Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36FC6C8/D37D2DA070E311EF84610147762E951A/C4BA674C967C11EFB81A3A87762E951A.roa
File: C4BA674C967C11EFB81A3A87762E951A.roa (raw, json)
Hash identifier: lqFUbWTAhSNW5QvF6/qs0baXKhMGTmsrjydndtw0Nfw=
Subject key identifier: DE:39:21:E3:50:6C:D3:98:B6:F5:59:C4:8A:81:3B:91:32:3B:27:4D
Certificate issuer: /CN=F36FC6C8AF/serialNumber=2511BAD4078D4672ACF4324299218CE4855D039D
Certificate serial: 4F
Authority key identifier: 25:11:BA:D4:07:8D:46:72:AC:F4:32:42:99:21:8C:E4:85:5D:03:9D
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JRG61AeNRnKs9DJCmSGM5IVdA50.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36FC6C8/D37D2DA070E311EF84610147762E951A/C4BA674C967C11EFB81A3A87762E951A.roa
Signing time: Wed 30 Oct 2024 05:06:49 +0000
ROA not before: Wed 30 Oct 2024 05:06:46 +0000
ROA not after: Mon 30 Oct 2034 05:06:46 +0000
asID: 37680
IP address blocks: 102.132.176.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36FC6C8/D37D2DA070E311EF84610147762E951A/JRG61AeNRnKs9DJCmSGM5IVdA50.crl
rsync://rpki.afrinic.net/repository/member_repository/F36FC6C8/D37D2DA070E311EF84610147762E951A/JRG61AeNRnKs9DJCmSGM5IVdA50.mft
rsync://rpki.afrinic.net/repository/afrinic/JRG61AeNRnKs9DJCmSGM5IVdA50.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 26 Nov 2024 00:05:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 79 (0x4f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36FC6C8AF/serialNumber=2511BAD4078D4672ACF4324299218CE4855D039D
Validity
Not Before: Oct 30 05:06:46 2024 GMT
Not After : Oct 30 05:06:46 2034 GMT
Subject: CN=6721bee9-1478
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:0e:cc:f9:43:eb:f2:9f:ce:29:d8:9b:07:89:
96:a6:8f:23:fc:38:ba:93:06:b7:3e:97:0b:ab:bc:
1e:fe:df:ab:8a:cc:6b:dd:c3:0a:a7:ef:94:6b:da:
94:98:7a:1b:60:38:19:64:d8:91:89:ce:07:cf:3d:
ca:2b:dc:6a:6a:71:70:50:5a:c1:42:e8:d9:c6:75:
6e:1a:f7:85:a5:a2:c4:d1:ab:50:63:68:e6:ed:42:
69:18:e3:b1:32:b6:79:1e:8e:24:4c:65:ca:d7:af:
12:d2:18:77:a8:49:11:7b:a8:73:6a:4f:59:7c:12:
c3:2b:f1:d6:e4:b5:87:e8:79:c9:64:b0:90:bb:09:
e7:f4:d7:7c:19:1d:30:7c:21:b7:89:d4:15:35:46:
96:e9:6d:67:43:1b:a6:54:41:57:e1:b3:1d:2d:f8:
c6:3e:65:9e:98:24:05:46:27:ca:ae:9a:6f:c2:35:
eb:94:c5:58:b6:27:03:d5:81:51:8e:c3:a5:d1:20:
b4:eb:f0:99:8f:7f:9d:e3:a9:11:ca:15:14:d3:6e:
c1:1a:77:31:7d:c5:cb:10:42:86:92:a6:80:0e:03:
d2:ba:7c:85:7f:a6:f4:04:68:74:9d:22:9f:61:55:
14:8b:44:b5:16:cc:bb:97:89:15:e1:46:26:24:86:
11:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:39:21:E3:50:6C:D3:98:B6:F5:59:C4:8A:81:3B:91:32:3B:27:4D
X509v3 Authority Key Identifier:
