Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36C01B9/895D9300DA2E11EEA0B0C4A6775412E6/8B055618DAF911EEB32F9977775412E6.roa
File: 8B055618DAF911EEB32F9977775412E6.roa (raw, json)
Hash identifier: cqXh32KUhYATw6yNCut8q5MHNB9zXApS3+czZ47+Jn8=
Subject key identifier: 98:00:BE:C6:5B:73:E9:F3:64:CB:7D:4C:BA:31:B7:0C:83:89:A0:CB
Certificate issuer: /CN=F36C01B9AF/serialNumber=E2FB6437B4C94D5F51221B1650563A48FF54BE09
Certificate serial: 0D
Authority key identifier: E2:FB:64:37:B4:C9:4D:5F:51:22:1B:16:50:56:3A:48:FF:54:BE:09
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/4vtkN7TJTV9RIhsWUFY6SP9Uvgk.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36C01B9/895D9300DA2E11EEA0B0C4A6775412E6/8B055618DAF911EEB32F9977775412E6.roa
Signing time: Tue 05 Mar 2024 14:06:21 +0000
ROA not before: Tue 05 Mar 2024 14:06:17 +0000
ROA not after: Thu 05 Mar 2026 14:06:17 +0000
asID: 25543
IP address blocks: 196.28.247.0/24 maxlen: 24
2c0f:fd80::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36C01B9/895D9300DA2E11EEA0B0C4A6775412E6/4vtkN7TJTV9RIhsWUFY6SP9Uvgk.crl
rsync://rpki.afrinic.net/repository/member_repository/F36C01B9/895D9300DA2E11EEA0B0C4A6775412E6/4vtkN7TJTV9RIhsWUFY6SP9Uvgk.mft
rsync://rpki.afrinic.net/repository/afrinic/4vtkN7TJTV9RIhsWUFY6SP9Uvgk.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13 (0xd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36C01B9AF/serialNumber=E2FB6437B4C94D5F51221B1650563A48FF54BE09
Validity
Not Before: Mar 5 14:06:17 2024 GMT
Not After : Mar 5 14:06:17 2026 GMT
Subject: CN=65e726dd-7810
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:ff:d3:ef:b0:60:53:04:35:46:6d:29:47:2d:
c6:9c:91:6f:2d:a8:7c:cd:2d:8d:80:f4:ea:d3:b7:
2e:e2:fe:82:f7:fa:f1:30:49:21:f1:ee:97:b8:de:
92:7d:52:48:f8:a8:14:7f:87:d8:b9:5b:d3:e6:40:
f6:23:97:3a:8a:06:60:87:81:3d:68:11:50:d3:86:
31:21:fa:08:20:56:f2:d4:d3:42:67:9d:1a:e1:4b:
21:e2:68:56:cd:da:26:be:32:c5:ef:78:76:4f:b6:
c4:b4:e9:4b:60:a3:00:96:7a:f3:a8:42:4b:f8:4f:
be:da:c2:5b:c6:00:c1:d2:02:a3:ca:fa:dd:99:5b:
9a:90:02:1a:c4:b0:36:97:41:0c:0f:c1:5f:40:6f:
82:0b:04:fa:c5:a6:03:cf:1c:b9:15:20:f9:90:ed:
40:f1:ee:ef:03:a8:6b:31:0c:aa:93:d1:9c:d6:78:
6b:05:f2:fd:8f:95:21:0a:cf:ae:d1:fc:26:99:d5:
da:6b:13:eb:ca:22:53:2f:cb:c0:9f:80:7f:da:2d:
f9:a9:bb:5d:59:d4:02:64:70:aa:45:11:2f:d9:9b:
ba:e6:25:7d:3e:06:3b:79:15:25:86:02:9e:35:59:
fd:39:e3:57:17:85:1b:be:0e:46:1e:4a:3f:43:0b:
48:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:00:BE:C6:5B:73:E9:F3:64:CB:7D:4C:BA:31:B7:0C:83:89:A0:CB
X509v3 Authority Key Identifier:
keyid:E2:FB:64:37:B4:C9:4D:5F:51:22:1B:16:50:56:3A:48:FF:54:BE:09
