Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36E29ED/1C5B5D02DC0911EC9CEBDE9BF1222468/16A921E4DC0B11EC947D03A2F1222468.roa
File: 16A921E4DC0B11EC947D03A2F1222468.roa (raw, json)
Hash identifier: vGBFcYwGWSd28shsl6wLto7Mn3qQgY7dKVAEPsi5kBs=
Subject key identifier: F5:FA:9E:7F:EB:0E:CF:37:4B:4D:BB:C7:3F:B1:5B:25:A5:00:2D:4A
Certificate issuer: /CN=F36E29EDAF/serialNumber=2A3CC9E5519A5A5BB13D08310CA934824896FA5A
Certificate serial: 05
Authority key identifier: 2A:3C:C9:E5:51:9A:5A:5B:B1:3D:08:31:0C:A9:34:82:48:96:FA:5A
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/KjzJ5VGaWluxPQgxDKk0gkiW-lo.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36E29ED/1C5B5D02DC0911EC9CEBDE9BF1222468/16A921E4DC0B11EC947D03A2F1222468.roa
Signing time: Wed 25 May 2022 09:14:33 +0000
ROA not before: Wed 25 May 2022 09:14:29 +0000
ROA not after: Tue 25 May 2032 09:14:29 +0000
asID: 327996
IP address blocks: 102.132.32.0/19 maxlen: 24
196.11.176.0/21 maxlen: 24
196.251.128.0/21 maxlen: 24
2c0f:5a00::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36E29ED/1C5B5D02DC0911EC9CEBDE9BF1222468/KjzJ5VGaWluxPQgxDKk0gkiW-lo.crl
rsync://rpki.afrinic.net/repository/member_repository/F36E29ED/1C5B5D02DC0911EC9CEBDE9BF1222468/KjzJ5VGaWluxPQgxDKk0gkiW-lo.mft
rsync://rpki.afrinic.net/repository/afrinic/KjzJ5VGaWluxPQgxDKk0gkiW-lo.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 12 May 2024 00:04:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5 (0x5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36E29EDAF/serialNumber=2A3CC9E5519A5A5BB13D08310CA934824896FA5A
Validity
Not Before: May 25 09:14:29 2022 GMT
Not After : May 25 09:14:29 2032 GMT
Subject: CN=628df378-0d3c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:3d:28:cf:d2:cc:3d:99:6d:5d:0a:5d:de:02:
d2:23:78:05:b4:f9:ad:93:34:7e:89:37:27:73:89:
fa:f7:24:1e:15:ab:a4:8d:e8:ca:18:39:72:e6:ad:
22:94:06:1e:d4:b8:08:de:40:14:b5:f5:49:6a:26:
0e:b7:e5:b3:19:77:4f:ac:b5:65:7e:91:2f:ec:3c:
76:25:fb:94:bf:20:72:6e:52:0b:b0:2c:88:d8:ce:
bf:63:f1:14:95:6c:40:60:7c:f6:bc:51:2a:d9:aa:
6c:b4:c4:02:50:b2:90:f2:e7:30:ac:12:59:3e:87:
73:bf:2e:0a:3c:ee:da:7e:73:ec:21:12:07:5a:4a:
66:ce:44:63:90:72:55:c1:f8:85:8d:bc:e8:99:09:
32:2a:27:17:1e:de:e1:72:02:fc:6f:58:9f:e7:05:
7a:03:d3:30:52:d1:db:52:d6:0d:b0:40:84:2b:29:
9e:7e:43:9d:e5:9c:ef:29:1b:41:13:a9:63:69:d3:
d9:7f:a8:17:0c:ea:90:b1:53:da:d5:f9:38:57:d0:
73:aa:a4:c4:5e:46:9d:ca:be:8c:da:52:aa:ab:23:
fe:13:95:1b:6f:50:b2:24:5e:b5:f0:84:25:f5:c1:
de:3a:4c:32:ac:d8:94:95:1b:d0:68:b3:de:2b:64:
13:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:FA:9E:7F:EB:0E:CF:37:4B:4D:BB:C7:3F:B1:5B:25:A5:00:2D:4A
X509v3 Authority Key Identifier:
keyid:2A:3C:C9:E5:51:9A:5A:5B:B1:3D:08:31:0C:A9:34:82:48:96:FA:5A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36E29ED/1C5B5D02DC0911EC9CEBDE9BF1222468/KjzJ5VGaWluxPQgxDKk0gkiW-lo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/KjzJ5VGaWluxPQgxDKk0gkiW-lo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36E29ED/1C5B5D02DC0911EC9CEBDE9BF1222468/16A921E4DC0B11EC947D03A2F1222468.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.132.32.0/19
