Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36D5C19/6D11B7167BA711E9B091553CF8AEA228/54220D207BAA11E9BEE08A3EF8AEA228.roa
File: 54220D207BAA11E9BEE08A3EF8AEA228.roa (raw, json)
Hash identifier: 6mAfvCPcBikixr82UHSocOCucUOi7FCh+gOmIS/+gHs=
Subject key identifier: CF:3D:1B:F4:17:5D:51:90:06:47:30:49:1A:0A:A7:9A:76:C3:7A:72
Certificate issuer: /CN=F36D5C19AF/serialNumber=40E435D7F31415AFCE57D0DE9509B7862F960A57
Certificate serial: 02
Authority key identifier: 40:E4:35:D7:F3:14:15:AF:CE:57:D0:DE:95:09:B7:86:2F:96:0A:57
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/QOQ11_MUFa_OV9DelQm3hi-WClc.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36D5C19/6D11B7167BA711E9B091553CF8AEA228/54220D207BAA11E9BEE08A3EF8AEA228.roa
Signing time: Tue 21 May 2019 09:25:10 +0000
ROA not before: Tue 21 May 2019 09:25:05 +0000
ROA not after: Thu 31 May 2029 09:25:05 +0000
asID: 37497
IP address blocks: 154.66.176.0/20 maxlen: 30
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36D5C19/6D11B7167BA711E9B091553CF8AEA228/QOQ11_MUFa_OV9DelQm3hi-WClc.crl
rsync://rpki.afrinic.net/repository/member_repository/F36D5C19/6D11B7167BA711E9B091553CF8AEA228/QOQ11_MUFa_OV9DelQm3hi-WClc.mft
rsync://rpki.afrinic.net/repository/afrinic/QOQ11_MUFa_OV9DelQm3hi-WClc.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 27 Nov 2024 00:05:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36D5C19AF/serialNumber=40E435D7F31415AFCE57D0DE9509B7862F960A57
Validity
Not Before: May 21 09:25:05 2019 GMT
Not After : May 31 09:25:05 2029 GMT
Subject: CN=5ce3c3f6-6a5e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:e6:73:60:ea:88:71:21:00:0f:0e:a5:b9:3b:
99:82:82:11:f4:87:79:48:45:5e:44:19:cf:ce:d8:
0d:be:3d:bf:3a:06:f2:fe:56:9e:a9:be:89:ea:c2:
9e:76:98:2f:10:94:d4:e0:54:fe:74:87:27:73:c1:
91:9e:04:ec:3f:ed:f3:e1:fa:25:d6:91:2f:89:1b:
9d:40:09:6f:eb:63:a1:9d:0a:e0:34:ca:5e:f2:fd:
94:be:6f:76:e5:b9:dd:48:89:e1:10:bf:db:14:02:
29:cd:dd:c8:a5:58:7f:98:18:24:74:de:c0:92:59:
f8:77:92:97:41:56:b9:e2:e2:7a:24:91:72:b1:4b:
67:8b:0d:81:66:9e:b9:3e:1d:9c:40:ab:d9:6a:4c:
04:6a:30:a5:55:c3:c2:0e:38:4a:67:ad:b1:c9:b6:
bb:2f:71:78:2e:e5:97:0b:0e:18:de:25:35:90:96:
7b:80:5d:f7:55:cc:aa:77:54:dd:cc:4f:3f:74:e7:
86:f6:36:8a:14:6f:e2:bf:c0:83:cc:09:0d:b8:8b:
6c:70:08:df:ba:b3:14:43:84:8e:e9:0c:8b:20:b9:
e2:72:e5:6c:59:86:64:ab:a7:b9:6a:39:74:a1:5a:
00:72:7f:5b:30:76:99:da:e9:27:bb:cd:ab:87:59:
4b:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:3D:1B:F4:17:5D:51:90:06:47:30:49:1A:0A:A7:9A:76:C3:7A:72
X509v3 Authority Key Identifier:
keyid:40:E4:35:D7:F3:14:15:AF:CE:57:D0:DE:95:09:B7:86:2F:96:0A:57
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36D5C19/6D11B7167BA711E9B091553CF8AEA228/QOQ11_MUFa_OV9DelQm3hi-WClc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/QOQ11_MUFa_OV9DelQm3hi-WClc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36D5C19/6D11B7167BA711E9B091553CF8AEA228/54220D207BAA11E9BEE08A3EF8AEA228.roa
