Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3619C8C/C3E10AFC5FDA11EF8EE59AA9762E951A/DE5116B4609011EF8D12C1B3762E951A.roa
File: DE5116B4609011EF8D12C1B3762E951A.roa (raw, json)
Hash identifier: 9S7+mdx2DKBgrgKmUfkV+mK4JJ+yxtDU858vKwTfcjs=
Subject key identifier: D3:85:65:1F:14:A4:C4:AA:73:FA:4A:E9:95:9B:B2:64:42:4C:B5:A1
Certificate issuer: /CN=F3619C8CAF/serialNumber=46D405558001A8B029B96AB13406D69A1DD74045
Certificate serial: 0C
Authority key identifier: 46:D4:05:55:80:01:A8:B0:29:B9:6A:B1:34:06:D6:9A:1D:D7:40:45
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/RtQFVYABqLApuWqxNAbWmh3XQEU.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3619C8C/C3E10AFC5FDA11EF8EE59AA9762E951A/DE5116B4609011EF8D12C1B3762E951A.roa
Signing time: Thu 22 Aug 2024 14:14:40 +0000
ROA not before: Thu 22 Aug 2024 14:14:32 +0000
ROA not after: Sun 31 Dec 2028 14:14:32 +0000
asID: 36974
IP address blocks: 41.191.0.0/18 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3619C8C/C3E10AFC5FDA11EF8EE59AA9762E951A/RtQFVYABqLApuWqxNAbWmh3XQEU.crl
rsync://rpki.afrinic.net/repository/member_repository/F3619C8C/C3E10AFC5FDA11EF8EE59AA9762E951A/RtQFVYABqLApuWqxNAbWmh3XQEU.mft
rsync://rpki.afrinic.net/repository/afrinic/RtQFVYABqLApuWqxNAbWmh3XQEU.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 25 Oct 2024 00:05:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 12 (0xc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3619C8CAF/serialNumber=46D405558001A8B029B96AB13406D69A1DD74045
Validity
Not Before: Aug 22 14:14:32 2024 GMT
Not After : Dec 31 14:14:32 2028 GMT
Subject: CN=66c747d0-6abc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:8a:29:88:aa:39:b6:1b:0b:0a:55:a6:08:71:
11:32:a0:bd:67:8f:f8:fe:42:53:32:08:67:b7:a6:
dc:23:c7:48:76:a4:9c:53:0e:19:ea:0a:e4:5c:f1:
95:41:a9:84:ec:b6:1a:7a:75:19:ae:22:99:07:bb:
0a:c6:07:eb:67:4b:32:47:21:53:49:c8:24:10:f0:
c5:43:c0:35:10:b1:c3:54:25:be:87:60:9b:2f:1c:
c6:3a:67:2e:5e:ee:96:ae:3d:b6:a4:98:ac:83:0b:
7f:4a:e1:fe:3a:b4:76:63:25:ac:57:0c:10:a9:58:
ee:ba:44:0b:96:db:51:8d:a6:9c:41:6b:9a:e0:74:
8b:e5:fb:73:2c:07:34:ff:e3:86:ab:ee:05:3e:28:
51:38:ec:47:42:ba:34:a8:50:cf:49:87:df:4e:71:
07:e9:71:34:5c:38:63:ec:4a:cf:79:7c:53:b0:79:
d8:f4:ff:8b:b1:db:26:c3:5b:dc:0b:bf:5e:6c:f5:
b3:45:05:9c:16:75:8b:9a:ff:e5:69:45:83:cb:a5:
7f:09:49:9b:1e:b2:ad:b9:0c:70:5f:6a:ca:a1:69:
82:fb:e2:b1:5a:4a:8f:8f:75:55:a1:3f:7b:99:79:
d9:ae:ad:c7:0f:48:39:5c:11:01:d3:c3:90:29:20:
5b:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:85:65:1F:14:A4:C4:AA:73:FA:4A:E9:95:9B:B2:64:42:4C:B5:A1
X509v3 Authority Key Identifier:
keyid:46:D4:05:55:80:01:A8:B0:29:B9:6A:B1:34:06:D6:9A:1D:D7:40:45
