Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36F5173/C6194FDC861D11EABACE5F28F8AEA228/CAE2CB0486F611EA9BCADC07F8AEA228.roa
File: CAE2CB0486F611EA9BCADC07F8AEA228.roa (raw, json)
Hash identifier: VDKvE/A73Sf7vYOhnC0lj6HdM/VyRRMLJnvzm5crfzE=
Subject key identifier: 46:FB:91:DE:D1:D1:9F:16:12:B4:FD:54:38:ED:D0:D8:92:1A:44:E5
Certificate issuer: /CN=F36F5173AF/serialNumber=85A95ADD2CF58774030B6A9B93B411386FE30640
Certificate serial: 0A
Authority key identifier: 85:A9:5A:DD:2C:F5:87:74:03:0B:6A:9B:93:B4:11:38:6F:E3:06:40
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/hala3Sz1h3QDC2qbk7QROG_jBkA.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36F5173/C6194FDC861D11EABACE5F28F8AEA228/CAE2CB0486F611EA9BCADC07F8AEA228.roa
Signing time: Sat 25 Apr 2020 13:15:12 +0000
ROA not before: Sat 25 Apr 2020 13:15:09 +0000
ROA not after: Tue 01 Dec 2037 13:15:09 +0000
asID: 0
IP address blocks: 196.223.0.0/24 maxlen: 24
2001:43f8:270::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36F5173/C6194FDC861D11EABACE5F28F8AEA228/hala3Sz1h3QDC2qbk7QROG_jBkA.crl
rsync://rpki.afrinic.net/repository/member_repository/F36F5173/C6194FDC861D11EABACE5F28F8AEA228/hala3Sz1h3QDC2qbk7QROG_jBkA.mft
rsync://rpki.afrinic.net/repository/afrinic/hala3Sz1h3QDC2qbk7QROG_jBkA.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:06:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10 (0xa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36F5173AF/serialNumber=85A95ADD2CF58774030B6A9B93B411386FE30640
Validity
Not Before: Apr 25 13:15:09 2020 GMT
Not After : Dec 1 13:15:09 2037 GMT
Subject: CN=5ea437df-4d5f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:2b:89:81:e3:47:b4:0d:43:c6:b8:7c:dd:7d:
8c:aa:4b:f2:81:d7:bb:10:11:67:bf:0b:74:66:cb:
30:a9:22:b9:a1:64:ee:80:62:45:15:5a:95:78:0f:
ee:d5:bc:c0:07:da:4f:73:1d:49:35:71:e7:64:0f:
f5:b4:8d:bb:95:be:6f:df:aa:d6:a8:87:94:95:db:
eb:9a:0c:fd:a2:42:43:df:36:f7:ed:31:be:fc:a5:
b3:ba:65:53:b4:85:89:ae:92:15:e8:c0:fb:24:16:
23:0e:f8:0e:5c:0d:35:be:b7:aa:af:f2:9c:86:e7:
84:7d:27:07:5e:b0:b1:e7:49:cd:7e:38:25:40:60:
77:b3:8d:fc:90:8c:f2:b6:9e:d4:b7:8b:0d:7c:7c:
ff:89:c0:b2:66:1a:af:90:4c:1d:e8:bd:24:45:46:
d3:6a:3b:40:f0:5b:b8:8f:de:a3:4c:3c:91:60:03:
c9:cc:98:d8:e0:80:c3:4e:76:49:69:80:5f:40:c9:
19:6f:32:55:18:d3:45:da:b5:e3:6f:e1:d7:28:f7:
83:c9:3c:ea:85:b2:9f:82:f9:5f:3f:26:2f:38:15:
cf:b4:10:8b:14:b8:36:a3:27:9a:42:58:57:8c:56:
eb:fb:45:35:44:6e:43:c0:76:ee:04:27:72:93:bc:
cf:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:FB:91:DE:D1:D1:9F:16:12:B4:FD:54:38:ED:D0:D8:92:1A:44:E5
X509v3 Authority Key Identifier:
keyid:85:A9:5A:DD:2C:F5:87:74:03:0B:6A:9B:93:B4:11:38:6F:E3:06:40
