Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36CB1BE/F3228E86F0EE11EEA3BE0F58775412E6/8C5EBF98B18D11EF93764599762E951A.roa
File: 8C5EBF98B18D11EF93764599762E951A.roa (raw, json)
Hash identifier: LMCVfxRKPtEUcD+l4fHRZWVAaU9InzZT+jXi3ynNqyQ=
Subject key identifier: 31:BA:06:28:90:E2:9A:FE:87:F9:DD:FA:5C:8D:5C:26:9A:04:5A:61
Certificate issuer: /CN=F36CB1BEAF/serialNumber=A5F0A2BB8B79EDD6D37C077ADFEA082514C0420F
Certificate serial: 010E
Authority key identifier: A5:F0:A2:BB:8B:79:ED:D6:D3:7C:07:7A:DF:EA:08:25:14:C0:42:0F
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/pfCiu4t57dbTfAd63-oIJRTAQg8.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36CB1BE/F3228E86F0EE11EEA3BE0F58775412E6/8C5EBF98B18D11EF93764599762E951A.roa
Signing time: Tue 03 Dec 2024 15:44:58 +0000
ROA not before: Tue 03 Dec 2024 15:44:54 +0000
ROA not after: Tue 03 Dec 2030 15:44:54 +0000
asID: 37577
IP address blocks: 197.239.114.0/24 maxlen: 24
197.239.115.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36CB1BE/F3228E86F0EE11EEA3BE0F58775412E6/pfCiu4t57dbTfAd63-oIJRTAQg8.crl
rsync://rpki.afrinic.net/repository/member_repository/F36CB1BE/F3228E86F0EE11EEA3BE0F58775412E6/pfCiu4t57dbTfAd63-oIJRTAQg8.mft
rsync://rpki.afrinic.net/repository/afrinic/pfCiu4t57dbTfAd63-oIJRTAQg8.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 270 (0x10e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36CB1BEAF
Validity
Not Before: Dec 3 15:44:54 2024 GMT
Not After : Dec 3 15:44:54 2030 GMT
Subject: CN=674f2779-8f68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:e0:6c:3f:4e:97:f9:4e:99:e3:e0:f7:2a:b3:
89:7c:c5:2e:0d:2b:83:ec:39:5a:58:54:d7:a4:35:
06:df:20:21:2f:f6:b9:48:65:b1:41:9f:48:06:61:
97:79:49:2b:1c:30:71:f0:fb:ff:43:8d:0a:99:a6:
dc:a9:71:03:2c:1e:73:6d:ff:f2:16:98:8e:96:78:
4c:d4:2e:c9:cd:ea:81:30:d6:5f:63:68:53:18:c8:
ab:5a:fb:44:a7:31:1b:c7:bd:b2:e5:35:61:14:d6:
cb:5c:a7:9c:2b:28:0c:95:33:c8:bc:b2:db:38:ed:
8d:78:32:b3:bc:7c:c1:00:68:c9:ec:4b:78:fd:c1:
3b:9d:90:0a:56:7c:75:ac:12:cb:03:69:47:4f:c5:
cb:64:10:62:06:84:9f:44:e2:ca:ac:da:85:10:fa:
3e:1a:d8:57:98:ff:e4:37:14:4b:43:18:a4:51:75:
2f:8c:0b:5a:9d:a5:33:87:10:4e:a4:a7:21:cd:ab:
0a:62:de:5c:e1:8f:42:2b:62:20:ee:f1:8f:99:3b:
9a:4f:c8:b3:90:93:cc:96:b1:a8:c2:10:57:6b:41:
54:8e:f2:18:b4:f8:9a:8b:67:bc:36:36:0a:70:1e:
89:ec:73:80:97:27:f7:67:08:8b:c2:1f:b3:d9:e4:
d5:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:BA:06:28:90:E2:9A:FE:87:F9:DD:FA:5C:8D:5C:26:9A:04:5A:61
X509v3 Authority Key Identifier:
keyid:A5:F0:A2:BB:8B:79:ED:D6:D3:7C:07:7A:DF:EA:08:25:14:C0:42:0F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36CB1BE/F3228E86F0EE11EEA3BE0F58775412E6/pfCiu4t57dbTfAd63-oIJRTAQg8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/pfCiu4t57dbTfAd63-oIJRTAQg8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36CB1BE/F3228E86F0EE11EEA3BE0F58775412E6/8C5EBF98B18D11EF93764599762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
