Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36FC6C8/D37D2DA070E311EF84610147762E951A/85E3A1649A6E11EFA6A6C068762E951A.roa
File: 85E3A1649A6E11EFA6A6C068762E951A.roa (raw, json)
Hash identifier: 2sKFBI4vAwA45GgtsSMdBvjdD5JBa4NMiav5rH2VRfk=
Subject key identifier: 23:53:63:DD:D7:A8:F0:04:91:51:D2:5F:02:B4:93:FB:CA:82:3D:4A
Certificate issuer: /CN=F36FC6C8AF/serialNumber=2511BAD4078D4672ACF4324299218CE4855D039D
Certificate serial: 56
Authority key identifier: 25:11:BA:D4:07:8D:46:72:AC:F4:32:42:99:21:8C:E4:85:5D:03:9D
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JRG61AeNRnKs9DJCmSGM5IVdA50.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36FC6C8/D37D2DA070E311EF84610147762E951A/85E3A1649A6E11EFA6A6C068762E951A.roa
Signing time: Mon 04 Nov 2024 05:34:56 +0000
ROA not before: Mon 04 Nov 2024 05:34:44 +0000
ROA not after: Sat 04 Nov 2034 05:34:44 +0000
asID: 37680
IP address blocks: 102.132.128.0/17 maxlen: 17
154.0.0.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36FC6C8/D37D2DA070E311EF84610147762E951A/JRG61AeNRnKs9DJCmSGM5IVdA50.crl
rsync://rpki.afrinic.net/repository/member_repository/F36FC6C8/D37D2DA070E311EF84610147762E951A/JRG61AeNRnKs9DJCmSGM5IVdA50.mft
rsync://rpki.afrinic.net/repository/afrinic/JRG61AeNRnKs9DJCmSGM5IVdA50.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 26 Nov 2024 00:05:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 86 (0x56)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36FC6C8AF/serialNumber=2511BAD4078D4672ACF4324299218CE4855D039D
Validity
Not Before: Nov 4 05:34:44 2024 GMT
Not After : Nov 4 05:34:44 2034 GMT
Subject: CN=67285cff-a225
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:28:6e:f0:d3:11:34:1a:86:43:63:c4:01:2c:
98:05:f3:da:95:e1:26:ff:9a:54:e7:d6:0e:b3:9c:
44:96:79:bd:98:c6:8d:33:bc:5f:9c:5a:29:6a:36:
ce:21:5d:aa:16:a7:4c:43:6f:d4:65:1b:12:e8:bf:
1a:a9:95:f5:33:b3:7f:bb:b4:32:33:80:bd:51:d9:
d0:9a:08:ec:0f:63:db:19:16:10:5b:ef:1a:c0:6e:
14:62:05:0f:c3:de:48:5f:da:2b:04:95:90:b5:50:
b7:86:bb:cf:9b:c8:f4:83:83:f0:47:e2:29:4e:b1:
37:f9:ad:6d:8b:d9:13:fc:07:3a:b1:b2:91:ad:6b:
12:d3:85:c1:1b:ce:81:54:de:01:6a:88:22:06:d3:
8c:f7:49:7e:2d:e3:0c:27:84:21:09:24:63:62:ac:
fb:90:83:30:ea:45:2f:e2:61:3e:25:16:f8:aa:de:
3f:b8:07:9a:9c:f4:f9:38:81:94:64:f0:70:a0:34:
22:15:be:e2:bc:3f:cc:92:69:89:df:6b:0b:c9:96:
4d:f1:d2:d7:80:3f:2d:23:e2:00:40:ad:1a:e5:4a:
b2:6f:d3:3f:ea:1d:2d:04:c2:f7:bb:c4:d3:e9:48:
ef:28:fc:77:5e:ef:87:e2:1d:25:66:91:c5:14:bc:
36:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:53:63:DD:D7:A8:F0:04:91:51:D2:5F:02:B4:93:FB:CA:82:3D:4A
X509v3 Authority Key Identifier:
