Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F362B8A8/B5C94E4C9C2511EBAD78FF53F8AEA228/A3EC97C49EAA11EB9431AE42F8AEA228.roa
File: A3EC97C49EAA11EB9431AE42F8AEA228.roa (raw, json)
Hash identifier: ITdou6CBdoyIdGztCF0641fr0nfnRn3rDhTSbOWklSg=
Subject key identifier: E5:29:8F:56:DB:E3:65:46:B0:FF:9E:9E:05:43:59:E7:FB:38:B5:60
Certificate issuer: /CN=F362B8A8AF/serialNumber=DF376480DCF07A1B7AD164DE64A3EA215F247541
Certificate serial: 14
Authority key identifier: DF:37:64:80:DC:F0:7A:1B:7A:D1:64:DE:64:A3:EA:21:5F:24:75:41
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/3zdkgNzweht60WTeZKPqIV8kdUE.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F362B8A8/B5C94E4C9C2511EBAD78FF53F8AEA228/A3EC97C49EAA11EB9431AE42F8AEA228.roa
Signing time: Fri 16 Apr 2021 11:55:30 +0000
ROA not before: Fri 16 Apr 2021 11:55:26 +0000
ROA not after: Wed 16 Apr 2031 11:55:26 +0000
asID: 37053
IP address blocks: 41.223.32.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F362B8A8/B5C94E4C9C2511EBAD78FF53F8AEA228/3zdkgNzweht60WTeZKPqIV8kdUE.crl
rsync://rpki.afrinic.net/repository/member_repository/F362B8A8/B5C94E4C9C2511EBAD78FF53F8AEA228/3zdkgNzweht60WTeZKPqIV8kdUE.mft
rsync://rpki.afrinic.net/repository/afrinic/3zdkgNzweht60WTeZKPqIV8kdUE.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20 (0x14)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F362B8A8AF/serialNumber=DF376480DCF07A1B7AD164DE64A3EA215F247541
Validity
Not Before: Apr 16 11:55:26 2021 GMT
Not After : Apr 16 11:55:26 2031 GMT
Subject: CN=60797b32-57cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:53:f8:63:dc:79:c3:87:70:a2:9e:ea:3c:a1:
bb:3d:d0:29:54:52:0b:19:09:97:11:25:64:be:f5:
d6:1c:9a:e9:19:b3:d3:9a:53:0a:e5:9e:0e:4c:72:
e5:e1:59:7a:9c:48:0b:c7:d3:47:fb:ff:9b:1a:1c:
97:5f:3b:5c:16:99:29:f4:91:aa:8b:53:58:9c:a5:
9c:16:5f:65:9f:43:02:34:d2:53:74:be:97:93:e8:
f8:f8:0c:9f:6a:79:45:e4:30:08:ca:7a:a8:c5:13:
f2:93:d7:ef:ad:c5:60:50:20:6c:43:ff:b2:5c:69:
c9:51:06:d0:e4:84:40:11:79:e2:55:94:fe:f4:46:
9d:4e:5a:ed:f1:3b:db:ca:6d:6e:58:ee:f9:92:50:
e5:e2:66:ac:54:68:9f:9b:fd:54:8f:ab:36:cc:57:
49:da:e4:e1:fa:7d:d1:25:d7:69:45:d4:d9:62:49:
74:50:4d:d9:14:e6:dc:7c:d3:65:aa:a0:8d:17:d3:
64:c3:b1:e1:91:eb:0a:24:2b:eb:d1:06:8d:af:14:
ce:61:37:78:35:c9:33:82:98:8a:be:83:9c:09:d7:
b8:f0:8c:1f:ee:58:ca:28:a7:44:22:fe:6d:bb:d0:
5a:45:35:98:a5:52:e8:88:36:d4:e3:33:ae:4e:a3:
41:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:29:8F:56:DB:E3:65:46:B0:FF:9E:9E:05:43:59:E7:FB:38:B5:60
X509v3 Authority Key Identifier:
keyid:DF:37:64:80:DC:F0:7A:1B:7A:D1:64:DE:64:A3:EA:21:5F:24:75:41