sbgp-ipAddrBlock: critical
IPv4:
154.66.176.0/20
Signature Algorithm: sha256WithRSAEncryption
ce:a3:c5:02:d0:3d:9d:65:8d:b3:ca:42:34:ed:ee:fa:eb:4d:
c2:4e:6c:a4:34:4d:f7:8e:bc:44:4f:5d:99:68:4b:f9:6a:72:
33:f3:c1:97:36:82:02:3a:31:8a:0c:0e:63:67:6d:a6:5d:1d:
d4:cb:d1:c8:9d:70:64:7e:3e:f5:a5:c3:97:4e:d1:47:b0:59:
e3:7d:af:8f:f4:a6:6d:c5:d9:7a:3b:b3:a9:df:53:f1:e1:46:
90:53:3b:59:a8:03:7e:f5:b9:84:93:5b:6a:51:75:e0:75:41:
15:a8:f5:5a:78:b0:bd:1e:2e:dc:c3:8e:59:19:f6:f0:f0:e1:
c6:47:ec:38:4e:6b:19:cb:70:9c:1c:06:63:bb:50:02:f7:1f:
59:22:c4:ed:89:3d:39:01:7c:6a:55:52:87:30:fe:02:5f:a8:
2e:f4:83:6b:af:f6:67:69:45:bf:07:0d:1c:a6:da:26:18:4f:
62:42:44:b4:b6:ff:af:fc:fa:d5:fd:d3:64:33:c8:89:f7:58:
c8:08:4e:d8:d0:1e:dc:34:53:29:2f:93:c6:92:f7:6f:be:c0:
a0:c9:8d:41:94:75:e7:b9:36:ce:c9:12:e0:78:5d:72:20:30:
68:54:8a:e6:8f:68:c9:fb:15:00:76:67:a3:a3:cc:2a:2a:11:
df:ad:a6:b8
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZE
NUMxOUFGMTEwLwYDVQQFEyg0MEU0MzVEN0YzMTQxNUFGQ0U1N0QwREU5NTA5Qjc4
NjJGOTYwQTU3MB4XDTE5MDUyMTA5MjUwNVoXDTI5MDUzMTA5MjUwNVowGDEWMBQG
A1UEAxMNNWNlM2MzZjYtNmE1ZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK7mc2DqiHEhAA8Opbk7mYKCEfSHeUhFXkQZz87YDb49vzoG8v5Wnqm+ierC
nnaYLxCU1OBU/nSHJ3PBkZ4E7D/t8+H6JdaRL4kbnUAJb+tjoZ0K4DTKXvL9lL5v
duW53UiJ4RC/2xQCKc3dyKVYf5gYJHTewJJZ+HeSl0FWueLieiSRcrFLZ4sNgWae
uT4dnECr2WpMBGowpVXDwg44Smetscm2uy9xeC7llwsOGN4lNZCWe4Bd91XMqndU
3cxPP3TnhvY2ihRv4r/Ag8wJDbiLbHAI37qzFEOEjukMiyC54nLlbFmGZKunuWo5
dKFaAHJ/WzB2mdrpJ7vNq4dZS7cCAwEAAaOCAm4wggJqMB0GA1UdDgQWBBTPPRv0
F11RkAZHMEkaCqeadsN6cjAfBgNVHSMEGDAWgBRA5DXX8xQVr85X0N6VCbeGL5YK
VzAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2RDVDMTkvNkQxMUI3MTY3QkE3MTFFOUIwOTE1NTNDRjhBRUEyMjgvUU9RMTFf
TVVGYV9PVjlEZWxRbTNoaS1XQ2xjLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvUU9RMTFfTVVGYV9PVjlEZWxRbTNoaS1XQ2xjLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCBpAYIKwYBBQUHAQsEgZcwgZQwgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2RDVDMTkvNkQxMUI3MTY3QkE3MTFFOUIwOTE1NTNDRjhB
RUEyMjgvNTQyMjBEMjA3QkFBMTFFOUJFRTA4QTNFRjhBRUEyMjgucm9hMB8GCCsG
AQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEmkKwMA0GCSqGSIb3DQEBCwUAA4IBAQDO
o8UC0D2dZY2zykI07e76603CTmykNE33jrxET12ZaEv5anIz88GXNoICOjGKDA5j
Z22mXR3Uy9HInXBkfj71pcOXTtFHsFnjfa+P9KZtxdl6O7Op31Px4UaQUztZqAN+
9bmEk1tqUXXgdUEVqPVaeLC9Hi7cw45ZGfbw8OHGR+w4TmsZy3CcHAZju1AC9x9Z
IsTtiT05AXxqVVKHMP4CX6gu9INrr/ZnaUW/Bw0cptomGE9iQkS0tv+v/PrV/dNk
M8iJ91jICE7Y0B7cNFMpL5PGkvdvvsCgyY1BlHXnuTbOyRLgeF1yIDBoVIrmj2jJ
+xUAdmejo8wqKhHfraa4
-----END CERTIFICATE-----
Generated at Mon Nov 25 03:00:15 2024 by rpki-client on console-fra.rpki-client.org