keyid:25:11:BA:D4:07:8D:46:72:AC:F4:32:42:99:21:8C:E4:85:5D:03:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36FC6C8/D37D2DA070E311EF84610147762E951A/JRG61AeNRnKs9DJCmSGM5IVdA50.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JRG61AeNRnKs9DJCmSGM5IVdA50.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36FC6C8/D37D2DA070E311EF84610147762E951A/C4BA674C967C11EFB81A3A87762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.132.176.0/20
Signature Algorithm: sha256WithRSAEncryption
1d:31:47:ff:12:d4:90:2a:29:9c:e3:e5:03:ad:60:5a:f9:4d:
f3:11:af:14:0e:d8:6d:3f:b3:44:8b:ec:78:39:62:15:f4:ae:
fc:fc:23:7e:d6:8d:95:20:88:d1:f2:5e:08:f9:4b:cc:db:b3:
31:b5:93:95:1c:30:1a:90:9c:66:e6:ff:93:be:f4:88:7d:3b:
e7:36:a5:02:b6:bf:c5:6d:13:99:ec:6c:1c:2b:48:dd:7d:c1:
59:21:f8:1a:62:c4:ae:32:24:82:f3:ac:53:3a:1c:ab:13:c0:
70:7b:ce:66:51:50:c6:90:51:22:07:fc:69:2c:db:cb:82:fd:
08:6f:13:29:14:53:5f:69:cf:e9:f1:f3:30:6b:48:8e:e2:83:
1f:67:9a:12:56:2b:a7:fb:97:7c:d8:1a:18:74:c6:96:06:48:
fb:69:e6:40:1b:d3:55:e0:26:9f:9c:92:02:0a:f1:28:67:ba:
dc:47:e5:89:61:b4:fb:2b:d6:fd:9b:c7:a4:a3:6e:5b:6f:20:
2e:49:aa:2c:6a:05:d1:9d:e1:ff:1c:1c:54:39:56:fd:34:57:
d0:6e:9a:df:68:5c:f3:39:d8:02:61:01:d2:4f:40:44:3d:c2:
cf:1e:30:8d:aa:1f:aa:6c:62:f3:1c:ab:91:ce:10:42:40:28:
39:a1:42:73
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBTzANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZG
QzZDOEFGMTEwLwYDVQQFEygyNTExQkFENDA3OEQ0NjcyQUNGNDMyNDI5OTIxOENF
NDg1NUQwMzlEMB4XDTI0MTAzMDA1MDY0NloXDTM0MTAzMDA1MDY0NlowGDEWMBQG
A1UEAxMNNjcyMWJlZTktMTQ3ODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANEOzPlD6/KfzinYmweJlqaPI/w4upMGtz6XC6u8Hv7fq4rMa93DCqfvlGva
lJh6G2A4GWTYkYnOB889yivcampxcFBawULo2cZ1bhr3haWixNGrUGNo5u1CaRjj
sTK2eR6OJExlytevEtIYd6hJEXuoc2pPWXwSwyvx1uS1h+h5yWSwkLsJ5/TXfBkd
MHwht4nUFTVGlultZ0MbplRBV+GzHS34xj5lnpgkBUYnyq6ab8I165TFWLYnA9WB
UY7DpdEgtOvwmY9/neOpEcoVFNNuwRp3MX3FyxBChpKmgA4D0rp8hX+m9ARodJ0i
n2FVFItEtRbMu5eJFeFGJiSGEVECAwEAAaOCAqUwggKhMB0GA1UdDgQWBBTeOSHj
UGzTmLb1WcSKgTuRMjsnTTAfBgNVHSMEGDAWgBQlEbrUB41Gcqz0MkKZIYzkhV0D
nTAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2RkM2QzgvRDM3RDJEQTA3MEUzMTFFRjg0NjEwMTQ3NzYyRTk1MUEvSlJHNjFB
ZU5SbktzOURKQ21TR001SVZkQTUwLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvSlJHNjFBZU5SbktzOURKQ21TR001SVZkQTUwLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2RkM2QzgvRDM3RDJEQTA3MEUzMTFFRjg0NjEwMTQ3NzYy
RTk1MUEvQzRCQTY3NEM5NjdDMTFFRkI4MUEzQTg3NzYyRTk1MUEucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBGaEsDANBgkqhkiG9w0BAQsF
AAOCAQEAHTFH/xLUkCopnOPlA61gWvlN8xGvFA7YbT+zRIvseDliFfSu/PwjftaN
lSCI0fJeCPlLzNuzMbWTlRwwGpCcZub/k770iH075zalAra/xW0TmexsHCtI3X3B
WSH4GmLErjIkgvOsUzocqxPAcHvOZlFQxpBRIgf8aSzby4L9CG8TKRRTX2nP6fHz
MGtIjuKDH2eaElYrp/uXfNgaGHTGlgZI+2nmQBvTVeAmn5ySAgrxKGe63EfliWG0
+yvW/ZvHpKNuW28gLkmqLGoF0Z3h/xwcVDlW/TRX0G6a32hc8znYAmEB0k9ARD3C
zx4wjaofqmxi8xyrkc4QQkAoOaFCcw==
-----END CERTIFICATE-----
Generated at Sun Nov 24 05:19:33 2024 by rpki-client on console-ams.rpki-client.org