Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36C33BB/B6F210F2C59D11EE9B8CCFB6775412E6/059E0E4AC59E11EEA53C71B7775412E6.roa
File: 059E0E4AC59E11EEA53C71B7775412E6.roa (raw, json)
Hash identifier: ZFKITH+OchlrxbiwzeW9jzaBB9KK8U2j/qLB4RDTGvs=
Subject key identifier: 0D:92:72:19:16:6F:9A:89:8C:37:56:E8:A8:6D:1B:5A:15:10:A7:63
Certificate issuer: /CN=F36C33BBAF/serialNumber=0CEA11D5F0F659EB100F2B7FB1E8C836BC25CF98
Certificate serial: 02
Authority key identifier: 0C:EA:11:D5:F0:F6:59:EB:10:0F:2B:7F:B1:E8:C8:36:BC:25:CF:98
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/DOoR1fD2WesQDyt_sejINrwlz5g.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36C33BB/B6F210F2C59D11EE9B8CCFB6775412E6/059E0E4AC59E11EEA53C71B7775412E6.roa
Signing time: Wed 07 Feb 2024 09:48:19 +0000
ROA not before: Wed 07 Feb 2024 09:48:15 +0000
ROA not after: Sun 28 Feb 2027 09:48:15 +0000
asID: 328400
IP address blocks: 154.66.112.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36C33BB/B6F210F2C59D11EE9B8CCFB6775412E6/DOoR1fD2WesQDyt_sejINrwlz5g.crl
rsync://rpki.afrinic.net/repository/member_repository/F36C33BB/B6F210F2C59D11EE9B8CCFB6775412E6/DOoR1fD2WesQDyt_sejINrwlz5g.mft
rsync://rpki.afrinic.net/repository/afrinic/DOoR1fD2WesQDyt_sejINrwlz5g.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 21 Feb 2025 02:54:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36C33BBAF
Validity
Not Before: Feb 7 09:48:15 2024 GMT
Not After : Feb 28 09:48:15 2027 GMT
Subject: CN=65c351e2-bcbd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:56:f9:9e:6f:64:fc:95:d4:f4:e2:4a:20:14:
c8:ef:ee:77:1a:d6:75:4d:b9:f6:44:92:28:d4:27:
d4:62:c9:1c:22:40:70:b9:70:b2:18:58:01:2b:49:
22:80:b2:f2:8e:77:93:4f:bf:cb:96:b3:c4:f7:4f:
65:43:0c:7f:8e:b6:a3:ac:2d:42:d1:6c:96:95:7d:
f5:0f:11:0b:37:ca:68:f8:91:ed:32:fa:8c:6e:ef:
b0:c8:51:45:55:ba:55:a4:96:15:6c:80:78:4e:da:
0f:d3:28:2c:3a:90:6a:11:2b:bd:79:fc:75:36:0a:
28:91:ea:20:e8:f8:e2:48:47:68:38:2b:3b:7b:d0:
75:9b:4c:6a:9e:f9:17:7a:73:ff:2e:92:80:7f:57:
3d:49:43:a0:fe:f6:7b:42:ec:f7:76:14:2c:bd:03:
c0:57:1e:4c:38:21:d9:f1:9c:f0:ff:e7:23:10:5a:
9d:87:2f:40:28:51:32:42:ca:92:e2:57:15:93:28:
1e:8a:f3:01:9e:ab:50:65:7d:06:fa:56:44:f1:e3:
e2:06:00:a4:70:b4:ee:59:ed:cb:d8:19:1b:ba:c0:
e0:c4:db:29:5c:29:31:d6:8a:17:a5:8f:ad:14:19:
dd:fd:7b:58:09:30:64:27:f8:dd:48:1e:f6:33:fb:
86:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:92:72:19:16:6F:9A:89:8C:37:56:E8:A8:6D:1B:5A:15:10:A7:63
X509v3 Authority Key Identifier:
keyid:0C:EA:11:D5:F0:F6:59:EB:10:0F:2B:7F:B1:E8:C8:36:BC:25:CF:98