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F362B8A8/B5C94E4C9C2511EBAD78FF53F8AEA228/3zdkgNzweht60WTeZKPqIV8kdUE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/3zdkgNzweht60WTeZKPqIV8kdUE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F362B8A8/B5C94E4C9C2511EBAD78FF53F8AEA228/A3EC97C49EAA11EB9431AE42F8AEA228.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
41.223.32.0/22
Signature Algorithm: sha256WithRSAEncryption
90:a0:0b:f2:15:c2:89:a6:96:7d:f0:4f:3e:55:0b:b1:40:59:
b9:34:7e:b4:33:47:10:18:71:88:45:2a:14:ca:68:c8:e9:8b:
e9:08:86:61:c5:ce:69:c9:73:3b:79:66:18:58:d3:b1:c5:b4:
c8:6b:77:4a:aa:42:3d:ca:6b:e5:75:f2:ea:02:52:e1:fb:f4:
9e:c9:2d:cd:b3:bb:31:c9:c1:ae:b0:22:af:b2:84:99:f3:c8:
42:8a:51:ae:c0:6b:71:91:15:90:40:60:d9:21:b4:d7:0d:2b:
f6:aa:4b:31:d8:39:8e:c6:eb:68:a5:e2:82:3c:3d:51:79:11:
48:8e:7a:f2:73:d1:d1:e0:0b:7c:fe:f3:30:24:3b:d7:8f:0e:
35:f9:7d:29:c8:1d:c6:2e:43:33:70:57:fa:43:57:c3:04:6c:
b2:66:df:e4:ad:b0:61:d6:db:59:3f:d2:cd:69:3d:d9:41:7a:
43:90:a0:9a:d8:d2:84:d2:de:9d:20:7c:a7:37:ec:ca:6e:31:
f9:7f:b5:72:2d:2d:91:a6:f7:26:b0:c1:e2:5f:80:0c:09:19:
cc:54:26:5b:aa:56:ff:29:df:0a:71:7e:65:b4:5c:5c:88:4c:
0e:43:e4:e4:d0:cb:4b:de:a2:27:99:65:6c:3e:df:f9:b1:ce:
c4:d6:c6:ea
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBFDANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzYy
QjhBOEFGMTEwLwYDVQQFEyhERjM3NjQ4MERDRjA3QTFCN0FEMTY0REU2NEEzRUEy
MTVGMjQ3NTQxMB4XDTIxMDQxNjExNTUyNloXDTMxMDQxNjExNTUyNlowGDEWMBQG
A1UEAxMNNjA3OTdiMzItNTdjYzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMJT+GPcecOHcKKe6jyhuz3QKVRSCxkJlxElZL711hya6Rmz05pTCuWeDkxy
5eFZepxIC8fTR/v/mxocl187XBaZKfSRqotTWJylnBZfZZ9DAjTSU3S+l5Po+PgM
n2p5ReQwCMp6qMUT8pPX763FYFAgbEP/slxpyVEG0OSEQBF54lWU/vRGnU5a7fE7
28ptblju+ZJQ5eJmrFRon5v9VI+rNsxXSdrk4fp90SXXaUXU2WJJdFBN2RTm3HzT
ZaqgjRfTZMOx4ZHrCiQr69EGja8UzmE3eDXJM4KYir6DnAnXuPCMH+5YyiinRCL+
bbvQWkU1mKVS6Ig21OMzrk6jQecCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBTlKY9W
2+NlRrD/np4FQ1nn+zi1YDAfBgNVHSMEGDAWgBTfN2SA3PB6G3rRZN5ko+ohXyR1
QTAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2MkI4QTgvQjVDOTRFNEM5QzI1MTFFQkFENzhGRjUzRjhBRUEyMjgvM3pka2dO
endlaHQ2MFdUZVpLUHFJVjhrZFVFLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvM3pka2dOendlaHQ2MFdUZVpLUHFJVjhrZFVFLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2MkI4QTgvQjVDOTRFNEM5QzI1MTFFQkFENzhGRjUzRjhB
RUEyMjgvQTNFQzk3QzQ5RUFBMTFFQjk0MzFBRTQyRjhBRUEyMjgucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAinfIDANBgkqhkiG9w0BAQsF
AAOCAQEAkKAL8hXCiaaWffBPPlULsUBZuTR+tDNHEBhxiEUqFMpoyOmL6QiGYcXO
aclzO3lmGFjTscW0yGt3SqpCPcpr5XXy6gJS4fv0nsktzbO7McnBrrAir7KEmfPI
QopRrsBrcZEVkEBg2SG01w0r9qpLMdg5jsbraKXigjw9UXkRSI568nPR0eALfP7z
MCQ7148ONfl9Kcgdxi5DM3BX+kNXwwRssmbf5K2wYdbbWT/SzWk92UF6Q5CgmtjS
hNLenSB8pzfsym4x+X+1ci0tkab3JrDB4l+ADAkZzFQmW6pW/ynfCnF+ZbRcXIhM
DkPk5NDLS96iJ5llbD7f+bHOxNbG6g==
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:52:53 2024 by rpki-client on console-fra.rpki-client.org