Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F363520F/0C22B38E848811EA853C8C80F8AEA228/B85FC3687D5D11EEB4C311814AD9E6FC.roa
File: B85FC3687D5D11EEB4C311814AD9E6FC.roa (raw, json)
Hash identifier: 5yuIcs7jRjs+HeduYgckENnTsGnOb85j9GULa/Na804=
Subject key identifier: 2C:7F:0C:96:68:62:76:77:78:67:4F:D1:C2:FB:CA:27:AF:53:73:DD
Certificate issuer: /CN=F363520FAF/serialNumber=143DA5777CDBB49388A52FF583DB432CBC7E5774
Certificate serial: 053C
Authority key identifier: 14:3D:A5:77:7C:DB:B4:93:88:A5:2F:F5:83:DB:43:2C:BC:7E:57:74
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/FD2ld3zbtJOIpS_1g9tDLLx-V3Q.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F363520F/0C22B38E848811EA853C8C80F8AEA228/B85FC3687D5D11EEB4C311814AD9E6FC.roa
Signing time: Tue 07 Nov 2023 11:06:38 +0000
ROA not before: Tue 07 Nov 2023 11:06:27 +0000
ROA not after: Sat 07 Nov 2037 11:06:27 +0000
asID: 37611
IP address blocks: 41.76.208.0/21 maxlen: 24
102.182.0.0/16 maxlen: 24
102.222.124.0/22 maxlen: 24
154.0.160.0/20 maxlen: 24
197.242.144.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F363520F/0C22B38E848811EA853C8C80F8AEA228/FD2ld3zbtJOIpS_1g9tDLLx-V3Q.crl
rsync://rpki.afrinic.net/repository/member_repository/F363520F/0C22B38E848811EA853C8C80F8AEA228/FD2ld3zbtJOIpS_1g9tDLLx-V3Q.mft
rsync://rpki.afrinic.net/repository/afrinic/FD2ld3zbtJOIpS_1g9tDLLx-V3Q.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1340 (0x53c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F363520FAF/serialNumber=143DA5777CDBB49388A52FF583DB432CBC7E5774
Validity
Not Before: Nov 7 11:06:27 2023 GMT
Not After : Nov 7 11:06:27 2037 GMT
Subject: CN=654a1a3d-b2c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:2d:f1:68:31:d6:a5:4f:b4:68:b3:c6:f8:55:
c3:06:a3:fc:8d:e8:ea:4b:0d:90:a2:e4:4c:64:94:
42:74:4d:4a:e9:fd:2e:8a:a0:f6:70:39:32:84:c6:
2d:ab:e6:2e:98:1c:26:9a:60:67:9b:37:d0:50:8f:
c3:09:d0:41:58:49:c0:b3:fb:85:8a:35:02:50:bc:
a5:ea:c5:1a:3d:6c:28:72:22:a9:18:02:42:02:5b:
87:df:42:e5:40:84:32:45:2a:2f:75:f8:f8:e1:b9:
1e:b6:18:74:a6:7f:9a:2c:f7:8b:15:78:8e:fe:b7:
e0:23:e7:d1:18:10:53:a8:b9:58:f1:10:1c:ca:37:
08:3b:81:d8:18:8e:5b:f7:72:be:a1:4d:d9:d9:5b:
58:5f:8f:b1:b8:32:35:49:2e:0f:f5:6e:a6:d6:d5:
32:c0:37:2f:66:d0:d9:73:68:93:b0:af:92:08:25:
38:c8:19:c1:46:99:0e:ca:ad:1b:27:27:7e:3c:5a:
70:fc:03:6b:92:82:fb:a2:ca:91:e1:24:ea:06:e3:
cd:eb:d3:40:6c:c3:c0:e0:e1:18:71:1c:9a:c8:07:
f6:75:38:69:22:2b:ef:67:30:4c:77:2e:31:82:3d:
70:70:9e:05:b8:20:d0:32:9b:fc:7f:24:88:24:b0:
49:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:7F:0C:96:68:62:76:77:78:67:4F:D1:C2:FB:CA:27:AF:53:73:DD
X509v3 Authority Key Identifier:
keyid:14:3D:A5:77:7C:DB:B4:93:88:A5:2F:F5:83:DB:43:2C:BC:7E:57:74
