Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36A7021/E503991C02C311EFBD1277F5007001B1/C37E4A0E166311EFB9A5E45F017001B1.roa
File: C37E4A0E166311EFB9A5E45F017001B1.roa (raw, json)
Hash identifier: Qp36Juuigfj3IghvTSmzrtpde3+TFB8XRGmUObCG6Jw=
Subject key identifier: 34:0D:37:52:BB:49:D7:FF:04:E0:98:0D:2E:5D:35:AA:E1:E0:E1:39
Certificate issuer: /CN=F36A7021AF/serialNumber=4B48662004089F5BB68194AB04B830CD433A2B70
Certificate serial: 28
Authority key identifier: 4B:48:66:20:04:08:9F:5B:B6:81:94:AB:04:B8:30:CD:43:3A:2B:70
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/S0hmIAQIn1u2gZSrBLgwzUM6K3A.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36A7021/E503991C02C311EFBD1277F5007001B1/C37E4A0E166311EFB9A5E45F017001B1.roa
Signing time: Mon 20 May 2024 04:45:21 +0000
ROA not before: Mon 20 May 2024 04:45:18 +0000
ROA not after: Thu 20 May 2027 04:45:18 +0000
asID: 36867
IP address blocks: 196.1.123.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36A7021/E503991C02C311EFBD1277F5007001B1/S0hmIAQIn1u2gZSrBLgwzUM6K3A.crl
rsync://rpki.afrinic.net/repository/member_repository/F36A7021/E503991C02C311EFBD1277F5007001B1/S0hmIAQIn1u2gZSrBLgwzUM6K3A.mft
rsync://rpki.afrinic.net/repository/afrinic/S0hmIAQIn1u2gZSrBLgwzUM6K3A.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 26 Nov 2024 00:05:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 40 (0x28)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36A7021AF/serialNumber=4B48662004089F5BB68194AB04B830CD433A2B70
Validity
Not Before: May 20 04:45:18 2024 GMT
Not After : May 20 04:45:18 2027 GMT
Subject: CN=664ad561-f40f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:a1:6e:cb:79:05:4d:84:d0:7e:3e:a9:01:6a:
46:a4:c1:c0:66:ad:ac:86:45:d6:c7:f0:76:53:81:
b2:64:dd:7e:b1:a9:e3:c7:9c:da:01:b5:ba:b6:11:
d7:df:0a:66:29:3a:e9:01:33:5c:a0:52:a3:12:ae:
a1:d2:de:e2:fd:34:94:7a:96:93:f9:f2:6e:52:6b:
c0:52:9e:5c:d3:0c:d2:bd:f5:93:a6:f8:67:eb:d5:
d3:64:ef:5b:77:96:29:ee:1c:5b:90:4d:b6:42:9a:
6e:09:fa:c2:59:f8:c0:1d:67:24:c4:24:64:4b:11:
de:6d:3e:35:fb:cb:d1:5d:ec:b5:f3:3b:b6:ec:53:
31:0c:f5:85:19:5e:35:34:5c:75:96:1c:a0:55:22:
fb:e8:07:50:0b:d3:1f:b4:1e:69:df:4e:1c:18:2d:
53:f3:eb:a7:9b:96:a3:7d:8d:70:87:d0:76:f3:a9:
c8:6a:01:13:7a:02:d9:0f:10:a5:5e:57:1f:18:35:
42:3a:a4:7c:79:3c:7d:3b:7e:c9:fa:d6:26:1c:3e:
a9:93:e1:3c:b5:ae:cd:c8:58:5b:51:e0:58:71:a4:
00:11:93:a1:4c:59:9c:4c:92:cf:3e:5c:58:fa:67:
a0:89:52:33:9a:87:7d:a9:b7:11:22:0b:de:c5:30:
27:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:0D:37:52:BB:49:D7:FF:04:E0:98:0D:2E:5D:35:AA:E1:E0:E1:39
X509v3 Authority Key Identifier:
keyid:4B:48:66:20:04:08:9F:5B:B6:81:94:AB:04:B8:30:CD:43:3A:2B:70
