Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3696E5F/3DA3D320189711ED8C936BD2F1222468/1B3E5BD6BFC411EEB815F6B6775412E6.roa
File: 1B3E5BD6BFC411EEB815F6B6775412E6.roa (raw, json)
Hash identifier: /vMD2qyC5dIRjTseOPjuPT3UDFh3JnMal4OEIVBXwNA=
Subject key identifier: D9:70:44:79:24:B0:E2:91:61:17:4C:0A:BA:21:BA:7D:75:07:BA:FD
Certificate issuer: /CN=F3696E5FAF/serialNumber=5375CF4CA1643B08C341BDA79D8BE105BDC3C48B
Certificate serial: 0280
Authority key identifier: 53:75:CF:4C:A1:64:3B:08:C3:41:BD:A7:9D:8B:E1:05:BD:C3:C4:8B
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/U3XPTKFkOwjDQb2nnYvhBb3DxIs.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3696E5F/3DA3D320189711ED8C936BD2F1222468/1B3E5BD6BFC411EEB815F6B6775412E6.roa
Signing time: Tue 30 Jan 2024 23:05:49 +0000
ROA not before: Wed 31 Jan 2024 23:05:45 +0000
ROA not after: Thu 31 Jan 2030 23:05:45 +0000
asID: 25818
IP address blocks: 102.177.112.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3696E5F/3DA3D320189711ED8C936BD2F1222468/U3XPTKFkOwjDQb2nnYvhBb3DxIs.crl
rsync://rpki.afrinic.net/repository/member_repository/F3696E5F/3DA3D320189711ED8C936BD2F1222468/U3XPTKFkOwjDQb2nnYvhBb3DxIs.mft
rsync://rpki.afrinic.net/repository/afrinic/U3XPTKFkOwjDQb2nnYvhBb3DxIs.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 640 (0x280)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3696E5FAF/serialNumber=5375CF4CA1643B08C341BDA79D8BE105BDC3C48B
Validity
Not Before: Jan 31 23:05:45 2024 GMT
Not After : Jan 31 23:05:45 2030 GMT
Subject: CN=65b980cd-717f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:f3:c6:d8:48:2c:88:36:9e:96:cd:f4:f3:e1:
5d:c3:d4:88:cc:23:2b:b7:b9:79:cd:32:6a:65:fa:
72:71:59:3d:85:93:ca:bb:a8:49:9e:a3:49:ba:c3:
84:41:14:d4:29:e3:f0:32:a3:48:a2:6b:1d:ce:9c:
bf:48:17:2e:68:b8:d8:6b:b3:0b:4b:c7:37:f2:30:
b7:07:57:fb:d1:2e:31:5c:9a:eb:0a:e1:f7:e1:fe:
ab:73:3c:27:46:17:d0:e5:52:e9:12:ad:f1:99:cb:
bc:8b:95:aa:75:c2:6a:54:1d:9d:8e:79:a6:fa:c2:
96:7a:65:fd:0b:b4:6e:26:81:fd:fe:ca:4c:55:bc:
53:ea:be:4b:bc:d0:1f:40:44:bc:c8:18:55:a4:cd:
61:88:46:6f:c9:41:73:b4:03:3d:6b:1d:01:4d:3e:
ce:66:55:1b:d7:29:04:ac:fb:b8:50:d9:e8:dd:1a:
96:62:a5:82:d9:a5:15:6e:5c:25:2b:b1:42:a5:4b:
93:31:93:1c:dd:ca:55:06:28:9a:28:5f:46:9d:2d:
b6:b2:de:0c:58:e1:96:72:aa:ff:57:8d:e3:fa:ac:
6f:63:4b:1f:bc:cc:60:cf:68:46:18:d1:fc:d8:aa:
77:a4:71:08:d5:e3:4b:2d:e7:2a:44:2a:e1:ac:b1:
5f:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:70:44:79:24:B0:E2:91:61:17:4C:0A:BA:21:BA:7D:75:07:BA:FD
X509v3 Authority Key Identifier:
keyid:53:75:CF:4C:A1:64:3B:08:C3:41:BD:A7:9D:8B:E1:05:BD:C3:C4:8B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3696E5F/3DA3D320189711ED8C936BD2F1222468/U3XPTKFkOwjDQb2nnYvhBb3DxIs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/U3XPTKFkOwjDQb2nnYvhBb3DxIs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3696E5F/3DA3D320189711ED8C936BD2F1222468/1B3E5BD6BFC411EEB815F6B6775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.177.112.0/20