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36C01B9/895D9300DA2E11EEA0B0C4A6775412E6/4vtkN7TJTV9RIhsWUFY6SP9Uvgk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/4vtkN7TJTV9RIhsWUFY6SP9Uvgk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36C01B9/895D9300DA2E11EEA0B0C4A6775412E6/8B055618DAF911EEB32F9977775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
196.28.247.0/24
IPv6:
2c0f:fd80::/32
Signature Algorithm: sha256WithRSAEncryption
44:8f:1d:6c:08:e4:8f:ec:fe:0e:8e:03:db:81:a8:20:cd:1f:
13:d3:36:53:a7:9c:8c:bf:bd:3c:c7:30:94:d2:ca:e1:6a:0e:
29:c7:f8:17:54:9f:e7:92:da:2c:39:1b:b1:f0:cd:7b:2b:30:
de:e8:81:48:ab:66:73:82:7a:b2:f2:82:bd:97:e0:01:a7:2a:
66:8f:e5:e8:e7:1d:30:d1:dc:70:c6:1d:b3:ea:20:33:bf:15:
38:79:e0:2c:a5:ed:87:d4:30:bb:e2:18:6a:da:dc:dc:6e:2c:
41:62:f9:be:ab:0c:c4:5d:19:81:99:74:cf:69:c5:b8:2f:58:
5f:6b:a3:e4:cc:80:35:8e:86:f4:18:16:fd:b3:bf:d5:c2:4c:
b2:53:95:2b:f2:6b:b8:60:27:12:e4:be:92:2a:8b:34:a6:df:
61:85:97:a4:22:03:53:8a:6d:be:78:9c:ef:bc:da:5c:da:e2:
90:30:77:63:f3:10:2a:42:6d:5f:a1:c3:f8:7f:0e:8e:81:37:
b6:3f:09:e0:66:3e:b9:4b:56:2a:47:74:e9:ca:ea:4e:f5:87:
1d:e2:61:1f:39:cd:ff:c8:d8:d5:41:2a:03:62:42:a9:00:15:
d9:f2:67:0e:09:ba:83:24:37:52:a5:e3:68:87:16:b3:97:f4:
59:4c:99:fd
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgIBDTANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZD
MDFCOUFGMTEwLwYDVQQFEyhFMkZCNjQzN0I0Qzk0RDVGNTEyMjFCMTY1MDU2M0E0
OEZGNTRCRTA5MB4XDTI0MDMwNTE0MDYxN1oXDTI2MDMwNTE0MDYxN1owGDEWMBQG
A1UEAxMNNjVlNzI2ZGQtNzgxMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMX/0++wYFMENUZtKUctxpyRby2ofM0tjYD06tO3LuL+gvf68TBJIfHul7je
kn1SSPioFH+H2Llb0+ZA9iOXOooGYIeBPWgRUNOGMSH6CCBW8tTTQmedGuFLIeJo
Vs3aJr4yxe94dk+2xLTpS2CjAJZ686hCS/hPvtrCW8YAwdICo8r63ZlbmpACGsSw
NpdBDA/BX0BvggsE+sWmA88cuRUg+ZDtQPHu7wOoazEMqpPRnNZ4awXy/Y+VIQrP
rtH8JpnV2msT68oiUy/LwJ+Af9ot+am7XVnUAmRwqkURL9mbuuYlfT4GO3kVJYYC
njVZ/TnjVxeFG74ORh5KP0MLSGkCAwEAAaOCArQwggKwMB0GA1UdDgQWBBSYAL7G
W3Pp82TLfUy6MbcMg4mgyzAfBgNVHSMEGDAWgBTi+2Q3tMlNX1EiGxZQVjpI/1S+
CTAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2QzAxQjkvODk1RDkzMDBEQTJFMTFFRUEwQjBDNEE2Nzc1NDEyRTYvNHZ0a043
VEpUVjlSSWhzV1VGWTZTUDlVdmdrLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvNHZ0a043VEpUVjlSSWhzV1VGWTZTUDlVdmdrLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2QzAxQjkvODk1RDkzMDBEQTJFMTFFRUEwQjBDNEE2Nzc1
NDEyRTYvOEIwNTU2MThEQUY5MTFFRUIzMkY5OTc3Nzc1NDEyRTYucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAMQc9zANBAIAAjAHAwUALA/9
gDANBgkqhkiG9w0BAQsFAAOCAQEARI8dbAjkj+z+Do4D24GoIM0fE9M2U6ecjL+9
PMcwlNLK4WoOKcf4F1Sf55LaLDkbsfDNeysw3uiBSKtmc4J6svKCvZfgAacqZo/l
6OcdMNHccMYds+ogM78VOHngLKXth9Qwu+IYatrc3G4sQWL5vqsMxF0ZgZl0z2nF
uC9YX2uj5MyANY6G9BgW/bO/1cJMslOVK/JruGAnEuS+kiqLNKbfYYWXpCIDU4pt
vnic77zaXNrikDB3Y/MQKkJtX6HD+H8OjoE3tj8J4GY+uUtWKkd06crqTvWHHeJh
HznN/8jY1UEqA2JCqQAV2fJnDgm6gyQ3UqXjaIcWs5f0WUyZ/Q==
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:05:23 2024 by rpki-client on console-ams.rpki-client.org