keyid:25:11:BA:D4:07:8D:46:72:AC:F4:32:42:99:21:8C:E4:85:5D:03:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36FC6C8/D37D2DA070E311EF84610147762E951A/JRG61AeNRnKs9DJCmSGM5IVdA50.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JRG61AeNRnKs9DJCmSGM5IVdA50.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36FC6C8/D37D2DA070E311EF84610147762E951A/85E3A1649A6E11EFA6A6C068762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.132.128.0/17
154.0.0.0/20
Signature Algorithm: sha256WithRSAEncryption
3f:63:f1:1f:f0:b1:c2:3f:01:70:86:80:d3:f5:e0:6e:bd:de:
ed:50:ff:22:04:22:c0:5b:91:88:96:8d:6b:8a:fa:91:32:9f:
99:4b:5b:d1:f8:29:0f:65:bb:ad:37:7d:31:2a:5f:e4:35:88:
5b:1c:25:26:19:a3:bc:b3:60:c8:90:76:02:c3:3b:30:58:d2:
97:30:19:eb:00:80:f3:04:e8:99:9f:c8:ce:74:be:7d:c7:fa:
84:53:3a:1c:c4:e6:ad:e2:40:f9:f0:14:8e:3a:81:87:21:4e:
2c:6b:39:bd:91:f0:cb:0b:e7:15:cc:2a:59:7c:98:1b:03:a4:
1b:d9:95:fc:11:62:f2:ef:c0:17:d3:89:70:4c:d0:fc:8e:95:
b4:34:54:6c:4c:28:cf:c4:7d:97:9c:41:f3:56:77:77:47:0d:
8b:a8:da:96:00:7e:cc:52:8f:2c:6a:9d:7e:d5:d4:11:c2:37:
d1:7a:32:17:d5:bc:ac:51:51:0f:f7:bf:78:89:68:94:a2:cb:
e2:e5:6a:a8:9a:09:24:1a:62:c3:a4:8e:8f:cc:ce:f0:a9:84:
ae:a7:72:85:b7:33:8a:cf:8d:26:4e:2f:cf:3d:75:17:51:66:
a2:a4:2d:44:5a:92:89:42:83:1c:69:b4:56:1f:29:37:40:2b:
30:6c:11:7f
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgIBVjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZG
QzZDOEFGMTEwLwYDVQQFEygyNTExQkFENDA3OEQ0NjcyQUNGNDMyNDI5OTIxOENF
NDg1NUQwMzlEMB4XDTI0MTEwNDA1MzQ0NFoXDTM0MTEwNDA1MzQ0NFowGDEWMBQG
A1UEAxMNNjcyODVjZmYtYTIyNTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANoobvDTETQahkNjxAEsmAXz2pXhJv+aVOfWDrOcRJZ5vZjGjTO8X5xaKWo2
ziFdqhanTENv1GUbEui/GqmV9TOzf7u0MjOAvVHZ0JoI7A9j2xkWEFvvGsBuFGIF
D8PeSF/aKwSVkLVQt4a7z5vI9IOD8EfiKU6xN/mtbYvZE/wHOrGyka1rEtOFwRvO
gVTeAWqIIgbTjPdJfi3jDCeEIQkkY2Ks+5CDMOpFL+JhPiUW+KreP7gHmpz0+TiB
lGTwcKA0IhW+4rw/zJJpid9rC8mWTfHS14A/LSPiAECtGuVKsm/TP+odLQTC97vE
0+lI7yj8d17vh+IdJWaRxRS8Nu0CAwEAAaOCAqswggKnMB0GA1UdDgQWBBQjU2Pd
16jwBJFR0l8CtJP7yoI9SjAfBgNVHSMEGDAWgBQlEbrUB41Gcqz0MkKZIYzkhV0D
nTAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2RkM2QzgvRDM3RDJEQTA3MEUzMTFFRjg0NjEwMTQ3NzYyRTk1MUEvSlJHNjFB
ZU5SbktzOURKQ21TR001SVZkQTUwLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvSlJHNjFBZU5SbktzOURKQ21TR001SVZkQTUwLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2RkM2QzgvRDM3RDJEQTA3MEUzMTFFRjg0NjEwMTQ3NzYy
RTk1MUEvODVFM0ExNjQ5QTZFMTFFRkE2QTZDMDY4NzYyRTk1MUEucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEB2aEgAMEBJoAADANBgkqhkiG
9w0BAQsFAAOCAQEAP2PxH/Cxwj8BcIaA0/Xgbr3e7VD/IgQiwFuRiJaNa4r6kTKf
mUtb0fgpD2W7rTd9MSpf5DWIWxwlJhmjvLNgyJB2AsM7MFjSlzAZ6wCA8wTomZ/I
znS+fcf6hFM6HMTmreJA+fAUjjqBhyFOLGs5vZHwywvnFcwqWXyYGwOkG9mV/BFi
8u/AF9OJcEzQ/I6VtDRUbEwoz8R9l5xB81Z3d0cNi6jalgB+zFKPLGqdftXUEcI3
0XoyF9W8rFFRD/e/eIlolKLL4uVqqJoJJBpiw6SOj8zO8KmErqdyhbczis+NJk4v
zz11F1FmoqQtRFqSiUKDHGm0Vh8pN0ArMGwRfw==
-----END CERTIFICATE-----
Generated at Sun Nov 24 04:29:40 2024 by rpki-client on console-fra.rpki-client.org