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36A7021/E503991C02C311EFBD1277F5007001B1/S0hmIAQIn1u2gZSrBLgwzUM6K3A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/S0hmIAQIn1u2gZSrBLgwzUM6K3A.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36A7021/E503991C02C311EFBD1277F5007001B1/C37E4A0E166311EFB9A5E45F017001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
196.1.123.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:90:20:5f:c3:e1:a5:09:1c:35:e8:02:e8:e1:b5:0f:a7:b4:
26:83:56:da:f5:f1:6a:ca:27:fd:c9:2e:cc:1d:36:a4:c6:06:
4b:e6:c5:1a:98:2c:bf:4a:7d:34:20:61:ea:51:2a:cf:0e:3c:
78:f1:d2:b4:b7:e2:f0:01:2d:3a:7d:ea:83:f8:16:46:8e:8a:
4b:5e:a2:e6:69:06:eb:06:af:a7:ef:19:be:3d:41:fd:1f:87:
e2:db:28:82:d9:41:37:a8:6e:be:8a:87:43:cb:02:1f:bf:c8:
11:05:cf:50:63:38:8f:6a:2d:5b:d9:d1:a1:67:27:45:db:b2:
3f:fa:f3:5c:cc:22:39:19:fc:89:b8:a7:3c:35:dc:18:30:87:
a0:a4:a9:b1:ff:05:8b:c7:a6:f2:07:49:d3:45:a4:b5:86:b4:
2f:05:3e:fb:9a:c4:20:6e:a2:5c:e4:4f:4d:07:ab:6a:27:61:
8f:8b:d1:51:76:bd:7c:35:8e:11:46:21:fa:3e:e6:ff:35:1d:
2b:a4:91:c7:c1:e1:fb:b0:b1:77:00:c0:c0:c6:49:98:f7:06:
0a:ee:40:d3:57:3e:86:39:d2:d3:ef:87:41:5e:1d:39:7f:10:
ce:ee:d7:4e:f1:0f:60:16:f4:b9:b8:2b:5f:80:d2:4e:ce:82:
60:59:1e:fa
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBKDANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZB
NzAyMUFGMTEwLwYDVQQFEyg0QjQ4NjYyMDA0MDg5RjVCQjY4MTk0QUIwNEI4MzBD
RDQzM0EyQjcwMB4XDTI0MDUyMDA0NDUxOFoXDTI3MDUyMDA0NDUxOFowGDEWMBQG
A1UEAxMNNjY0YWQ1NjEtZjQwZjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM2hbst5BU2E0H4+qQFqRqTBwGatrIZF1sfwdlOBsmTdfrGp48ec2gG1urYR
198KZik66QEzXKBSoxKuodLe4v00lHqWk/nyblJrwFKeXNMM0r31k6b4Z+vV02Tv
W3eWKe4cW5BNtkKabgn6wln4wB1nJMQkZEsR3m0+NfvL0V3stfM7tuxTMQz1hRle
NTRcdZYcoFUi++gHUAvTH7Qead9OHBgtU/Prp5uWo32NcIfQdvOpyGoBE3oC2Q8Q
pV5XHxg1QjqkfHk8fTt+yfrWJhw+qZPhPLWuzchYW1HgWHGkABGToUxZnEySzz5c
WPpnoIlSM5qHfam3ESIL3sUwJ38CAwEAAaOCAqUwggKhMB0GA1UdDgQWBBQ0DTdS
u0nX/wTgmA0uXTWq4eDhOTAfBgNVHSMEGDAWgBRLSGYgBAifW7aBlKsEuDDNQzor
cDAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2QTcwMjEvRTUwMzk5MUMwMkMzMTFFRkJEMTI3N0Y1MDA3MDAxQjEvUzBobUlB
UUluMXUyZ1pTckJMZ3d6VU02SzNBLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvUzBobUlBUUluMXUyZ1pTckJMZ3d6VU02SzNBLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2QTcwMjEvRTUwMzk5MUMwMkMzMTFFRkJEMTI3N0Y1MDA3
MDAxQjEvQzM3RTRBMEUxNjYzMTFFRkI5QTVFNDVGMDE3MDAxQjEucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMQBezANBgkqhkiG9w0BAQsF
AAOCAQEAKpAgX8PhpQkcNegC6OG1D6e0JoNW2vXxason/ckuzB02pMYGS+bFGpgs
v0p9NCBh6lEqzw48ePHStLfi8AEtOn3qg/gWRo6KS16i5mkG6wavp+8Zvj1B/R+H
4tsogtlBN6huvoqHQ8sCH7/IEQXPUGM4j2otW9nRoWcnRduyP/rzXMwiORn8ibin
PDXcGDCHoKSpsf8Fi8em8gdJ00WktYa0LwU++5rEIG6iXORPTQeraidhj4vRUXa9
fDWOEUYh+j7m/zUdK6SRx8Hh+7CxdwDAwMZJmPcGCu5A01c+hjnS0++HQV4dOX8Q
zu7XTvEPYBb0ubgrX4DSTs6CYFke+g==
-----END CERTIFICATE-----
Generated at Sun Nov 24 05:19:32 2024 by rpki-client on console-ams.rpki-client.org