Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F363212D/1E968F6051B711ECBFC54543D8A014CE/24D701EA533111EC8641CB24D8A014CE.roa
File: 24D701EA533111EC8641CB24D8A014CE.roa (raw, json)
Hash identifier: /Cg+GnqMealAZ/MM8CbfqkgM5mxpsZqxp+8Er6hjzIE=
Subject key identifier: 7F:D9:4B:77:D6:7D:D5:25:E5:AA:F3:4E:D9:38:B3:CD:CD:2F:56:03
Certificate issuer: /CN=F363212DAF/serialNumber=EBC4A85197C32B425638A6C7E5860B5964E657FE
Certificate serial: 11
Authority key identifier: EB:C4:A8:51:97:C3:2B:42:56:38:A6:C7:E5:86:0B:59:64:E6:57:FE
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/68SoUZfDK0JWOKbH5YYLWWTmV_4.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F363212D/1E968F6051B711ECBFC54543D8A014CE/24D701EA533111EC8641CB24D8A014CE.roa
Signing time: Thu 02 Dec 2021 05:31:48 +0000
ROA not before: Thu 02 Dec 2021 05:31:37 +0000
ROA not after: Thu 02 Dec 2049 05:31:37 +0000
asID: 327979
IP address blocks: 41.76.104.0/21 maxlen: 24
41.222.32.0/21 maxlen: 24
154.66.196.0/22 maxlen: 24
2c0f:f850::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F363212D/1E968F6051B711ECBFC54543D8A014CE/68SoUZfDK0JWOKbH5YYLWWTmV_4.crl
rsync://rpki.afrinic.net/repository/member_repository/F363212D/1E968F6051B711ECBFC54543D8A014CE/68SoUZfDK0JWOKbH5YYLWWTmV_4.mft
rsync://rpki.afrinic.net/repository/afrinic/68SoUZfDK0JWOKbH5YYLWWTmV_4.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17 (0x11)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F363212DAF/serialNumber=EBC4A85197C32B425638A6C7E5860B5964E657FE
Validity
Not Before: Dec 2 05:31:37 2021 GMT
Not After : Dec 2 05:31:37 2049 GMT
Subject: CN=61a85a44-728e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:5f:08:7f:20:46:3b:95:99:1f:45:b5:bb:29:
7b:1f:45:44:60:da:ac:9a:0e:b0:5b:64:b0:f6:c0:
aa:bc:60:87:c1:f3:44:be:87:48:56:0b:9d:ff:67:
fe:de:94:79:b7:9b:a8:3b:14:22:84:69:4c:dc:57:
f7:15:12:1f:2e:e6:e3:47:5d:3d:01:54:54:82:98:
75:13:e1:2f:a6:e6:be:1b:c5:5d:77:3d:98:77:8f:
01:c2:e4:54:1d:83:41:3b:d6:fe:02:30:6e:b2:92:
cc:4e:e7:be:0b:af:2e:35:ac:e7:a2:fd:a4:9a:25:
ec:90:15:44:94:73:dc:fc:a1:eb:bb:69:5e:a6:f8:
f5:eb:59:50:20:44:e0:ae:c5:08:26:ec:ca:74:90:
84:88:b9:0d:a5:c2:14:05:99:53:05:d9:7b:f1:0b:
25:27:f7:51:33:92:bd:3f:91:8e:35:d4:06:b1:6c:
d5:d1:47:17:5c:49:b5:25:51:d1:03:06:a6:ea:85:
93:88:cf:2c:e8:04:62:db:33:13:0c:f8:3e:1b:4a:
d6:45:54:b0:83:ab:ef:38:05:d3:6e:6b:95:02:c5:
18:57:db:15:d1:27:2a:71:c2:24:4b:5c:4b:14:ab:
b7:84:c9:ea:4f:af:20:69:46:04:04:cf:78:89:17:
99:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:D9:4B:77:D6:7D:D5:25:E5:AA:F3:4E:D9:38:B3:CD:CD:2F:56:03
X509v3 Authority Key Identifier:
keyid:EB:C4:A8:51:97:C3:2B:42:56:38:A6:C7:E5:86:0B:59:64:E6:57:FE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F363212D/1E968F6051B711ECBFC54543D8A014CE/68SoUZfDK0JWOKbH5YYLWWTmV_4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/68SoUZfDK0JWOKbH5YYLWWTmV_4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F363212D/1E968F6051B711ECBFC54543D8A014CE/24D701EA533111EC8641CB24D8A014CE.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
