Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36E0C57/A4AE8D863AC211EFA189D362762E951A/C398885E3AC311EF90F6DF67762E951A.roa
File: C398885E3AC311EF90F6DF67762E951A.roa (raw, json)
Hash identifier: ul3nn21hDO7UgXCYkLGPryVSInddXUiuHuE7QBhZSgU=
Subject key identifier: E9:3E:7D:18:24:23:D3:3D:19:CE:D1:7E:01:42:D3:57:9A:89:3D:2D
Certificate issuer: /CN=F36E0C57AF/serialNumber=461DE65E5A2C9F46CDB154470A142CEAB002A3E8
Certificate serial: 02
Authority key identifier: 46:1D:E6:5E:5A:2C:9F:46:CD:B1:54:47:0A:14:2C:EA:B0:02:A3:E8
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/Rh3mXlosn0bNsVRHChQs6rACo-g.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36E0C57/A4AE8D863AC211EFA189D362762E951A/C398885E3AC311EF90F6DF67762E951A.roa
Signing time: Fri 05 Jul 2024 11:43:15 +0000
ROA not before: Fri 05 Jul 2024 11:43:11 +0000
ROA not after: Fri 03 Jul 2026 11:43:11 +0000
asID: 37419
IP address blocks: 196.43.230.0/24 maxlen: 24
2001:43f8:610::/48 maxlen: 48
2001:43f8:611::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36E0C57/A4AE8D863AC211EFA189D362762E951A/Rh3mXlosn0bNsVRHChQs6rACo-g.crl
rsync://rpki.afrinic.net/repository/member_repository/F36E0C57/A4AE8D863AC211EFA189D362762E951A/Rh3mXlosn0bNsVRHChQs6rACo-g.mft
rsync://rpki.afrinic.net/repository/afrinic/Rh3mXlosn0bNsVRHChQs6rACo-g.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 26 Oct 2024 00:05:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36E0C57AF/serialNumber=461DE65E5A2C9F46CDB154470A142CEAB002A3E8
Validity
Not Before: Jul 5 11:43:11 2024 GMT
Not After : Jul 3 11:43:11 2026 GMT
Subject: CN=6687dc53-6888
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:a8:b7:19:c4:cc:4b:36:bd:6a:78:f5:13:00:
19:b0:b4:96:56:b7:2c:3b:8d:2d:62:73:35:5d:82:
88:59:5e:d7:a8:e0:2b:25:eb:0e:e1:cd:d3:67:f6:
ba:28:61:b3:84:e2:6e:50:56:27:60:7a:c5:d7:28:
1b:25:c4:56:e3:3d:60:d0:1e:2b:be:8f:8f:a4:2a:
30:3c:61:b1:fa:86:33:56:16:f6:e7:6a:5b:ea:2b:
07:54:ae:02:ce:75:b3:8f:92:a0:a1:3c:7d:cb:34:
2e:21:2c:30:05:91:f8:fe:af:1e:5f:61:81:93:0c:
d9:43:8a:f8:5b:13:17:47:82:24:d9:44:ae:27:4b:
a7:3d:eb:65:68:f7:fd:95:91:b1:87:42:db:6c:d8:
8b:c0:10:6c:42:75:1a:fb:15:ed:cf:4a:4f:5c:69:
4a:fb:64:c4:a0:d8:1a:09:64:75:dd:41:15:3f:14:
5d:fd:6a:da:28:e9:5c:6a:06:58:be:46:fd:f6:0a:
d8:48:f8:a1:c8:1b:cc:f6:65:18:bd:78:d4:84:93:
0a:8f:98:be:8a:35:32:15:2b:79:36:d9:a4:72:93:
52:91:6d:1c:76:47:97:94:49:e4:5a:19:94:23:71:
99:38:51:6b:b5:8f:dc:be:cf:17:b4:e8:3f:fd:c8:
fe:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:3E:7D:18:24:23:D3:3D:19:CE:D1:7E:01:42:D3:57:9A:89:3D:2D
X509v3 Authority Key Identifier:
keyid:46:1D:E6:5E:5A:2C:9F:46:CD:B1:54:47:0A:14:2C:EA:B0:02:A3:E8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36E0C57/A4AE8D863AC211EFA189D362762E951A/Rh3mXlosn0bNsVRHChQs6rACo-g.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/Rh3mXlosn0bNsVRHChQs6rACo-g.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36E0C57/A4AE8D863AC211EFA189D362762E951A/C398885E3AC311EF90F6DF67762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
