Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3619C8C/C3E10AFC5FDA11EF8EE59AA9762E951A/F71D77E2AA8611EF98B0D05E762E951A.roa
File: F71D77E2AA8611EF98B0D05E762E951A.roa (raw, json)
Hash identifier: Ihj2mACjaGHf96/o4yy3js68n256Vu9f7Bim7nWvWLM=
Subject key identifier: 31:5A:4B:45:F9:D0:B9:6A:25:BD:4E:54:4B:FF:43:45:7F:AA:3C:70
Certificate issuer: /CN=F3619C8CAF/serialNumber=46D405558001A8B029B96AB13406D69A1DD74045
Certificate serial: 70
Authority key identifier: 46:D4:05:55:80:01:A8:B0:29:B9:6A:B1:34:06:D6:9A:1D:D7:40:45
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/RtQFVYABqLApuWqxNAbWmh3XQEU.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3619C8C/C3E10AFC5FDA11EF8EE59AA9762E951A/F71D77E2AA8611EF98B0D05E762E951A.roa
Signing time: Sun 24 Nov 2024 17:10:12 +0000
ROA not before: Sun 24 Nov 2024 17:10:07 +0000
ROA not after: Thu 30 Nov 2034 17:10:07 +0000
asID: 36974
IP address blocks: 41.191.0.0/18 maxlen: 24
2c0e:7f80::/27 maxlen: 64
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3619C8C/C3E10AFC5FDA11EF8EE59AA9762E951A/RtQFVYABqLApuWqxNAbWmh3XQEU.crl
rsync://rpki.afrinic.net/repository/member_repository/F3619C8C/C3E10AFC5FDA11EF8EE59AA9762E951A/RtQFVYABqLApuWqxNAbWmh3XQEU.mft
rsync://rpki.afrinic.net/repository/afrinic/RtQFVYABqLApuWqxNAbWmh3XQEU.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 26 Nov 2024 00:05:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 112 (0x70)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3619C8CAF/serialNumber=46D405558001A8B029B96AB13406D69A1DD74045
Validity
Not Before: Nov 24 17:10:07 2024 GMT
Not After : Nov 30 17:10:07 2034 GMT
Subject: CN=67435df4-85da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:fd:fa:25:3c:a6:4b:5e:c1:f3:ac:a5:76:f5:
9d:34:a8:67:e0:42:5b:4d:2f:54:bf:25:91:15:09:
47:8c:ba:6b:12:83:89:89:30:a5:48:3f:f0:cb:4f:
8c:20:62:d6:50:76:92:df:7a:dc:74:34:95:e6:de:
72:0b:aa:86:4a:bf:b4:d1:a5:77:d8:92:6b:04:47:
df:36:83:23:e1:c1:be:04:36:c6:e9:fa:aa:77:a0:
00:28:d8:9a:be:7e:19:46:f1:d3:d4:9c:f8:8c:bb:
44:7a:10:aa:aa:1d:b6:6d:e4:1d:bd:0c:67:9d:83:
6f:3c:00:72:f0:e6:5e:59:c8:a6:b9:51:cf:f9:7c:
e7:d5:6d:d6:1d:43:10:df:a4:b7:c5:7f:a6:f3:cf:
9e:bc:39:ad:8a:09:0f:78:db:ee:4d:85:90:6c:0a:
de:81:14:66:58:40:37:6a:33:a5:8e:e4:b1:c3:ba:
f3:87:92:50:67:2f:4f:83:6d:3b:b9:c0:e8:9c:2d:
2a:33:d8:2f:21:75:19:d9:58:34:14:91:7d:26:50:
bc:be:25:68:37:fb:36:08:61:21:af:93:a4:d3:0a:
91:62:f2:f0:07:a9:b3:a4:9d:78:0b:60:35:03:f3:
b4:63:87:0d:90:96:3c:86:03:64:eb:7e:c3:86:ae:
73:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:5A:4B:45:F9:D0:B9:6A:25:BD:4E:54:4B:FF:43:45:7F:AA:3C:70
X509v3 Authority Key Identifier:
keyid:46:D4:05:55:80:01:A8:B0:29:B9:6A:B1:34:06:D6:9A:1D:D7:40:45