41.76.104.0/21
41.222.32.0/21
154.66.196.0/22
IPv6:
2c0f:f850::/32
Signature Algorithm: sha256WithRSAEncryption
d5:18:0d:6a:75:51:49:17:04:6f:c4:71:e2:35:47:68:22:4c:
4a:1a:bc:ab:70:13:65:90:03:97:db:0b:ef:6f:4f:52:1d:11:
11:bf:39:aa:b2:97:b2:78:ac:a6:79:c7:05:3d:b0:4a:4d:5d:
2c:73:38:13:9c:29:fd:e3:37:40:a7:40:9c:23:4b:54:ec:82:
c0:e1:9b:ef:55:f2:a0:90:ae:44:86:cc:86:f8:38:12:5c:ee:
c4:b8:de:a4:22:01:fa:f8:18:6d:a9:62:91:f0:95:82:81:1e:
83:4b:3e:43:99:95:be:7d:86:de:2f:b8:3c:2d:bf:ff:44:b8:
7d:b7:ef:58:59:d5:3e:23:c4:3b:3a:91:42:88:a7:37:46:f4:
09:93:a0:f5:07:d6:7b:61:85:d0:80:3e:c6:be:1f:bf:11:e5:
d2:6d:dd:1b:f4:5c:f7:43:c0:b5:3e:3f:e4:a1:9a:3e:28:89:
21:b2:58:9c:4a:47:2b:4e:bb:98:93:f3:fc:8b:ab:b0:c8:21:
27:bb:a8:6f:9a:64:a6:f9:03:4c:08:1a:f8:12:73:18:43:a4:
26:87:20:1d:46:a8:e5:57:5e:df:f8:ac:be:a9:a4:48:3a:e1:
21:1d:53:f8:0f:16:46:61:1b:88:e2:c4:b9:12:17:0a:1e:b1:
2a:32:ad:25
-----BEGIN CERTIFICATE-----
MIIFnTCCBIWgAwIBAgIBETANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDDApGMzYz
MjEyREFGMTEwLwYDVQQFEyhFQkM0QTg1MTk3QzMyQjQyNTYzOEE2QzdFNTg2MEI1
OTY0RTY1N0ZFMB4XDTIxMTIwMjA1MzEzN1oXDTQ5MTIwMjA1MzEzN1owGDEWMBQG
A1UEAwwNNjFhODVhNDQtNzI4ZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALRfCH8gRjuVmR9Ftbspex9FRGDarJoOsFtksPbAqrxgh8HzRL6HSFYLnf9n
/t6UebebqDsUIoRpTNxX9xUSHy7m40ddPQFUVIKYdRPhL6bmvhvFXXc9mHePAcLk
VB2DQTvW/gIwbrKSzE7nvguvLjWs56L9pJol7JAVRJRz3Pyh67tpXqb49etZUCBE
4K7FCCbsynSQhIi5DaXCFAWZUwXZe/ELJSf3UTOSvT+RjjXUBrFs1dFHF1xJtSVR
0QMGpuqFk4jPLOgEYtszEwz4PhtK1kVUsIOr7zgF025rlQLFGFfbFdEnKnHCJEtc
SxSrt4TJ6k+vIGlGBATPeIkXmWcCAwEAAaOCAsAwggK8MB0GA1UdDgQWBBR/2Ut3
1n3VJeWq807ZOLPNzS9WAzAfBgNVHSMEGDAWgBTrxKhRl8MrQlY4psflhgtZZOZX
/jAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2MzIxMkQvMUU5NjhGNjA1MUI3MTFFQ0JGQzU0NTQzRDhBMDE0Q0UvNjhTb1Va
ZkRLMEpXT0tiSDVZWUxXV1RtVl80LmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvNjhTb1VaZkRLMEpXT0tiSDVZWUxXV1RtVl80LmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2MzIxMkQvMUU5NjhGNjA1MUI3MTFFQ0JGQzU0NTQzRDhB
MDE0Q0UvMjRENzAxRUE1MzMxMTFFQzg2NDFDQjI0RDhBMDE0Q0Uucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDA6BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEAylMaAMEAyneIAMEAppCxDAN
BAIAAjAHAwUALA/4UDANBgkqhkiG9w0BAQsFAAOCAQEA1RgNanVRSRcEb8Rx4jVH
aCJMShq8q3ATZZADl9sL729PUh0REb85qrKXsnispnnHBT2wSk1dLHM4E5wp/eM3
QKdAnCNLVOyCwOGb71XyoJCuRIbMhvg4ElzuxLjepCIB+vgYbalikfCVgoEeg0s+
Q5mVvn2G3i+4PC2//0S4fbfvWFnVPiPEOzqRQoinN0b0CZOg9QfWe2GF0IA+xr4f
vxHl0m3dG/Rc90PAtT4/5KGaPiiJIbJYnEpHK067mJPz/IursMghJ7uob5pkpvkD
TAga+BJzGEOkJocgHUao5Vde3/isvqmkSDrhIR1T+A8WRmEbiOLEuRIXCh6xKjKt
JQ==
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:03:32 2024 by rpki-client on console-ams.rpki-client.org