Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36C01B9/895D9300DA2E11EEA0B0C4A6775412E6/65EFAFA4DBAD11EE99A192A0775412E6.roa
File: 65EFAFA4DBAD11EE99A192A0775412E6.roa (raw, json)
Hash identifier: xDbgGc9aslerGMRXNAzEjMD2HigCe+tvd3OS6eTgEtA=
Subject key identifier: AF:41:9A:F1:B6:BE:25:1E:C3:9E:BA:2D:BB:4C:69:DB:8A:23:CB:DF
Certificate issuer: /CN=F36C01B9AF/serialNumber=E2FB6437B4C94D5F51221B1650563A48FF54BE09
Certificate serial: 16
Authority key identifier: E2:FB:64:37:B4:C9:4D:5F:51:22:1B:16:50:56:3A:48:FF:54:BE:09
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/4vtkN7TJTV9RIhsWUFY6SP9Uvgk.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36C01B9/895D9300DA2E11EEA0B0C4A6775412E6/65EFAFA4DBAD11EE99A192A0775412E6.roa
Signing time: Wed 06 Mar 2024 11:33:48 +0000
ROA not before: Wed 06 Mar 2024 11:33:45 +0000
ROA not after: Fri 06 Mar 2026 11:33:45 +0000
asID: 25543
IP address blocks: 196.28.240.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36C01B9/895D9300DA2E11EEA0B0C4A6775412E6/4vtkN7TJTV9RIhsWUFY6SP9Uvgk.crl
rsync://rpki.afrinic.net/repository/member_repository/F36C01B9/895D9300DA2E11EEA0B0C4A6775412E6/4vtkN7TJTV9RIhsWUFY6SP9Uvgk.mft
rsync://rpki.afrinic.net/repository/afrinic/4vtkN7TJTV9RIhsWUFY6SP9Uvgk.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 22 (0x16)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36C01B9AF/serialNumber=E2FB6437B4C94D5F51221B1650563A48FF54BE09
Validity
Not Before: Mar 6 11:33:45 2024 GMT
Not After : Mar 6 11:33:45 2026 GMT
Subject: CN=65e8549c-bc32
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:97:6b:7f:40:e7:0a:19:6f:24:96:cd:ab:06:
2b:1a:9f:57:bd:a3:ad:ff:81:60:2b:bb:08:6e:6f:
66:98:3d:26:90:1b:8f:7f:c3:d4:91:e7:fc:46:46:
04:d3:69:87:0e:78:fa:5d:4a:68:da:cc:f3:b0:13:
9b:e0:6f:e7:f9:85:ee:2c:09:fd:c0:d4:fb:d2:10:
21:92:2f:f7:b1:41:89:0e:b9:90:3f:d8:91:74:3c:
93:ff:6f:c2:7b:1f:a2:e2:bc:37:7b:d1:eb:d1:3e:
76:f8:10:6e:16:b0:bc:ff:e5:50:87:ad:67:9b:16:
ce:29:2e:c6:a6:60:ad:08:b6:f0:b3:e3:d6:af:1c:
db:3b:af:6c:e0:f4:e4:08:5a:8b:26:1f:b4:58:b1:
fe:0b:0b:7d:de:91:a7:dd:33:e3:d0:61:8c:da:70:
ef:7e:0b:48:76:68:8f:07:16:e6:e9:7d:7a:8a:40:
97:12:90:44:6a:a0:c7:54:c2:c4:52:1b:c0:4b:d0:
a0:64:86:a6:11:7c:96:7e:7b:3e:44:44:fe:47:92:
c6:ba:41:fe:e6:d2:28:50:64:ee:2d:16:ba:1a:cf:
64:f1:76:74:8c:37:5b:9a:65:b4:4d:83:15:07:3c:
31:97:60:96:f8:d9:5c:1e:be:8b:e7:71:f9:4c:7d:
50:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:41:9A:F1:B6:BE:25:1E:C3:9E:BA:2D:BB:4C:69:DB:8A:23:CB:DF
X509v3 Authority Key Identifier:
keyid:E2:FB:64:37:B4:C9:4D:5F:51:22:1B:16:50:56:3A:48:FF:54:BE:09
