Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F362412E/3A239A207E3811EE854EE4394AD9E6FC/413308947E3A11EE832D2F404AD9E6FC.roa
File: 413308947E3A11EE832D2F404AD9E6FC.roa (raw, json)
Hash identifier: Eb0obFXe3E6DORP4MxW4QBN2bM/zRSA3RlnaOBqHUN0=
Subject key identifier: 38:8F:AE:FE:83:83:55:07:D7:B8:1C:1D:3A:2E:F4:AF:C1:FA:67:0B
Certificate issuer: /CN=F362412EAF/serialNumber=D628E4C96ABA9CFB124477867BBDF1A4435F0F5B
Certificate serial: 06
Authority key identifier: D6:28:E4:C9:6A:BA:9C:FB:12:44:77:86:7B:BD:F1:A4:43:5F:0F:5B
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/1ijkyWq6nPsSRHeGe73xpENfD1s.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F362412E/3A239A207E3811EE854EE4394AD9E6FC/413308947E3A11EE832D2F404AD9E6FC.roa
Signing time: Wed 08 Nov 2023 13:25:16 +0000
ROA not before: Wed 08 Nov 2023 13:25:13 +0000
ROA not after: Sun 08 Nov 2043 13:25:13 +0000
asID: 36962
IP address blocks: 41.223.116.0/24 maxlen: 24
41.223.117.0/24 maxlen: 24
41.223.118.0/24 maxlen: 24
41.223.119.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F362412E/3A239A207E3811EE854EE4394AD9E6FC/1ijkyWq6nPsSRHeGe73xpENfD1s.crl
rsync://rpki.afrinic.net/repository/member_repository/F362412E/3A239A207E3811EE854EE4394AD9E6FC/1ijkyWq6nPsSRHeGe73xpENfD1s.mft
rsync://rpki.afrinic.net/repository/afrinic/1ijkyWq6nPsSRHeGe73xpENfD1s.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 04 Jun 2024 00:04:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6 (0x6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F362412EAF/serialNumber=D628E4C96ABA9CFB124477867BBDF1A4435F0F5B
Validity
Not Before: Nov 8 13:25:13 2023 GMT
Not After : Nov 8 13:25:13 2043 GMT
Subject: CN=654b8c3c-b078
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:ac:8c:7c:53:aa:97:c8:56:1b:45:1a:d7:9c:
ce:56:52:5e:1f:c5:58:93:1d:36:58:ca:3e:44:26:
34:38:76:a1:a8:13:fe:bf:91:ca:d8:e8:74:ca:f5:
60:02:1d:57:c5:0d:8a:03:66:40:07:ad:36:b3:57:
df:ed:49:24:e5:55:db:fd:78:6f:96:25:ee:2a:e7:
e8:ef:e7:84:fb:99:53:d0:a5:39:85:b9:e4:95:1f:
24:f9:55:0b:33:7d:14:d3:2c:3c:2b:b5:c5:b0:c5:
9d:d6:f1:12:fd:a5:49:37:0b:53:26:ff:12:24:2e:
a6:67:22:17:7c:e9:db:47:60:76:b2:f2:83:79:a2:
d6:a5:8f:5e:2b:6e:ff:ea:4e:68:78:6f:2c:4c:f5:
7c:8f:70:f1:33:bf:6f:c3:6c:d4:f4:88:46:10:cb:
1d:d4:50:64:6b:87:37:13:e7:43:bd:21:9f:41:03:
81:95:72:9e:7c:d1:52:49:79:12:8a:be:e3:c1:20:
2b:b5:c7:07:54:22:82:6e:f8:64:c5:c0:7c:93:7d:
53:b7:c7:3f:28:f3:6f:26:9d:99:ed:e4:58:52:46:
df:b9:3a:d7:23:e8:2f:18:cc:d9:8f:6f:dd:c0:cb:
7c:c1:ba:a3:86:72:a9:e8:d3:12:96:91:04:17:c8:
fe:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:8F:AE:FE:83:83:55:07:D7:B8:1C:1D:3A:2E:F4:AF:C1:FA:67:0B
X509v3 Authority Key Identifier:
