Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36E084C/6A9DAE420F5C11EA915D5341F8AEA228/86921EA0A38311EBBE2DD613F8AEA228.roa
File: 86921EA0A38311EBBE2DD613F8AEA228.roa (raw, json)
Hash identifier: Qdm1jwSuwMkCRXEjG6ft+SApHF6cYD5AROgyucfXjCM=
Subject key identifier: 3B:F4:D6:AB:40:29:A9:F1:BA:52:3C:D2:EF:16:0C:6B:2D:D5:1E:7F
Certificate issuer: /CN=F36E084CAF/serialNumber=BB9AF1B86F31ACF277AB3A06D18E79EF5C8BAD79
Certificate serial: 0211
Authority key identifier: BB:9A:F1:B8:6F:31:AC:F2:77:AB:3A:06:D1:8E:79:EF:5C:8B:AD:79
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/u5rxuG8xrPJ3qzoG0Y5571yLrXk.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36E084C/6A9DAE420F5C11EA915D5341F8AEA228/86921EA0A38311EBBE2DD613F8AEA228.roa
Signing time: Thu 22 Apr 2021 15:58:06 +0000
ROA not before: Thu 22 Apr 2021 15:58:01 +0000
ROA not after: Tue 22 Apr 2031 15:58:01 +0000
asID: 37704
IP address blocks: 196.223.21.0/24 maxlen: 24
2001:43f8:60::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36E084C/6A9DAE420F5C11EA915D5341F8AEA228/u5rxuG8xrPJ3qzoG0Y5571yLrXk.crl
rsync://rpki.afrinic.net/repository/member_repository/F36E084C/6A9DAE420F5C11EA915D5341F8AEA228/u5rxuG8xrPJ3qzoG0Y5571yLrXk.mft
rsync://rpki.afrinic.net/repository/afrinic/u5rxuG8xrPJ3qzoG0Y5571yLrXk.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 529 (0x211)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36E084CAF/serialNumber=BB9AF1B86F31ACF277AB3A06D18E79EF5C8BAD79
Validity
Not Before: Apr 22 15:58:01 2021 GMT
Not After : Apr 22 15:58:01 2031 GMT
Subject: CN=60819d0e-5359
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:3b:0d:cb:3f:ff:96:53:e8:d5:7b:ac:d1:70:
91:8d:b1:f7:0f:b2:01:29:09:df:51:49:19:86:ba:
bc:4e:5a:34:d9:66:6e:22:29:fd:15:a9:aa:7f:3d:
f9:f3:f4:f1:34:97:b9:e6:0e:e7:e2:10:7c:67:2b:
1b:18:ee:6b:12:59:0c:fb:62:b2:61:6f:96:da:14:
98:64:31:61:8d:5f:ba:55:85:61:23:0b:5d:fb:3d:
45:09:4f:5d:19:81:d4:ae:7b:dd:ce:65:79:c2:d1:
44:4f:e9:f4:15:72:2d:8e:99:c7:4b:f3:19:4b:3b:
ba:44:18:a6:64:d9:50:20:2d:92:15:33:38:dc:25:
aa:b7:2d:98:c0:7a:6b:34:dd:18:c9:c1:69:cf:c1:
1a:6e:95:19:e5:85:cd:5b:ca:87:27:c5:3e:bd:5f:
96:a4:0a:cb:29:82:38:52:ea:d1:a7:58:be:9d:23:
b6:3f:b0:59:28:72:88:9e:c4:9a:be:5c:52:27:6f:
fc:97:28:c7:c3:0c:52:67:37:a9:0d:32:dc:45:cd:
e5:21:63:27:e7:2d:81:32:dd:af:27:b1:07:11:b7:
7e:dc:7d:a5:f7:ee:4a:27:0d:41:b0:fc:d4:7c:0d:
29:30:82:97:39:69:47:d2:f6:df:b4:36:4e:86:a6:
4c:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:F4:D6:AB:40:29:A9:F1:BA:52:3C:D2:EF:16:0C:6B:2D:D5:1E:7F
X509v3 Authority Key Identifier:
keyid:BB:9A:F1:B8:6F:31:AC:F2:77:AB:3A:06:D1:8E:79:EF:5C:8B:AD:79
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36E084C/6A9DAE420F5C11EA915D5341F8AEA228/u5rxuG8xrPJ3qzoG0Y5571yLrXk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/u5rxuG8xrPJ3qzoG0Y5571yLrXk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36E084C/6A9DAE420F5C11EA915D5341F8AEA228/86921EA0A38311EBBE2DD613F8AEA228.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
