Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3619C8C/C3E10AFC5FDA11EF8EE59AA9762E951A/3EAC507A5FFE11EFA5993885762E951A.roa
File: 3EAC507A5FFE11EFA5993885762E951A.roa (raw, json)
Hash identifier: 4mY/TWC9DuCZsuGXVqoat7c6bUR73636kXTYSKoNoxk=
Subject key identifier: BF:1B:F8:63:3E:3B:D8:38:AE:12:07:1C:C6:D6:CA:2D:D3:32:86:8A
Certificate issuer: /CN=F3619C8CAF/serialNumber=46D405558001A8B029B96AB13406D69A1DD74045
Certificate serial: 08
Authority key identifier: 46:D4:05:55:80:01:A8:B0:29:B9:6A:B1:34:06:D6:9A:1D:D7:40:45
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/RtQFVYABqLApuWqxNAbWmh3XQEU.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3619C8C/C3E10AFC5FDA11EF8EE59AA9762E951A/3EAC507A5FFE11EFA5993885762E951A.roa
Signing time: Wed 21 Aug 2024 20:45:05 +0000
ROA not before: Wed 21 Aug 2024 20:45:00 +0000
ROA not after: Sun 31 Dec 2028 20:45:00 +0000
asID: 36974
IP address blocks: 41.77.160.0/21 maxlen: 24
41.78.180.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3619C8C/C3E10AFC5FDA11EF8EE59AA9762E951A/RtQFVYABqLApuWqxNAbWmh3XQEU.crl
rsync://rpki.afrinic.net/repository/member_repository/F3619C8C/C3E10AFC5FDA11EF8EE59AA9762E951A/RtQFVYABqLApuWqxNAbWmh3XQEU.mft
rsync://rpki.afrinic.net/repository/afrinic/RtQFVYABqLApuWqxNAbWmh3XQEU.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 26 Nov 2024 00:05:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8 (0x8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3619C8CAF/serialNumber=46D405558001A8B029B96AB13406D69A1DD74045
Validity
Not Before: Aug 21 20:45:00 2024 GMT
Not After : Dec 31 20:45:00 2028 GMT
Subject: CN=66c651d1-0387
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:49:f6:51:03:b9:98:78:ab:1d:55:27:d7:e2:
8d:eb:b7:ff:42:83:01:3f:a7:62:05:b9:c9:0b:51:
fb:e6:39:d2:71:bb:a4:33:32:e6:3e:bb:28:91:79:
06:a0:18:de:57:6f:0d:33:6c:c7:99:0a:53:47:fc:
67:a5:70:59:52:41:eb:d3:88:3c:dc:65:8a:6b:54:
4b:79:c0:01:a9:89:bc:e9:99:dc:31:b3:fe:87:4b:
0b:71:2e:8b:9e:1d:ae:d4:3d:ef:c8:43:bc:9a:80:
f3:95:0c:67:d4:99:31:62:94:47:b9:db:76:a8:88:
fc:c8:81:20:91:e1:01:c5:f4:7f:77:3d:d9:03:bb:
62:a4:6c:0c:25:64:dc:2e:7a:7f:8f:71:1a:b6:5d:
80:87:8c:21:9c:fb:46:a9:b0:55:d6:ba:38:3f:44:
6a:43:cf:fa:1c:45:75:83:87:34:d4:44:cd:ca:24:
a3:a1:21:2b:13:bb:89:73:e2:77:b3:3b:a4:82:3a:
87:21:6b:05:30:61:f0:3a:92:07:52:e9:b6:d4:5a:
c4:d8:67:cf:c0:67:1f:a5:5a:ce:5b:92:82:4e:3f:
d1:d7:9a:ad:c8:54:b8:10:61:b1:27:33:d8:d8:78:
02:d5:93:21:cf:54:52:7b:3a:8c:75:1e:4c:f9:44:
90:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:1B:F8:63:3E:3B:D8:38:AE:12:07:1C:C6:D6:CA:2D:D3:32:86:8A
X509v3 Authority Key Identifier:
keyid:46:D4:05:55:80:01:A8:B0:29:B9:6A:B1:34:06:D6:9A:1D:D7:40:45
