Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3615A48/460D3588043211EE9946265C4AD9E6FC/A4E38B880D4211EFBFAE0F6C017001B1.roa
File: A4E38B880D4211EFBFAE0F6C017001B1.roa (raw, json)
Hash identifier: U373km8ThmQ4tEdHpVbSUiU0V187z85GTRJnfELwn7k=
Subject key identifier: 7B:3A:5E:41:5E:01:7D:2F:29:D7:2F:72:7D:2A:CC:C0:F6:3F:67:1F
Certificate issuer: /CN=F3615A48AF/serialNumber=D8613BEF7D7255675A64A9A8E2A5D26FDF2E5C6E
Certificate serial: 015E
Authority key identifier: D8:61:3B:EF:7D:72:55:67:5A:64:A9:A8:E2:A5:D2:6F:DF:2E:5C:6E
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/2GE7731yVWdaZKmo4qXSb98uXG4.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3615A48/460D3588043211EE9946265C4AD9E6FC/A4E38B880D4211EFBFAE0F6C017001B1.roa
Signing time: Wed 08 May 2024 13:55:36 +0000
ROA not before: Wed 08 May 2024 13:55:26 +0000
ROA not after: Sun 07 May 2034 13:55:26 +0000
asID: 32437
IP address blocks: 41.223.244.0/22 maxlen: 24
102.176.224.0/20 maxlen: 24
2c0f:f178::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3615A48/460D3588043211EE9946265C4AD9E6FC/2GE7731yVWdaZKmo4qXSb98uXG4.crl
rsync://rpki.afrinic.net/repository/member_repository/F3615A48/460D3588043211EE9946265C4AD9E6FC/2GE7731yVWdaZKmo4qXSb98uXG4.mft
rsync://rpki.afrinic.net/repository/afrinic/2GE7731yVWdaZKmo4qXSb98uXG4.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 04 Jun 2024 00:04:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 350 (0x15e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3615A48AF/serialNumber=D8613BEF7D7255675A64A9A8E2A5D26FDF2E5C6E
Validity
Not Before: May 8 13:55:26 2024 GMT
Not After : May 7 13:55:26 2034 GMT
Subject: CN=663b8458-bea9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:61:e5:13:36:a8:df:e9:76:4a:68:2e:70:45:
7e:fc:3b:a2:24:32:90:2e:d6:f4:e7:3c:ba:2e:22:
20:77:29:d5:f1:d0:fc:87:1f:a1:bf:bf:3e:70:2f:
02:3a:5c:e7:51:92:53:b1:99:c9:88:70:1a:5f:de:
51:5e:d4:31:77:75:85:41:cd:3e:3a:26:bc:3e:41:
52:6e:f8:75:2d:2c:27:6e:a9:1e:68:23:e4:f3:0c:
52:37:6a:fe:ff:bd:09:ec:1e:77:43:8c:7e:98:9f:
ea:7c:c9:25:7e:bc:de:81:4c:c3:a7:7f:bc:b3:4d:
ad:c0:23:6e:f0:1f:f1:1c:3e:89:ba:f0:e7:85:8e:
7b:e1:00:1c:eb:bb:37:ae:a6:02:46:4f:2a:ee:e2:
89:38:73:52:61:55:ee:5c:38:95:c9:af:1f:eb:74:
29:85:0b:5f:d1:29:67:77:cb:03:4f:b9:c5:5a:b1:
d8:57:cf:de:93:b6:1e:87:94:70:61:f3:ad:52:0c:
23:73:93:58:50:bf:fc:0b:93:ca:f0:9b:9b:fd:de:
4d:3f:41:b9:42:b2:36:d7:8f:73:43:52:88:73:97:
ff:fa:e9:c1:a1:ef:fa:1b:82:b8:fc:8a:9c:f9:69:
3b:36:fe:89:7c:f5:e6:07:ba:42:8d:27:dc:bc:2a:
bb:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:3A:5E:41:5E:01:7D:2F:29:D7:2F:72:7D:2A:CC:C0:F6:3F:67:1F
X509v3 Authority Key Identifier:
keyid:D8:61:3B:EF:7D:72:55:67:5A:64:A9:A8:E2:A5:D2:6F:DF:2E:5C:6E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3615A48/460D3588043211EE9946265C4AD9E6FC/2GE7731yVWdaZKmo4qXSb98uXG4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/2GE7731yVWdaZKmo4qXSb98uXG4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3615A48/460D3588043211EE9946265C4AD9E6FC/A4E38B880D4211EFBFAE0F6C017001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
