Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36EC7CE/82014A10989911E9B7396A33F8AEA228/57B1CD5CDF7011E994C8153BF8AEA228.roa
File: 57B1CD5CDF7011E994C8153BF8AEA228.roa (raw, json)
Hash identifier: zjnpjvYJ2wSjAd/hAZmaBFc5QxQdM4l8os6iExNvOEE=
Subject key identifier: 45:64:8C:D2:4B:41:31:57:CA:59:F3:A4:97:FB:18:6B:47:F3:3E:77
Certificate issuer: /CN=F36EC7CEAF/serialNumber=0E040ABF4F945F30D77DA28BBF028B6AC49D042C
Certificate serial: 72
Authority key identifier: 0E:04:0A:BF:4F:94:5F:30:D7:7D:A2:8B:BF:02:8B:6A:C4:9D:04:2C
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/DgQKv0-UXzDXfaKLvwKLasSdBCw.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36EC7CE/82014A10989911E9B7396A33F8AEA228/57B1CD5CDF7011E994C8153BF8AEA228.roa
Signing time: Wed 25 Sep 2019 08:42:02 +0000
ROA not before: Wed 25 Sep 2019 08:41:57 +0000
ROA not after: Sun 25 Sep 2039 08:41:57 +0000
asID: 327795
IP address blocks: 154.118.224.0/21 maxlen: 32
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36EC7CE/82014A10989911E9B7396A33F8AEA228/DgQKv0-UXzDXfaKLvwKLasSdBCw.crl
rsync://rpki.afrinic.net/repository/member_repository/F36EC7CE/82014A10989911E9B7396A33F8AEA228/DgQKv0-UXzDXfaKLvwKLasSdBCw.mft
rsync://rpki.afrinic.net/repository/afrinic/DgQKv0-UXzDXfaKLvwKLasSdBCw.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 114 (0x72)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36EC7CEAF/serialNumber=0E040ABF4F945F30D77DA28BBF028B6AC49D042C
Validity
Not Before: Sep 25 08:41:57 2019 GMT
Not After : Sep 25 08:41:57 2039 GMT
Subject: CN=5d8b2859-b9bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:a8:46:e9:a2:d2:4e:9e:39:ce:da:38:85:0f:
cc:ce:f4:b3:01:02:fa:d2:e0:6f:f5:86:17:a0:97:
48:2d:58:bc:ac:a0:cc:36:29:70:b7:16:09:27:7a:
c7:e9:0e:48:da:db:dc:7c:f4:fa:6a:ca:a6:22:21:
20:4c:bd:1b:da:8a:79:78:40:6b:85:25:cd:dd:53:
50:56:d8:8d:c9:bc:46:0c:2a:ff:74:16:85:39:d0:
01:60:97:83:1e:3d:61:a1:bf:3c:be:ab:4a:e8:e4:
51:d0:17:44:3a:f3:06:a2:45:6d:00:ed:f3:22:80:
d0:34:d7:de:b3:bc:44:21:05:3b:b5:83:90:df:7a:
2a:c1:aa:03:56:3f:5c:59:d9:5f:63:7d:0f:82:38:
bf:31:d1:6a:c7:3f:d1:5c:e3:26:3e:f5:b1:c3:09:
b4:1d:ce:3b:44:e8:01:c1:ba:59:ca:33:c0:ba:11:
c8:fb:87:62:66:88:c0:0a:bc:8e:94:d2:1a:ab:4e:
be:6b:dd:55:72:0f:b4:fa:e3:bb:eb:d6:d8:94:35:
cf:43:b9:3d:77:b3:21:b0:7f:4f:26:a5:8e:d4:8f:
f7:a9:5e:03:be:e6:6f:5d:18:86:34:12:0e:45:ca:
f3:15:78:cc:8a:79:49:42:31:13:80:e8:5f:05:41:
6a:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:64:8C:D2:4B:41:31:57:CA:59:F3:A4:97:FB:18:6B:47:F3:3E:77
X509v3 Authority Key Identifier:
keyid:0E:04:0A:BF:4F:94:5F:30:D7:7D:A2:8B:BF:02:8B:6A:C4:9D:04:2C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36EC7CE/82014A10989911E9B7396A33F8AEA228/DgQKv0-UXzDXfaKLvwKLasSdBCw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/DgQKv0-UXzDXfaKLvwKLasSdBCw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36EC7CE/82014A10989911E9B7396A33F8AEA228/57B1CD5CDF7011E994C8153BF8AEA228.roa
