Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36B35B7/86A7F99073F111EF93569567762E951A/BFB4BD048E3B11EFBE6ED67A762E951A.roa
File: BFB4BD048E3B11EFBE6ED67A762E951A.roa (raw, json)
Hash identifier: 29PbBEEmS4+Pdgh0yo4HDRkml04+8Fig9BDKrXuYghg=
Subject key identifier: F6:C8:F3:11:47:8F:2B:C4:A1:2E:14:D3:27:89:23:07:F6:BA:72:B0
Certificate issuer: /CN=F36B35B7AF/serialNumber=E38937DE377A183822308BE399F0E16DD21E730D
Certificate serial: 32
Authority key identifier: E3:89:37:DE:37:7A:18:38:22:30:8B:E3:99:F0:E1:6D:D2:1E:73:0D
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/44k33jd6GDgiMIvjmfDhbdIecw0.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36B35B7/86A7F99073F111EF93569567762E951A/BFB4BD048E3B11EFBE6ED67A762E951A.roa
Signing time: Sat 19 Oct 2024 17:01:14 +0000
ROA not before: Sat 19 Oct 2024 17:01:11 +0000
ROA not after: Thu 19 Oct 2034 17:01:11 +0000
asID: 329078
IP address blocks: 41.79.136.0/22 maxlen: 24
102.165.128.0/19 maxlen: 24
2c0f:fac8::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36B35B7/86A7F99073F111EF93569567762E951A/44k33jd6GDgiMIvjmfDhbdIecw0.crl
rsync://rpki.afrinic.net/repository/member_repository/F36B35B7/86A7F99073F111EF93569567762E951A/44k33jd6GDgiMIvjmfDhbdIecw0.mft
rsync://rpki.afrinic.net/repository/afrinic/44k33jd6GDgiMIvjmfDhbdIecw0.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 26 Oct 2024 00:05:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 50 (0x32)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36B35B7AF/serialNumber=E38937DE377A183822308BE399F0E16DD21E730D
Validity
Not Before: Oct 19 17:01:11 2024 GMT
Not After : Oct 19 17:01:11 2034 GMT
Subject: CN=6713e5da-e101
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:c5:b8:e8:27:3e:4e:99:86:27:a5:17:08:da:
d8:23:20:06:67:1d:8a:0a:d9:ab:ab:d0:f4:e4:a0:
6c:56:89:79:78:16:4c:00:d1:fc:36:30:31:26:a4:
3b:9c:79:00:e8:3e:56:2b:f9:e9:07:b0:5f:05:23:
33:91:7a:ab:a1:37:0a:f0:c3:e5:14:0a:18:de:ae:
dc:60:78:f7:58:7b:51:27:6b:26:47:54:66:a6:bc:
44:d8:f1:90:9e:2e:07:df:77:6f:ec:d0:c9:99:d5:
ac:fe:32:6c:70:75:cd:b8:e5:d3:6f:e1:5c:fa:b0:
e6:a6:e9:10:9b:7d:90:fa:a3:9a:ab:82:99:23:89:
aa:f9:8b:8a:8f:86:dd:c0:38:26:34:d0:ae:d3:30:
02:e8:76:10:aa:f8:06:a5:41:43:f2:63:47:f7:78:
75:91:86:41:5d:fa:a9:d8:32:f0:4b:7b:50:84:e7:
03:47:60:5a:62:ac:9b:2d:a6:de:7a:ff:8c:31:da:
82:dc:f5:37:86:45:2a:6b:bd:c7:ca:81:15:15:dd:
c8:3b:12:01:e9:5b:98:30:c0:98:5b:45:98:a0:ce:
b7:f6:7f:af:34:a6:42:f1:08:63:88:f0:63:37:11:
ff:eb:2d:f8:a0:73:e1:38:88:ad:59:90:42:0a:7f:
0f:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:C8:F3:11:47:8F:2B:C4:A1:2E:14:D3:27:89:23:07:F6:BA:72:B0
X509v3 Authority Key Identifier:
keyid:E3:89:37:DE:37:7A:18:38:22:30:8B:E3:99:F0:E1:6D:D2:1E:73:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36B35B7/86A7F99073F111EF93569567762E951A/44k33jd6GDgiMIvjmfDhbdIecw0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/44k33jd6GDgiMIvjmfDhbdIecw0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36B35B7/86A7F99073F111EF93569567762E951A/BFB4BD048E3B11EFBE6ED67A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