196.223.21.0/24
IPv6:
2001:43f8:60::/48
Signature Algorithm: sha256WithRSAEncryption
8c:d9:91:9c:b4:e1:ba:0a:4f:6d:fe:60:63:6b:6a:29:de:b1:
71:bd:14:27:bf:7e:39:4c:09:64:84:7c:12:9d:89:8f:16:d3:
11:d8:11:a3:a0:9c:eb:c7:45:2e:c8:5c:2c:65:f0:7a:1f:9f:
e2:80:cf:6c:eb:a8:dd:55:75:7e:28:c3:ce:07:e4:39:8e:34:
d4:7a:9b:17:74:3e:c2:8c:07:ec:d8:01:8d:42:f0:3a:5e:14:
05:a8:07:3b:07:07:d6:2f:b7:a7:11:47:cc:fb:1f:a4:3c:6b:
60:7d:2f:03:14:88:cd:b0:2f:23:cd:b4:aa:80:4d:2d:7b:62:
3f:de:65:f0:d5:0d:54:04:35:3b:d2:f3:cc:9e:37:44:c0:78:
35:eb:f6:f9:0e:2e:b7:59:b7:da:e7:a5:5b:41:ee:34:97:fe:
f7:96:0f:92:ba:ef:03:47:7a:0a:38:22:3e:a2:fb:e1:0c:d6:
fa:7d:4a:24:af:9f:fe:9e:ec:7e:ed:5c:e1:21:01:60:44:cc:
f4:c6:4f:7e:63:b3:e9:45:fe:6f:f4:04:e7:8e:8e:f2:3e:1a:
c1:e0:80:85:6e:0a:fc:23:49:f7:ae:59:ca:76:32:59:59:04:
74:64:bc:b3:cd:f9:a9:28:12:2b:66:92:68:7b:8c:3b:46:93:
06:ea:3e:03
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgICAhEwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
RTA4NENBRjExMC8GA1UEBRMoQkI5QUYxQjg2RjMxQUNGMjc3QUIzQTA2RDE4RTc5
RUY1QzhCQUQ3OTAeFw0yMTA0MjIxNTU4MDFaFw0zMTA0MjIxNTU4MDFaMBgxFjAU
BgNVBAMTDTYwODE5ZDBlLTUzNTkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQD1Ow3LP/+WU+jVe6zRcJGNsfcPsgEpCd9RSRmGurxOWjTZZm4iKf0Vqap/
Pfnz9PE0l7nmDufiEHxnKxsY7msSWQz7YrJhb5baFJhkMWGNX7pVhWEjC137PUUJ
T10ZgdSue93OZXnC0URP6fQVci2OmcdL8xlLO7pEGKZk2VAgLZIVMzjcJaq3LZjA
ems03RjJwWnPwRpulRnlhc1byocnxT69X5akCsspgjhS6tGnWL6dI7Y/sFkocoie
xJq+XFInb/yXKMfDDFJnN6kNMtxFzeUhYyfnLYEy3a8nsQcRt37cfaX37konDUGw
/NR8DSkwgpc5aUfS9t+0Nk6GpkyRAgMBAAGjggK2MIICsjAdBgNVHQ4EFgQUO/TW
q0ApqfG6UjzS7xYMay3VHn8wHwYDVR0jBBgwFoAUu5rxuG8xrPJ3qzoG0Y5571yL
rXkwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkUwODRDLzZBOURBRTQyMEY1QzExRUE5MTVENTM0MUY4QUVBMjI4L3U1cnh1
Rzh4clBKM3F6b0cwWTU1NzF5THJYay5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL3U1cnh1Rzh4clBKM3F6b0cwWTU1NzF5THJYay5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkUwODRDLzZBOURBRTQyMEY1QzExRUE5MTVENTM0MUY4
QUVBMjI4Lzg2OTIxRUEwQTM4MzExRUJCRTJERDYxM0Y4QUVBMjI4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwMAYIKwYBBQUHAQcBAf8EITAfMAwEAgABMAYDBADE3xUwDwQCAAIwCQMHACAB
Q/gAYDANBgkqhkiG9w0BAQsFAAOCAQEAjNmRnLThugpPbf5gY2tqKd6xcb0UJ79+
OUwJZIR8Ep2JjxbTEdgRo6Cc68dFLshcLGXweh+f4oDPbOuo3VV1fijDzgfkOY40
1HqbF3Q+wowH7NgBjULwOl4UBagHOwcH1i+3pxFHzPsfpDxrYH0vAxSIzbAvI820
qoBNLXtiP95l8NUNVAQ1O9LzzJ43RMB4Nev2+Q4ut1m32uelW0HuNJf+95YPkrrv
A0d6CjgiPqL74QzW+n1KJK+f/p7sfu1c4SEBYETM9MZPfmOz6UX+b/QE546O8j4a
weCAhW4K/CNJ965ZynYyWVkEdGS8s835qSgSK2aSaHuMO0aTBuo+Aw==
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:10:19 2024 by rpki-client on console-fra.rpki-client.org