Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36E1028/10D59DBCC8A411ECB5E23199F1222468/05DD987EE12A11EEBF968C9D775412E6.roa
File: 05DD987EE12A11EEBF968C9D775412E6.roa (raw, json)
Hash identifier: GrTtmavb95kKmRvm7iTDLhvIm3hoIjSrT87MDqcdXU8=
Subject key identifier: 0B:CC:4A:A7:85:4B:16:83:96:00:E9:38:CB:66:C5:B5:05:5D:9B:49
Certificate issuer: /CN=F36E1028AF/serialNumber=7ECE78AE81BF4072B1DC4F6FB7E6CB9166252B34
Certificate serial: 02E0
Authority key identifier: 7E:CE:78:AE:81:BF:40:72:B1:DC:4F:6F:B7:E6:CB:91:66:25:2B:34
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/fs54roG_QHKx3E9vt-bLkWYlKzQ.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36E1028/10D59DBCC8A411ECB5E23199F1222468/05DD987EE12A11EEBF968C9D775412E6.roa
Signing time: Wed 13 Mar 2024 11:08:30 +0000
ROA not before: Wed 13 Mar 2024 11:08:26 +0000
ROA not after: Thu 24 Jun 2027 11:08:26 +0000
asID: 29286
IP address blocks: 196.200.252.0/23 maxlen: 23
196.200.254.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36E1028/10D59DBCC8A411ECB5E23199F1222468/fs54roG_QHKx3E9vt-bLkWYlKzQ.crl
rsync://rpki.afrinic.net/repository/member_repository/F36E1028/10D59DBCC8A411ECB5E23199F1222468/fs54roG_QHKx3E9vt-bLkWYlKzQ.mft
rsync://rpki.afrinic.net/repository/afrinic/fs54roG_QHKx3E9vt-bLkWYlKzQ.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 736 (0x2e0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36E1028AF/serialNumber=7ECE78AE81BF4072B1DC4F6FB7E6CB9166252B34
Validity
Not Before: Mar 13 11:08:26 2024 GMT
Not After : Jun 24 11:08:26 2027 GMT
Subject: CN=65f1892e-cb29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:2e:84:97:70:c2:c9:72:24:47:50:e3:6e:15:
11:7c:3c:81:1e:e1:b9:33:c1:e8:7a:b9:e7:fb:eb:
05:55:b8:eb:46:bc:d6:ea:94:c3:cd:98:51:1f:db:
9f:41:03:a9:96:3c:25:b8:b6:5e:49:39:62:cf:04:
aa:79:ef:a7:93:4c:5c:aa:26:c3:72:68:6b:81:8a:
5f:10:14:a3:1b:54:85:fe:5d:78:ee:c1:65:c3:27:
58:1c:84:e1:f6:b8:3a:3f:19:52:26:10:04:4a:89:
d2:bb:d9:f4:8f:ee:5c:fe:6b:70:eb:fd:ed:d2:2a:
7b:7f:fd:17:4b:74:30:ab:a4:60:d9:63:59:d9:87:
4d:ad:1d:9e:f3:ed:c2:41:7b:0b:48:4e:f0:43:80:
c2:cd:5f:4b:c8:67:d5:71:7b:fd:80:b2:ed:48:e0:
3f:e8:0e:25:80:d8:59:60:a8:ea:5d:eb:5a:86:71:
6a:d7:01:a2:d3:c7:97:36:c5:fb:d5:ff:2b:de:9a:
7b:eb:44:ba:ca:2b:c1:f7:bf:24:30:54:3a:4c:e7:
f4:8b:e4:cc:41:c4:26:58:79:fa:e0:ba:0b:d5:39:
3a:1e:4b:35:ac:e6:dc:a3:6e:40:21:c0:8f:e7:18:
51:6a:15:f9:1a:9f:8d:ff:a7:77:9b:3d:07:dd:5b:
2f:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:CC:4A:A7:85:4B:16:83:96:00:E9:38:CB:66:C5:B5:05:5D:9B:49
X509v3 Authority Key Identifier:
keyid:7E:CE:78:AE:81:BF:40:72:B1:DC:4F:6F:B7:E6:CB:91:66:25:2B:34