41.223.244.0/22
102.176.224.0/20
IPv6:
2c0f:f178::/32
Signature Algorithm: sha256WithRSAEncryption
3a:f7:52:12:be:4f:52:bf:9d:9b:66:9e:15:23:9d:fb:d9:7f:
45:b1:d1:09:01:b1:43:6a:a3:78:aa:df:ac:49:e4:15:3e:d8:
80:a7:e7:ba:19:7e:67:87:db:9c:e2:34:e9:78:d3:0a:2f:57:
db:74:44:d5:ba:8f:b8:ec:d5:b9:f6:38:d5:04:c4:fd:75:89:
96:e1:cf:48:d5:22:c4:1f:54:dc:e0:5d:f7:30:72:1e:ed:2e:
e6:1d:df:9a:57:86:75:d5:0c:e4:ac:4e:b5:5e:0b:c2:38:37:
5f:25:d0:65:73:0b:0c:04:9b:04:13:ab:56:de:40:d3:cc:fc:
67:13:3a:fd:4d:4a:c9:88:f4:d4:81:71:59:87:2d:4d:d8:be:
b8:96:f6:a2:bb:ff:4c:b3:23:94:1f:ec:48:32:a7:83:8c:e6:
83:8c:45:9d:85:a3:51:13:67:74:f8:28:5a:10:13:11:da:b9:
c5:b1:dd:63:7d:a0:b9:da:c8:cf:a3:b3:65:ec:40:34:0c:f5:
6e:8f:f6:3b:41:cc:9c:ce:b0:47:ab:94:23:38:87:f1:5f:fe:
ca:ed:9b:ab:46:b4:41:ad:09:2d:89:ce:ec:01:17:a3:4d:90:
2a:5b:21:3e:ab:10:8c:8f:fe:36:d5:91:35:41:8f:b9:af:ca:
7e:e7:9f:16
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgICAV4wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
MTVBNDhBRjExMC8GA1UEBRMoRDg2MTNCRUY3RDcyNTU2NzVBNjRBOUE4RTJBNUQy
NkZERjJFNUM2RTAeFw0yNDA1MDgxMzU1MjZaFw0zNDA1MDcxMzU1MjZaMBgxFjAU
BgNVBAMTDTY2M2I4NDU4LWJlYTkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDEYeUTNqjf6XZKaC5wRX78O6IkMpAu1vTnPLouIiB3KdXx0PyHH6G/vz5w
LwI6XOdRklOxmcmIcBpf3lFe1DF3dYVBzT46Jrw+QVJu+HUtLCduqR5oI+TzDFI3
av7/vQnsHndDjH6Yn+p8ySV+vN6BTMOnf7yzTa3AI27wH/EcPom68OeFjnvhABzr
uzeupgJGTyru4ok4c1JhVe5cOJXJrx/rdCmFC1/RKWd3ywNPucVasdhXz96Tth6H
lHBh861SDCNzk1hQv/wLk8rwm5v93k0/QblCsjbXj3NDUohzl//66cGh7/obgrj8
ipz5aTs2/ol89eYHukKNJ9y8Krv/AgMBAAGjggK6MIICtjAdBgNVHQ4EFgQUezpe
QV4BfS8p1y9yfSrMwPY/Zx8wHwYDVR0jBBgwFoAU2GE7731yVWdaZKmo4qXSb98u
XG4wDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjE1QTQ4LzQ2MEQzNTg4MDQzMjExRUU5OTQ2MjY1QzRBRDlFNkZDLzJHRTc3
MzF5VldkYVpLbW80cVhTYjk4dVhHNC5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljLzJHRTc3MzF5VldkYVpLbW80cVhTYjk4dVhHNC5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjE1QTQ4LzQ2MEQzNTg4MDQzMjExRUU5OTQ2MjY1QzRB
RDlFNkZDL0E0RTM4Qjg4MEQ0MjExRUZCRkFFMEY2QzAxNzAwMUIxLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwNAYIKwYBBQUHAQcBAf8EJTAjMBIEAgABMAwDBAIp3/QDBARmsOAwDQQCAAIw
BwMFACwP8XgwDQYJKoZIhvcNAQELBQADggEBADr3UhK+T1K/nZtmnhUjnfvZf0Wx
0QkBsUNqo3iq36xJ5BU+2ICn57oZfmeH25ziNOl40wovV9t0RNW6j7js1bn2ONUE
xP11iZbhz0jVIsQfVNzgXfcwch7tLuYd35pXhnXVDOSsTrVeC8I4N18l0GVzCwwE
mwQTq1beQNPM/GcTOv1NSsmI9NSBcVmHLU3YvriW9qK7/0yzI5Qf7Egyp4OM5oOM
RZ2Fo1ETZ3T4KFoQExHaucWx3WN9oLnayM+js2XsQDQM9W6P9jtBzJzOsEerlCM4
h/Ff/srtm6tGtEGtCS2JzuwBF6NNkCpbIT6rEIyP/jbVkTVBj7mvyn7nnxY=
-----END CERTIFICATE-----
Generated at Sun Jun 2 03:35:32 2024 by rpki-client on console-fra.rpki-client.org