Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36C10D8/8720E3EAA61211ED8D3EBED2F1222468/3F8E935AA61311EDBFCFB3D4F1222468.roa
File: 3F8E935AA61311EDBFCFB3D4F1222468.roa (raw, json)
Hash identifier: 33rmpZ6jAdIVqLdS11HAE3Yq5xllMzQt+c6T/OCJsiA=
Subject key identifier: 85:81:B1:C2:C9:CF:B1:E8:84:55:28:2F:24:54:8A:31:E5:DA:F4:F9
Certificate issuer: /CN=F36C10D8AF/serialNumber=C0D3AAFB63D33F0F6735DC99FF4D901A8E2250EB
Certificate serial: 02
Authority key identifier: C0:D3:AA:FB:63:D3:3F:0F:67:35:DC:99:FF:4D:90:1A:8E:22:50:EB
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/wNOq-2PTPw9nNdyZ_02QGo4iUOs.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36C10D8/8720E3EAA61211ED8D3EBED2F1222468/3F8E935AA61311EDBFCFB3D4F1222468.roa
Signing time: Mon 06 Feb 2023 11:41:52 +0000
ROA not before: Mon 06 Feb 2023 11:41:47 +0000
ROA not after: Sun 06 Feb 2033 11:41:47 +0000
asID: 29286
IP address blocks: 197.157.196.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36C10D8/8720E3EAA61211ED8D3EBED2F1222468/wNOq-2PTPw9nNdyZ_02QGo4iUOs.crl
rsync://rpki.afrinic.net/repository/member_repository/F36C10D8/8720E3EAA61211ED8D3EBED2F1222468/wNOq-2PTPw9nNdyZ_02QGo4iUOs.mft
rsync://rpki.afrinic.net/repository/afrinic/wNOq-2PTPw9nNdyZ_02QGo4iUOs.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 07 May 2024 00:04:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36C10D8AF/serialNumber=C0D3AAFB63D33F0F6735DC99FF4D901A8E2250EB
Validity
Not Before: Feb 6 11:41:47 2023 GMT
Not After : Feb 6 11:41:47 2033 GMT
Subject: CN=63e0e780-c60d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:c2:fa:aa:c0:c5:23:e4:11:9c:2a:24:11:5a:
59:f3:dc:73:57:73:6e:a8:7f:43:de:94:5e:40:99:
d3:f9:c5:fa:15:da:21:27:c5:f8:6a:03:a4:e4:26:
a6:e5:6e:50:94:07:01:b7:1d:a6:f7:50:44:ad:40:
55:2c:ad:08:2f:46:3f:dd:94:2c:7b:e1:8c:33:8f:
e8:72:37:02:3a:c3:56:68:a5:13:15:43:de:02:c3:
c0:50:58:43:8e:88:16:c6:7d:7c:80:81:8a:27:5b:
66:15:cb:d5:70:df:53:c9:35:cd:42:02:75:3a:64:
4d:ed:2f:4b:bf:55:24:cb:82:f1:e6:83:4e:80:b8:
6c:eb:a6:08:8e:06:4f:1f:01:80:22:78:ab:cd:a0:
ad:c9:68:bc:ac:6f:fd:8a:7e:df:20:20:40:2c:3a:
26:90:4b:b1:91:bf:9c:7a:99:76:9f:c4:5d:9d:19:
37:b4:c9:fa:00:7c:6c:47:3d:50:08:cf:00:4a:45:
27:b6:44:5f:49:e1:ac:85:4f:a8:f2:c1:ec:92:79:
ee:44:b5:e9:1f:68:1c:e2:01:cb:3b:1c:06:b0:b7:
2a:d4:85:0f:56:8c:ce:eb:99:91:28:34:30:9f:22:
58:c4:c1:42:8e:79:dc:0c:a5:b7:ee:8b:03:84:15:
c6:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:81:B1:C2:C9:CF:B1:E8:84:55:28:2F:24:54:8A:31:E5:DA:F4:F9
X509v3 Authority Key Identifier:
keyid:C0:D3:AA:FB:63:D3:3F:0F:67:35:DC:99:FF:4D:90:1A:8E:22:50:EB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36C10D8/8720E3EAA61211ED8D3EBED2F1222468/wNOq-2PTPw9nNdyZ_02QGo4iUOs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/wNOq-2PTPw9nNdyZ_02QGo4iUOs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36C10D8/8720E3EAA61211ED8D3EBED2F1222468/3F8E935AA61311EDBFCFB3D4F1222468.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
