Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36B0C44/DEB69BA6BF7811EE86CB6CB7775412E6/CE4C1BD8BF7D11EE97BCA7BF775412E6.roa
File: CE4C1BD8BF7D11EE97BCA7BF775412E6.roa (raw, json)
Hash identifier: yJpP30xuvTe5uFFB4LtOLOWEiDS7piREXKk0KFAJ23A=
Subject key identifier: C3:DB:C8:D8:0C:68:37:9C:F5:DE:74:08:8D:83:00:F1:39:B6:9A:D4
Certificate issuer: /CN=F36B0C44AF/serialNumber=49BAE67DFEDE9D9509BB03A7C732DC566166B75A
Certificate serial: 08
Authority key identifier: 49:BA:E6:7D:FE:DE:9D:95:09:BB:03:A7:C7:32:DC:56:61:66:B7:5A
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/Sbrmff7enZUJuwOnxzLcVmFmt1o.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36B0C44/DEB69BA6BF7811EE86CB6CB7775412E6/CE4C1BD8BF7D11EE97BCA7BF775412E6.roa
Signing time: Tue 30 Jan 2024 14:42:35 +0000
ROA not before: Tue 30 Jan 2024 14:42:31 +0000
ROA not after: Thu 25 Feb 2044 14:42:31 +0000
asID: 37480
IP address blocks: 197.255.0.0/18 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36B0C44/DEB69BA6BF7811EE86CB6CB7775412E6/Sbrmff7enZUJuwOnxzLcVmFmt1o.crl
rsync://rpki.afrinic.net/repository/member_repository/F36B0C44/DEB69BA6BF7811EE86CB6CB7775412E6/Sbrmff7enZUJuwOnxzLcVmFmt1o.mft
rsync://rpki.afrinic.net/repository/afrinic/Sbrmff7enZUJuwOnxzLcVmFmt1o.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8 (0x8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36B0C44AF/serialNumber=49BAE67DFEDE9D9509BB03A7C732DC566166B75A
Validity
Not Before: Jan 30 14:42:31 2024 GMT
Not After : Feb 25 14:42:31 2044 GMT
Subject: CN=65b90adb-22a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:9b:44:65:37:db:eb:e4:1b:18:cf:81:5e:3d:
63:c4:9b:00:c1:43:78:51:b3:39:46:ec:8f:9d:46:
e7:8f:cd:1e:57:db:33:56:97:d7:32:61:80:09:dc:
9e:20:eb:51:8e:6c:aa:6a:be:21:5b:53:a1:f4:5d:
a2:9b:ae:77:0b:18:4a:c4:7b:5a:05:64:0a:cf:4f:
c7:c8:cc:7a:d9:93:01:ed:b0:60:6b:ac:d2:4b:bc:
cf:7f:a7:14:a3:5f:24:ef:5f:84:af:bc:59:bb:31:
4d:ee:75:d7:e1:1d:2d:45:8f:16:4d:d8:7c:f8:c6:
9c:6a:0d:11:06:c2:e7:45:92:e2:4e:bc:be:f9:33:
22:40:4f:60:82:c7:40:44:7d:7a:51:79:2e:f6:e6:
92:cc:67:b3:61:18:b9:13:a1:3e:b5:39:9c:c1:af:
b4:b4:b5:1d:b7:cd:36:32:8c:da:a4:b9:6a:12:70:
67:11:f8:92:2d:0b:7c:69:3c:85:71:98:47:c8:e5:
b9:8f:a4:78:92:89:a1:12:42:7a:ca:65:9f:36:af:
79:3d:1e:44:0b:e3:59:36:00:22:ed:12:1c:69:c2:
da:90:df:82:3a:65:31:04:ad:21:85:16:bc:84:7d:
a7:4a:6b:9d:cd:0b:60:af:37:35:b2:00:20:f8:42:
23:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:DB:C8:D8:0C:68:37:9C:F5:DE:74:08:8D:83:00:F1:39:B6:9A:D4
X509v3 Authority Key Identifier:
keyid:49:BA:E6:7D:FE:DE:9D:95:09:BB:03:A7:C7:32:DC:56:61:66:B7:5A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36B0C44/DEB69BA6BF7811EE86CB6CB7775412E6/Sbrmff7enZUJuwOnxzLcVmFmt1o.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/Sbrmff7enZUJuwOnxzLcVmFmt1o.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36B0C44/DEB69BA6BF7811EE86CB6CB7775412E6/CE4C1BD8BF7D11EE97BCA7BF775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
