Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36BF1B7/71F44CFCEE9F11E8946A735DF8AEA228/3622D1AAEEA211E89867905FF8AEA228.roa
File: 3622D1AAEEA211E89867905FF8AEA228.roa (raw, json)
Hash identifier: QDmUgaFX7YS3buOBowBMA1u32zvhujbAZ2pZ6j/6DXM=
Subject key identifier: D1:12:33:8B:88:C5:79:DF:B0:DA:C6:81:67:70:95:4B:8C:2D:E2:2C
Certificate issuer: /CN=F36BF1B7AF/serialNumber=56D926DFE14B5414EAB59375D94CF01FA548D316
Certificate serial: 03
Authority key identifier: 56:D9:26:DF:E1:4B:54:14:EA:B5:93:75:D9:4C:F0:1F:A5:48:D3:16
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/Vtkm3-FLVBTqtZN12UzwH6VI0xY.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36BF1B7/71F44CFCEE9F11E8946A735DF8AEA228/3622D1AAEEA211E89867905FF8AEA228.roa
Signing time: Thu 22 Nov 2018 22:01:50 +0000
ROA not before: Thu 22 Nov 2018 22:01:45 +0000
ROA not after: Wed 22 Nov 2028 22:01:45 +0000
asID: 13335
IP address blocks: 197.234.240.0/22 maxlen: 22
197.234.240.0/24 maxlen: 24
197.234.241.0/24 maxlen: 24
197.234.242.0/24 maxlen: 24
197.234.243.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36BF1B7/71F44CFCEE9F11E8946A735DF8AEA228/Vtkm3-FLVBTqtZN12UzwH6VI0xY.crl
rsync://rpki.afrinic.net/repository/member_repository/F36BF1B7/71F44CFCEE9F11E8946A735DF8AEA228/Vtkm3-FLVBTqtZN12UzwH6VI0xY.mft
rsync://rpki.afrinic.net/repository/afrinic/Vtkm3-FLVBTqtZN12UzwH6VI0xY.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3 (0x3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36BF1B7AF/serialNumber=56D926DFE14B5414EAB59375D94CF01FA548D316
Validity
Not Before: Nov 22 22:01:45 2018 GMT
Not After : Nov 22 22:01:45 2028 GMT
Subject: CN=5bf7274e-4ba5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:2d:ac:30:af:6e:1e:a6:24:12:5d:68:a1:32:
a7:b4:d8:d3:73:78:18:26:94:ee:af:11:53:f4:50:
82:97:cc:94:4c:82:e7:eb:4b:37:0b:d5:c2:44:c8:
60:84:af:67:6f:68:7c:c2:54:e7:cc:a0:13:fe:dc:
48:4e:77:f3:38:8f:80:12:86:db:9b:0c:85:33:94:
eb:c7:91:03:49:d9:96:4f:06:c6:45:fe:17:81:18:
3a:0a:df:0a:33:c9:d7:ef:a3:f8:81:10:9d:70:c6:
6a:b5:7f:6a:38:33:82:80:55:d5:69:5b:93:6d:db:
a3:49:42:8e:c3:a1:08:9b:88:fb:53:ee:b3:e9:6c:
88:bc:bf:ca:e6:52:9d:68:3e:89:f0:32:e8:c5:cd:
41:93:72:27:27:63:db:a6:c1:8b:6b:c5:64:8a:39:
3c:49:95:58:6c:38:ba:af:56:ef:c9:96:5c:a0:13:
7d:ec:7b:60:12:6e:2a:9f:1c:67:8f:c4:f3:65:e4:
a0:b2:b1:60:53:9f:9a:6c:3f:bd:e8:49:18:e1:69:
61:57:04:11:6c:d3:d7:bb:e1:52:d8:f6:d2:5f:c4:
5a:84:d3:b3:6b:a8:31:aa:89:29:38:48:94:16:fe:
1c:da:0b:0f:5d:78:36:50:cb:22:cc:89:09:33:ea:
bd:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:12:33:8B:88:C5:79:DF:B0:DA:C6:81:67:70:95:4B:8C:2D:E2:2C
X509v3 Authority Key Identifier:
keyid:56:D9:26:DF:E1:4B:54:14:EA:B5:93:75:D9:4C:F0:1F:A5:48:D3:16