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3619C8C/C3E10AFC5FDA11EF8EE59AA9762E951A/RtQFVYABqLApuWqxNAbWmh3XQEU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/RtQFVYABqLApuWqxNAbWmh3XQEU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3619C8C/C3E10AFC5FDA11EF8EE59AA9762E951A/F71D77E2AA8611EF98B0D05E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
41.191.0.0/18
IPv6:
2c0e:7f80::/27
Signature Algorithm: sha256WithRSAEncryption
64:c7:50:d6:d7:0b:40:b4:6e:bc:b8:8c:65:5f:8b:33:83:e1:
ec:81:c7:de:27:cd:b6:59:5f:73:8d:42:2e:5f:4b:c3:35:98:
4b:d9:25:8d:2d:fc:94:7d:c7:1c:71:16:d3:5b:ac:1d:ac:b9:
bb:98:92:18:97:ae:bf:de:59:b3:66:92:93:77:aa:29:26:26:
7b:73:67:76:20:93:fd:af:19:48:f3:31:3c:d3:82:76:53:d0:
67:15:20:3f:e5:1a:70:c1:2f:66:0f:cb:bb:7f:44:a0:ef:dd:
a2:df:77:0d:00:bb:bb:b0:e4:91:a4:11:88:c6:6d:f9:94:f2:
95:40:a0:c5:63:35:35:92:ba:36:06:7a:d0:4c:5f:33:56:1a:
8c:c3:33:26:2f:05:36:86:d3:ce:71:42:80:1a:f4:0b:3b:4f:
8e:a2:6a:6a:35:7d:c2:42:79:67:d2:b0:7b:2c:90:58:64:cd:
49:b1:0f:14:72:09:0a:f2:b7:b3:80:76:28:42:70:21:78:3d:
5e:b1:98:f2:e7:d2:6a:27:80:f6:58:54:7c:09:02:f2:32:b3:
e2:46:29:1a:51:95:e1:4b:3d:71:6a:9e:56:b1:1b:01:5a:c6:
ff:92:d9:32:e5:02:d4:52:e7:01:6c:24:94:77:14:8d:3b:9d:
af:fb:21:0e
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgIBcDANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzYx
OUM4Q0FGMTEwLwYDVQQFEyg0NkQ0MDU1NTgwMDFBOEIwMjlCOTZBQjEzNDA2RDY5
QTFERDc0MDQ1MB4XDTI0MTEyNDE3MTAwN1oXDTM0MTEzMDE3MTAwN1owGDEWMBQG
A1UEAxMNNjc0MzVkZjQtODVkYTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMT9+iU8pktewfOspXb1nTSoZ+BCW00vVL8lkRUJR4y6axKDiYkwpUg/8MtP
jCBi1lB2kt963HQ0lebecguqhkq/tNGld9iSawRH3zaDI+HBvgQ2xun6qnegACjY
mr5+GUbx09Sc+Iy7RHoQqqodtm3kHb0MZ52DbzwAcvDmXlnIprlRz/l859Vt1h1D
EN+kt8V/pvPPnrw5rYoJD3jb7k2FkGwK3oEUZlhAN2ozpY7kscO684eSUGcvT4Nt
O7nA6JwtKjPYLyF1GdlYNBSRfSZQvL4laDf7NghhIa+TpNMKkWLy8Aeps6SdeAtg
NQPztGOHDZCWPIYDZOt+w4aucwsCAwEAAaOCArQwggKwMB0GA1UdDgQWBBQxWktF
+dC5aiW9TlRL/0NFf6o8cDAfBgNVHSMEGDAWgBRG1AVVgAGosCm5arE0BtaaHddA
RTAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2MTlDOEMvQzNFMTBBRkM1RkRBMTFFRjhFRTU5QUE5NzYyRTk1MUEvUnRRRlZZ
QUJxTEFwdVdxeE5BYldtaDNYUUVVLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvUnRRRlZZQUJxTEFwdVdxeE5BYldtaDNYUUVVLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2MTlDOEMvQzNFMTBBRkM1RkRBMTFFRjhFRTU5QUE5NzYy
RTk1MUEvRjcxRDc3RTJBQTg2MTFFRjk4QjBEMDVFNzYyRTk1MUEucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEBim/ADANBAIAAjAHAwUFLA5/
gDANBgkqhkiG9w0BAQsFAAOCAQEAZMdQ1tcLQLRuvLiMZV+LM4Ph7IHH3ifNtllf
c41CLl9LwzWYS9kljS38lH3HHHEW01usHay5u5iSGJeuv95Zs2aSk3eqKSYme3Nn
diCT/a8ZSPMxPNOCdlPQZxUgP+UacMEvZg/Lu39EoO/dot93DQC7u7DkkaQRiMZt
+ZTylUCgxWM1NZK6NgZ60ExfM1YajMMzJi8FNobTznFCgBr0CztPjqJqajV9wkJ5
Z9KweyyQWGTNSbEPFHIJCvK3s4B2KEJwIXg9XrGY8ufSaieA9lhUfAkC8jKz4kYp
GlGV4Us9cWqeVrEbAVrG/5LZMuUC1FLnAWwklHcUjTudr/shDg==
-----END CERTIFICATE-----
Generated at Sun Nov 24 18:34:40 2024 by rpki-client on console-fra.rpki-client.org