Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36EE14C/5EA2D1DCDBE811EE89324E7F775412E6/1A07CB8EDBEA11EEA45EFA81775412E6.roa
File: 1A07CB8EDBEA11EEA45EFA81775412E6.roa (raw, json)
Hash identifier: Pkjs2jgzXCv29HKkqLFfvU1IeY4hITiyODVD/2YyWlE=
Subject key identifier: 25:B3:A1:67:C8:1D:1D:70:0F:36:E2:98:36:ED:BA:08:A5:B5:2C:8E
Certificate issuer: /CN=F36EE14CAF/serialNumber=DD8EE0395EFB34C4098E576E1FA95612F0AE108C
Certificate serial: 02
Authority key identifier: DD:8E:E0:39:5E:FB:34:C4:09:8E:57:6E:1F:A9:56:12:F0:AE:10:8C
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/3Y7gOV77NMQJjlduH6lWEvCuEIw.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36EE14C/5EA2D1DCDBE811EE89324E7F775412E6/1A07CB8EDBEA11EEA45EFA81775412E6.roa
Signing time: Wed 06 Mar 2024 18:48:20 +0000
ROA not before: Wed 06 Mar 2024 18:48:17 +0000
ROA not after: Mon 06 Mar 2034 18:48:17 +0000
asID: 37594
IP address blocks: 197.231.236.0/24 maxlen: 24
197.231.237.0/24 maxlen: 24
197.231.238.0/24 maxlen: 24
197.231.239.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36EE14C/5EA2D1DCDBE811EE89324E7F775412E6/3Y7gOV77NMQJjlduH6lWEvCuEIw.crl
rsync://rpki.afrinic.net/repository/member_repository/F36EE14C/5EA2D1DCDBE811EE89324E7F775412E6/3Y7gOV77NMQJjlduH6lWEvCuEIw.mft
rsync://rpki.afrinic.net/repository/afrinic/3Y7gOV77NMQJjlduH6lWEvCuEIw.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36EE14CAF/serialNumber=DD8EE0395EFB34C4098E576E1FA95612F0AE108C
Validity
Not Before: Mar 6 18:48:17 2024 GMT
Not After : Mar 6 18:48:17 2034 GMT
Subject: CN=65e8ba74-355e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:40:81:a4:81:2e:73:8d:d1:cb:d7:e6:7a:09:
d5:78:69:2f:b6:92:4a:1c:63:b2:0d:bc:ba:fd:49:
1d:5f:bf:47:11:0f:38:3d:b8:6a:c2:7e:ce:1c:7c:
9e:aa:e9:c8:7d:e6:ef:6e:c4:5e:77:16:f6:63:92:
5e:3c:ab:75:93:b7:84:ac:80:44:5f:58:23:32:08:
9d:49:a6:0d:99:26:8a:52:82:c1:8e:b3:b8:ce:c2:
92:fa:bc:b5:d6:be:65:35:b2:52:98:e2:91:ce:3a:
35:88:9d:6e:2c:dd:63:a9:e0:66:0f:b0:6a:1f:8c:
f5:5b:e8:5f:05:3a:b6:8d:89:4f:46:0d:e2:f5:5f:
53:5d:48:4b:11:9c:a7:2f:9a:cb:4f:d9:82:bf:7f:
72:a0:ac:3b:7a:b0:15:68:b2:9e:fe:91:b3:15:2b:
4d:f8:38:54:61:a8:01:06:b0:ac:d7:82:1e:32:85:
cc:6a:e0:89:e8:01:31:0a:08:f1:a4:69:a9:bd:e5:
9b:df:d7:f0:d1:26:fe:3f:22:8a:6d:cd:e1:8c:3f:
9b:90:5e:3f:0d:61:50:5e:7c:c2:84:c9:1f:e8:d6:
5c:6a:5b:c3:b4:18:d8:c0:b0:03:7d:7d:7e:e3:c8:
b2:18:7c:38:d2:a2:ea:36:c3:57:ba:54:59:4e:3e:
42:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:B3:A1:67:C8:1D:1D:70:0F:36:E2:98:36:ED:BA:08:A5:B5:2C:8E
X509v3 Authority Key Identifier:
