Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36960E7/1C0AE63EEB7711EB80DE7C1ED8A014CE/78DBB3A8509111EE8C794A224AD9E6FC.roa
File: 78DBB3A8509111EE8C794A224AD9E6FC.roa (raw, json)
Hash identifier: SDX6NV8iUbdSzDkDOEULuuCRJop7B8rmcDLu1uSO9fs=
Subject key identifier: 44:E4:15:25:16:11:3E:EC:AC:D6:21:0F:34:97:5B:30:31:0A:9D:90
Certificate issuer: /CN=F36960E7AF/serialNumber=1F4DB9AC6B63108A19BDCDBEECFF449842C8D6A0
Certificate serial: 0344
Authority key identifier: 1F:4D:B9:AC:6B:63:10:8A:19:BD:CD:BE:EC:FF:44:98:42:C8:D6:A0
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/H025rGtjEIoZvc2-7P9EmELI1qA.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36960E7/1C0AE63EEB7711EB80DE7C1ED8A014CE/78DBB3A8509111EE8C794A224AD9E6FC.roa
Signing time: Mon 11 Sep 2023 10:53:42 +0000
ROA not before: Mon 11 Sep 2023 10:53:39 +0000
ROA not after: Wed 30 Sep 2026 10:53:39 +0000
asID: 328913
IP address blocks: 196.49.84.0/24 maxlen: 24
2001:43fe:c000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36960E7/1C0AE63EEB7711EB80DE7C1ED8A014CE/H025rGtjEIoZvc2-7P9EmELI1qA.crl
rsync://rpki.afrinic.net/repository/member_repository/F36960E7/1C0AE63EEB7711EB80DE7C1ED8A014CE/H025rGtjEIoZvc2-7P9EmELI1qA.mft
rsync://rpki.afrinic.net/repository/afrinic/H025rGtjEIoZvc2-7P9EmELI1qA.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 27 Nov 2024 00:05:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 836 (0x344)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36960E7AF/serialNumber=1F4DB9AC6B63108A19BDCDBEECFF449842C8D6A0
Validity
Not Before: Sep 11 10:53:39 2023 GMT
Not After : Sep 30 10:53:39 2026 GMT
Subject: CN=64fef1b6-d67d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:1b:21:01:89:35:ed:3b:97:dc:a2:5a:64:08:
3d:3e:4c:79:b5:f7:41:df:2a:6e:3c:f4:7a:3c:ea:
9e:6d:b6:c8:47:6b:c9:a2:f2:31:fa:89:a3:97:b1:
59:57:85:c4:05:64:02:b7:aa:39:c7:84:9c:27:15:
85:86:6e:1e:f9:40:53:ad:4a:81:a7:71:60:20:29:
00:87:3f:cc:a7:4d:d8:69:2d:83:e3:61:cd:a2:55:
c3:3a:0d:8d:ab:e9:e0:1f:42:68:ce:28:96:28:03:
b0:08:96:96:c4:dc:01:3a:27:96:75:42:04:ad:cd:
e9:23:87:f3:1e:18:01:77:6a:80:a6:44:e8:f9:35:
55:86:42:38:b4:8a:e0:ee:2d:c0:d5:63:7e:bc:2b:
c4:2a:37:c9:c4:2d:4c:04:64:ec:ad:88:16:82:ee:
87:b6:15:80:b1:ad:4d:00:93:e2:69:86:96:29:3c:
9c:23:29:16:a7:66:f8:11:bd:ec:85:46:d6:ca:3e:
48:90:9b:a8:c1:59:aa:a9:dc:e6:d4:c7:a3:22:66:
c0:80:a5:ad:d5:f4:bd:fa:ce:be:da:24:18:77:dc:
74:b7:1f:5f:66:2f:5e:79:c0:ef:a5:99:6b:9f:87:
ce:d9:5d:65:82:ba:81:73:24:e9:2e:3c:ce:bb:0f:
7b:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:E4:15:25:16:11:3E:EC:AC:D6:21:0F:34:97:5B:30:31:0A:9D:90
X509v3 Authority Key Identifier:
keyid:1F:4D:B9:AC:6B:63:10:8A:19:BD:CD:BE:EC:FF:44:98:42:C8:D6:A0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36960E7/1C0AE63EEB7711EB80DE7C1ED8A014CE/H025rGtjEIoZvc2-7P9EmELI1qA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/H025rGtjEIoZvc2-7P9EmELI1qA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36960E7/1C0AE63EEB7711EB80DE7C1ED8A014CE/78DBB3A8509111EE8C794A224AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