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36F5173/C6194FDC861D11EABACE5F28F8AEA228/hala3Sz1h3QDC2qbk7QROG_jBkA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/hala3Sz1h3QDC2qbk7QROG_jBkA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36F5173/C6194FDC861D11EABACE5F28F8AEA228/CAE2CB0486F611EA9BCADC07F8AEA228.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
196.223.0.0/24
IPv6:
2001:43f8:270::/48
Signature Algorithm: sha256WithRSAEncryption
99:c8:5b:ba:2e:ee:44:60:4f:99:26:e2:e6:17:3f:39:ff:31:
c5:7f:f2:af:23:56:08:75:9f:f2:6f:7f:78:33:67:fa:66:fb:
2c:0c:4a:1d:67:03:d4:c2:a4:ce:83:06:cf:9f:79:e5:ce:8b:
ef:cd:13:bd:8a:1d:c5:01:97:e1:a3:7f:f5:42:54:ba:62:38:
eb:1a:76:a3:00:19:85:5d:54:48:de:17:6c:e1:ee:12:52:64:
85:d8:16:b3:f9:72:15:92:2a:de:55:a6:ff:57:2b:30:c2:f1:
14:e7:48:53:e2:57:9e:6c:e8:ca:2c:be:e0:0d:73:cc:fd:e5:
ab:83:7e:4f:6b:44:de:6a:eb:7e:41:27:5f:77:9f:6e:05:4f:
de:e2:22:e0:a1:31:62:85:35:85:aa:ec:20:db:25:eb:0c:09:
9b:00:87:71:d3:19:0b:e6:0c:1c:4b:ae:b4:a3:24:2e:35:41:
fc:82:83:50:96:fc:aa:76:f3:cd:4e:58:d5:ca:b8:b6:66:2e:
f0:45:66:d0:a0:6b:29:83:25:f6:bd:4d:f9:63:e9:72:0b:5c:
0d:fe:aa:ba:93:8e:f8:75:39:80:df:8b:86:35:ed:92:0a:01:
14:4c:28:b3:e6:05:c3:9d:ed:d6:1a:be:95:b9:28:a6:87:18:
6a:e4:b0:b8
-----BEGIN CERTIFICATE-----
MIIFkzCCBHugAwIBAgIBCjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZG
NTE3M0FGMTEwLwYDVQQFEyg4NUE5NUFERDJDRjU4Nzc0MDMwQjZBOUI5M0I0MTEz
ODZGRTMwNjQwMB4XDTIwMDQyNTEzMTUwOVoXDTM3MTIwMTEzMTUwOVowGDEWMBQG
A1UEAxMNNWVhNDM3ZGYtNGQ1ZjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMkriYHjR7QNQ8a4fN19jKpL8oHXuxARZ78LdGbLMKkiuaFk7oBiRRValXgP
7tW8wAfaT3MdSTVx52QP9bSNu5W+b9+q1qiHlJXb65oM/aJCQ9829+0xvvyls7pl
U7SFia6SFejA+yQWIw74DlwNNb63qq/ynIbnhH0nB16wsedJzX44JUBgd7ON/JCM
8rae1LeLDXx8/4nAsmYar5BMHei9JEVG02o7QPBbuI/eo0w8kWADycyY2OCAw052
SWmAX0DJGW8yVRjTRdq142/h1yj3g8k86oWyn4L5Xz8mLzgVz7QQixS4NqMnmkJY
V4xW6/tFNURuQ8B27gQncpO8zzcCAwEAAaOCArYwggKyMB0GA1UdDgQWBBRG+5He
0dGfFhK0/VQ47dDYkhpE5TAfBgNVHSMEGDAWgBSFqVrdLPWHdAMLapuTtBE4b+MG
QDAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2RjUxNzMvQzYxOTRGREM4NjFEMTFFQUJBQ0U1RjI4RjhBRUEyMjgvaGFsYTNT
ejFoM1FEQzJxYms3UVJPR19qQmtBLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvaGFsYTNTejFoM1FEQzJxYms3UVJPR19qQmtBLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2RjUxNzMvQzYxOTRGREM4NjFEMTFFQUJBQ0U1RjI4RjhB
RUEyMjgvQ0FFMkNCMDQ4NkY2MTFFQTlCQ0FEQzA3RjhBRUEyMjgucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAwBggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEAMTfADAPBAIAAjAJAwcAIAFD
+AJwMA0GCSqGSIb3DQEBCwUAA4IBAQCZyFu6Lu5EYE+ZJuLmFz85/zHFf/KvI1YI
dZ/yb394M2f6ZvssDEodZwPUwqTOgwbPn3nlzovvzRO9ih3FAZfho3/1QlS6Yjjr
GnajABmFXVRI3hds4e4SUmSF2Baz+XIVkireVab/VyswwvEU50hT4leebOjKLL7g
DXPM/eWrg35Pa0Teaut+QSdfd59uBU/e4iLgoTFihTWFquwg2yXrDAmbAIdx0xkL
5gwcS660oyQuNUH8goNQlvyqdvPNTljVyri2Zi7wRWbQoGspgyX2vU35Y+lyC1wN
/qq6k474dTmA34uGNe2SCgEUTCiz5gXDne3WGr6VuSimhxhq5LC4
-----END CERTIFICATE-----
Generated at Thu Nov 21 03:11:47 2024 by rpki-client on console-fra.rpki-client.org