41.79.136.0/22
102.165.128.0/19
IPv6:
2c0f:fac8::/32
Signature Algorithm: sha256WithRSAEncryption
d3:37:71:d8:61:5f:68:6c:9d:0a:9d:35:e4:60:52:51:c1:3c:
a8:db:00:6e:66:04:8d:b4:34:23:87:84:12:0f:00:32:85:92:
7f:33:74:ad:bb:e6:d2:40:4c:b2:70:93:ea:a5:b3:17:82:e7:
2a:a7:82:72:98:a5:93:4c:af:9e:a5:aa:c8:55:83:5d:d0:86:
f2:8a:7a:f2:ea:ab:58:73:44:cb:fe:dd:49:5b:35:da:c6:d9:
1d:c0:89:86:8a:0a:6f:c1:50:03:aa:63:f2:bd:b1:2e:de:60:
47:1f:a2:da:bb:65:5b:22:bb:a4:6f:7e:ed:a3:5d:42:76:97:
ec:f3:2d:80:20:4c:fd:e2:da:25:97:c4:a1:2c:19:8f:22:b3:
f9:52:26:61:e8:a1:a7:50:e5:4b:7f:fb:84:a5:93:74:9f:55:
b4:a9:52:34:5e:b4:6a:8c:6d:6e:55:6b:3c:28:14:5c:5a:4c:
c0:16:cc:d4:fb:0a:2d:8a:81:a4:06:38:93:a1:77:8d:6a:92:
3e:8c:10:75:35:d9:8d:4a:c4:67:77:e4:94:f0:82:79:91:12:
e3:57:94:13:c9:67:50:e6:6a:b8:67:72:29:0a:99:5f:af:6d:
4f:ba:bb:10:87:d6:24:bf:d1:83:9b:ac:2d:a3:69:5d:72:c3:
40:12:65:db
-----BEGIN CERTIFICATE-----
MIIFlzCCBH+gAwIBAgIBMjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZC
MzVCN0FGMTEwLwYDVQQFEyhFMzg5MzdERTM3N0ExODM4MjIzMDhCRTM5OUYwRTE2
REQyMUU3MzBEMB4XDTI0MTAxOTE3MDExMVoXDTM0MTAxOTE3MDExMVowGDEWMBQG
A1UEAxMNNjcxM2U1ZGEtZTEwMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANPFuOgnPk6ZhielFwja2CMgBmcdigrZq6vQ9OSgbFaJeXgWTADR/DYwMSak
O5x5AOg+Viv56QewXwUjM5F6q6E3CvDD5RQKGN6u3GB491h7USdrJkdUZqa8RNjx
kJ4uB993b+zQyZnVrP4ybHB1zbjl02/hXPqw5qbpEJt9kPqjmquCmSOJqvmLio+G
3cA4JjTQrtMwAuh2EKr4BqVBQ/JjR/d4dZGGQV36qdgy8Et7UITnA0dgWmKsmy2m
3nr/jDHagtz1N4ZFKmu9x8qBFRXdyDsSAelbmDDAmFtFmKDOt/Z/rzSmQvEIY4jw
YzcR/+st+KBz4TiIrVmQQgp/D4kCAwEAAaOCArowggK2MB0GA1UdDgQWBBT2yPMR
R48rxKEuFNMniSMH9rpysDAfBgNVHSMEGDAWgBTjiTfeN3oYOCIwi+OZ8OFt0h5z
DTAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2QjM1QjcvODZBN0Y5OTA3M0YxMTFFRjkzNTY5NTY3NzYyRTk1MUEvNDRrMzNq
ZDZHRGdpTUl2am1mRGhiZEllY3cwLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvNDRrMzNqZDZHRGdpTUl2am1mRGhiZEllY3cwLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2QjM1QjcvODZBN0Y5OTA3M0YxMTFFRjkzNTY5NTY3NzYy
RTk1MUEvQkZCNEJEMDQ4RTNCMTFFRkJFNkVENjdBNzYyRTk1MUEucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDA0BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEAilPiAMEBWalgDANBAIAAjAH
AwUALA/6yDANBgkqhkiG9w0BAQsFAAOCAQEA0zdx2GFfaGydCp015GBSUcE8qNsA
bmYEjbQ0I4eEEg8AMoWSfzN0rbvm0kBMsnCT6qWzF4LnKqeCcpilk0yvnqWqyFWD
XdCG8op68uqrWHNEy/7dSVs12sbZHcCJhooKb8FQA6pj8r2xLt5gRx+i2rtlWyK7
pG9+7aNdQnaX7PMtgCBM/eLaJZfEoSwZjyKz+VImYeihp1DlS3/7hKWTdJ9VtKlS
NF60aoxtblVrPCgUXFpMwBbM1PsKLYqBpAY4k6F3jWqSPowQdTXZjUrEZ3fklPCC
eZES41eUE8lnUOZquGdyKQqZX69tT7q7EIfWJL/Rg5usLaNpXXLDQBJl2w==
-----END CERTIFICATE-----
Generated at Thu Oct 24 07:10:24 2024 by rpki-client on console-ams.rpki-client.org