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36C01B9/895D9300DA2E11EEA0B0C4A6775412E6/4vtkN7TJTV9RIhsWUFY6SP9Uvgk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/4vtkN7TJTV9RIhsWUFY6SP9Uvgk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36C01B9/895D9300DA2E11EEA0B0C4A6775412E6/65EFAFA4DBAD11EE99A192A0775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
196.28.240.0/20
Signature Algorithm: sha256WithRSAEncryption
4e:4c:52:04:20:b0:f4:ed:cc:c6:2e:ab:e5:e1:f6:c0:00:58:
aa:d1:4c:3a:b7:22:d4:0f:3d:ca:81:81:96:a4:86:5d:f5:b1:
e0:2f:c6:43:66:c0:f9:64:28:3f:61:52:70:34:e5:62:88:b6:
db:41:8c:83:4e:96:cc:87:4b:c9:37:78:f7:db:95:df:a0:8d:
ba:2a:cf:fa:6d:6c:4e:12:e6:68:2a:b3:ca:36:ef:0f:3e:9a:
03:0b:e4:96:8e:04:d2:25:d4:f3:90:7f:c4:ad:1e:61:4d:b4:
1e:73:f8:7f:4c:e7:45:38:11:37:c8:b7:39:d8:61:19:c6:b8:
b7:06:28:63:ed:91:19:74:14:7d:1a:fc:d5:5c:1f:03:69:0b:
03:69:56:88:97:18:0a:e7:19:a6:c4:93:ad:16:d7:a6:a3:83:
e9:ae:ee:7f:5e:b7:0d:92:f4:b8:30:71:6c:ea:45:41:09:ee:
ad:fc:99:59:c9:63:e3:90:67:6c:30:f8:60:7a:31:dd:db:3b:
3b:9c:cd:7e:51:5b:29:63:2d:11:1e:18:f1:7e:a5:56:1d:47:
c4:a1:e8:ab:fa:d9:52:66:c9:58:b3:eb:91:d7:2b:07:5c:91:
16:c0:bd:70:ca:db:78:30:72:a0:a4:b1:08:7c:9c:c8:41:b1:
6f:fe:3f:18
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBFjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZD
MDFCOUFGMTEwLwYDVQQFEyhFMkZCNjQzN0I0Qzk0RDVGNTEyMjFCMTY1MDU2M0E0
OEZGNTRCRTA5MB4XDTI0MDMwNjExMzM0NVoXDTI2MDMwNjExMzM0NVowGDEWMBQG
A1UEAxMNNjVlODU0OWMtYmMzMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMWXa39A5woZbySWzasGKxqfV72jrf+BYCu7CG5vZpg9JpAbj3/D1JHn/EZG
BNNphw54+l1KaNrM87ATm+Bv5/mF7iwJ/cDU+9IQIZIv97FBiQ65kD/YkXQ8k/9v
wnsfouK8N3vR69E+dvgQbhawvP/lUIetZ5sWzikuxqZgrQi28LPj1q8c2zuvbOD0
5AhaiyYftFix/gsLfd6Rp90z49BhjNpw734LSHZojwcW5ul9eopAlxKQRGqgx1TC
xFIbwEvQoGSGphF8ln57PkRE/keSxrpB/ubSKFBk7i0WuhrPZPF2dIw3W5pltE2D
FQc8MZdglvjZXB6+i+dx+Ux9UJkCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBSvQZrx
tr4lHsOeui27TGnbiiPL3zAfBgNVHSMEGDAWgBTi+2Q3tMlNX1EiGxZQVjpI/1S+
CTAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2QzAxQjkvODk1RDkzMDBEQTJFMTFFRUEwQjBDNEE2Nzc1NDEyRTYvNHZ0a043
VEpUVjlSSWhzV1VGWTZTUDlVdmdrLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvNHZ0a043VEpUVjlSSWhzV1VGWTZTUDlVdmdrLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2QzAxQjkvODk1RDkzMDBEQTJFMTFFRUEwQjBDNEE2Nzc1
NDEyRTYvNjVFRkFGQTREQkFEMTFFRTk5QTE5MkEwNzc1NDEyRTYucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBMQc8DANBgkqhkiG9w0BAQsF
AAOCAQEATkxSBCCw9O3Mxi6r5eH2wABYqtFMOrci1A89yoGBlqSGXfWx4C/GQ2bA
+WQoP2FScDTlYoi220GMg06WzIdLyTd499uV36CNuirP+m1sThLmaCqzyjbvDz6a
Awvklo4E0iXU85B/xK0eYU20HnP4f0znRTgRN8i3OdhhGca4twYoY+2RGXQUfRr8
1VwfA2kLA2lWiJcYCucZpsSTrRbXpqOD6a7uf163DZL0uDBxbOpFQQnurfyZWclj
45BnbDD4YHox3ds7O5zNflFbKWMtER4Y8X6lVh1HxKHoq/rZUmbJWLPrkdcrB1yR
FsC9cMrbeDByoKSxCHycyEGxb/4/GA==
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:05:23 2024 by rpki-client on console-ams.rpki-client.org