keyid:D6:28:E4:C9:6A:BA:9C:FB:12:44:77:86:7B:BD:F1:A4:43:5F:0F:5B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F362412E/3A239A207E3811EE854EE4394AD9E6FC/1ijkyWq6nPsSRHeGe73xpENfD1s.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/1ijkyWq6nPsSRHeGe73xpENfD1s.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F362412E/3A239A207E3811EE854EE4394AD9E6FC/413308947E3A11EE832D2F404AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
41.223.116.0/22
Signature Algorithm: sha256WithRSAEncryption
ac:5f:7b:f5:45:a1:92:0e:8b:05:b1:a6:0c:12:48:4a:06:79:
12:26:78:40:0a:95:c9:64:f4:7e:17:b5:a3:f0:ae:c9:ed:51:
1a:72:78:f8:37:be:1f:3d:84:02:6b:97:f4:98:5f:59:7d:32:
00:19:5d:0a:95:b6:7b:38:e1:f4:54:3a:84:f3:49:30:cd:8c:
03:51:16:28:85:9c:0b:ef:0f:b8:95:b2:ca:62:83:af:41:48:
3c:65:19:46:24:82:b2:78:58:70:94:6e:d4:43:af:e9:0a:7a:
d2:58:56:0c:c5:52:5f:4c:6b:50:9b:9a:0c:2f:c0:c3:bd:6a:
2f:6c:90:bb:30:f8:53:50:60:07:f7:b8:44:02:c4:51:1c:6e:
13:70:05:fc:2a:46:7f:c0:79:b6:8e:2b:52:ed:f0:7d:33:12:
50:33:04:47:6b:15:c5:83:2d:b4:fe:44:d7:ca:3b:3c:e5:11:
ec:39:70:35:21:dd:d7:a7:09:06:02:17:17:9c:81:50:a8:5c:
28:76:0c:2f:ff:ad:8d:3b:8f:66:51:78:a3:24:a6:df:1f:f9:
39:39:4e:6d:48:e3:10:ce:26:cf:b6:6d:f8:24:58:ec:5c:57:
5a:29:e7:cd:79:5a:ae:16:8b:bb:8e:11:3f:2d:6a:b0:40:5d:
40:33:0e:ae
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBBjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzYy
NDEyRUFGMTEwLwYDVQQFEyhENjI4RTRDOTZBQkE5Q0ZCMTI0NDc3ODY3QkJERjFB
NDQzNUYwRjVCMB4XDTIzMTEwODEzMjUxM1oXDTQzMTEwODEzMjUxM1owGDEWMBQG
A1UEAxMNNjU0YjhjM2MtYjA3ODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOKsjHxTqpfIVhtFGteczlZSXh/FWJMdNljKPkQmNDh2oagT/r+RytjodMr1
YAIdV8UNigNmQAetNrNX3+1JJOVV2/14b5Yl7irn6O/nhPuZU9ClOYW55JUfJPlV
CzN9FNMsPCu1xbDFndbxEv2lSTcLUyb/EiQupmciF3zp20dgdrLyg3mi1qWPXitu
/+pOaHhvLEz1fI9w8TO/b8Ns1PSIRhDLHdRQZGuHNxPnQ70hn0EDgZVynnzRUkl5
Eoq+48EgK7XHB1Qigm74ZMXAfJN9U7fHPyjzbyadme3kWFJG37k61yPoLxjM2Y9v
3cDLfMG6o4ZyqejTEpaRBBfI/gcCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBQ4j67+
g4NVB9e4HB06LvSvwfpnCzAfBgNVHSMEGDAWgBTWKOTJarqc+xJEd4Z7vfGkQ18P
WzAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2MjQxMkUvM0EyMzlBMjA3RTM4MTFFRTg1NEVFNDM5NEFEOUU2RkMvMWlqa3lX
cTZuUHNTUkhlR2U3M3hwRU5mRDFzLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvMWlqa3lXcTZuUHNTUkhlR2U3M3hwRU5mRDFzLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2MjQxMkUvM0EyMzlBMjA3RTM4MTFFRTg1NEVFNDM5NEFE
OUU2RkMvNDEzMzA4OTQ3RTNBMTFFRTgzMkQyRjQwNEFEOUU2RkMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAinfdDANBgkqhkiG9w0BAQsF
AAOCAQEArF979UWhkg6LBbGmDBJISgZ5EiZ4QAqVyWT0fhe1o/Cuye1RGnJ4+De+
Hz2EAmuX9JhfWX0yABldCpW2ezjh9FQ6hPNJMM2MA1EWKIWcC+8PuJWyymKDr0FI
PGUZRiSCsnhYcJRu1EOv6Qp60lhWDMVSX0xrUJuaDC/Aw71qL2yQuzD4U1BgB/e4
RALEURxuE3AF/CpGf8B5to4rUu3wfTMSUDMER2sVxYMttP5E18o7POUR7DlwNSHd
16cJBgIXF5yBUKhcKHYML/+tjTuPZlF4oySm3x/5OTlObUjjEM4mz7Zt+CRY7FxX
WinnzXlarhaLu44RPy1qsEBdQDMOrg==
-----END CERTIFICATE-----
Generated at Sun Jun 2 03:39:35 2024 by rpki-client on console-ams.rpki-client.org