Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F369DB5E/D1EA5914BF3111EDA7E717D0F1222468/0471BC4803B411EF8330A611017001B1.roa
File: 0471BC4803B411EF8330A611017001B1.roa (raw, json)
Hash identifier: 3INpP9HwU5rpsLwrARqpf7p6nExwTzjKuLs7Tp6YsOI=
Subject key identifier: 63:54:DA:2C:CA:41:8C:C3:45:63:0E:4E:A8:F5:1A:34:08:47:B3:C3
Certificate issuer: /CN=F369DB5EAF/serialNumber=D3E2E0BCEB61FB9C4527826E610D467699D63E14
Certificate serial: 01CD
Authority key identifier: D3:E2:E0:BC:EB:61:FB:9C:45:27:82:6E:61:0D:46:76:99:D6:3E:14
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/0-LgvOth-5xFJ4JuYQ1GdpnWPhQ.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F369DB5E/D1EA5914BF3111EDA7E717D0F1222468/0471BC4803B411EF8330A611017001B1.roa
Signing time: Fri 26 Apr 2024 10:01:58 +0000
ROA not before: Fri 26 Apr 2024 10:01:54 +0000
ROA not after: Thu 30 Apr 2043 10:01:54 +0000
asID: 30988
IP address blocks: 196.200.120.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F369DB5E/D1EA5914BF3111EDA7E717D0F1222468/0-LgvOth-5xFJ4JuYQ1GdpnWPhQ.crl
rsync://rpki.afrinic.net/repository/member_repository/F369DB5E/D1EA5914BF3111EDA7E717D0F1222468/0-LgvOth-5xFJ4JuYQ1GdpnWPhQ.mft
rsync://rpki.afrinic.net/repository/afrinic/0-LgvOth-5xFJ4JuYQ1GdpnWPhQ.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 21 Feb 2025 02:28:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 461 (0x1cd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F369DB5EAF
Validity
Not Before: Apr 26 10:01:54 2024 GMT
Not After : Apr 30 10:01:54 2043 GMT
Subject: CN=662b7b96-a322
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:ff:5a:fd:be:5c:89:c4:d9:4a:e2:f6:cc:5e:
09:4b:1b:4d:9f:67:01:4f:27:ff:00:d4:bb:08:0d:
3f:ec:f1:9f:1a:4b:87:39:73:18:ed:70:cc:36:44:
39:3a:e2:7c:a1:32:1c:13:27:95:34:5d:e8:09:d1:
05:91:08:c2:4b:9e:fb:59:50:00:d0:d7:c6:c9:4b:
e5:94:4b:3a:1b:87:46:ff:44:d6:40:6b:4c:b3:a6:
a0:4d:3f:70:2f:a8:45:de:4c:71:8b:c9:b1:66:2b:
5a:03:cb:70:a6:b6:90:d4:7a:fd:2f:a1:4e:70:fe:
7e:24:72:f9:ab:6f:f5:02:dd:ca:9d:27:ec:51:8a:
0a:4a:2a:42:eb:17:9b:41:c5:2c:57:7e:c1:e7:c8:
cf:c2:5b:17:27:ea:bc:4a:27:d5:34:d2:79:9e:2c:
b8:dd:33:ee:f1:73:5c:a7:36:f0:ad:0d:7d:cd:87:
6c:4f:d7:5f:bb:ba:bb:96:53:ef:ad:d2:bb:c2:22:
f7:17:16:3a:e9:ca:28:6e:da:90:11:24:ec:41:89:
83:ef:db:aa:86:f1:20:c3:57:14:a7:ce:b8:4e:53:
8c:bb:c8:2e:86:b8:9a:40:f4:2a:5f:1d:d5:d2:82:
e2:7b:b2:f1:67:73:b9:02:c7:d7:45:f0:dd:55:72:
07:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:54:DA:2C:CA:41:8C:C3:45:63:0E:4E:A8:F5:1A:34:08:47:B3:C3
X509v3 Authority Key Identifier:
keyid:D3:E2:E0:BC:EB:61:FB:9C:45:27:82:6E:61:0D:46:76:99:D6:3E:14