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36E1028/10D59DBCC8A411ECB5E23199F1222468/fs54roG_QHKx3E9vt-bLkWYlKzQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/fs54roG_QHKx3E9vt-bLkWYlKzQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36E1028/10D59DBCC8A411ECB5E23199F1222468/05DD987EE12A11EEBF968C9D775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
196.200.252.0/22
Signature Algorithm: sha256WithRSAEncryption
0f:1c:82:df:6f:4d:4b:7b:24:d8:fa:3f:c6:d7:4c:5e:01:a2:
27:51:cc:d7:27:25:65:fe:d1:91:d2:0b:64:ab:d3:53:cb:21:
c8:bb:9b:e9:31:31:46:43:cd:be:46:c0:f7:aa:06:42:29:82:
f5:c8:3d:2d:ed:3f:da:98:88:eb:ae:f3:49:34:7e:5a:79:2d:
d6:38:4f:5e:ad:2a:23:27:ca:d0:0d:4d:5d:d8:8d:e5:7d:af:
15:0f:da:31:72:60:5c:7f:0d:80:20:79:5c:5f:53:a3:b2:cb:
89:46:c9:07:9a:63:05:dc:8a:e8:bf:8d:bd:dd:40:e9:d3:31:
e9:12:72:54:32:35:fc:46:cb:e8:25:f7:41:69:47:80:21:8c:
ef:0d:77:7a:be:4c:92:31:aa:5c:50:00:de:0e:9d:68:34:fc:
08:2d:4d:78:57:cd:8a:31:45:ab:9c:95:91:7e:98:3b:a9:f8:
7a:e5:35:4f:ea:d2:aa:8d:22:35:4b:77:a9:23:3e:f3:56:0c:
49:44:84:0d:29:9d:ff:58:1d:eb:77:86:11:14:8f:33:0e:f0:
36:51:ce:91:07:a6:71:80:e6:5a:27:4d:1c:a1:cb:3f:17:2c:
94:f9:97:04:c7:d7:c7:2c:21:5f:77:e3:21:a5:fa:86:61:85:
7d:00:d1:b1
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICAuAwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
RTEwMjhBRjExMC8GA1UEBRMoN0VDRTc4QUU4MUJGNDA3MkIxREM0RjZGQjdFNkNC
OTE2NjI1MkIzNDAeFw0yNDAzMTMxMTA4MjZaFw0yNzA2MjQxMTA4MjZaMBgxFjAU
BgNVBAMTDTY1ZjE4OTJlLWNiMjkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCwLoSXcMLJciRHUONuFRF8PIEe4bkzweh6uef76wVVuOtGvNbqlMPNmFEf
259BA6mWPCW4tl5JOWLPBKp576eTTFyqJsNyaGuBil8QFKMbVIX+XXjuwWXDJ1gc
hOH2uDo/GVImEARKidK72fSP7lz+a3Dr/e3SKnt//RdLdDCrpGDZY1nZh02tHZ7z
7cJBewtITvBDgMLNX0vIZ9Vxe/2Asu1I4D/oDiWA2FlgqOpd61qGcWrXAaLTx5c2
xfvV/yvemnvrRLrKK8H3vyQwVDpM5/SL5MxBxCZYefrgugvVOToeSzWs5tyjbkAh
wI/nGFFqFfkan43/p3ebPQfdWy+vAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUC8xK
p4VLFoOWAOk4y2bFtQVdm0kwHwYDVR0jBBgwFoAUfs54roG/QHKx3E9vt+bLkWYl
KzQwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkUxMDI4LzEwRDU5REJDQzhBNDExRUNCNUUyMzE5OUYxMjIyNDY4L2ZzNTRy
b0dfUUhLeDNFOXZ0LWJMa1dZbEt6US5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL2ZzNTRyb0dfUUhLeDNFOXZ0LWJMa1dZbEt6US5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkUxMDI4LzEwRDU5REJDQzhBNDExRUNCNUUyMzE5OUYx
MjIyNDY4LzA1REQ5ODdFRTEyQTExRUVCRjk2OEM5RDc3NTQxMkU2LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBALEyPwwDQYJKoZIhvcNAQEL
BQADggEBAA8cgt9vTUt7JNj6P8bXTF4BoidRzNcnJWX+0ZHSC2Sr01PLIci7m+kx
MUZDzb5GwPeqBkIpgvXIPS3tP9qYiOuu80k0flp5LdY4T16tKiMnytANTV3YjeV9
rxUP2jFyYFx/DYAgeVxfU6Oyy4lGyQeaYwXciui/jb3dQOnTMekSclQyNfxGy+gl
90FpR4AhjO8Nd3q+TJIxqlxQAN4OnWg0/AgtTXhXzYoxRauclZF+mDup+HrlNU/q
0qqNIjVLd6kjPvNWDElEhA0pnf9YHet3hhEUjzMO8DZRzpEHpnGA5lonTRyhyz8X
LJT5lwTH18csIV934yGl+oZhhX0A0bE=
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:52:59 2024 by rpki-client on console-fra.rpki-client.org