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3619C8C/C3E10AFC5FDA11EF8EE59AA9762E951A/RtQFVYABqLApuWqxNAbWmh3XQEU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/RtQFVYABqLApuWqxNAbWmh3XQEU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3619C8C/C3E10AFC5FDA11EF8EE59AA9762E951A/DE5116B4609011EF8D12C1B3762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
41.191.0.0/18
Signature Algorithm: sha256WithRSAEncryption
55:60:eb:ea:1f:43:bb:5b:08:a6:61:9b:d6:ab:6e:6a:b0:4a:
6a:de:11:25:c7:db:e5:7a:54:7c:99:fc:dc:6d:16:7a:79:05:
37:4f:06:7d:e5:f0:0b:f2:93:dc:49:7d:94:b5:11:5d:70:15:
20:76:40:b1:91:ad:0d:47:5c:c3:da:46:2d:68:3c:46:b2:33:
0c:b1:92:50:a6:f7:a8:f0:25:76:d9:e5:59:d3:e4:b2:1f:c3:
13:a8:03:73:ba:65:df:1e:08:54:83:ed:70:66:25:3e:97:fc:
db:82:bd:14:bd:0d:f8:6b:e9:38:6d:76:50:9a:fb:37:94:20:
18:d4:15:61:ce:dd:64:98:d2:75:5c:8a:fc:80:c3:70:fe:19:
18:b3:3c:ae:fa:b1:7b:e7:1b:ae:c0:d6:91:0c:87:45:b7:f1:
92:55:f6:b7:d5:aa:e2:4c:ed:d5:58:f7:05:d3:24:17:18:cc:
d5:4e:9d:30:c8:36:37:28:5b:d1:6a:3f:15:66:cd:ed:94:75:
7b:7b:d2:d8:1b:f3:d2:75:06:cf:3c:8c:75:2a:f7:3e:9c:a4:
16:90:29:c9:bc:b5:52:4b:78:56:e7:e4:d8:3e:4d:4e:f4:61:
f5:2c:8d:8a:2d:0d:1a:35:60:a9:40:e1:39:88:fc:d6:2d:aa:
be:33:59:e8
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBDDANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzYx
OUM4Q0FGMTEwLwYDVQQFEyg0NkQ0MDU1NTgwMDFBOEIwMjlCOTZBQjEzNDA2RDY5
QTFERDc0MDQ1MB4XDTI0MDgyMjE0MTQzMloXDTI4MTIzMTE0MTQzMlowGDEWMBQG
A1UEAxMNNjZjNzQ3ZDAtNmFiYzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL6KKYiqObYbCwpVpghxETKgvWeP+P5CUzIIZ7em3CPHSHaknFMOGeoK5Fzx
lUGphOy2Gnp1Ga4imQe7CsYH62dLMkchU0nIJBDwxUPANRCxw1Qlvodgmy8cxjpn
Ll7ulq49tqSYrIMLf0rh/jq0dmMlrFcMEKlY7rpEC5bbUY2mnEFrmuB0i+X7cywH
NP/jhqvuBT4oUTjsR0K6NKhQz0mH305xB+lxNFw4Y+xKz3l8U7B52PT/i7HbJsNb
3Au/Xmz1s0UFnBZ1i5r/5WlFg8ulfwlJmx6yrbkMcF9qyqFpgvvisVpKj491VaE/
e5l52a6txw9IOVwRAdPDkCkgW/cCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBTThWUf
FKTEqnP6SumVm7JkQky1oTAfBgNVHSMEGDAWgBRG1AVVgAGosCm5arE0BtaaHddA
RTAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2MTlDOEMvQzNFMTBBRkM1RkRBMTFFRjhFRTU5QUE5NzYyRTk1MUEvUnRRRlZZ
QUJxTEFwdVdxeE5BYldtaDNYUUVVLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvUnRRRlZZQUJxTEFwdVdxeE5BYldtaDNYUUVVLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2MTlDOEMvQzNFMTBBRkM1RkRBMTFFRjhFRTU5QUE5NzYy
RTk1MUEvREU1MTE2QjQ2MDkwMTFFRjhEMTJDMUIzNzYyRTk1MUEucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBim/ADANBgkqhkiG9w0BAQsF
AAOCAQEAVWDr6h9Du1sIpmGb1qtuarBKat4RJcfb5XpUfJn83G0WenkFN08GfeXw
C/KT3El9lLURXXAVIHZAsZGtDUdcw9pGLWg8RrIzDLGSUKb3qPAldtnlWdPksh/D
E6gDc7pl3x4IVIPtcGYlPpf824K9FL0N+GvpOG12UJr7N5QgGNQVYc7dZJjSdVyK
/IDDcP4ZGLM8rvqxe+cbrsDWkQyHRbfxklX2t9Wq4kzt1Vj3BdMkFxjM1U6dMMg2
Nyhb0Wo/FWbN7ZR1e3vS2Bvz0nUGzzyMdSr3PpykFpApyby1Ukt4Vufk2D5NTvRh
9SyNii0NGjVgqUDhOYj81i2qvjNZ6A==
-----END CERTIFICATE-----
Generated at Wed Oct 23 04:00:54 2024 by rpki-client on console-fra.rpki-client.org