Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36E373D/4D22ACD68B7311E9A49A4368F8AEA228/9132C716F59111E9AF6CD33BF8AEA228.roa
File: 9132C716F59111E9AF6CD33BF8AEA228.roa (raw, json)
Hash identifier: rXypH2zp9nVVHeDRCTVV4b8eCSlSkXxt3YUitRlyOEk=
Subject key identifier: 8B:D3:A6:00:0E:57:EF:E4:32:9C:64:96:15:89:0A:79:E2:B4:BD:C8
Certificate issuer: /CN=F36E373DAF/serialNumber=FD8E045884B1669EBD430AE566721D97404A6CE8
Certificate serial: 92
Authority key identifier: FD:8E:04:58:84:B1:66:9E:BD:43:0A:E5:66:72:1D:97:40:4A:6C:E8
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/_Y4EWISxZp69QwrlZnIdl0BKbOg.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36E373D/4D22ACD68B7311E9A49A4368F8AEA228/9132C716F59111E9AF6CD33BF8AEA228.roa
Signing time: Wed 23 Oct 2019 12:35:17 +0000
ROA not before: Wed 23 Oct 2019 12:35:12 +0000
ROA not after: Wed 31 Oct 2029 12:35:12 +0000
asID: 327733
IP address blocks: 154.72.8.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36E373D/4D22ACD68B7311E9A49A4368F8AEA228/_Y4EWISxZp69QwrlZnIdl0BKbOg.crl
rsync://rpki.afrinic.net/repository/member_repository/F36E373D/4D22ACD68B7311E9A49A4368F8AEA228/_Y4EWISxZp69QwrlZnIdl0BKbOg.mft
rsync://rpki.afrinic.net/repository/afrinic/_Y4EWISxZp69QwrlZnIdl0BKbOg.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 03 Jun 2024 00:05:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 146 (0x92)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36E373DAF/serialNumber=FD8E045884B1669EBD430AE566721D97404A6CE8
Validity
Not Before: Oct 23 12:35:12 2019 GMT
Not After : Oct 31 12:35:12 2029 GMT
Subject: CN=5db04905-a230
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:24:54:c4:82:4e:32:28:98:47:80:c6:f1:8c:
de:2e:30:66:05:3b:48:34:61:29:9a:a8:06:29:35:
2b:68:ed:28:e2:f3:e1:e1:00:8a:0e:cf:60:28:4c:
b1:3e:07:06:2b:22:8a:c4:bb:71:16:9a:1a:c7:be:
03:7c:aa:88:e0:5e:84:67:e7:2e:35:d3:fe:a9:56:
00:16:af:2a:3d:ea:3b:b6:ca:c6:66:97:d6:e8:ba:
02:73:cf:44:39:8f:f8:5d:bd:63:74:38:75:3f:7f:
7d:fa:b4:b4:4d:d3:c7:1b:91:2a:3e:ed:83:7d:89:
a0:ac:c9:6f:b5:bd:44:d1:6b:83:98:2c:3d:c1:2f:
12:dc:88:18:41:e6:7b:c7:ca:f4:ba:06:82:6a:24:
bb:f8:3c:0f:56:f5:48:f8:3a:76:10:45:69:77:d6:
e4:68:46:4e:95:81:2c:a3:07:00:19:57:a8:26:c7:
dd:48:eb:a1:37:0d:10:6d:6e:bd:79:41:3c:aa:a7:
bd:9b:8c:cd:30:c6:8a:55:b0:69:66:d7:43:00:2c:
f6:9c:ab:ed:db:5b:93:29:57:55:f3:c5:e0:52:e3:
96:ec:31:52:03:ed:c7:e7:09:66:dc:75:5f:77:0c:
e6:fb:86:7a:4a:19:65:2f:6a:d9:c3:41:db:fb:26:
73:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:D3:A6:00:0E:57:EF:E4:32:9C:64:96:15:89:0A:79:E2:B4:BD:C8
X509v3 Authority Key Identifier:
