Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3639A71/42C01EDAAD5211EE97470BAF775412E6/3906A38AAD5411EEB67B65B2775412E6.roa
File: 3906A38AAD5411EEB67B65B2775412E6.roa (raw, json)
Hash identifier: ReFNAC4d+VQBlR/AEunK+azob89VljT5w2yD48BTB3A=
Subject key identifier: 71:5E:41:BE:7C:28:F0:D7:14:48:FF:A4:99:9B:0A:13:2E:7E:92:F1
Certificate issuer: /CN=F3639A71AF/serialNumber=C7FF6ECB0BD2EC12356A5417E31C730B90509411
Certificate serial: 02
Authority key identifier: C7:FF:6E:CB:0B:D2:EC:12:35:6A:54:17:E3:1C:73:0B:90:50:94:11
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/x_9uywvS7BI1alQX4xxzC5BQlBE.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3639A71/42C01EDAAD5211EE97470BAF775412E6/3906A38AAD5411EEB67B65B2775412E6.roa
Signing time: Sun 07 Jan 2024 11:59:34 +0000
ROA not before: Sun 07 Jan 2024 11:59:31 +0000
ROA not after: Sat 07 Jan 2034 11:59:31 +0000
asID: 37721
IP address blocks: 154.73.48.0/23 maxlen: 24
154.73.50.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3639A71/42C01EDAAD5211EE97470BAF775412E6/x_9uywvS7BI1alQX4xxzC5BQlBE.crl
rsync://rpki.afrinic.net/repository/member_repository/F3639A71/42C01EDAAD5211EE97470BAF775412E6/x_9uywvS7BI1alQX4xxzC5BQlBE.mft
rsync://rpki.afrinic.net/repository/afrinic/x_9uywvS7BI1alQX4xxzC5BQlBE.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3639A71AF/serialNumber=C7FF6ECB0BD2EC12356A5417E31C730B90509411
Validity
Not Before: Jan 7 11:59:31 2024 GMT
Not After : Jan 7 11:59:31 2034 GMT
Subject: CN=659a9226-3d76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:09:1a:d1:57:4e:56:0b:4a:23:f4:bd:74:96:
86:73:33:da:d2:4e:5b:a5:59:ef:f9:09:df:33:1c:
34:fd:58:e5:47:c6:14:f8:56:06:ed:30:86:a2:d1:
4a:2a:df:dd:03:c4:d2:39:c7:a4:17:01:7a:47:86:
78:ed:56:6f:0a:26:96:53:3b:fd:40:b4:a0:be:c5:
97:b3:04:24:c0:92:b2:5d:c5:1a:03:5a:93:f8:f1:
e2:0a:f6:76:2a:87:f9:88:ce:c1:99:ed:85:a1:fd:
49:d0:f1:5c:e5:f7:2f:67:65:4b:5f:3f:36:b7:55:
fd:0c:cf:57:fe:06:80:1d:fa:96:a0:75:4a:33:5a:
54:d6:86:0c:d8:1b:03:f6:cf:34:e6:d0:75:31:30:
72:54:97:96:72:30:43:5c:59:f9:53:2f:6c:33:14:
e7:31:cf:6a:83:4f:79:a0:67:92:e2:37:2c:02:df:
43:73:77:da:83:dc:36:6b:b7:6f:ab:87:ed:38:3e:
14:f0:13:48:e3:d4:d1:85:2f:8b:87:17:c4:c8:b0:
dc:10:6a:a2:58:29:2a:18:98:de:72:73:d6:a7:70:
50:2f:34:a7:ee:10:f0:24:b5:9a:fc:fa:ff:79:77:
47:75:12:c7:a5:02:a2:96:92:e2:54:76:b1:e8:e1:
fb:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:5E:41:BE:7C:28:F0:D7:14:48:FF:A4:99:9B:0A:13:2E:7E:92:F1
X509v3 Authority Key Identifier:
keyid:C7:FF:6E:CB:0B:D2:EC:12:35:6A:54:17:E3:1C:73:0B:90:50:94:11
