Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36152D2/5CF1A0AED56A11E99775464BF8AEA228/3D014ACE245611EBBD1D0152F8AEA228.roa
File: 3D014ACE245611EBBD1D0152F8AEA228.roa (raw, json)
Hash identifier: MFrTUFfbbj7vAa2jXdNr9UDEEnV6UTAgpBBSQ+XncRo=
Subject key identifier: 83:1D:87:CD:C3:42:80:95:9C:06:DE:32:35:B3:4A:19:CD:56:33:BD
Certificate issuer: /CN=F36152D2AF/serialNumber=5A467BB4937EAC6BEFB96B4F4FE35BD7FD2A40FA
Certificate serial: 01C1
Authority key identifier: 5A:46:7B:B4:93:7E:AC:6B:EF:B9:6B:4F:4F:E3:5B:D7:FD:2A:40:FA
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/WkZ7tJN-rGvvuWtPT-Nb1_0qQPo.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36152D2/5CF1A0AED56A11E99775464BF8AEA228/3D014ACE245611EBBD1D0152F8AEA228.roa
Signing time: Wed 11 Nov 2020 19:43:58 +0000
ROA not before: Wed 11 Nov 2020 19:43:53 +0000
ROA not after: Sun 10 Nov 2030 19:43:53 +0000
asID: 37215
IP address blocks: 41.70.0.0/17 maxlen: 24
2c0f:ea60::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36152D2/5CF1A0AED56A11E99775464BF8AEA228/WkZ7tJN-rGvvuWtPT-Nb1_0qQPo.crl
rsync://rpki.afrinic.net/repository/member_repository/F36152D2/5CF1A0AED56A11E99775464BF8AEA228/WkZ7tJN-rGvvuWtPT-Nb1_0qQPo.mft
rsync://rpki.afrinic.net/repository/afrinic/WkZ7tJN-rGvvuWtPT-Nb1_0qQPo.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 449 (0x1c1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36152D2AF/serialNumber=5A467BB4937EAC6BEFB96B4F4FE35BD7FD2A40FA
Validity
Not Before: Nov 11 19:43:53 2020 GMT
Not After : Nov 10 19:43:53 2030 GMT
Subject: CN=5fac3efd-bd8f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:4c:85:9d:4d:e1:ed:04:f0:0d:ef:1f:6c:00:
85:50:45:8f:09:d9:7c:97:fd:4a:66:80:37:bb:f4:
75:8f:c2:55:ff:2f:7a:39:bd:0b:a9:dd:94:35:92:
63:c0:24:70:94:96:36:67:d4:bb:b7:12:5b:4b:50:
48:ef:7e:11:fe:6b:94:3f:99:20:3a:0f:59:39:00:
d1:12:fc:ba:c3:99:f1:eb:7d:9a:83:26:2b:2d:fd:
ea:e9:7a:9e:ab:9f:9c:1a:99:c8:98:45:6c:93:9a:
21:bd:42:e2:63:15:4e:3b:be:7a:bc:80:24:6e:04:
2b:26:f5:3b:e5:c2:06:26:ed:83:bd:81:cb:14:da:
17:68:26:12:59:e3:31:e9:fb:c7:66:71:4a:9d:42:
d5:ea:89:20:0c:b3:7d:59:95:fc:d4:a6:d1:aa:54:
ce:7e:aa:f8:e4:97:0f:c5:03:82:88:3f:89:d9:68:
1b:c9:f2:f0:b9:fd:8a:8f:15:2c:f8:50:fc:89:28:
57:3d:3d:55:f0:f4:f0:21:ed:8c:24:a5:fd:b3:87:
3f:a1:8e:d3:a1:d5:cd:c1:55:55:59:e1:ed:ed:d5:
ff:5f:f2:2a:58:df:83:bf:32:2c:d9:96:47:43:07:
dd:30:42:b4:0e:e4:32:c9:39:8b:bf:19:18:79:5e:
f3:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:1D:87:CD:C3:42:80:95:9C:06:DE:32:35:B3:4A:19:CD:56:33:BD
X509v3 Authority Key Identifier:
keyid:5A:46:7B:B4:93:7E:AC:6B:EF:B9:6B:4F:4F:E3:5B:D7:FD:2A:40:FA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36152D2/5CF1A0AED56A11E99775464BF8AEA228/WkZ7tJN-rGvvuWtPT-Nb1_0qQPo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/WkZ7tJN-rGvvuWtPT-Nb1_0qQPo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36152D2/5CF1A0AED56A11E99775464BF8AEA228/3D014ACE245611EBBD1D0152F8AEA228.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
