Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36C3A58/1B78C60CA8BF11EEBB3CA855775412E6/D5F9455EC03111EE96588188775412E6.roa
File: D5F9455EC03111EE96588188775412E6.roa (raw, json)
Hash identifier: Emm+/dnzKdX6RZjoNo2rc9pDnh2fZnIc/6FdKpdUFQQ=
Subject key identifier: 17:C8:12:36:8C:6D:A9:39:B6:6A:40:2D:CF:B1:5A:1F:DC:72:1F:4F
Certificate issuer: /CN=F36C3A58AF/serialNumber=E15F50DDD28E02FD6E6966D5918D1B0BBF4684E8
Certificate serial: 2C
Authority key identifier: E1:5F:50:DD:D2:8E:02:FD:6E:69:66:D5:91:8D:1B:0B:BF:46:84:E8
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/4V9Q3dKOAv1uaWbVkY0bC79GhOg.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36C3A58/1B78C60CA8BF11EEBB3CA855775412E6/D5F9455EC03111EE96588188775412E6.roa
Signing time: Wed 31 Jan 2024 12:11:17 +0000
ROA not before: Wed 31 Jan 2024 12:11:14 +0000
ROA not after: Fri 31 Jan 2025 12:11:14 +0000
asID: 21003
IP address blocks: 154.73.133.0/24 maxlen: 24
154.73.135.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36C3A58/1B78C60CA8BF11EEBB3CA855775412E6/4V9Q3dKOAv1uaWbVkY0bC79GhOg.crl
rsync://rpki.afrinic.net/repository/member_repository/F36C3A58/1B78C60CA8BF11EEBB3CA855775412E6/4V9Q3dKOAv1uaWbVkY0bC79GhOg.mft
rsync://rpki.afrinic.net/repository/afrinic/4V9Q3dKOAv1uaWbVkY0bC79GhOg.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 03 Jun 2024 00:05:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 44 (0x2c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36C3A58AF/serialNumber=E15F50DDD28E02FD6E6966D5918D1B0BBF4684E8
Validity
Not Before: Jan 31 12:11:14 2024 GMT
Not After : Jan 31 12:11:14 2025 GMT
Subject: CN=65ba38e5-d4ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:ac:6c:33:0c:5f:93:55:d3:10:a1:1f:34:9d:
7b:b7:c9:b7:6e:d4:52:ec:43:0e:ef:a5:00:70:a6:
a7:ac:e6:90:0e:05:4f:72:ec:24:ad:7c:ed:47:3b:
3c:24:4d:81:5a:9a:1e:b1:92:6b:05:da:af:a3:36:
5f:27:1c:d5:ed:b5:a1:fd:19:36:5d:e1:1c:6a:9d:
41:24:3f:5d:b9:4f:77:9d:8e:d3:87:6f:af:c6:8f:
48:f2:02:fe:21:d1:0a:27:a8:65:30:71:ff:32:47:
97:01:7b:20:90:ba:43:a1:85:62:c0:92:bf:af:a9:
af:d4:dc:92:c8:e9:69:35:d3:e6:a4:39:fe:24:9b:
9e:a2:5f:ae:e3:97:4c:35:80:41:34:94:4f:b6:34:
ee:ce:db:e0:3a:c2:73:a9:fc:1e:65:06:3e:ec:a4:
f0:53:c2:bd:25:ed:e8:aa:00:8b:d3:e2:7b:f9:b4:
f1:67:5f:92:e7:ae:3d:bc:f5:4b:52:71:b7:e1:4a:
22:1c:f1:84:7d:5d:93:4f:b6:56:f7:74:a5:70:92:
67:6f:4a:65:a7:cc:bc:aa:0e:a6:6a:86:1f:a6:6b:
60:9f:99:f1:30:54:84:92:fa:04:2a:d5:bb:45:0c:
fe:69:c1:fe:d4:42:2b:65:54:9c:25:cc:09:bd:8c:
90:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:C8:12:36:8C:6D:A9:39:B6:6A:40:2D:CF:B1:5A:1F:DC:72:1F:4F
X509v3 Authority Key Identifier:
