Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36C2BF2/DABAB87E19EC11EFBCBF5E2C017001B1/8604AD081C4911EF8DFB87357DDC24C2.roa
File: 8604AD081C4911EF8DFB87357DDC24C2.roa (raw, json)
Hash identifier: MNoPychVF0mh+syf/DFmicmi7Wi0XntNJ0aJdW/gDe4=
Subject key identifier: 11:43:2C:20:7C:7C:7C:90:5D:79:42:47:31:51:B2:89:F1:FA:23:CF
Certificate issuer: /CN=F36C2BF2AF/serialNumber=FB85E08E5DBB05C95B7BD0DA7E5FE6FCE39826FF
Certificate serial: 11
Authority key identifier: FB:85:E0:8E:5D:BB:05:C9:5B:7B:D0:DA:7E:5F:E6:FC:E3:98:26:FF
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/-4Xgjl27Bclbe9Dafl_m_OOYJv8.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36C2BF2/DABAB87E19EC11EFBCBF5E2C017001B1/8604AD081C4911EF8DFB87357DDC24C2.roa
Signing time: Mon 27 May 2024 16:52:38 +0000
ROA not before: Tue 28 May 2024 16:52:34 +0000
ROA not after: Thu 28 May 2026 16:52:34 +0000
asID: 37517
IP address blocks: 197.255.128.0/20 maxlen: 21
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36C2BF2/DABAB87E19EC11EFBCBF5E2C017001B1/-4Xgjl27Bclbe9Dafl_m_OOYJv8.crl
rsync://rpki.afrinic.net/repository/member_repository/F36C2BF2/DABAB87E19EC11EFBCBF5E2C017001B1/-4Xgjl27Bclbe9Dafl_m_OOYJv8.mft
rsync://rpki.afrinic.net/repository/afrinic/-4Xgjl27Bclbe9Dafl_m_OOYJv8.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 27 Nov 2024 00:05:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17 (0x11)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36C2BF2AF/serialNumber=FB85E08E5DBB05C95B7BD0DA7E5FE6FCE39826FF
Validity
Not Before: May 28 16:52:34 2024 GMT
Not After : May 28 16:52:34 2026 GMT
Subject: CN=6654ba56-8b24
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:1a:25:db:9a:64:16:2c:66:bf:a5:ed:ab:47:
6e:b1:51:eb:e3:86:7b:ae:0d:4a:02:71:c6:c6:71:
1c:2c:02:69:15:32:3b:e6:62:ea:7c:0f:7e:9e:94:
10:78:90:5b:12:31:a7:84:73:17:e9:73:64:95:7a:
ae:6c:0d:34:53:c5:7e:3c:84:59:96:7f:be:32:26:
11:2d:48:5d:e5:2c:5b:88:98:c5:37:6d:f5:3f:c5:
c1:8a:ae:9a:a6:3d:47:75:66:ce:55:44:cb:93:55:
88:d6:af:3b:80:74:c6:ee:45:2d:c8:e2:51:f1:76:
7f:fe:07:91:c3:bd:18:eb:29:87:e3:2a:11:08:e8:
bd:8e:5a:40:9e:95:7f:1a:d9:8b:46:cd:1c:30:0f:
8d:a7:94:92:d7:3e:bd:0a:f2:04:ef:7b:8a:67:d3:
a2:44:4d:25:ba:be:9e:23:4b:52:fd:91:e3:84:82:
78:52:4e:8a:ae:f2:d9:5c:57:0b:f9:cd:e5:13:95:
2e:d1:78:3a:72:e0:e6:c1:1c:a4:94:8a:18:f1:d9:
11:eb:5c:af:c2:09:f2:5c:c6:e7:97:ce:4f:14:1d:
80:6c:43:c3:7e:12:66:67:42:ba:cf:2a:28:6e:12:
31:48:b2:39:7c:ab:d9:9d:29:65:2d:21:16:20:8e:
8b:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:43:2C:20:7C:7C:7C:90:5D:79:42:47:31:51:B2:89:F1:FA:23:CF
X509v3 Authority Key Identifier:
keyid:FB:85:E0:8E:5D:BB:05:C9:5B:7B:D0:DA:7E:5F:E6:FC:E3:98:26:FF