197.157.196.0/24
Signature Algorithm: sha256WithRSAEncryption
65:cf:c8:f6:a8:80:e7:54:b3:8f:70:33:f2:07:11:fd:27:e8:
24:79:c3:19:08:2e:d1:ad:80:05:6f:b3:9e:88:e7:e3:42:44:
f2:8f:0d:d8:7e:33:ce:0f:0b:a3:1f:fb:04:f1:33:98:1e:5a:
af:1f:89:d2:c8:e7:26:30:a2:30:f4:f1:6a:d5:e8:83:a8:81:
b0:07:a7:5f:64:d1:6c:f7:d5:c9:36:66:19:95:d0:ba:a6:73:
d5:35:e4:78:d4:94:7f:3f:0f:a6:fa:db:59:94:b4:48:01:17:
2c:ea:22:21:77:7d:d3:3f:49:61:5e:7e:d4:02:de:57:b4:29:
bc:75:fe:9b:2a:9d:bc:84:29:31:b3:d0:10:cf:64:87:71:f1:
a2:4c:e5:c3:86:24:28:96:dc:8c:02:a3:62:5d:58:36:f7:63:
d8:ac:e8:84:90:03:9d:55:da:c7:50:25:18:fb:a3:ae:df:62:
1d:e6:b7:42:af:ba:ca:20:d6:a9:b3:54:a6:1f:d5:a1:a1:4c:
9a:a5:7c:f6:e6:82:03:b7:06:d6:e6:20:1f:16:4c:e8:4c:bf:
d1:77:11:72:c7:c6:27:1f:18:c1:fa:a7:36:a8:9c:9e:76:62:
9f:97:6b:31:88:92:52:5c:d7:06:79:6e:6b:99:7a:30:a8:7f:
60:ce:02:0e
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDDApGMzZD
MTBEOEFGMTEwLwYDVQQFEyhDMEQzQUFGQjYzRDMzRjBGNjczNURDOTlGRjREOTAx
QThFMjI1MEVCMB4XDTIzMDIwNjExNDE0N1oXDTMzMDIwNjExNDE0N1owGDEWMBQG
A1UEAwwNNjNlMGU3ODAtYzYwZDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANzC+qrAxSPkEZwqJBFaWfPcc1dzbqh/Q96UXkCZ0/nF+hXaISfF+GoDpOQm
puVuUJQHAbcdpvdQRK1AVSytCC9GP92ULHvhjDOP6HI3AjrDVmilExVD3gLDwFBY
Q46IFsZ9fICBiidbZhXL1XDfU8k1zUICdTpkTe0vS79VJMuC8eaDToC4bOumCI4G
Tx8BgCJ4q82grclovKxv/Yp+3yAgQCw6JpBLsZG/nHqZdp/EXZ0ZN7TJ+gB8bEc9
UAjPAEpFJ7ZEX0nhrIVPqPLB7JJ57kS16R9oHOIByzscBrC3KtSFD1aMzuuZkSg0
MJ8iWMTBQo553Aylt+6LA4QVxgcCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBSFgbHC
yc+x6IRVKC8kVIox5dr0+TAfBgNVHSMEGDAWgBTA06r7Y9M/D2c13Jn/TZAajiJQ
6zAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2QzEwRDgvODcyMEUzRUFBNjEyMTFFRDhEM0VCRUQyRjEyMjI0Njgvd05PcS0y
UFRQdzluTmR5Wl8wMlFHbzRpVU9zLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvd05PcS0yUFRQdzluTmR5Wl8wMlFHbzRpVU9zLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2QzEwRDgvODcyMEUzRUFBNjEyMTFFRDhEM0VCRUQyRjEy
MjI0NjgvM0Y4RTkzNUFBNjEzMTFFREJGQ0ZCM0Q0RjEyMjI0Njgucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMWdxDANBgkqhkiG9w0BAQsF
AAOCAQEAZc/I9qiA51Szj3Az8gcR/SfoJHnDGQgu0a2ABW+znojn40JE8o8N2H4z
zg8Lox/7BPEzmB5arx+J0sjnJjCiMPTxatXog6iBsAenX2TRbPfVyTZmGZXQuqZz
1TXkeNSUfz8PpvrbWZS0SAEXLOoiIXd90z9JYV5+1ALeV7QpvHX+myqdvIQpMbPQ
EM9kh3Hxokzlw4YkKJbcjAKjYl1YNvdj2KzohJADnVXax1AlGPujrt9iHea3Qq+6
yiDWqbNUph/VoaFMmqV89uaCA7cG1uYgHxZM6Ey/0XcRcsfGJx8YwfqnNqicnnZi
n5drMYiSUlzXBnlua5l6MKh/YM4CDg==
-----END CERTIFICATE-----
Generated at Sun May 5 03:09:50 2024 by rpki-client on console-ams.rpki-client.org