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36C33BB/B6F210F2C59D11EE9B8CCFB6775412E6/DOoR1fD2WesQDyt_sejINrwlz5g.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/DOoR1fD2WesQDyt_sejINrwlz5g.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36C33BB/B6F210F2C59D11EE9B8CCFB6775412E6/059E0E4AC59E11EEA53C71B7775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.66.112.0/22
Signature Algorithm: sha256WithRSAEncryption
11:b5:fa:d8:78:4f:73:a0:4f:91:bd:da:db:ea:a6:64:3b:d1:
3a:32:11:ac:53:52:81:8c:3e:46:a3:51:52:ef:4d:40:11:68:
de:e3:72:ba:6f:77:92:a2:0b:d6:61:0d:f0:9f:08:28:94:09:
00:70:fc:35:08:5e:11:2c:d1:7a:5e:b7:79:0e:7b:4e:1c:e3:
d4:87:4d:04:7a:67:38:07:39:60:9c:55:9b:d5:ae:75:81:0c:
6e:ba:62:87:2c:6f:4f:91:ac:6d:23:06:37:2a:e6:ed:45:9d:
1d:30:a7:88:1f:c2:a5:03:1f:a8:51:b9:db:e7:db:6b:8e:ab:
0a:6c:33:71:56:d0:ec:77:81:f6:a0:10:fa:e3:11:77:0f:c1:
cb:ce:23:1f:08:7e:21:e4:ee:2f:de:f4:0f:fd:b3:95:2a:9a:
ca:90:93:b6:68:ba:b1:8d:34:0a:5b:c2:72:e0:2f:07:ea:98:
ed:14:31:1b:4c:86:c8:1d:c0:fb:3a:61:82:e3:c1:80:05:05:
35:da:45:18:e7:f9:ad:54:16:d4:ad:f7:c1:3a:62:47:d6:c4:
f0:f4:5d:54:74:2f:ad:21:eb:84:4e:75:0e:42:49:dc:ef:2d:
9e:35:eb:1b:67:e3:54:65:d4:b9:0a:cc:2f:1b:6c:3c:fa:f2:
a7:1e:c0:11
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZD
MzNCQkFGMTEwLwYDVQQFEygwQ0VBMTFENUYwRjY1OUVCMTAwRjJCN0ZCMUU4Qzgz
NkJDMjVDRjk4MB4XDTI0MDIwNzA5NDgxNVoXDTI3MDIyODA5NDgxNVowGDEWMBQG
A1UEAxMNNjVjMzUxZTItYmNiZDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANVW+Z5vZPyV1PTiSiAUyO/udxrWdU259kSSKNQn1GLJHCJAcLlwshhYAStJ
IoCy8o53k0+/y5azxPdPZUMMf462o6wtQtFslpV99Q8RCzfKaPiR7TL6jG7vsMhR
RVW6VaSWFWyAeE7aD9MoLDqQahErvXn8dTYKKJHqIOj44khHaDgrO3vQdZtMap75
F3pz/y6SgH9XPUlDoP72e0Ls93YULL0DwFceTDgh2fGc8P/nIxBanYcvQChRMkLK
kuJXFZMoHorzAZ6rUGV9BvpWRPHj4gYApHC07lnty9gZG7rA4MTbKVwpMdaKF6WP
rRQZ3f17WAkwZCf43Uge9jP7hgkCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBQNknIZ
Fm+aiYw3VuiobRtaFRCnYzAfBgNVHSMEGDAWgBQM6hHV8PZZ6xAPK3+x6Mg2vCXP
mDAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2QzMzQkIvQjZGMjEwRjJDNTlEMTFFRTlCOENDRkI2Nzc1NDEyRTYvRE9vUjFm
RDJXZXNRRHl0X3NlaklOcndsejVnLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvRE9vUjFmRDJXZXNRRHl0X3NlaklOcndsejVnLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2QzMzQkIvQjZGMjEwRjJDNTlEMTFFRTlCOENDRkI2Nzc1
NDEyRTYvMDU5RTBFNEFDNTlFMTFFRUE1M0M3MUI3Nzc1NDEyRTYucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAppCcDANBgkqhkiG9w0BAQsF
AAOCAQEAEbX62HhPc6BPkb3a2+qmZDvROjIRrFNSgYw+RqNRUu9NQBFo3uNyum93
kqIL1mEN8J8IKJQJAHD8NQheESzRel63eQ57Thzj1IdNBHpnOAc5YJxVm9WudYEM
brpihyxvT5GsbSMGNyrm7UWdHTCniB/CpQMfqFG52+fba46rCmwzcVbQ7HeB9qAQ
+uMRdw/By84jHwh+IeTuL970D/2zlSqaypCTtmi6sY00ClvCcuAvB+qY7RQxG0yG
yB3A+zphguPBgAUFNdpFGOf5rVQW1K33wTpiR9bE8PRdVHQvrSHrhE51DkJJ3O8t
njXrG2fjVGXUuQrMLxtsPPrypx7AEQ==
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:37:16 2025 by rpki-client