keyid:DD:8E:E0:39:5E:FB:34:C4:09:8E:57:6E:1F:A9:56:12:F0:AE:10:8C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36EE14C/5EA2D1DCDBE811EE89324E7F775412E6/3Y7gOV77NMQJjlduH6lWEvCuEIw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/3Y7gOV77NMQJjlduH6lWEvCuEIw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36EE14C/5EA2D1DCDBE811EE89324E7F775412E6/1A07CB8EDBEA11EEA45EFA81775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
197.231.236.0/22
Signature Algorithm: sha256WithRSAEncryption
4d:e6:d0:c7:5a:ad:27:4e:b7:0b:6e:fa:7b:25:35:f3:ae:74:
ed:bc:e0:66:d6:3a:76:a0:cf:b9:47:ee:48:38:6d:7e:5c:b3:
76:b0:3d:8d:b0:fa:fb:f4:95:4f:df:8d:ff:b9:b5:6c:e1:c9:
43:8f:7d:dc:49:e1:ac:c9:b1:1c:31:f0:b5:b8:0a:8c:32:ae:
c5:02:e2:4c:3a:11:cd:68:d5:3e:7e:43:82:c1:25:a6:65:05:
45:f9:ae:d1:6e:91:b9:0a:d0:18:17:b6:49:ab:a4:20:d3:86:
f4:d9:e2:09:31:16:a7:25:7a:4d:52:0d:10:e5:06:58:21:31:
f8:67:81:f1:3c:53:26:e5:72:d3:61:7e:16:0a:61:3d:ee:fb:
99:18:08:94:7a:c8:81:05:0b:b2:bf:5b:d1:0a:14:ea:3d:1b:
1c:bd:90:7b:34:d1:9c:f6:92:ce:4d:8d:11:b7:d2:8c:fd:40:
da:51:bb:6c:c3:fa:e8:6c:a4:81:fd:68:cd:eb:ec:ea:a1:b9:
0d:19:ea:f7:eb:68:c2:52:83:6f:c8:5d:d8:91:69:7c:c4:06:
c1:b6:f3:3e:6e:a3:ff:66:72:22:37:13:29:4c:44:34:80:45:
77:3e:14:14:97:66:97:27:f4:c4:da:52:03:cc:1e:59:60:f5:
7d:23:2c:ea
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZF
RTE0Q0FGMTEwLwYDVQQFEyhERDhFRTAzOTVFRkIzNEM0MDk4RTU3NkUxRkE5NTYx
MkYwQUUxMDhDMB4XDTI0MDMwNjE4NDgxN1oXDTM0MDMwNjE4NDgxN1owGDEWMBQG
A1UEAxMNNjVlOGJhNzQtMzU1ZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALJAgaSBLnON0cvX5noJ1XhpL7aSShxjsg28uv1JHV+/RxEPOD24asJ+zhx8
nqrpyH3m727EXncW9mOSXjyrdZO3hKyARF9YIzIInUmmDZkmilKCwY6zuM7Ckvq8
tda+ZTWyUpjikc46NYidbizdY6ngZg+wah+M9VvoXwU6to2JT0YN4vVfU11ISxGc
py+ay0/Zgr9/cqCsO3qwFWiynv6RsxUrTfg4VGGoAQawrNeCHjKFzGrgiegBMQoI
8aRpqb3lm9/X8NEm/j8iim3N4Yw/m5BePw1hUF58woTJH+jWXGpbw7QY2MCwA319
fuPIshh8ONKi6jbDV7pUWU4+Qj8CAwEAAaOCAqUwggKhMB0GA1UdDgQWBBQls6Fn
yB0dcA824pg27boIpbUsjjAfBgNVHSMEGDAWgBTdjuA5Xvs0xAmOV24fqVYS8K4Q
jDAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2RUUxNEMvNUVBMkQxRENEQkU4MTFFRTg5MzI0RTdGNzc1NDEyRTYvM1k3Z09W
NzdOTVFKamxkdUg2bFdFdkN1RUl3LmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvM1k3Z09WNzdOTVFKamxkdUg2bFdFdkN1RUl3LmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2RUUxNEMvNUVBMkQxRENEQkU4MTFFRTg5MzI0RTdGNzc1
NDEyRTYvMUEwN0NCOEVEQkVBMTFFRUE0NUVGQTgxNzc1NDEyRTYucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAsXn7DANBgkqhkiG9w0BAQsF
AAOCAQEATebQx1qtJ063C276eyU186507bzgZtY6dqDPuUfuSDhtflyzdrA9jbD6
+/SVT9+N/7m1bOHJQ4993EnhrMmxHDHwtbgKjDKuxQLiTDoRzWjVPn5DgsElpmUF
Rfmu0W6RuQrQGBe2SaukINOG9NniCTEWpyV6TVINEOUGWCEx+GeB8TxTJuVy02F+
FgphPe77mRgIlHrIgQULsr9b0QoU6j0bHL2QezTRnPaSzk2NEbfSjP1A2lG7bMP6
6Gykgf1ozevs6qG5DRnq9+towlKDb8hd2JFpfMQGwbbzPm6j/2ZyIjcTKUxENIBF
dz4UFJdmlyf0xNpSA8weWWD1fSMs6g==
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:53:00 2024 by rpki-client on console-fra.rpki-client.org