196.49.84.0/24
IPv6:
2001:43fe:c000::/48
Signature Algorithm: sha256WithRSAEncryption
62:7d:d8:1b:47:7a:16:d1:49:88:cc:46:b4:c2:6b:7f:e8:f4:
3c:78:19:77:7f:4b:c3:2e:ec:9a:f5:62:47:4d:b9:cb:72:50:
1c:ad:6a:2e:21:90:42:d1:b1:35:30:bf:5a:3d:fc:16:d1:c9:
03:95:6a:ea:c6:a3:3d:d7:39:2b:92:2b:05:8e:93:64:6d:94:
39:27:18:1f:2c:e6:81:ab:a0:da:db:f2:ef:79:69:4d:73:7e:
7d:ff:69:cc:18:54:a2:86:e8:d0:09:72:df:16:ed:87:2a:67:
37:95:46:d6:7e:78:1e:15:97:69:2a:06:c9:d7:e4:7b:d8:dd:
36:5d:c8:cc:37:96:fa:5e:13:5d:7b:36:1a:e2:07:d3:96:a4:
49:17:17:fc:17:40:c1:00:d4:56:2d:f7:9f:35:65:08:06:4f:
6c:6f:60:d2:c2:ec:95:2b:7c:32:2b:be:d5:f3:14:68:4f:0e:
a7:ad:7f:7d:54:b3:61:f5:ae:7c:b0:54:4c:01:b2:94:1a:47:
08:47:4c:17:ea:6a:b5:6c:b6:55:2f:c6:7d:6d:9a:53:ac:35:
5c:ee:d1:35:99:65:ae:6c:dd:37:0f:8e:d9:cd:15:4c:e0:4e:
99:83:59:cf:dd:bf:8d:0e:f3:a3:e2:53:3c:73:dd:0c:82:54:
0b:61:bb:61
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgICA0QwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
OTYwRTdBRjExMC8GA1UEBRMoMUY0REI5QUM2QjYzMTA4QTE5QkRDREJFRUNGRjQ0
OTg0MkM4RDZBMDAeFw0yMzA5MTExMDUzMzlaFw0yNjA5MzAxMDUzMzlaMBgxFjAU
BgNVBAMTDTY0ZmVmMWI2LWQ2N2QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCkGyEBiTXtO5fcolpkCD0+THm190HfKm489Ho86p5ttshHa8mi8jH6iaOX
sVlXhcQFZAK3qjnHhJwnFYWGbh75QFOtSoGncWAgKQCHP8ynTdhpLYPjYc2iVcM6
DY2r6eAfQmjOKJYoA7AIlpbE3AE6J5Z1QgStzekjh/MeGAF3aoCmROj5NVWGQji0
iuDuLcDVY368K8QqN8nELUwEZOytiBaC7oe2FYCxrU0Ak+JphpYpPJwjKRanZvgR
veyFRtbKPkiQm6jBWaqp3ObUx6MiZsCApa3V9L36zr7aJBh33HS3H19mL155wO+l
mWufh87ZXWWCuoFzJOkuPM67D3spAgMBAAGjggK2MIICsjAdBgNVHQ4EFgQUROQV
JRYRPuys1iEPNJdbMDEKnZAwHwYDVR0jBBgwFoAUH025rGtjEIoZvc2+7P9EmELI
1qAwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjk2MEU3LzFDMEFFNjNFRUI3NzExRUI4MERFN0MxRUQ4QTAxNENFL0gwMjVy
R3RqRUlvWnZjMi03UDlFbUVMSTFxQS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0gwMjVyR3RqRUlvWnZjMi03UDlFbUVMSTFxQS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjk2MEU3LzFDMEFFNjNFRUI3NzExRUI4MERFN0MxRUQ4
QTAxNENFLzc4REJCM0E4NTA5MTExRUU4Qzc5NEEyMjRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwMAYIKwYBBQUHAQcBAf8EITAfMAwEAgABMAYDBADEMVQwDwQCAAIwCQMHACAB
Q/7AADANBgkqhkiG9w0BAQsFAAOCAQEAYn3YG0d6FtFJiMxGtMJrf+j0PHgZd39L
wy7smvViR025y3JQHK1qLiGQQtGxNTC/Wj38FtHJA5Vq6sajPdc5K5IrBY6TZG2U
OScYHyzmgaug2tvy73lpTXN+ff9pzBhUoobo0Aly3xbthypnN5VG1n54HhWXaSoG
ydfke9jdNl3IzDeW+l4TXXs2GuIH05akSRcX/BdAwQDUVi33nzVlCAZPbG9g0sLs
lSt8Miu+1fMUaE8Op61/fVSzYfWufLBUTAGylBpHCEdMF+pqtWy2VS/GfW2aU6w1
XO7RNZllrmzdNw+O2c0VTOBOmYNZz92/jQ7zo+JTPHPdDIJUC2G7YQ==
-----END CERTIFICATE-----
Generated at Mon Nov 25 03:00:08 2024 by rpki-client on console-fra.rpki-client.org