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F363520F/0C22B38E848811EA853C8C80F8AEA228/FD2ld3zbtJOIpS_1g9tDLLx-V3Q.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/FD2ld3zbtJOIpS_1g9tDLLx-V3Q.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F363520F/0C22B38E848811EA853C8C80F8AEA228/B85FC3687D5D11EEB4C311814AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
41.76.208.0/21
102.182.0.0/16
102.222.124.0/22
154.0.160.0/20
197.242.144.0/20
Signature Algorithm: sha256WithRSAEncryption
60:2a:8c:2b:f6:30:4f:df:b2:c6:d3:3b:4f:1a:4d:fa:35:6d:
2c:da:6e:cf:53:c8:cf:5f:38:4b:9a:87:85:18:69:81:7c:f3:
26:cc:33:fd:04:4b:94:30:07:87:3c:49:95:f3:af:b2:27:b2:
9b:9e:9d:10:dd:b6:05:1a:6d:b1:b5:99:98:b0:1e:33:0d:19:
11:1b:20:28:ab:dc:c4:c4:5b:38:6e:1c:b4:f7:90:6d:4d:b6:
66:d4:08:33:99:0a:54:f3:ba:a5:bb:2c:df:08:2c:17:92:c3:
da:a6:c2:eb:eb:e8:6e:7b:e6:c7:f0:22:1a:0e:39:ef:01:15:
a5:04:17:92:fb:45:be:70:f8:48:21:91:c6:ac:46:1d:b5:51:
b5:74:d9:7b:8c:a7:45:d6:a7:cc:06:04:9b:10:8d:cc:1d:29:
89:ca:d5:cc:ba:a9:3d:8b:b4:29:cf:77:29:b3:79:79:e8:7f:
0e:6f:a0:c5:07:52:9b:dc:e7:fd:e0:8f:22:e8:e5:63:99:31:
58:a6:d1:e8:70:1e:0f:bb:d1:73:b2:35:c3:11:71:e0:77:1a:
c7:16:da:0b:a5:91:99:df:f6:c6:29:15:d5:c6:f2:18:b2:45:
1f:f0:0d:75:22:55:81:3b:e7:9c:75:23:66:e0:ab:d8:2a:ac:
49:26:4d:f8
-----BEGIN CERTIFICATE-----
MIIFmjCCBIKgAwIBAgICBTwwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
MzUyMEZBRjExMC8GA1UEBRMoMTQzREE1Nzc3Q0RCQjQ5Mzg4QTUyRkY1ODNEQjQz
MkNCQzdFNTc3NDAeFw0yMzExMDcxMTA2MjdaFw0zNzExMDcxMTA2MjdaMBgxFjAU
BgNVBAMTDTY1NGExYTNkLWIyYzEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDLLfFoMdalT7Ros8b4VcMGo/yN6OpLDZCi5ExklEJ0TUrp/S6KoPZwOTKE
xi2r5i6YHCaaYGebN9BQj8MJ0EFYScCz+4WKNQJQvKXqxRo9bChyIqkYAkICW4ff
QuVAhDJFKi91+PjhuR62GHSmf5os94sVeI7+t+Aj59EYEFOouVjxEBzKNwg7gdgY
jlv3cr6hTdnZW1hfj7G4MjVJLg/1bqbW1TLANy9m0NlzaJOwr5IIJTjIGcFGmQ7K
rRsnJ348WnD8A2uSgvuiypHhJOoG483r00Bsw8Dg4RhxHJrIB/Z1OGkiK+9nMEx3
LjGCPXBwngW4INAym/x/JIgksEkZAgMBAAGjggK8MIICuDAdBgNVHQ4EFgQULH8M
lmhidnd4Z0/RwvvKJ69Tc90wHwYDVR0jBBgwFoAUFD2ld3zbtJOIpS/1g9tDLLx+
V3QwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjM1MjBGLzBDMjJCMzhFODQ4ODExRUE4NTNDOEM4MEY4QUVBMjI4L0ZEMmxk
M3pidEpPSXBTXzFnOXRETEx4LVYzUS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0ZEMmxkM3pidEpPSXBTXzFnOXRETEx4LVYzUS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjM1MjBGLzBDMjJCMzhFODQ4ODExRUE4NTNDOEM4MEY4
QUVBMjI4L0I4NUZDMzY4N0Q1RDExRUVCNEMzMTE4MTRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwNgYIKwYBBQUHAQcBAf8EJzAlMCMEAgABMB0DBAMpTNADAwBmtgMEAmbefAME
BJoAoAMEBMXykDANBgkqhkiG9w0BAQsFAAOCAQEAYCqMK/YwT9+yxtM7TxpN+jVt
LNpuz1PIz184S5qHhRhpgXzzJswz/QRLlDAHhzxJlfOvsieym56dEN22BRptsbWZ
mLAeMw0ZERsgKKvcxMRbOG4ctPeQbU22ZtQIM5kKVPO6pbss3wgsF5LD2qbC6+vo
bnvmx/AiGg457wEVpQQXkvtFvnD4SCGRxqxGHbVRtXTZe4ynRdanzAYEmxCNzB0p
icrVzLqpPYu0Kc93KbN5eeh/Dm+gxQdSm9zn/eCPIujlY5kxWKbR6HAeD7vRc7I1
wxFx4HcaxxbaC6WRmd/2xikV1cbyGLJFH/ANdSJVgTvnnHUjZuCr2CqsSSZN+A==
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:08:53 2024 by rpki-client on console-fra.rpki-client.org