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3639A71/42C01EDAAD5211EE97470BAF775412E6/x_9uywvS7BI1alQX4xxzC5BQlBE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/x_9uywvS7BI1alQX4xxzC5BQlBE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3639A71/42C01EDAAD5211EE97470BAF775412E6/3906A38AAD5411EEB67B65B2775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.73.48.0-154.73.50.255
Signature Algorithm: sha256WithRSAEncryption
3e:f1:96:a4:25:08:29:fc:fa:21:e9:f2:7d:89:74:b1:4c:0a:
aa:9e:81:e6:3a:74:af:c8:0c:d8:d0:53:db:16:ac:c4:90:01:
c8:17:6e:7e:b2:78:bf:c3:22:32:85:c8:eb:e8:c4:88:43:7a:
89:b8:a8:d0:88:f1:ca:be:fa:1b:33:70:a0:ee:84:c9:43:dd:
8f:6b:c6:47:bb:50:88:b9:08:e6:d1:5f:91:4a:27:ae:85:e9:
2f:2b:b2:86:e9:27:24:d8:fa:1b:3b:70:d1:b3:5b:78:c3:cf:
8e:82:5f:1e:3c:de:68:30:0b:99:29:48:61:74:71:02:17:9a:
63:40:df:a2:6e:f1:37:b1:40:68:2a:60:ab:2b:5e:6b:a0:10:
3c:10:bb:4e:4b:32:64:93:45:af:d5:14:49:71:76:da:eb:62:
ef:6d:6b:86:a6:a6:d5:75:32:d3:90:5c:9c:de:59:80:2b:cc:
fc:7c:61:ec:f4:43:27:8a:ea:b2:8e:6e:51:65:39:54:83:78:
d3:e4:b9:09:15:0b:96:f4:07:e1:50:b8:ce:0a:25:60:2a:27:
b8:6a:c1:3e:4c:4d:50:d5:f6:d6:ed:10:2f:c7:00:f8:9d:e2:
3a:e9:d7:6a:d0:ba:87:09:84:ec:f0:8e:23:7c:6c:da:e2:cf:
88:66:37:27
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzYz
OUE3MUFGMTEwLwYDVQQFEyhDN0ZGNkVDQjBCRDJFQzEyMzU2QTU0MTdFMzFDNzMw
QjkwNTA5NDExMB4XDTI0MDEwNzExNTkzMVoXDTM0MDEwNzExNTkzMVowGDEWMBQG
A1UEAxMNNjU5YTkyMjYtM2Q3NjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOsJGtFXTlYLSiP0vXSWhnMz2tJOW6VZ7/kJ3zMcNP1Y5UfGFPhWBu0whqLR
Sirf3QPE0jnHpBcBekeGeO1WbwomllM7/UC0oL7Fl7MEJMCSsl3FGgNak/jx4gr2
diqH+YjOwZnthaH9SdDxXOX3L2dlS18/NrdV/QzPV/4GgB36lqB1SjNaVNaGDNgb
A/bPNObQdTEwclSXlnIwQ1xZ+VMvbDMU5zHPaoNPeaBnkuI3LALfQ3N32oPcNmu3
b6uH7Tg+FPATSOPU0YUvi4cXxMiw3BBqolgpKhiY3nJz1qdwUC80p+4Q8CS1mvz6
/3l3R3USx6UCopaS4lR2sejh+4sCAwEAAaOCAq0wggKpMB0GA1UdDgQWBBRxXkG+
fCjw1xRI/6SZmwoTLn6S8TAfBgNVHSMEGDAWgBTH/27LC9LsEjVqVBfjHHMLkFCU
ETAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2MzlBNzEvNDJDMDFFREFBRDUyMTFFRTk3NDcwQkFGNzc1NDEyRTYveF85dXl3
dlM3QkkxYWxRWDR4eHpDNUJRbEJFLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMveF85dXl3dlM3QkkxYWxRWDR4eHpDNUJRbEJFLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2MzlBNzEvNDJDMDFFREFBRDUyMTFFRTk3NDcwQkFGNzc1
NDEyRTYvMzkwNkEzOEFBRDU0MTFFRUI2N0I2NUIyNzc1NDEyRTYucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAnBggrBgEFBQcBBwEB/wQYMBYwFAQCAAEwDjAMAwQEmkkwAwQAmkkyMA0GCSqG
SIb3DQEBCwUAA4IBAQA+8ZakJQgp/Poh6fJ9iXSxTAqqnoHmOnSvyAzY0FPbFqzE
kAHIF25+sni/wyIyhcjr6MSIQ3qJuKjQiPHKvvobM3Cg7oTJQ92Pa8ZHu1CIuQjm
0V+RSieuhekvK7KG6Sck2PobO3DRs1t4w8+Ogl8ePN5oMAuZKUhhdHECF5pjQN+i
bvE3sUBoKmCrK15roBA8ELtOSzJkk0Wv1RRJcXba62LvbWuGpqbVdTLTkFyc3lmA
K8z8fGHs9EMniuqyjm5RZTlUg3jT5LkJFQuW9AfhULjOCiVgKie4asE+TE1Q1fbW
7RAvxwD4neI66ddq0LqHCYTs8I4jfGza4s+IZjcn
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:52:53 2024 by rpki-client on console-fra.rpki-client.org