Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3698DD0/56C8EA4C667711ED967FC0A2F1222468/7E60CCBE817511EDBB60FBE8F1222468.roa
File: 7E60CCBE817511EDBB60FBE8F1222468.roa (raw, json)
Hash identifier: 3botBW7CxliYrIkkF4AkSGZ+nyL0LTvgw3z56nnf7ps=
Subject key identifier: D5:0D:9D:6D:8D:DA:2A:6F:4F:03:7F:0D:61:21:E0:0B:CE:C4:84:2F
Certificate issuer: /CN=F3698DD0AF/serialNumber=C03FDD694F51AAE38F051456101617C56FD89C4A
Certificate serial: 2B
Authority key identifier: C0:3F:DD:69:4F:51:AA:E3:8F:05:14:56:10:16:17:C5:6F:D8:9C:4A
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/wD_daU9RquOPBRRWEBYXxW_YnEo.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3698DD0/56C8EA4C667711ED967FC0A2F1222468/7E60CCBE817511EDBB60FBE8F1222468.roa
Signing time: Wed 21 Dec 2022 21:21:55 +0000
ROA not before: Wed 21 Dec 2022 21:21:51 +0000
ROA not after: Tue 31 Dec 2030 21:21:51 +0000
asID: 37282
IP address blocks: 196.49.62.0/24 maxlen: 24
2001:43f8:11f1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3698DD0/56C8EA4C667711ED967FC0A2F1222468/wD_daU9RquOPBRRWEBYXxW_YnEo.crl
rsync://rpki.afrinic.net/repository/member_repository/F3698DD0/56C8EA4C667711ED967FC0A2F1222468/wD_daU9RquOPBRRWEBYXxW_YnEo.mft
rsync://rpki.afrinic.net/repository/afrinic/wD_daU9RquOPBRRWEBYXxW_YnEo.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 43 (0x2b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3698DD0AF/serialNumber=C03FDD694F51AAE38F051456101617C56FD89C4A
Validity
Not Before: Dec 21 21:21:51 2022 GMT
Not After : Dec 31 21:21:51 2030 GMT
Subject: CN=63a378f3-adf3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:ad:ac:c5:2c:82:4b:cb:3b:0d:a3:51:9d:ba:
1a:7f:fd:b6:32:81:ce:80:b4:90:a7:97:26:40:bd:
86:c3:0d:d8:12:75:95:c2:bd:7e:f4:3f:1c:4f:0a:
11:87:99:24:a3:02:f5:f8:d6:c0:5d:08:6d:15:e9:
d4:ca:53:c2:96:bc:7d:dd:7d:df:45:ed:15:46:b2:
7f:d9:bd:17:e1:48:4f:f2:9c:29:37:50:55:54:b0:
06:09:62:14:fc:18:9f:c3:2a:aa:b9:e9:cc:ac:f4:
6f:ad:ad:8f:57:76:86:68:67:1d:c8:a6:d6:15:d1:
cd:d5:2b:54:ed:24:9d:55:f7:b4:1b:a8:6d:52:d5:
59:0a:90:d7:66:fe:9c:76:58:09:10:8c:cb:59:c5:
95:d8:97:52:67:e6:df:ce:ab:ee:f9:f6:48:57:27:
ae:b5:2d:e8:ad:e2:f4:91:26:67:2e:f5:3e:13:4d:
56:2a:7a:7b:64:ea:69:74:b4:1c:ba:b3:d2:15:ad:
0d:50:65:9d:16:26:42:2a:cb:62:b5:69:ea:85:b6:
67:5d:2f:da:79:68:32:76:c9:3a:43:5f:46:cc:6f:
a7:ae:82:3a:f0:7a:f4:e1:dc:39:d6:84:cd:c6:f6:
98:d8:68:12:31:ad:f5:c1:83:64:e5:9f:8f:d9:5a:
93:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:0D:9D:6D:8D:DA:2A:6F:4F:03:7F:0D:61:21:E0:0B:CE:C4:84:2F
X509v3 Authority Key Identifier:
keyid:C0:3F:DD:69:4F:51:AA:E3:8F:05:14:56:10:16:17:C5:6F:D8:9C:4A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3698DD0/56C8EA4C667711ED967FC0A2F1222468/wD_daU9RquOPBRRWEBYXxW_YnEo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/wD_daU9RquOPBRRWEBYXxW_YnEo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3698DD0/56C8EA4C667711ED967FC0A2F1222468/7E60CCBE817511EDBB60FBE8F1222468.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