41.70.0.0/17
IPv6:
2c0f:ea60::/32
Signature Algorithm: sha256WithRSAEncryption
61:65:f1:03:cb:6f:74:61:f9:cc:f2:1e:8c:b2:7e:90:1c:ee:
4f:27:95:b4:fc:69:8d:76:82:23:72:9e:31:e0:3f:9a:4d:59:
c1:c3:f2:16:1f:01:e3:9e:6f:4d:28:c8:3d:20:e4:60:a4:32:
de:83:b0:44:b8:bb:15:eb:c9:0a:c2:0e:24:19:31:64:19:46:
0e:81:3f:4e:7e:47:02:82:f0:43:42:06:c7:7c:5e:c0:f6:9f:
00:62:39:8b:b4:2b:51:9f:fb:32:e1:2c:dd:68:87:55:17:c0:
be:3a:84:c3:d3:04:b2:d9:3c:c2:d9:c8:85:c9:74:66:17:59:
68:6e:ec:4a:74:2b:69:1b:bb:84:b0:e3:eb:9b:0a:62:5c:dd:
47:f5:c6:d2:1f:9d:8b:61:cc:ea:2a:2e:63:29:9e:b1:4b:72:
a9:5b:b7:21:bf:ea:67:2e:b2:4b:0a:d4:23:2c:d3:47:4f:58:
60:c2:b7:5d:05:cf:73:b4:55:5e:b0:7c:af:91:e6:31:c6:e2:
87:98:e7:a8:d7:c2:1e:b1:9d:e1:e5:84:2a:5b:45:43:9e:ab:
70:52:1a:eb:31:34:a0:84:97:e9:dc:ac:3c:d4:f4:92:bf:0b:
84:c6:42:d3:84:33:e7:48:61:4f:77:15:f4:d0:08:c1:54:e8:
63:b6:d9:45
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgICAcEwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
MTUyRDJBRjExMC8GA1UEBRMoNUE0NjdCQjQ5MzdFQUM2QkVGQjk2QjRGNEZFMzVC
RDdGRDJBNDBGQTAeFw0yMDExMTExOTQzNTNaFw0zMDExMTAxOTQzNTNaMBgxFjAU
BgNVBAMTDTVmYWMzZWZkLWJkOGYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDHTIWdTeHtBPAN7x9sAIVQRY8J2XyX/UpmgDe79HWPwlX/L3o5vQup3ZQ1
kmPAJHCUljZn1Lu3EltLUEjvfhH+a5Q/mSA6D1k5ANES/LrDmfHrfZqDJist/erp
ep6rn5wamciYRWyTmiG9QuJjFU47vnq8gCRuBCsm9TvlwgYm7YO9gcsU2hdoJhJZ
4zHp+8dmcUqdQtXqiSAMs31ZlfzUptGqVM5+qvjklw/FA4KIP4nZaBvJ8vC5/YqP
FSz4UPyJKFc9PVXw9PAh7Ywkpf2zhz+hjtOh1c3BVVVZ4e3t1f9f8ipY34O/MizZ
lkdDB90wQrQO5DLJOYu/GRh5XvOXAgMBAAGjggK0MIICsDAdBgNVHQ4EFgQUgx2H
zcNCgJWcBt4yNbNKGc1WM70wHwYDVR0jBBgwFoAUWkZ7tJN+rGvvuWtPT+Nb1/0q
QPowDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjE1MkQyLzVDRjFBMEFFRDU2QTExRTk5Nzc1NDY0QkY4QUVBMjI4L1drWjd0
Sk4tckd2dnVXdFBULU5iMV8wcVFQby5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL1drWjd0Sk4tckd2dnVXdFBULU5iMV8wcVFQby5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjE1MkQyLzVDRjFBMEFFRDU2QTExRTk5Nzc1NDY0QkY4
QUVBMjI4LzNEMDE0QUNFMjQ1NjExRUJCRDFEMDE1MkY4QUVBMjI4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBAcpRgAwDQQCAAIwBwMFACwP
6mAwDQYJKoZIhvcNAQELBQADggEBAGFl8QPLb3Rh+czyHoyyfpAc7k8nlbT8aY12
giNynjHgP5pNWcHD8hYfAeOeb00oyD0g5GCkMt6DsES4uxXryQrCDiQZMWQZRg6B
P05+RwKC8ENCBsd8XsD2nwBiOYu0K1Gf+zLhLN1oh1UXwL46hMPTBLLZPMLZyIXJ
dGYXWWhu7Ep0K2kbu4Sw4+ubCmJc3Uf1xtIfnYthzOoqLmMpnrFLcqlbtyG/6mcu
sksK1CMs00dPWGDCt10Fz3O0VV6wfK+R5jHG4oeY56jXwh6xneHlhCpbRUOeq3BS
GusxNKCEl+ncrDzU9JK/C4TGQtOEM+dIYU93FfTQCMFU6GO22UU=
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:03:30 2024 by rpki-client on console-ams.rpki-client.org