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3619C8C/C3E10AFC5FDA11EF8EE59AA9762E951A/RtQFVYABqLApuWqxNAbWmh3XQEU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/RtQFVYABqLApuWqxNAbWmh3XQEU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3619C8C/C3E10AFC5FDA11EF8EE59AA9762E951A/3EAC507A5FFE11EFA5993885762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
41.77.160.0/21
41.78.180.0/22
Signature Algorithm: sha256WithRSAEncryption
b0:e6:9f:c8:47:5c:3b:2f:01:98:c6:96:8b:1a:5e:13:0d:e8:
e4:3e:51:1a:c1:fb:71:fa:05:d5:d2:e3:b7:b2:b0:bd:d3:26:
86:48:12:9f:aa:d4:42:b9:64:ab:d9:19:2b:ff:6a:83:c6:c8:
2e:ac:79:03:0f:fb:03:72:d6:98:a6:63:40:7f:5b:4f:db:93:
90:4f:d2:43:5a:a5:8b:4b:13:ba:ea:2b:68:b6:d6:db:5c:41:
2c:7b:52:4a:45:86:a0:95:a0:46:24:45:3b:55:a4:ef:c3:5a:
20:08:36:53:50:3c:4e:e9:22:27:f7:52:cb:36:fd:09:4a:d4:
5e:3a:54:e2:b8:ff:df:eb:1a:d4:4b:6a:2f:44:7e:00:6b:73:
13:21:7c:15:1f:e8:fb:b8:32:58:8f:55:0f:59:c1:26:91:6c:
1d:10:fd:c0:65:b3:ef:eb:17:fa:b3:00:d4:5e:a9:4a:d4:e0:
a6:cd:24:c1:05:5e:86:aa:04:3d:30:96:16:ca:03:4e:b3:81:
d6:bd:b3:64:fd:3c:1c:f1:41:28:e6:cf:ea:2b:92:4d:33:73:
e7:48:5c:1a:9b:72:be:1e:10:0e:8a:8a:3e:1e:da:2e:14:5d:
fe:e0:6e:c9:ac:c1:c5:ad:cd:1c:9e:e9:86:c6:d7:05:f6:a8:
38:91:21:dc
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgIBCDANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzYx
OUM4Q0FGMTEwLwYDVQQFEyg0NkQ0MDU1NTgwMDFBOEIwMjlCOTZBQjEzNDA2RDY5
QTFERDc0MDQ1MB4XDTI0MDgyMTIwNDUwMFoXDTI4MTIzMTIwNDUwMFowGDEWMBQG
A1UEAxMNNjZjNjUxZDEtMDM4NzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKxJ9lEDuZh4qx1VJ9fijeu3/0KDAT+nYgW5yQtR++Y50nG7pDMy5j67KJF5
BqAY3ldvDTNsx5kKU0f8Z6VwWVJB69OIPNxlimtUS3nAAamJvOmZ3DGz/odLC3Eu
i54drtQ978hDvJqA85UMZ9SZMWKUR7nbdqiI/MiBIJHhAcX0f3c92QO7YqRsDCVk
3C56f49xGrZdgIeMIZz7RqmwVda6OD9EakPP+hxFdYOHNNREzcoko6EhKxO7iXPi
d7M7pII6hyFrBTBh8DqSB1LpttRaxNhnz8BnH6VazluSgk4/0dearchUuBBhsScz
2Nh4AtWTIc9UUns6jHUeTPlEkMUCAwEAAaOCAqswggKnMB0GA1UdDgQWBBS/G/hj
PjvYOK4SBxzG1sot0zKGijAfBgNVHSMEGDAWgBRG1AVVgAGosCm5arE0BtaaHddA
RTAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2MTlDOEMvQzNFMTBBRkM1RkRBMTFFRjhFRTU5QUE5NzYyRTk1MUEvUnRRRlZZ
QUJxTEFwdVdxeE5BYldtaDNYUUVVLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvUnRRRlZZQUJxTEFwdVdxeE5BYldtaDNYUUVVLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2MTlDOEMvQzNFMTBBRkM1RkRBMTFFRjhFRTU5QUE5NzYy
RTk1MUEvM0VBQzUwN0E1RkZFMTFFRkE1OTkzODg1NzYyRTk1MUEucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAylNoAMEAilOtDANBgkqhkiG
9w0BAQsFAAOCAQEAsOafyEdcOy8BmMaWixpeEw3o5D5RGsH7cfoF1dLjt7KwvdMm
hkgSn6rUQrlkq9kZK/9qg8bILqx5Aw/7A3LWmKZjQH9bT9uTkE/SQ1qli0sTuuor
aLbW21xBLHtSSkWGoJWgRiRFO1Wk78NaIAg2U1A8TukiJ/dSyzb9CUrUXjpU4rj/
3+sa1EtqL0R+AGtzEyF8FR/o+7gyWI9VD1nBJpFsHRD9wGWz7+sX+rMA1F6pStTg
ps0kwQVehqoEPTCWFsoDTrOB1r2zZP08HPFBKObP6iuSTTNz50hcGptyvh4QDoqK
Ph7aLhRd/uBuyazBxa3NHJ7phsbXBfaoOJEh3A==
-----END CERTIFICATE-----
Generated at Sun Nov 24 18:22:22 2024 by rpki-client on console-ams.rpki-client.org