196.49.62.0/24
IPv6:
2001:43f8:11f1::/48
Signature Algorithm: sha256WithRSAEncryption
5a:d3:e6:c2:5f:cd:04:86:8c:c9:07:bd:18:74:b6:e9:33:54:
53:89:da:47:99:c1:59:cc:9e:44:e6:e8:1f:d4:43:a0:a4:e6:
d3:8a:f9:d0:ce:b7:6c:d7:d3:2b:cb:33:35:86:0f:03:dd:c7:
f9:ca:93:7e:50:cc:7f:43:22:87:b5:2b:d2:05:16:3d:7d:88:
14:28:b4:2e:78:8a:56:33:6e:18:e1:4c:61:f7:d4:e2:73:32:
5f:d3:05:66:ee:f5:75:16:58:5d:74:d0:63:c9:fc:98:e0:90:
23:ee:28:7e:a1:e0:a0:0c:43:c4:fd:52:92:69:d0:e4:8b:75:
90:09:68:10:8b:74:a4:e7:31:d3:bf:b5:b4:f7:2c:9f:e3:ad:
26:92:7b:5f:0a:c7:b0:43:c5:ad:ac:c2:52:0d:52:8c:36:4e:
43:ea:f5:08:47:50:af:96:19:fb:3a:49:8d:c2:94:cc:08:e5:
45:de:77:8f:1b:13:1e:06:f1:8e:31:a4:ec:66:0d:98:54:f4:
da:dd:56:6d:de:f4:6b:29:90:ef:97:02:cf:81:23:ec:ff:a7:
1a:15:42:36:4e:d9:0a:d9:6c:ca:84:40:d2:32:2f:45:38:4c:
13:3a:06:88:f1:c4:fe:c2:e1:76:0a:0e:1f:55:57:7f:3a:51:
d0:c3:66:67
-----BEGIN CERTIFICATE-----
MIIFkzCCBHugAwIBAgIBKzANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDDApGMzY5
OEREMEFGMTEwLwYDVQQFEyhDMDNGREQ2OTRGNTFBQUUzOEYwNTE0NTYxMDE2MTdD
NTZGRDg5QzRBMB4XDTIyMTIyMTIxMjE1MVoXDTMwMTIzMTIxMjE1MVowGDEWMBQG
A1UEAwwNNjNhMzc4ZjMtYWRmMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKOtrMUsgkvLOw2jUZ26Gn/9tjKBzoC0kKeXJkC9hsMN2BJ1lcK9fvQ/HE8K
EYeZJKMC9fjWwF0IbRXp1MpTwpa8fd1930XtFUayf9m9F+FIT/KcKTdQVVSwBgli
FPwYn8MqqrnpzKz0b62tj1d2hmhnHcim1hXRzdUrVO0knVX3tBuobVLVWQqQ12b+
nHZYCRCMy1nFldiXUmfm386r7vn2SFcnrrUt6K3i9JEmZy71PhNNVip6e2TqaXS0
HLqz0hWtDVBlnRYmQirLYrVp6oW2Z10v2nloMnbJOkNfRsxvp66COvB69OHcOdaE
zcb2mNhoEjGt9cGDZOWfj9lak+8CAwEAAaOCArYwggKyMB0GA1UdDgQWBBTVDZ1t
jdoqb08Dfw1hIeALzsSELzAfBgNVHSMEGDAWgBTAP91pT1Gq448FFFYQFhfFb9ic
SjAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2OThERDAvNTZDOEVBNEM2Njc3MTFFRDk2N0ZDMEEyRjEyMjI0Njgvd0RfZGFV
OVJxdU9QQlJSV0VCWVh4V19ZbkVvLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvd0RfZGFVOVJxdU9QQlJSV0VCWVh4V19ZbkVvLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2OThERDAvNTZDOEVBNEM2Njc3MTFFRDk2N0ZDMEEyRjEy
MjI0NjgvN0U2MENDQkU4MTc1MTFFREJCNjBGQkU4RjEyMjI0Njgucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAwBggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEAMQxPjAPBAIAAjAJAwcAIAFD
+BHxMA0GCSqGSIb3DQEBCwUAA4IBAQBa0+bCX80EhozJB70YdLbpM1RTidpHmcFZ
zJ5E5ugf1EOgpObTivnQzrds19MryzM1hg8D3cf5ypN+UMx/QyKHtSvSBRY9fYgU
KLQueIpWM24Y4Uxh99TiczJf0wVm7vV1FlhddNBjyfyY4JAj7ih+oeCgDEPE/VKS
adDki3WQCWgQi3Sk5zHTv7W09yyf460mkntfCsewQ8WtrMJSDVKMNk5D6vUIR1Cv
lhn7OkmNwpTMCOVF3nePGxMeBvGOMaTsZg2YVPTa3VZt3vRrKZDvlwLPgSPs/6ca
FUI2TtkK2WzKhEDSMi9FOEwTOgaI8cT+wuF2Cg4fVVd/OlHQw2Zn
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:52:57 2024 by rpki-client on console-fra.rpki-client.org