197.255.0.0/18
Signature Algorithm: sha256WithRSAEncryption
80:b9:f7:6e:a8:1f:9c:95:82:63:58:6a:f0:d8:5e:fc:6e:bb:
5b:a2:c9:04:4b:c5:8c:19:b2:64:ae:74:92:98:c5:66:20:3f:
f9:cd:07:56:1e:fc:38:f0:22:a0:13:c0:8b:c5:13:fb:85:eb:
c4:f4:5c:51:c8:3c:45:e7:f4:be:0e:a1:6a:b8:ca:61:2f:90:
14:f3:1a:5e:10:7f:68:6b:c0:ea:f7:fb:80:e7:b8:86:bd:37:
b5:df:3d:12:bb:95:f1:03:ad:92:bd:f5:c6:45:40:7f:26:e8:
80:59:7d:93:7a:50:8a:d2:a0:e6:68:dd:8e:c8:f6:d2:79:bf:
da:95:09:ba:69:88:29:81:67:ef:e7:b8:ac:9e:13:fa:2c:1b:
56:e7:79:71:b8:15:8d:97:fd:aa:b9:6f:4c:0b:46:ee:c7:7f:
b9:0e:3c:60:7e:6b:c3:22:49:36:4e:c9:70:0b:90:0f:7a:67:
65:7e:3d:58:54:2e:e4:89:96:4f:a9:0e:f3:fe:26:23:62:4e:
82:d6:ce:f6:80:31:2d:2b:9c:e9:76:2b:73:d5:5c:28:fd:f0:
64:d1:99:d3:b4:77:1d:1a:fa:84:85:90:c4:12:41:2d:fe:1b:
24:42:e7:35:c2:92:94:07:a0:fc:d4:2d:fa:a8:1e:22:12:ac:
60:84:76:c5
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBCDANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZC
MEM0NEFGMTEwLwYDVQQFEyg0OUJBRTY3REZFREU5RDk1MDlCQjAzQTdDNzMyREM1
NjYxNjZCNzVBMB4XDTI0MDEzMDE0NDIzMVoXDTQ0MDIyNTE0NDIzMVowGDEWMBQG
A1UEAxMNNjViOTBhZGItMjJhMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKubRGU32+vkGxjPgV49Y8SbAMFDeFGzOUbsj51G54/NHlfbM1aX1zJhgAnc
niDrUY5sqmq+IVtTofRdopuudwsYSsR7WgVkCs9Px8jMetmTAe2wYGus0ku8z3+n
FKNfJO9fhK+8WbsxTe511+EdLUWPFk3YfPjGnGoNEQbC50WS4k68vvkzIkBPYILH
QER9elF5Lvbmksxns2EYuROhPrU5nMGvtLS1HbfNNjKM2qS5ahJwZxH4ki0LfGk8
hXGYR8jluY+keJKJoRJCesplnzaveT0eRAvjWTYAIu0SHGnC2pDfgjplMQStIYUW
vIR9p0prnc0LYK83NbIAIPhCIy8CAwEAAaOCAqUwggKhMB0GA1UdDgQWBBTD28jY
DGg3nPXedAiNgwDxObaa1DAfBgNVHSMEGDAWgBRJuuZ9/t6dlQm7A6fHMtxWYWa3
WjAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2QjBDNDQvREVCNjlCQTZCRjc4MTFFRTg2Q0I2Q0I3Nzc1NDEyRTYvU2JybWZm
N2VuWlVKdXdPbnh6TGNWbUZtdDFvLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvU2JybWZmN2VuWlVKdXdPbnh6TGNWbUZtdDFvLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2QjBDNDQvREVCNjlCQTZCRjc4MTFFRTg2Q0I2Q0I3Nzc1
NDEyRTYvQ0U0QzFCRDhCRjdEMTFFRTk3QkNBN0JGNzc1NDEyRTYucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBsX/ADANBgkqhkiG9w0BAQsF
AAOCAQEAgLn3bqgfnJWCY1hq8Nhe/G67W6LJBEvFjBmyZK50kpjFZiA/+c0HVh78
OPAioBPAi8UT+4XrxPRcUcg8Ref0vg6harjKYS+QFPMaXhB/aGvA6vf7gOe4hr03
td89EruV8QOtkr31xkVAfybogFl9k3pQitKg5mjdjsj20nm/2pUJummIKYFn7+e4
rJ4T+iwbVud5cbgVjZf9qrlvTAtG7sd/uQ48YH5rwyJJNk7JcAuQD3pnZX49WFQu
5ImWT6kO8/4mI2JOgtbO9oAxLSuc6XYrc9VcKP3wZNGZ07R3HRr6hIWQxBJBLf4b
JELnNcKSlAeg/NQt+qgeIhKsYIR2xQ==
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:52:58 2024 by rpki-client on console-fra.rpki-client.org