Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36FE536/4A7E2C3EFDE911ED9A9DFA3A4AD9E6FC/DC35A5700A9C11EE858690314AD9E6FC.roa
File: DC35A5700A9C11EE858690314AD9E6FC.roa (raw, json)
Hash identifier: kgYyy6flMlYfObZnYV9e+HUynGelZVH2UDelqXJZlPU=
Subject key identifier: AF:82:8E:0C:1A:BA:BF:7C:0A:89:17:BD:D5:E8:54:46:26:5B:C8:CE
Certificate issuer: /CN=F36FE536AF/serialNumber=7B5895FF6900470AA81A342DE5F971E5D3C74777
Certificate serial: 1C
Authority key identifier: 7B:58:95:FF:69:00:47:0A:A8:1A:34:2D:E5:F9:71:E5:D3:C7:47:77
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/e1iV_2kARwqoGjQt5flx5dPHR3c.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36FE536/4A7E2C3EFDE911ED9A9DFA3A4AD9E6FC/DC35A5700A9C11EE858690314AD9E6FC.roa
Signing time: Wed 14 Jun 2023 10:18:52 +0000
ROA not before: Wed 14 Jun 2023 10:18:48 +0000
ROA not after: Wed 14 Jun 2028 10:18:48 +0000
asID: 37358
IP address blocks: 154.127.112.0/20 maxlen: 20
154.127.118.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36FE536/4A7E2C3EFDE911ED9A9DFA3A4AD9E6FC/e1iV_2kARwqoGjQt5flx5dPHR3c.crl
rsync://rpki.afrinic.net/repository/member_repository/F36FE536/4A7E2C3EFDE911ED9A9DFA3A4AD9E6FC/e1iV_2kARwqoGjQt5flx5dPHR3c.mft
rsync://rpki.afrinic.net/repository/afrinic/e1iV_2kARwqoGjQt5flx5dPHR3c.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 28 (0x1c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36FE536AF/serialNumber=7B5895FF6900470AA81A342DE5F971E5D3C74777
Validity
Not Before: Jun 14 10:18:48 2023 GMT
Not After : Jun 14 10:18:48 2028 GMT
Subject: CN=6489940c-6d14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:80:7e:56:85:d1:ee:ce:97:40:f4:4b:76:c8:
aa:7a:2d:f1:96:d7:0d:53:e6:bf:c3:9c:8f:d5:ff:
9b:dd:83:63:01:ba:51:1b:c7:ef:2a:06:93:a8:92:
b6:f0:21:71:b6:d3:cc:21:d4:d6:c9:40:d4:59:a9:
71:d1:f3:a1:38:cb:9d:54:bc:31:72:60:65:fc:b2:
99:e5:89:21:14:11:2a:fa:d8:2b:2d:89:c6:f0:6e:
dd:47:4d:5d:94:1b:17:3b:64:af:94:a3:a7:be:56:
4c:8a:49:64:f1:ff:6e:47:c7:9f:5f:5c:e7:8e:d7:
48:ae:06:98:65:7c:46:05:be:ab:77:c1:ac:9c:f6:
36:9e:26:16:e2:cd:6c:81:d8:38:92:0a:31:79:ea:
f4:d7:6f:ff:5d:38:77:b9:a4:a5:da:f7:b4:56:5f:
34:7b:fd:f6:d0:c4:89:70:47:a3:10:4a:ef:46:48:
57:5f:6b:3b:99:bc:e6:59:67:d0:ee:05:28:88:a7:
37:d8:40:5a:71:29:10:91:82:34:96:48:7a:83:59:
06:c2:7f:d5:3a:91:78:eb:b5:22:c4:4d:32:55:02:
a6:12:f7:e7:78:aa:e3:99:9d:b4:4e:18:58:d1:99:
03:b3:e3:da:62:4a:11:b2:d9:73:dc:6f:9f:8d:0c:
64:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:82:8E:0C:1A:BA:BF:7C:0A:89:17:BD:D5:E8:54:46:26:5B:C8:CE
X509v3 Authority Key Identifier:
keyid:7B:58:95:FF:69:00:47:0A:A8:1A:34:2D:E5:F9:71:E5:D3:C7:47:77