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F369DB5E/D1EA5914BF3111EDA7E717D0F1222468/0-LgvOth-5xFJ4JuYQ1GdpnWPhQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/0-LgvOth-5xFJ4JuYQ1GdpnWPhQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F369DB5E/D1EA5914BF3111EDA7E717D0F1222468/0471BC4803B411EF8330A611017001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
196.200.120.0/24
Signature Algorithm: sha256WithRSAEncryption
b7:29:5b:21:77:ac:63:96:c8:d1:52:73:1f:f5:a8:4b:20:98:
82:f1:f1:c4:6e:83:56:13:b1:39:9c:46:22:eb:bf:79:fc:36:
11:11:3b:fa:1f:8d:97:17:a0:0f:de:62:5a:1a:97:5c:30:80:
7e:ad:ce:5a:ec:ba:fd:72:f0:f6:8d:8b:0c:75:11:f5:c3:c5:
f3:8b:7e:49:a4:72:31:8b:25:af:1d:3b:08:c1:6c:a7:1d:10:
c9:2c:93:b6:be:a8:c9:bf:11:4d:7b:bb:03:fb:63:73:0e:04:
9a:df:83:31:09:65:af:ca:d6:f6:e8:3d:01:e3:b8:7b:eb:1b:
d2:64:86:70:9f:f1:08:66:45:54:dd:f7:95:14:73:3f:58:76:
f5:db:f2:4a:83:5d:99:79:4b:23:93:03:79:6e:58:fe:4b:4d:
ae:99:a3:f2:e0:91:ac:b1:57:ed:a9:d9:81:1e:eb:d2:16:b1:
e3:d8:36:42:ad:0c:83:d4:f7:03:85:71:1d:73:71:9d:77:bd:
63:45:37:9f:92:a6:af:a8:e8:d8:51:6e:1a:df:ff:57:5e:b2:
e9:eb:40:f7:0a:6e:38:1f:97:c9:b5:91:85:30:8f:d9:83:69:
a2:e5:25:09:59:5a:47:46:34:65:ba:4b:cf:b2:91:b4:ec:ea:
29:17:ab:5a
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICAc0wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
OURCNUVBRjExMC8GA1UEBRMoRDNFMkUwQkNFQjYxRkI5QzQ1Mjc4MjZFNjEwRDQ2
NzY5OUQ2M0UxNDAeFw0yNDA0MjYxMDAxNTRaFw00MzA0MzAxMDAxNTRaMBgxFjAU
BgNVBAMTDTY2MmI3Yjk2LWEzMjIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDP/1r9vlyJxNlK4vbMXglLG02fZwFPJ/8A1LsIDT/s8Z8aS4c5cxjtcMw2
RDk64nyhMhwTJ5U0XegJ0QWRCMJLnvtZUADQ18bJS+WUSzobh0b/RNZAa0yzpqBN
P3AvqEXeTHGLybFmK1oDy3CmtpDUev0voU5w/n4kcvmrb/UC3cqdJ+xRigpKKkLr
F5tBxSxXfsHnyM/CWxcn6rxKJ9U00nmeLLjdM+7xc1ynNvCtDX3Nh2xP11+7uruW
U++t0rvCIvcXFjrpyihu2pARJOxBiYPv26qG8SDDVxSnzrhOU4y7yC6GuJpA9Cpf
HdXSguJ7svFnc7kCx9dF8N1VcgebAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUY1Ta
LMpBjMNFYw5OqPUaNAhHs8MwHwYDVR0jBBgwFoAU0+LgvOth+5xFJ4JuYQ1GdpnW
PhQwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjlEQjVFL0QxRUE1OTE0QkYzMTExRURBN0U3MTdEMEYxMjIyNDY4LzAtTGd2
T3RoLTV4Rko0SnVZUTFHZHBuV1BoUS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljLzAtTGd2T3RoLTV4Rko0SnVZUTFHZHBuV1BoUS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjlEQjVFL0QxRUE1OTE0QkYzMTExRURBN0U3MTdEMEYx
MjIyNDY4LzA0NzFCQzQ4MDNCNDExRUY4MzMwQTYxMTAxNzAwMUIxLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADEyHgwDQYJKoZIhvcNAQEL
BQADggEBALcpWyF3rGOWyNFScx/1qEsgmILx8cRug1YTsTmcRiLrv3n8NhERO/of
jZcXoA/eYloal1wwgH6tzlrsuv1y8PaNiwx1EfXDxfOLfkmkcjGLJa8dOwjBbKcd
EMksk7a+qMm/EU17uwP7Y3MOBJrfgzEJZa/K1vboPQHjuHvrG9JkhnCf8QhmRVTd
95UUcz9YdvXb8kqDXZl5SyOTA3luWP5LTa6Zo/LgkayxV+2p2YEe69IWsePYNkKt
DIPU9wOFcR1zcZ13vWNFN5+Spq+o6NhRbhrf/1desunrQPcKbjgfl8m1kYUwj9mD
aaLlJQlZWkdGNGW6S8+ykbTs6ikXq1o=
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:32:25 2025 by rpki-client