Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36D9765/17D92B5C92DC11EEBFDD584DD25BE465/F85FFC4692E611EEB2D6445FD25BE465.roa
File: F85FFC4692E611EEB2D6445FD25BE465.roa (raw, json)
Hash identifier: muWneFlHYojsneBSKzrZDz/udMZ/g3nNGVbhuecawWo=
Subject key identifier: 30:E1:F6:D1:F7:3E:74:B4:AC:57:B4:7C:91:EB:7E:81:2C:F0:BE:83
Certificate issuer: /CN=F36D9765AF/serialNumber=F91C9A55792C1B7246713FECC83A04D0B6BF1291
Certificate serial: 04
Authority key identifier: F9:1C:9A:55:79:2C:1B:72:46:71:3F:EC:C8:3A:04:D0:B6:BF:12:91
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/-RyaVXksG3JGcT_syDoE0La_EpE.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36D9765/17D92B5C92DC11EEBFDD584DD25BE465/F85FFC4692E611EEB2D6445FD25BE465.roa
Signing time: Mon 04 Dec 2023 20:52:00 +0000
ROA not before: Mon 04 Dec 2023 20:51:57 +0000
ROA not after: Tue 31 Dec 2030 20:51:57 +0000
asID: 37129
IP address blocks: 197.157.228.0/22 maxlen: 22
197.157.228.0/24 maxlen: 24
197.157.229.0/24 maxlen: 24
197.157.230.0/24 maxlen: 24
197.157.231.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36D9765/17D92B5C92DC11EEBFDD584DD25BE465/-RyaVXksG3JGcT_syDoE0La_EpE.crl
rsync://rpki.afrinic.net/repository/member_repository/F36D9765/17D92B5C92DC11EEBFDD584DD25BE465/-RyaVXksG3JGcT_syDoE0La_EpE.mft
rsync://rpki.afrinic.net/repository/afrinic/-RyaVXksG3JGcT_syDoE0La_EpE.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4 (0x4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36D9765AF/serialNumber=F91C9A55792C1B7246713FECC83A04D0B6BF1291
Validity
Not Before: Dec 4 20:51:57 2023 GMT
Not After : Dec 31 20:51:57 2030 GMT
Subject: CN=656e3bf0-c6c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:e5:b3:e1:6a:f1:9a:90:96:03:c6:9a:9f:61:
2e:da:bf:0d:f3:18:e9:37:ec:ea:9a:c6:c3:32:fe:
99:d5:3d:df:6f:8d:f6:3c:4e:d8:a2:d9:03:46:46:
9c:17:dd:72:ed:6b:0d:b1:8b:24:8d:26:f7:ec:2b:
77:3d:0f:0a:37:11:86:aa:41:ff:9d:33:92:3a:ae:
16:e9:92:1a:7c:06:d5:3e:d5:18:70:b9:df:7f:bb:
bf:f6:73:4d:a3:85:47:fd:46:02:31:93:cb:73:ab:
75:92:33:71:f8:bd:9c:8c:75:b9:df:40:4c:f7:e6:
8a:b2:ef:1c:7e:da:7b:37:96:17:00:c1:81:13:7f:
29:fc:08:c6:1e:67:02:7e:64:f9:1c:10:ea:1c:dd:
94:65:44:00:ca:d6:22:79:33:f1:ba:2e:33:af:8c:
e3:d1:77:fa:7f:c0:e0:5c:f3:a5:63:32:06:41:6d:
27:55:04:62:41:6e:fb:ca:d7:fa:56:d0:0e:e5:97:
b7:db:77:59:fb:04:ac:0c:eb:90:8f:98:9f:b2:70:
35:35:de:40:03:e4:35:2d:b1:05:76:f7:f2:0e:d4:
39:f3:d4:fe:0a:78:ed:5a:1a:44:ad:0b:48:f6:0d:
0e:9f:55:c9:8c:80:1f:b0:83:a7:c7:fa:f9:6e:91:
e8:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:E1:F6:D1:F7:3E:74:B4:AC:57:B4:7C:91:EB:7E:81:2C:F0:BE:83
X509v3 Authority Key Identifier:
keyid:F9:1C:9A:55:79:2C:1B:72:46:71:3F:EC:C8:3A:04:D0:B6:BF:12:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36D9765/17D92B5C92DC11EEBFDD584DD25BE465/-RyaVXksG3JGcT_syDoE0La_EpE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/-RyaVXksG3JGcT_syDoE0La_EpE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36D9765/17D92B5C92DC11EEBFDD584DD25BE465/F85FFC4692E611EEB2D6445FD25BE465.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
197.157.228.0/22
Signature Algorithm: sha256WithRSAEncryption
8a:96:a8:d3:81:28:96:45:1a:21:1d:03:fc:82:42:fc:37:ce:
e9:3c:ae:d4:61:2e:8e:5b:91:ac:a3:49:dd:9c:02:7e:d2:a8:
86:07:03:15:70:a7:39:fe:8e:b9:1c:ed:9c:4b:ca:82:da:b1:
46:1a:76:d4:f1:56:14:91:7a:7c:91:a1:c9:20:df:8d:79:df:
4d:c9:2e:04:c4:7a:0a:9d:96:28:8f:b7:7f:b1:f2:8d:6e:2e:
19:7f:07:66:2e:1b:c0:6f:67:36:3b:cb:d4:a2:b4:dc:a3:92:
fb:84:4b:59:ad:51:fb:1e:5c:82:40:ba:34:9f:bb:98:28:02:
01:c1:fe:04:13:a8:ec:ee:99:d5:52:9f:d3:c7:77:74:38:ab:
6d:8c:76:32:a7:db:5a:94:23:74:db:8f:6d:2e:47:61:9f:14:
ff:c5:31:a4:ae:7f:07:eb:79:20:80:24:11:03:c4:a9:d7:8c:
4d:e3:15:3c:a0:9f:7e:ca:5a:34:ec:48:ff:92:cf:85:0b:2f:
84:3e:73:ae:5d:72:c9:f3:38:09:e0:9e:7e:3a:88:ce:0b:2a:
2b:23:49:0a:d7:d6:8a:bb:ff:32:c1:2c:78:fc:09:76:8f:87:
c0:fa:a3:6e:20:59:87:9b:5f:db:cd:d0:a5:88:4e:bc:7b:43:
27:f2:90:cd
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBBDANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZE
OTc2NUFGMTEwLwYDVQQFEyhGOTFDOUE1NTc5MkMxQjcyNDY3MTNGRUNDODNBMDRE
MEI2QkYxMjkxMB4XDTIzMTIwNDIwNTE1N1oXDTMwMTIzMTIwNTE1N1owGDEWMBQG
A1UEAxMNNjU2ZTNiZjAtYzZjODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOfls+Fq8ZqQlgPGmp9hLtq/DfMY6Tfs6prGwzL+mdU932+N9jxO2KLZA0ZG
nBfdcu1rDbGLJI0m9+wrdz0PCjcRhqpB/50zkjquFumSGnwG1T7VGHC533+7v/Zz
TaOFR/1GAjGTy3OrdZIzcfi9nIx1ud9ATPfmirLvHH7aezeWFwDBgRN/KfwIxh5n
An5k+RwQ6hzdlGVEAMrWInkz8bouM6+M49F3+n/A4FzzpWMyBkFtJ1UEYkFu+8rX
+lbQDuWXt9t3WfsErAzrkI+Yn7JwNTXeQAPkNS2xBXb38g7UOfPU/gp47VoaRK0L
SPYNDp9VyYyAH7CDp8f6+W6R6JcCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBQw4fbR
9z50tKxXtHyR636BLPC+gzAfBgNVHSMEGDAWgBT5HJpVeSwbckZxP+zIOgTQtr8S
kTAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2RDk3NjUvMTdEOTJCNUM5MkRDMTFFRUJGREQ1ODRERDI1QkU0NjUvLVJ5YVZY
a3NHM0pHY1Rfc3lEb0UwTGFfRXBFLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvLVJ5YVZYa3NHM0pHY1Rfc3lEb0UwTGFfRXBFLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2RDk3NjUvMTdEOTJCNUM5MkRDMTFFRUJGREQ1ODRERDI1
QkU0NjUvRjg1RkZDNDY5MkU2MTFFRUIyRDY0NDVGRDI1QkU0NjUucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAsWd5DANBgkqhkiG9w0BAQsF
AAOCAQEAipao04EolkUaIR0D/IJC/DfO6Tyu1GEujluRrKNJ3ZwCftKohgcDFXCn
Of6OuRztnEvKgtqxRhp21PFWFJF6fJGhySDfjXnfTckuBMR6Cp2WKI+3f7HyjW4u
GX8HZi4bwG9nNjvL1KK03KOS+4RLWa1R+x5cgkC6NJ+7mCgCAcH+BBOo7O6Z1VKf
08d3dDirbYx2MqfbWpQjdNuPbS5HYZ8U/8UxpK5/B+t5IIAkEQPEqdeMTeMVPKCf
fspaNOxI/5LPhQsvhD5zrl1yyfM4CeCefjqIzgsqKyNJCtfWirv/MsEsePwJdo+H
wPqjbiBZh5tf283QpYhOvHtDJ/KQzQ==
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:52:59 2024 by rpki-client on console-fra.rpki-client.org