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36BF1B7/71F44CFCEE9F11E8946A735DF8AEA228/Vtkm3-FLVBTqtZN12UzwH6VI0xY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/Vtkm3-FLVBTqtZN12UzwH6VI0xY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36BF1B7/71F44CFCEE9F11E8946A735DF8AEA228/3622D1AAEEA211E89867905FF8AEA228.roa
sbgp-ipAddrBlock: critical
IPv4:
197.234.240.0/22
Signature Algorithm: sha256WithRSAEncryption
2b:6f:ea:d4:a3:f6:72:82:06:fc:b5:ee:c0:e6:be:75:98:d5:
92:2d:ca:b1:57:44:dd:9f:f8:da:65:e8:2f:79:1d:a0:2c:ed:
0d:a2:9f:36:f8:37:8b:07:9e:00:be:f2:73:b8:a1:38:b8:ad:
85:38:47:18:2a:03:47:53:2c:bf:30:ed:43:89:c3:5b:fe:9a:
e0:cc:c7:a7:da:f3:f1:cb:6f:e4:bd:10:29:d9:bf:71:ec:20:
00:4a:ec:8b:56:85:e1:df:ac:6c:b8:12:7a:3c:f2:84:36:59:
8b:68:67:d3:dc:c3:6e:78:d5:46:c9:90:c8:e2:7e:d8:77:73:
da:23:7c:eb:b3:1b:29:56:0b:54:5c:5e:dd:70:e5:92:77:59:
dd:45:3a:1a:be:d4:25:ef:95:8c:62:46:e9:97:00:d9:ab:b1:
ab:23:cb:24:ba:c6:ab:48:74:c6:8e:96:a0:fd:03:5e:e5:49:
43:27:d9:ea:5b:4c:fc:d5:30:38:e3:fe:7d:f6:57:2a:68:9c:
f6:1d:f4:34:25:59:1c:b8:97:af:09:07:ed:80:2b:09:c8:0f:
01:ef:76:75:0a:2e:90:16:e9:f8:96:dd:42:82:35:7c:94:29:
03:2d:f4:3b:1e:f4:28:02:52:5d:08:9c:a3:18:7d:c3:26:42:
20:02:78:84
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgIBAzANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZC
RjFCN0FGMTEwLwYDVQQFEyg1NkQ5MjZERkUxNEI1NDE0RUFCNTkzNzVEOTRDRjAx
RkE1NDhEMzE2MB4XDTE4MTEyMjIyMDE0NVoXDTI4MTEyMjIyMDE0NVowGDEWMBQG
A1UEAxMNNWJmNzI3NGUtNGJhNTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALotrDCvbh6mJBJdaKEyp7TY03N4GCaU7q8RU/RQgpfMlEyC5+tLNwvVwkTI
YISvZ29ofMJU58ygE/7cSE538ziPgBKG25sMhTOU68eRA0nZlk8GxkX+F4EYOgrf
CjPJ1++j+IEQnXDGarV/ajgzgoBV1Wlbk23bo0lCjsOhCJuI+1Pus+lsiLy/yuZS
nWg+ifAy6MXNQZNyJydj26bBi2vFZIo5PEmVWGw4uq9W78mWXKATfex7YBJuKp8c
Z4/E82XkoLKxYFOfmmw/vehJGOFpYVcEEWzT17vhUtj20l/EWoTTs2uoMaqJKThI
lBb+HNoLD114NlDLIsyJCTPqvckCAwEAAaOCAm4wggJqMB0GA1UdDgQWBBTREjOL
iMV537DaxoFncJVLjC3iLDAfBgNVHSMEGDAWgBRW2Sbf4UtUFOq1k3XZTPAfpUjT
FjAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2QkYxQjcvNzFGNDRDRkNFRTlGMTFFODk0NkE3MzVERjhBRUEyMjgvVnRrbTMt
RkxWQlRxdFpOMTJVendINlZJMHhZLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvVnRrbTMtRkxWQlRxdFpOMTJVendINlZJMHhZLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCBpAYIKwYBBQUHAQsEgZcwgZQwgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2QkYxQjcvNzFGNDRDRkNFRTlGMTFFODk0NkE3MzVERjhB
RUEyMjgvMzYyMkQxQUFFRUEyMTFFODk4Njc5MDVGRjhBRUEyMjgucm9hMB8GCCsG
AQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCxerwMA0GCSqGSIb3DQEBCwUAA4IBAQAr
b+rUo/Zyggb8te7A5r51mNWSLcqxV0Tdn/jaZegveR2gLO0Nop82+DeLB54AvvJz
uKE4uK2FOEcYKgNHUyy/MO1DicNb/prgzMen2vPxy2/kvRAp2b9x7CAASuyLVoXh
36xsuBJ6PPKENlmLaGfT3MNueNVGyZDI4n7Yd3PaI3zrsxspVgtUXF7dcOWSd1nd
RToavtQl75WMYkbplwDZq7GrI8skusarSHTGjpag/QNe5UlDJ9nqW0z81TA44/59
9lcqaJz2HfQ0JVkcuJevCQftgCsJyA8B73Z1Ci6QFun4lt1CgjV8lCkDLfQ7HvQo
AlJdCJyjGH3DJkIgAniE
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:05:22 2024 by rpki-client on console-ams.rpki-client.org