sbgp-ipAddrBlock: critical
IPv4:
154.118.224.0/21
Signature Algorithm: sha256WithRSAEncryption
1a:35:bf:66:43:57:0c:54:ca:c4:d2:e3:02:68:92:ba:4d:d5:
d0:da:ec:a2:8f:b4:88:58:15:5f:22:8c:38:61:92:34:4d:2a:
98:16:7a:44:35:ef:51:ac:da:d2:a8:df:72:f4:5c:ca:6c:0b:
59:0a:1e:80:b9:2b:36:47:16:c5:a7:47:ac:aa:ca:25:88:cc:
30:6e:75:dd:61:d5:00:a0:d5:78:af:c1:0a:8c:58:2a:86:8a:
63:50:93:fc:08:11:e9:7d:db:9e:48:e9:f7:c0:db:bc:02:8a:
d1:c4:64:c0:33:8f:91:e3:90:a9:1e:a1:7a:38:63:b2:d5:33:
c7:3c:dd:f6:26:16:74:a2:a6:93:39:29:af:f6:7e:21:4f:c9:
2f:4d:c8:b2:49:d9:d5:2f:13:32:40:d9:e2:f0:2f:97:55:88:
47:c3:0b:be:24:49:de:cc:7b:f6:fd:13:81:a7:88:ee:cc:9a:
b7:f8:db:72:50:24:69:c3:de:04:f4:0a:63:77:4d:3f:70:21:
7b:15:cb:02:46:fd:9d:d6:18:f5:43:44:b6:22:19:06:ed:b0:
da:28:8a:af:e4:7b:fc:a8:01:e7:68:6d:b0:f8:b8:c0:49:9e:
c8:15:19:7f:a8:4b:b1:a1:59:4a:12:85:56:07:4c:14:51:8b:
d1:83:70:d9
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgIBcjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZF
QzdDRUFGMTEwLwYDVQQFEygwRTA0MEFCRjRGOTQ1RjMwRDc3REEyOEJCRjAyOEI2
QUM0OUQwNDJDMB4XDTE5MDkyNTA4NDE1N1oXDTM5MDkyNTA4NDE1N1owGDEWMBQG
A1UEAxMNNWQ4YjI4NTktYjliYzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN6oRumi0k6eOc7aOIUPzM70swEC+tLgb/WGF6CXSC1YvKygzDYpcLcWCSd6
x+kOSNrb3Hz0+mrKpiIhIEy9G9qKeXhAa4Ulzd1TUFbYjcm8Rgwq/3QWhTnQAWCX
gx49YaG/PL6rSujkUdAXRDrzBqJFbQDt8yKA0DTX3rO8RCEFO7WDkN96KsGqA1Y/
XFnZX2N9D4I4vzHRasc/0VzjJj71scMJtB3OO0ToAcG6WcozwLoRyPuHYmaIwAq8
jpTSGqtOvmvdVXIPtPrju+vW2JQ1z0O5PXezIbB/TyaljtSP96leA77mb10YhjQS
DkXK8xV4zIp5SUIxE4DoXwVBaiUCAwEAAaOCAm4wggJqMB0GA1UdDgQWBBRFZIzS
S0ExV8pZ86SX+xhrR/M+dzAfBgNVHSMEGDAWgBQOBAq/T5RfMNd9oou/AotqxJ0E
LDAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2RUM3Q0UvODIwMTRBMTA5ODk5MTFFOUI3Mzk2QTMzRjhBRUEyMjgvRGdRS3Yw
LVVYekRYZmFLTHZ3S0xhc1NkQkN3LmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvRGdRS3YwLVVYekRYZmFLTHZ3S0xhc1NkQkN3LmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCBpAYIKwYBBQUHAQsEgZcwgZQwgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2RUM3Q0UvODIwMTRBMTA5ODk5MTFFOUI3Mzk2QTMzRjhB
RUEyMjgvNTdCMUNENUNERjcwMTFFOTk0QzgxNTNCRjhBRUEyMjgucm9hMB8GCCsG
AQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDmnbgMA0GCSqGSIb3DQEBCwUAA4IBAQAa
Nb9mQ1cMVMrE0uMCaJK6TdXQ2uyij7SIWBVfIow4YZI0TSqYFnpENe9RrNrSqN9y
9FzKbAtZCh6AuSs2RxbFp0esqsoliMwwbnXdYdUAoNV4r8EKjFgqhopjUJP8CBHp
fdueSOn3wNu8AorRxGTAM4+R45CpHqF6OGOy1TPHPN32JhZ0oqaTOSmv9n4hT8kv
TciySdnVLxMyQNni8C+XVYhHwwu+JEnezHv2/ROBp4juzJq3+NtyUCRpw94E9Apj
d00/cCF7FcsCRv2d1hj1Q0S2IhkG7bDaKIqv5Hv8qAHnaG2w+LjASZ7IFRl/qEux
oVlKEoVWB0wUUYvRg3DZ
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:05:31 2024 by rpki-client on console-ams.rpki-client.org