196.11.176.0/21
196.251.128.0/21
IPv6:
2c0f:5a00::/32
Signature Algorithm: sha256WithRSAEncryption
7a:fe:92:83:be:36:58:bc:62:1c:d0:23:5c:51:e2:ae:de:a3:
4e:42:d3:72:1e:a0:a6:5d:62:82:89:d4:76:34:85:24:6f:2c:
e2:5e:bc:66:ff:6e:56:49:30:6a:fb:5e:d8:09:7f:ef:ca:be:
c4:2b:82:50:7f:31:ab:07:4a:39:9b:2f:b8:7e:af:ac:c2:3a:
9f:5f:3c:71:f2:d9:6d:b5:48:4e:76:41:b6:fb:e2:7e:f2:66:
54:67:8d:2e:dd:8d:d1:d0:4d:8f:ae:7e:b6:54:4a:e1:c6:b9:
2b:59:09:3d:e2:f9:d0:53:6a:16:ff:2f:6c:e8:6f:6e:c0:e5:
cf:5f:b5:79:53:a6:1c:32:34:d6:e2:88:fb:4c:f0:c4:91:83:
51:b4:cd:a9:bb:b6:44:27:63:06:a1:6d:84:a1:46:af:96:a6:
45:cd:7c:2d:5c:f2:4d:0e:bd:16:59:01:d7:33:5e:37:fa:ea:
90:5f:d2:e3:a6:a0:92:ae:a0:17:e8:6e:d8:11:2f:05:c2:0c:
59:71:f5:52:33:61:22:22:d9:fa:39:e4:ef:77:0a:3a:b2:63:
fd:34:a9:8d:6d:66:eb:16:99:a7:50:17:21:f9:03:72:44:e1:
ae:03:52:39:c8:d3:b7:f6:0a:73:e1:59:cb:2d:22:67:63:53:
5d:77:d5:a6
-----BEGIN CERTIFICATE-----
MIIFnTCCBIWgAwIBAgIBBTANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDDApGMzZF
MjlFREFGMTEwLwYDVQQFEygyQTNDQzlFNTUxOUE1QTVCQjEzRDA4MzEwQ0E5MzQ4
MjQ4OTZGQTVBMB4XDTIyMDUyNTA5MTQyOVoXDTMyMDUyNTA5MTQyOVowGDEWMBQG
A1UEAwwNNjI4ZGYzNzgtMGQzYzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALE9KM/SzD2ZbV0KXd4C0iN4BbT5rZM0fok3J3OJ+vckHhWrpI3oyhg5cuat
IpQGHtS4CN5AFLX1SWomDrflsxl3T6y1ZX6RL+w8diX7lL8gcm5SC7AsiNjOv2Px
FJVsQGB89rxRKtmqbLTEAlCykPLnMKwSWT6Hc78uCjzu2n5z7CESB1pKZs5EY5By
VcH4hY286JkJMionFx7e4XIC/G9Yn+cFegPTMFLR21LWDbBAhCspnn5DneWc7ykb
QROpY2nT2X+oFwzqkLFT2tX5OFfQc6qkxF5Gncq+jNpSqqsj/hOVG29QsiRetfCE
JfXB3jpMMqzYlJUb0Giz3itkEzkCAwEAAaOCAsAwggK8MB0GA1UdDgQWBBT1+p5/
6w7PN0tNu8c/sVslpQAtSjAfBgNVHSMEGDAWgBQqPMnlUZpaW7E9CDEMqTSCSJb6
WjAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2RTI5RUQvMUM1QjVEMDJEQzA5MTFFQzlDRUJERTlCRjEyMjI0NjgvS2p6SjVW
R2FXbHV4UFFneERLazBna2lXLWxvLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvS2p6SjVWR2FXbHV4UFFneERLazBna2lXLWxvLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2RTI5RUQvMUM1QjVEMDJEQzA5MTFFQzlDRUJERTlCRjEy
MjI0NjgvMTZBOTIxRTREQzBCMTFFQzk0N0QwM0EyRjEyMjI0Njgucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDA6BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEBWaEIAMEA8QLsAMEA8T7gDAN
BAIAAjAHAwUALA9aADANBgkqhkiG9w0BAQsFAAOCAQEAev6Sg742WLxiHNAjXFHi
rt6jTkLTch6gpl1igonUdjSFJG8s4l68Zv9uVkkwavte2Al/78q+xCuCUH8xqwdK
OZsvuH6vrMI6n188cfLZbbVITnZBtvvifvJmVGeNLt2N0dBNj65+tlRK4ca5K1kJ
PeL50FNqFv8vbOhvbsDlz1+1eVOmHDI01uKI+0zwxJGDUbTNqbu2RCdjBqFthKFG
r5amRc18LVzyTQ69FlkB1zNeN/rqkF/S46agkq6gF+hu2BEvBcIMWXH1UjNhIiLZ
+jnk73cKOrJj/TSpjW1m6xaZp1AXIfkDckThrgNSOcjTt/YKc+FZyy0iZ2NTXXfV
pg==
-----END CERTIFICATE-----
Generated at Fri May 10 03:24:15 2024 by rpki-client on console-fra.rpki-client.org