keyid:E1:5F:50:DD:D2:8E:02:FD:6E:69:66:D5:91:8D:1B:0B:BF:46:84:E8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36C3A58/1B78C60CA8BF11EEBB3CA855775412E6/4V9Q3dKOAv1uaWbVkY0bC79GhOg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/4V9Q3dKOAv1uaWbVkY0bC79GhOg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36C3A58/1B78C60CA8BF11EEBB3CA855775412E6/D5F9455EC03111EE96588188775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.73.133.0/24
154.73.135.0/24
Signature Algorithm: sha256WithRSAEncryption
48:a8:6c:6b:bd:75:7a:79:2c:e1:29:c9:db:d1:95:3b:be:d1:
a0:a5:6a:62:25:b5:7e:a1:fe:4a:d9:38:f2:ff:08:52:13:77:
af:16:f7:92:b2:68:08:77:41:e2:2b:e4:f7:01:66:af:af:06:
be:72:12:76:bb:a3:e3:19:fc:c7:1d:0a:2a:5b:e3:e9:23:be:
75:c9:e6:46:dd:20:d6:68:57:40:0f:e5:4c:17:da:b5:20:74:
fc:95:4e:a7:76:22:a3:f6:2e:11:a1:dd:f5:77:c3:c3:f1:2c:
8d:06:75:17:2b:fa:02:d5:7b:ff:78:98:4d:c3:53:9b:ea:02:
5a:ee:6a:59:cd:91:6e:2e:40:d3:33:be:15:4f:00:86:fa:6a:
1f:00:93:c5:e9:da:e9:55:f4:90:af:da:5e:28:ad:20:50:2e:
42:df:ae:c5:a1:50:b1:b0:e8:fa:01:4f:7f:af:7d:0f:d8:18:
30:21:50:45:b5:dc:f4:a3:5f:d4:80:6b:dc:f0:75:5a:5b:ea:
ea:f8:08:10:17:c1:1d:8b:7e:c2:26:f7:bf:4f:28:c1:68:df:
4a:4b:3c:89:9a:0b:34:b6:ac:dc:b4:77:f2:10:04:b6:8a:aa:
1e:af:27:e0:b0:82:62:a3:6b:bf:7a:bc:ca:f7:64:26:ac:6d:
28:2c:e8:2e
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgIBLDANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZD
M0E1OEFGMTEwLwYDVQQFEyhFMTVGNTBEREQyOEUwMkZENkU2OTY2RDU5MThEMUIw
QkJGNDY4NEU4MB4XDTI0MDEzMTEyMTExNFoXDTI1MDEzMTEyMTExNFowGDEWMBQG
A1UEAxMNNjViYTM4ZTUtZDRhZDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL2sbDMMX5NV0xChHzSde7fJt27UUuxDDu+lAHCmp6zmkA4FT3LsJK187Uc7
PCRNgVqaHrGSawXar6M2Xycc1e21of0ZNl3hHGqdQSQ/XblPd52O04dvr8aPSPIC
/iHRCieoZTBx/zJHlwF7IJC6Q6GFYsCSv6+pr9TcksjpaTXT5qQ5/iSbnqJfruOX
TDWAQTSUT7Y07s7b4DrCc6n8HmUGPuyk8FPCvSXt6KoAi9Pie/m08WdfkueuPbz1
S1Jxt+FKIhzxhH1dk0+2Vvd0pXCSZ29KZafMvKoOpmqGH6ZrYJ+Z8TBUhJL6BCrV
u0UM/mnB/tRCK2VUnCXMCb2MkHUCAwEAAaOCAqswggKnMB0GA1UdDgQWBBQXyBI2
jG2pObZqQC3PsVof3HIfTzAfBgNVHSMEGDAWgBThX1Dd0o4C/W5pZtWRjRsLv0aE
6DAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2QzNBNTgvMUI3OEM2MENBOEJGMTFFRUJCM0NBODU1Nzc1NDEyRTYvNFY5UTNk
S09BdjF1YVdiVmtZMGJDNzlHaE9nLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvNFY5UTNkS09BdjF1YVdiVmtZMGJDNzlHaE9nLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2QzNBNTgvMUI3OEM2MENBOEJGMTFFRUJCM0NBODU1Nzc1
NDEyRTYvRDVGOTQ1NUVDMDMxMTFFRTk2NTg4MTg4Nzc1NDEyRTYucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAJpJhQMEAJpJhzANBgkqhkiG
9w0BAQsFAAOCAQEASKhsa711enks4SnJ29GVO77RoKVqYiW1fqH+Stk48v8IUhN3
rxb3krJoCHdB4ivk9wFmr68GvnISdruj4xn8xx0KKlvj6SO+dcnmRt0g1mhXQA/l
TBfatSB0/JVOp3Yio/YuEaHd9XfDw/EsjQZ1Fyv6AtV7/3iYTcNTm+oCWu5qWc2R
bi5A0zO+FU8AhvpqHwCTxena6VX0kK/aXiitIFAuQt+uxaFQsbDo+gFPf699D9gY
MCFQRbXc9KNf1IBr3PB1Wlvq6vgIEBfBHYt+wib3v08owWjfSks8iZoLNLas3LR3
8hAEtoqqHq8n4LCCYqNrv3q8yvdkJqxtKCzoLg==
-----END CERTIFICATE-----
Generated at Sat Jun 1 04:58:59 2024 by rpki-client on console-fra.rpki-client.org