196.43.230.0/24
IPv6:
2001:43f8:610::/47
Signature Algorithm: sha256WithRSAEncryption
32:9c:85:d6:1e:01:af:ae:5d:00:2b:a4:2d:a5:31:a4:a6:ec:
f8:1b:26:2a:ac:42:b9:cf:b5:2f:c0:25:d9:4f:d1:a4:38:69:
31:44:cb:78:65:04:ea:99:0f:a8:e5:84:7e:f7:a5:dd:33:c2:
87:7f:4f:22:aa:1c:42:6d:19:d3:38:c2:19:98:84:09:fd:ef:
e4:04:70:61:ab:73:26:ec:fc:05:5a:7c:27:ae:3a:a6:b8:4c:
18:2a:60:bf:87:cc:2e:34:c3:2c:e8:82:b3:84:6d:49:6b:dd:
63:33:ac:d0:de:c9:0a:71:43:cc:88:ea:0d:29:54:4b:78:12:
4f:16:b4:a6:4c:88:60:39:34:62:fe:78:a7:5f:b2:e0:f6:df:
fb:a8:c3:f8:bd:65:56:29:43:ec:e8:a2:27:a2:b1:5e:fc:78:
43:38:21:22:9c:3f:36:e5:36:3f:7b:ef:39:4a:4b:e3:c2:0e:
33:88:ce:5c:22:fc:ed:c2:7f:5b:93:e8:0f:95:f9:70:68:8d:
2e:e0:d3:ae:99:50:90:c9:e6:ce:bc:e7:e7:75:07:62:78:30:
d8:13:05:a9:be:a5:cf:b5:9f:d2:86:7f:59:cb:7a:f2:cb:61:
89:31:92:21:c3:df:62:d6:d6:b5:b6:69:b8:96:04:dc:c1:ce:
82:55:f8:fb
-----BEGIN CERTIFICATE-----
MIIFkzCCBHugAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZF
MEM1N0FGMTEwLwYDVQQFEyg0NjFERTY1RTVBMkM5RjQ2Q0RCMTU0NDcwQTE0MkNF
QUIwMDJBM0U4MB4XDTI0MDcwNTExNDMxMVoXDTI2MDcwMzExNDMxMVowGDEWMBQG
A1UEAxMNNjY4N2RjNTMtNjg4ODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM+otxnEzEs2vWp49RMAGbC0lla3LDuNLWJzNV2CiFle16jgKyXrDuHN02f2
uihhs4TiblBWJ2B6xdcoGyXEVuM9YNAeK76Pj6QqMDxhsfqGM1YW9udqW+orB1Su
As51s4+SoKE8fcs0LiEsMAWR+P6vHl9hgZMM2UOK+FsTF0eCJNlEridLpz3rZWj3
/ZWRsYdC22zYi8AQbEJ1GvsV7c9KT1xpSvtkxKDYGglkdd1BFT8UXf1q2ijpXGoG
WL5G/fYK2Ej4ocgbzPZlGL141ISTCo+Yvoo1MhUreTbZpHKTUpFtHHZHl5RJ5FoZ
lCNxmThRa7WP3L7PF7ToP/3I/uECAwEAAaOCArYwggKyMB0GA1UdDgQWBBTpPn0Y
JCPTPRnO0X4BQtNXmok9LTAfBgNVHSMEGDAWgBRGHeZeWiyfRs2xVEcKFCzqsAKj
6DAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2RTBDNTcvQTRBRThEODYzQUMyMTFFRkExODlEMzYyNzYyRTk1MUEvUmgzbVhs
b3NuMGJOc1ZSSENoUXM2ckFDby1nLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvUmgzbVhsb3NuMGJOc1ZSSENoUXM2ckFDby1nLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2RTBDNTcvQTRBRThEODYzQUMyMTFFRkExODlEMzYyNzYy
RTk1MUEvQzM5ODg4NUUzQUMzMTFFRjkwRjZERjY3NzYyRTk1MUEucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAwBggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEAMQr5jAPBAIAAjAJAwcBIAFD
+AYQMA0GCSqGSIb3DQEBCwUAA4IBAQAynIXWHgGvrl0AK6QtpTGkpuz4GyYqrEK5
z7UvwCXZT9GkOGkxRMt4ZQTqmQ+o5YR+96XdM8KHf08iqhxCbRnTOMIZmIQJ/e/k
BHBhq3Mm7PwFWnwnrjqmuEwYKmC/h8wuNMMs6IKzhG1Ja91jM6zQ3skKcUPMiOoN
KVRLeBJPFrSmTIhgOTRi/ninX7Lg9t/7qMP4vWVWKUPs6KInorFe/HhDOCEinD82
5TY/e+85Skvjwg4ziM5cIvztwn9bk+gPlflwaI0u4NOumVCQyebOvOfndQdieDDY
EwWpvqXPtZ/Shn9Zy3ryy2GJMZIhw99i1ta1tmm4lgTcwc6CVfj7
-----END CERTIFICATE-----
Generated at Thu Oct 24 07:10:27 2024 by rpki-client on console-ams.rpki-client.org