197.239.114.0/23
Signature Algorithm: sha256WithRSAEncryption
02:b6:74:61:77:1e:bf:9d:00:70:71:f8:75:bf:ad:b4:39:61:
0f:43:1b:f0:af:a4:02:37:59:90:a6:b5:dd:89:20:a7:20:97:
57:1f:f0:b4:4f:c9:0e:9f:1f:88:94:d4:25:e9:ef:4b:fc:a6:
18:61:c6:80:df:a9:cc:8e:87:41:08:8b:72:c3:05:8c:b9:e6:
9d:e3:1b:b7:f1:83:0a:02:c4:bc:ea:da:fd:bd:69:4b:4b:03:
ac:9e:a7:30:3c:a8:e2:fd:f4:ce:f5:03:14:39:f9:2a:f9:88:
d6:39:41:0f:4a:42:ef:f3:ce:96:77:31:f3:df:15:98:de:7e:
1d:af:ef:c6:2c:09:16:1c:25:5c:16:75:88:33:0c:5a:b3:6f:
e7:8d:b8:73:e1:cc:51:30:c8:cb:bb:34:4d:05:1f:1d:dc:ec:
0f:88:47:84:53:3d:00:41:f0:30:46:a0:60:98:5b:23:0d:e9:
b0:a4:b1:bf:bb:a2:6a:95:91:69:be:97:a3:10:3a:7e:22:6d:
5c:cb:a6:2f:2a:f5:47:a2:88:e9:c6:59:2e:cd:8c:7c:26:d1:
6e:dc:ae:0e:2d:f9:4d:cd:2d:15:a2:fa:27:ce:2a:cb:74:21:
d2:2f:82:f7:43:35:07:e3:8f:27:be:0d:13:a5:1c:c0:7f:b1:
b6:0d:ba:9e
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICAQ4wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
Q0IxQkVBRjExMC8GA1UEBRMoQTVGMEEyQkI4Qjc5RURENkQzN0MwNzdBREZFQTA4
MjUxNEMwNDIwRjAeFw0yNDEyMDMxNTQ0NTRaFw0zMDEyMDMxNTQ0NTRaMBgxFjAU
BgNVBAMTDTY3NGYyNzc5LThmNjgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDX4Gw/Tpf5Tpnj4Pcqs4l8xS4NK4PsOVpYVNekNQbfICEv9rlIZbFBn0gG
YZd5SSscMHHw+/9DjQqZptypcQMsHnNt//IWmI6WeEzULsnN6oEw1l9jaFMYyKta
+0SnMRvHvbLlNWEU1stcp5wrKAyVM8i8sts47Y14MrO8fMEAaMnsS3j9wTudkApW
fHWsEssDaUdPxctkEGIGhJ9E4sqs2oUQ+j4a2FeY/+Q3FEtDGKRRdS+MC1qdpTOH
EE6kpyHNqwpi3lzhj0IrYiDu8Y+ZO5pPyLOQk8yWsajCEFdrQVSO8hi0+JqLZ7w2
NgpwHonsc4CXJ/dnCIvCH7PZ5NUXAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUMboG
KJDimv6H+d36XI1cJpoEWmEwHwYDVR0jBBgwFoAUpfCiu4t57dbTfAd63+oIJRTA
Qg8wDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkNCMUJFL0YzMjI4RTg2RjBFRTExRUVBM0JFMEY1ODc3NTQxMkU2L3BmQ2l1
NHQ1N2RiVGZBZDYzLW9JSlJUQVFnOC5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL3BmQ2l1NHQ1N2RiVGZBZDYzLW9JSlJUQVFnOC5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkNCMUJFL0YzMjI4RTg2RjBFRTExRUVBM0JFMEY1ODc3
NTQxMkU2LzhDNUVCRjk4QjE4RDExRUY5Mzc2NDU5OTc2MkU5NTFBLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAHF73IwDQYJKoZIhvcNAQEL
BQADggEBAAK2dGF3Hr+dAHBx+HW/rbQ5YQ9DG/CvpAI3WZCmtd2JIKcgl1cf8LRP
yQ6fH4iU1CXp70v8phhhxoDfqcyOh0EIi3LDBYy55p3jG7fxgwoCxLzq2v29aUtL
A6yepzA8qOL99M71AxQ5+Sr5iNY5QQ9KQu/zzpZ3MfPfFZjefh2v78YsCRYcJVwW
dYgzDFqzb+eNuHPhzFEwyMu7NE0FHx3c7A+IR4RTPQBB8DBGoGCYWyMN6bCksb+7
omqVkWm+l6MQOn4ibVzLpi8q9UeiiOnGWS7NjHwm0W7crg4t+U3NLRWi+ifOKst0
IdIvgvdDNQfjjye+DROlHMB/sbYNup4=
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:56:38 2025 by rpki-client