:a7:24:13:1d:56:e4:51:83:01:01:72:ea:
7a:a8:eb:d7:c7:10:dd:08:82:96:fa:d7:09:3d:ff:
fa:22:3c:d1:ec:1e:a9:4e:52:98:ba:86:67:17:a4:
0c:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:EC:83:74:0D:57:F1:A3:34:D1:72:F0:0F:5C:AF:23:73:66:23:3C
X509v3 Authority Key Identifier:
keyid:3D:6E:D9:05:03:7C:83:C5:73:78:0B:0C:CD:C7:0D:5D:8C:EF:03:8B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36886B3/3535CA1AB8EF11EDA9B341DAF1222468/PW7ZBQN8g8VzeAsMzccNXYzvA4s.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/PW7ZBQN8g8VzeAsMzccNXYzvA4s.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36886B3/3535CA1AB8EF11EDA9B341DAF1222468/F4DE17FEB90E11ED9DADF2B9F1222468.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
197.234.124.0/22
Signature Algorithm: sha256WithRSAEncryption
a3:59:07:77:a0:03:62:db:a3:30:00:31:29:81:96:ff:93:92:
ce:3f:59:37:25:fd:f3:96:0c:22:05:dc:04:07:e2:c4:26:47:
51:5e:d2:12:d3:d9:b1:77:2d:58:e7:de:1d:09:05:c3:08:9d:
ee:50:a0:36:6f:f8:c7:b8:9a:f4:a3:d5:d2:41:c8:dd:36:e8:
f1:6f:98:c9:93:d7:41:a2:bc:84:11:8e:54:a0:cb:2d:8f:3c:
f8:72:fc:1a:8f:d6:27:b5:84:b4:e6:89:ff:94:e1:f3:dc:7f:
54:de:7e:b0:15:bf:94:1d:8f:ce:76:f5:52:1d:c0:0c:19:df:
b4:e6:5d:52:32:b2:b2:7b:e7:a5:70:aa:3f:dd:be:d9:93:15:
c6:f1:60:11:a0:d1:8f:72:5d:43:18:98:fe:eb:a2:23:54:2d:
71:78:68:5e:6c:8d:90:1e:e6:1a:d4:da:d4:7a:a2:51:bc:08:
98:60:ce:c1:09:cf:35:79:e3:07:86:70:91:1b:13:47:c1:22:
76:b6:2e:06:44:b4:6a:7a:d7:e1:1e:9f:85:05:b4:41:30:62:
5f:ba:3e:8f:79:d1:07:97:f8:99:c9:c7:38:f5:6c:af:f5:27:
1e:88:60:16:9e:79:44:22:25:d2:6e:f9:6f:2b:7e:6b:7a:04:
f0:ed:60:e2
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBKzANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDDApGMzY4
ODZCM0FGMTEwLwYDVQQFEygzRDZFRDkwNTAzN0M4M0M1NzM3ODBCMENDREM3MEQ1
RDhDRUYwMzhCMB4XDTIzMDMwMjE1Mjg1N1oXDTI2MDMwMjE1Mjg1N1owGDEWMBQG
A1UEAwwNNjQwMGMwYmQtMzQzNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOB95PLdIysccqIZsKmgFOsqcHwB9pbfYX1sEH3EyGUptCIYeNhnY9WumswN
EqKjUkux9Wo78k6MsAgVwRFZB4wtqCYcPwnqi7xSt8BtmpHkZEJijpiqyOFz3ncO
J2Si8cjRKGDPpmPYFtOSHBcQI+fD7LG6LdoT8CI5ylAyc8YlkBdGKeVWqgC/PNVj
RU+WMOCBlWhd4eE/Eq5U9ocu9PiAy5tOk30LpijInEjv0wtQPvM608pcO5Jz2naJ
QWxmrdklCqeSqIgpm4Rqty4WtMudxrWCpyQTHVbkUYMBAXLqeqjr18cQ3QiClvrX
CT3/+iI80eweqU5SmLqGZxekDB8CAwEAAaOCAqUwggKhMB0GA1UdDgQWBBSh7IN0
DVfxozTRcvAPXK8jc2YjPDAfBgNVHSMEGDAWgBQ9btkFA3yDxXN4CwzNxw1djO8D
izAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2ODg2QjMvMzUzNUNBMUFCOEVGMTFFREE5QjM0MURBRjEyMjI0NjgvUFc3WkJR
TjhnOFZ6ZUFzTXpjY05YWXp2QTRzLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvUFc3WkJRTjhnOFZ6ZUFzTXpjY05YWXp2QTRzLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2ODg2QjMvMzUzNUNBMUFCOEVGMTFFREE5QjM0MURBRjEy
MjI0NjgvRjRERTE3RkVCOTBFMTFFRDlEQURGMkI5RjEyMjI0Njgucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAsXqfDANBgkqhkiG9w0BAQsF
AAOCAQEAo1kHd6ADYtujMAAxKYGW/5OSzj9ZNyX985YMIgXcBAfixCZHUV7SEtPZ
sXctWOfeHQkFwwid7lCgNm/4x7ia9KPV0kHI3Tbo8W+YyZPXQaK8hBGOVKDLLY88
+HL8Go/WJ7WEtOaJ/5Th89x/VN5+sBW/lB2Pznb1Uh3ADBnftOZdUjKysnvnpXCq
P92+2ZMVxvFgEaDRj3JdQxiY/uuiI1QtcXhoXmyNkB7mGtTa1HqiUbwImGDOwQnP
NXnjB4ZwkRsTR8EidrYuBkS0anrX4R6fhQW0QTBiX7o+j3nRB5f4mcnHOPVsr/Un
HohgFp55RCIl0m75byt+a3oE8O1g4g==
-----END CERTIFICATE-----
Generated at Sat May 18 03:48:49 2024 by rpki-client on console-fra.rpki-client.org