keyid:FD:8E:04:58:84:B1:66:9E:BD:43:0A:E5:66:72:1D:97:40:4A:6C:E8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36E373D/4D22ACD68B7311E9A49A4368F8AEA228/_Y4EWISxZp69QwrlZnIdl0BKbOg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/_Y4EWISxZp69QwrlZnIdl0BKbOg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36E373D/4D22ACD68B7311E9A49A4368F8AEA228/9132C716F59111E9AF6CD33BF8AEA228.roa
sbgp-ipAddrBlock: critical
IPv4:
154.72.8.0/22
Signature Algorithm: sha256WithRSAEncryption
07:9a:83:c3:d7:d4:f4:ca:b5:49:d5:d5:a9:62:06:9c:6c:fb:
b6:60:a5:61:bc:a3:a4:3d:1b:a1:9a:44:c0:7f:d8:5c:81:38:
34:7e:cb:78:8d:d2:e5:3b:b2:19:3b:55:54:97:72:66:21:82:
a9:11:44:e8:e3:d8:6f:2d:5e:3f:ef:f9:e6:18:c9:eb:14:1c:
a9:88:a9:70:08:21:80:bb:ba:96:c9:68:50:7f:56:70:95:43:
3d:bd:d1:ae:99:9c:95:f8:6a:e2:0a:da:65:24:8c:91:1e:f4:
0a:9c:b3:0a:60:ed:5f:7d:70:82:0a:09:0a:1f:86:dc:44:29:
8d:2f:99:bc:c4:5c:36:fa:73:c8:0a:4a:93:f8:ce:02:01:e0:
c0:d1:0e:0b:89:df:34:1b:5a:78:05:dc:a7:c4:0d:83:d5:d3:
a2:44:8f:76:89:5e:e9:bf:45:15:21:19:6d:18:80:c2:ab:95:
b9:8d:24:39:32:a7:91:65:e6:5c:b2:c0:eb:fb:3f:74:42:ec:
d2:c6:19:14:ac:e0:26:d2:d7:79:42:2f:45:3e:55:98:37:e3:
f1:cd:3e:66:b5:25:40:12:f8:b9:ec:37:5e:bf:cb:42:33:36:
14:c7:8f:2b:c0:5c:d4:24:4e:33:5a:71:d0:13:01:fd:3d:d7:
8d:2b:6c:6f
-----BEGIN CERTIFICATE-----
MIIFTDCCBDSgAwIBAgICAJIwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
RTM3M0RBRjExMC8GA1UEBRMoRkQ4RTA0NTg4NEIxNjY5RUJENDMwQUU1NjY3MjFE
OTc0MDRBNkNFODAeFw0xOTEwMjMxMjM1MTJaFw0yOTEwMzExMjM1MTJaMBgxFjAU
BgNVBAMTDTVkYjA0OTA1LWEyMzAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDgJFTEgk4yKJhHgMbxjN4uMGYFO0g0YSmaqAYpNSto7Sji8+HhAIoOz2Ao
TLE+BwYrIorEu3EWmhrHvgN8qojgXoRn5y410/6pVgAWryo96ju2ysZml9bougJz
z0Q5j/hdvWN0OHU/f336tLRN08cbkSo+7YN9iaCsyW+1vUTRa4OYLD3BLxLciBhB
5nvHyvS6BoJqJLv4PA9W9Uj4OnYQRWl31uRoRk6VgSyjBwAZV6gmx91I66E3DRBt
br15QTyqp72bjM0wxopVsGlm10MALPacq+3bW5MpV1XzxeBS45bsMVID7cfnCWbc
dV93DOb7hnpKGWUvatnDQdv7JnMNAgMBAAGjggJuMIICajAdBgNVHQ4EFgQUi9Om
AA5X7+QynGSWFYkKeeK0vcgwHwYDVR0jBBgwFoAU/Y4EWISxZp69QwrlZnIdl0BK
bOgwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkUzNzNELzREMjJBQ0Q2OEI3MzExRTlBNDlBNDM2OEY4QUVBMjI4L19ZNEVX
SVN4WnA2OVF3cmxabklkbDBCS2JPZy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL19ZNEVXSVN4WnA2OVF3cmxabklkbDBCS2JPZy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkUzNzNELzREMjJBQ0Q2OEI3MzExRTlBNDlBNDM2OEY4
QUVBMjI4LzkxMzJDNzE2RjU5MTExRTlBRjZDRDMzQkY4QUVBMjI4LnJvYTAfBggr
BgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAppICDANBgkqhkiG9w0BAQsFAAOCAQEA
B5qDw9fU9Mq1SdXVqWIGnGz7tmClYbyjpD0boZpEwH/YXIE4NH7LeI3S5TuyGTtV
VJdyZiGCqRFE6OPYby1eP+/55hjJ6xQcqYipcAghgLu6lsloUH9WcJVDPb3Rrpmc
lfhq4graZSSMkR70CpyzCmDtX31wggoJCh+G3EQpjS+ZvMRcNvpzyApKk/jOAgHg
wNEOC4nfNBtaeAXcp8QNg9XTokSPdole6b9FFSEZbRiAwquVuY0kOTKnkWXmXLLA
6/s/dELs0sYZFKzgJtLXeUIvRT5VmDfj8c0+ZrUlQBL4uew3Xr/LQjM2FMePK8Bc
1CROM1px0BMB/T3XjStsbw==
-----END CERTIFICATE-----
Generated at Sat Jun 1 02:01:09 2024 by rpki-client on console-ams.rpki-client.org