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36C2BF2/DABAB87E19EC11EFBCBF5E2C017001B1/-4Xgjl27Bclbe9Dafl_m_OOYJv8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/-4Xgjl27Bclbe9Dafl_m_OOYJv8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36C2BF2/DABAB87E19EC11EFBCBF5E2C017001B1/8604AD081C4911EF8DFB87357DDC24C2.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
197.255.128.0/20
Signature Algorithm: sha256WithRSAEncryption
66:f8:0d:17:bd:fc:4c:71:7b:aa:63:62:ea:40:7f:ab:36:fe:
de:08:4f:78:ba:38:c4:ff:b6:1a:d8:4f:b5:c8:e3:dc:70:d3:
8e:c8:0e:69:73:8b:70:6a:05:c6:9f:e1:e9:8f:da:bf:17:c0:
cb:a6:93:5a:82:51:a0:27:54:19:d4:fb:02:55:db:d9:41:a7:
70:cd:65:92:5c:fb:ba:37:d4:dc:fe:0e:2f:c1:af:a9:47:c9:
ad:cf:eb:0b:b2:2d:9d:e7:40:25:8f:7a:3a:15:e6:52:01:f9:
41:99:50:f6:1f:5a:55:eb:9c:5c:75:0b:ca:85:8d:27:f5:91:
d1:a4:41:61:72:8f:0b:69:d0:91:ea:7d:40:5a:4e:75:db:11:
b4:99:52:83:36:f6:fc:e1:89:7b:7c:25:08:15:e6:5c:8a:64:
fd:02:d1:6b:5d:76:e1:5d:59:28:3e:b3:2a:c1:3f:4a:1d:53:
18:80:47:86:e9:66:aa:42:04:7e:7d:c0:d0:5a:e6:79:7e:52:
94:1c:2e:95:1c:b0:c9:53:79:1a:d6:60:14:3e:8d:d4:0b:93:
dc:6b:a4:10:1c:18:ea:3c:6a:9d:ad:95:aa:26:49:6e:ba:07:
6a:ea:2b:a4:2d:f3:a1:53:88:fb:94:0b:7e:af:cf:d2:2c:b4:
0c:1e:1d:c8
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBETANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZD
MkJGMkFGMTEwLwYDVQQFEyhGQjg1RTA4RTVEQkIwNUM5NUI3QkQwREE3RTVGRTZG
Q0UzOTgyNkZGMB4XDTI0MDUyODE2NTIzNFoXDTI2MDUyODE2NTIzNFowGDEWMBQG
A1UEAxMNNjY1NGJhNTYtOGIyNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM4aJduaZBYsZr+l7atHbrFR6+OGe64NSgJxxsZxHCwCaRUyO+Zi6nwPfp6U
EHiQWxIxp4RzF+lzZJV6rmwNNFPFfjyEWZZ/vjImES1IXeUsW4iYxTdt9T/FwYqu
mqY9R3VmzlVEy5NViNavO4B0xu5FLcjiUfF2f/4HkcO9GOsph+MqEQjovY5aQJ6V
fxrZi0bNHDAPjaeUktc+vQryBO97imfTokRNJbq+niNLUv2R44SCeFJOiq7y2VxX
C/nN5ROVLtF4OnLg5sEcpJSKGPHZEetcr8IJ8lzG55fOTxQdgGxDw34SZmdCus8q
KG4SMUiyOXyr2Z0pZS0hFiCOizUCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBQRQywg
fHx8kF15QkcxUbKJ8fojzzAfBgNVHSMEGDAWgBT7heCOXbsFyVt70Np+X+b845gm
/zAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2QzJCRjIvREFCQUI4N0UxOUVDMTFFRkJDQkY1RTJDMDE3MDAxQjEvLTRYZ2ps
MjdCY2xiZTlEYWZsX21fT09ZSnY4LmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvLTRYZ2psMjdCY2xiZTlEYWZsX21fT09ZSnY4LmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2QzJCRjIvREFCQUI4N0UxOUVDMTFFRkJDQkY1RTJDMDE3
MDAxQjEvODYwNEFEMDgxQzQ5MTFFRjhERkI4NzM1N0REQzI0QzIucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBMX/gDANBgkqhkiG9w0BAQsF
AAOCAQEAZvgNF738THF7qmNi6kB/qzb+3ghPeLo4xP+2GthPtcjj3HDTjsgOaXOL
cGoFxp/h6Y/avxfAy6aTWoJRoCdUGdT7AlXb2UGncM1lklz7ujfU3P4OL8GvqUfJ
rc/rC7ItnedAJY96OhXmUgH5QZlQ9h9aVeucXHULyoWNJ/WR0aRBYXKPC2nQkep9
QFpOddsRtJlSgzb2/OGJe3wlCBXmXIpk/QLRa1124V1ZKD6zKsE/Sh1TGIBHhulm
qkIEfn3A0FrmeX5SlBwulRywyVN5GtZgFD6N1AuT3GukEBwY6jxqna2VqiZJbroH
auorpC3zoVOI+5QLfq/P0iy0DB4dyA==
-----END CERTIFICATE-----
Generated at Mon Nov 25 04:54:26 2024 by rpki-client on console-fra.rpki-client.org