Signature Algorithm: sha256WithRSAEncryption
07:1b:44:48:ce:e9:6a:a5:b3:94:c3:a4:b0:06:71:b4:d2:18:
c7:39:6b:94:8c:9d:35:9f:58:0d:6e:93:1e:a2:94:3b:4b:9e:
bf:02:89:3f:5e:7d:77:10:ee:37:25:ea:7f:20:72:b5:e3:b9:
d9:70:87:2e:be:bd:90:db:50:67:a5:f7:bd:1e:45:98:a2:ed:
3b:3b:5c:6f:14:3f:68:48:5d:50:dd:64:69:b5:df:73:26:e4:
d0:0a:f0:9d:38:de:20:1a:fb:c0:30:5e:9e:b4:d7:2e:f3:af:
43:09:7d:f4:38:a2:25:20:38:8e:4c:96:d5:4f:7a:9c:a8:48:
3a:14:27:7f:b5:4d:19:46:c6:a8:a9:47:3a:b7:f6:14:22:ad:
47:47:69:24:64:00:a8:41:98:1e:ec:a4:f5:49:1b:5d:ef:ea:
c0:67:51:7c:d0:0c:c0:c3:43:8e:29:90:eb:a5:e9:2e:d6:82:
c2:23:c7:4c:0f:f1:94:89:8a:42:d5:08:db:ef:d8:79:41:91:
ec:54:3b:76:09:8b:19:f1:d1:52:46:f8:91:8e:bd:2b:76:a8:
ef:43:11:ed:02:0c:37:84:6a:b5:46:bc:4c:e9:c7:df:a2:0e:
8a:7a:07:a8:a2:5f:3d:fa:d8:af:f5:e9:b5:4d:e2:51:74:d5:
c3:4d:c3:5a
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICAoAwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
OTZFNUZBRjExMC8GA1UEBRMoNTM3NUNGNENBMTY0M0IwOEMzNDFCREE3OUQ4QkUx
MDVCREMzQzQ4QjAeFw0yNDAxMzEyMzA1NDVaFw0zMDAxMzEyMzA1NDVaMBgxFjAU
BgNVBAMTDTY1Yjk4MGNkLTcxN2YwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCY88bYSCyINp6WzfTz4V3D1IjMIyu3uXnNMmpl+nJxWT2Fk8q7qEmeo0m6
w4RBFNQp4/Ayo0iiax3OnL9IFy5ouNhrswtLxzfyMLcHV/vRLjFcmusK4ffh/qtz
PCdGF9DlUukSrfGZy7yLlap1wmpUHZ2Oeab6wpZ6Zf0LtG4mgf3+ykxVvFPqvku8
0B9ARLzIGFWkzWGIRm/JQXO0Az1rHQFNPs5mVRvXKQSs+7hQ2ejdGpZipYLZpRVu
XCUrsUKlS5MxkxzdylUGKJooX0adLbay3gxY4ZZyqv9XjeP6rG9jSx+8zGDPaEYY
0fzYqnekcQjV40st5ypEKuGssV9ZAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQU2XBE
eSSw4pFhF0wKuiG6fXUHuv0wHwYDVR0jBBgwFoAUU3XPTKFkOwjDQb2nnYvhBb3D
xIswDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjk2RTVGLzNEQTNEMzIwMTg5NzExRUQ4QzkzNkJEMkYxMjIyNDY4L1UzWFBU
S0ZrT3dqRFFiMm5uWXZoQmIzRHhJcy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL1UzWFBUS0ZrT3dqRFFiMm5uWXZoQmIzRHhJcy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjk2RTVGLzNEQTNEMzIwMTg5NzExRUQ4QzkzNkJEMkYx
MjIyNDY4LzFCM0U1QkQ2QkZDNDExRUVCODE1RjZCNjc3NTQxMkU2LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBARmsXAwDQYJKoZIhvcNAQEL
BQADggEBAAcbREjO6Wqls5TDpLAGcbTSGMc5a5SMnTWfWA1ukx6ilDtLnr8CiT9e
fXcQ7jcl6n8gcrXjudlwhy6+vZDbUGel970eRZii7Ts7XG8UP2hIXVDdZGm133Mm
5NAK8J043iAa+8AwXp601y7zr0MJffQ4oiUgOI5MltVPepyoSDoUJ3+1TRlGxqip
Rzq39hQirUdHaSRkAKhBmB7spPVJG13v6sBnUXzQDMDDQ44pkOul6S7WgsIjx0wP
8ZSJikLVCNvv2HlBkexUO3YJixnx0VJG+JGOvSt2qO9DEe0CDDeEarVGvEzpx9+i
Dop6B6iiXz362K/16bVN4lF01cNNw1o=
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:05:14 2024 by rpki-client on console-ams.rpki-client.org