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36FE536/4A7E2C3EFDE911ED9A9DFA3A4AD9E6FC/e1iV_2kARwqoGjQt5flx5dPHR3c.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/e1iV_2kARwqoGjQt5flx5dPHR3c.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36FE536/4A7E2C3EFDE911ED9A9DFA3A4AD9E6FC/DC35A5700A9C11EE858690314AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.127.112.0/20
Signature Algorithm: sha256WithRSAEncryption
74:21:f8:5c:2a:03:74:28:42:aa:4a:32:cf:b4:6b:f6:e6:03:
bb:3e:1f:7e:63:0e:b0:ca:60:11:13:e5:00:c9:1a:6f:49:74:
94:a7:05:e1:8b:15:cd:37:2b:61:4e:ee:93:9b:55:f4:e6:97:
68:39:ed:ba:7b:46:28:e8:c6:53:f1:aa:e7:10:cb:05:dd:aa:
93:63:4a:e8:c1:39:fb:57:79:92:53:85:67:a2:4b:f0:c3:b2:
5a:61:e4:b4:41:f9:bd:f3:17:33:05:8e:b3:01:c0:f0:8c:ce:
80:d1:bf:ba:ac:93:c2:99:35:a5:5b:86:c5:e5:4f:36:4d:71:
26:7d:11:31:11:7c:a5:c7:c8:83:e4:69:99:17:db:4f:af:4a:
5f:70:57:ef:c6:5f:28:b4:00:54:cb:13:90:c5:42:23:b5:14:
6d:ef:c6:68:b2:41:e3:4a:3f:3b:ea:ca:ba:d4:2c:eb:24:d1:
18:68:ca:3f:25:9d:fe:f7:8b:22:71:b6:0b:1d:92:78:bc:ac:
df:4d:ff:d6:f3:b4:43:ab:8b:cf:2b:ee:12:87:88:75:e4:00:
30:1d:d4:2f:00:cf:be:71:a3:3b:e3:85:e7:a8:94:d5:68:f9:
35:d5:29:75:65:cb:97:5a:d9:1d:c8:b7:52:ee:aa:57:87:b6:
42:18:bd:25
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBHDANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZG
RTUzNkFGMTEwLwYDVQQFEyg3QjU4OTVGRjY5MDA0NzBBQTgxQTM0MkRFNUY5NzFF
NUQzQzc0Nzc3MB4XDTIzMDYxNDEwMTg0OFoXDTI4MDYxNDEwMTg0OFowGDEWMBQG
A1UEAxMNNjQ4OTk0MGMtNmQxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMSAflaF0e7Ol0D0S3bIqnot8ZbXDVPmv8Ocj9X/m92DYwG6URvH7yoGk6iS
tvAhcbbTzCHU1slA1FmpcdHzoTjLnVS8MXJgZfyymeWJIRQRKvrYKy2JxvBu3UdN
XZQbFztkr5Sjp75WTIpJZPH/bkfHn19c547XSK4GmGV8RgW+q3fBrJz2Np4mFuLN
bIHYOJIKMXnq9Ndv/104d7mkpdr3tFZfNHv99tDEiXBHoxBK70ZIV19rO5m85lln
0O4FKIinN9hAWnEpEJGCNJZIeoNZBsJ/1TqReOu1IsRNMlUCphL353iq45mdtE4Y
WNGZA7Pj2mJKEbLZc9xvn40MZDkCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBSvgo4M
Grq/fAqJF73V6FRGJlvIzjAfBgNVHSMEGDAWgBR7WJX/aQBHCqgaNC3l+XHl08dH
dzAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2RkU1MzYvNEE3RTJDM0VGREU5MTFFRDlBOURGQTNBNEFEOUU2RkMvZTFpVl8y
a0FSd3FvR2pRdDVmbHg1ZFBIUjNjLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvZTFpVl8ya0FSd3FvR2pRdDVmbHg1ZFBIUjNjLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2RkU1MzYvNEE3RTJDM0VGREU5MTFFRDlBOURGQTNBNEFE
OUU2RkMvREMzNUE1NzAwQTlDMTFFRTg1ODY5MDMxNEFEOUU2RkMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBJp/cDANBgkqhkiG9w0BAQsF
AAOCAQEAdCH4XCoDdChCqkoyz7Rr9uYDuz4ffmMOsMpgERPlAMkab0l0lKcF4YsV
zTcrYU7uk5tV9OaXaDntuntGKOjGU/Gq5xDLBd2qk2NK6ME5+1d5klOFZ6JL8MOy
WmHktEH5vfMXMwWOswHA8IzOgNG/uqyTwpk1pVuGxeVPNk1xJn0RMRF8pcfIg+Rp
mRfbT69KX3BX78ZfKLQAVMsTkMVCI7UUbe/GaLJB40o/O+rKutQs6yTRGGjKPyWd
/veLInG2Cx2SeLys303/1vO0Q6uLzyvuEoeIdeQAMB3ULwDPvnGjO+OF56iU1Wj5
NdUpdWXLl1rZHci3Uu6qV4e2Qhi9JQ==
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:05:34 2024 by rpki-client on console-ams.rpki-client.org