Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F363ADF7/B3123F903BBA11EBA94E9B1FF8AEA228/F341215E599D11EE8F4A61714AD9E6FC.roa
File: F341215E599D11EE8F4A61714AD9E6FC.roa (raw, json)
Hash identifier: c/qdIsCQ21l7HjT5dHrkozDIBpIv5l3+p7/kEKE0wbs=
Subject key identifier: FF:A3:9B:DF:F6:4C:D5:30:0D:18:D4:1B:44:26:48:FA:E8:FF:9E:28
Certificate issuer: /CN=F363ADF7AF/serialNumber=E73D301F910D56EBAB7A11103BE8BE275388B72B
Certificate serial: 041A
Authority key identifier: E7:3D:30:1F:91:0D:56:EB:AB:7A:11:10:3B:E8:BE:27:53:88:B7:2B
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/5z0wH5ENVuurehEQO-i-J1OItys.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F363ADF7/B3123F903BBA11EBA94E9B1FF8AEA228/F341215E599D11EE8F4A61714AD9E6FC.roa
Signing time: Fri 22 Sep 2023 23:15:42 +0000
ROA not before: Sat 23 Sep 2023 23:15:37 +0000
ROA not after: Sat 23 Sep 2028 23:15:37 +0000
asID: 37228
IP address blocks: 197.243.0.0/17 maxlen: 17
197.243.0.0/18 maxlen: 18
197.243.0.0/20 maxlen: 20
197.243.0.0/22 maxlen: 22
197.243.4.0/22 maxlen: 22
197.243.8.0/22 maxlen: 22
197.243.12.0/22 maxlen: 22
197.243.16.0/20 maxlen: 20
197.243.32.0/20 maxlen: 20
197.243.32.0/22 maxlen: 22
197.243.36.0/22 maxlen: 22
197.243.39.0/24 maxlen: 24
197.243.40.0/22 maxlen: 22
197.243.42.0/24 maxlen: 24
197.243.43.0/24 maxlen: 24
197.243.44.0/22 maxlen: 22
197.243.47.0/24 maxlen: 24
197.243.48.0/20 maxlen: 20
197.243.48.0/22 maxlen: 22
197.243.48.0/24 maxlen: 24
197.243.52.0/22 maxlen: 22
197.243.56.0/22 maxlen: 22
197.243.60.0/22 maxlen: 22
197.243.64.0/18 maxlen: 18
197.243.64.0/20 maxlen: 20
197.243.64.0/22 maxlen: 22
197.243.67.0/24 maxlen: 24
197.243.68.0/22 maxlen: 22
197.243.72.0/22 maxlen: 22
197.243.76.0/22 maxlen: 22
197.243.80.0/20 maxlen: 20
197.243.80.0/22 maxlen: 22
197.243.88.0/22 maxlen: 22
197.243.92.0/22 maxlen: 22
197.243.96.0/20 maxlen: 20
197.243.96.0/22 maxlen: 22
197.243.100.0/22 maxlen: 22
197.243.104.0/22 maxlen: 22
197.243.108.0/22 maxlen: 22
197.243.112.0/20 maxlen: 20
197.243.112.0/22 maxlen: 22
197.243.115.0/24 maxlen: 24
197.243.116.0/22 maxlen: 22
197.243.118.0/24 maxlen: 24
197.243.119.0/24 maxlen: 24
197.243.120.0/22 maxlen: 22
197.243.124.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F363ADF7/B3123F903BBA11EBA94E9B1FF8AEA228/5z0wH5ENVuurehEQO-i-J1OItys.crl
rsync://rpki.afrinic.net/repository/member_repository/F363ADF7/B3123F903BBA11EBA94E9B1FF8AEA228/5z0wH5ENVuurehEQO-i-J1OItys.mft
rsync://rpki.afrinic.net/repository/afrinic/5z0wH5ENVuurehEQO-i-J1OItys.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1050 (0x41a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F363ADF7AF/serialNumber=E73D301F910D56EBAB7A11103BE8BE275388B72B
Validity
Not Before: Sep 23 23:15:37 2023 GMT
Not After : Sep 23 23:15:37 2028 GMT
Subject: CN=650e201e-95ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:24:ea:d6:d0:06:7b:0a:07:ef:e3:fa:af:e8:
60:ea:2f:ab:56:c7:89:08:2c:e0:a1:03:59:e5:31:
15:50:a0:0b:09:f5:62:3c:09:6e:b5:4f:e3:0e:fc:
39:6d:b4:4a:a0:4f:e4:f7:be:e9:b3:55:7c:04:48:
01:03:dd:70:17:97:7a:22:ac:63:27:fe:50:b0:39:
6f:36:d8:6c:12:88:1d:e5:02:e8:4b:d6:4f:e4:fe:
3d:04:62:1d:22:66:66:24:2c:69:87:6d:83:ef:79:
34:f7:50:fc:7e:04:23:20:6d:89:49:60:4b:4c:4b:
65:25:a2:33:85:75:19:24:3d:1c:04:50:8e:ad:b1:
22:cf:8f:83:38:e0:dd:6e:59:71:31:bd:86:30:5b:
70:be:2c:7b:1a:71:ac:60:07:8c:c1:8a:f2:72:dd:
08:9b:e1:01:1d:35:05:9e:c5:91:f5:29:dc:4a:f5:
6a:f6:e7:bd:77:61:a5:c3:be:ba:e2:59:36:e8:22:
cd:c1:93:3d:a6:4f:c2:d0:b7:50:4d:f7:82:35:1e:
f7:fe:e1:50:69:f4:7d:0e:20:6e:90:40:4c:b6:89:
0c:dd:06:d5:be:3c:38:d4:0a:67:9b:38:c7:b2:11:
d0:0c:f4:6f:af:80:55:e3:41:94:bf:62:52:1d:51:
c1:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:A3:9B:DF:F6:4C:D5:30:0D:18:D4:1B:44:26:48:FA:E8:FF:9E:28
X509v3 Authority Key Identifier:
keyid:E7:3D:30:1F:91:0D:56:EB:AB:7A:11:10:3B:E8:BE:27:53:88:B7:2B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F363ADF7/B3123F903BBA11EBA94E9B1FF8AEA228/5z0wH5ENVuurehEQO-i-J1OItys.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/5z0wH5ENVuurehEQO-i-J1OItys.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F363ADF7/B3123F903BBA11EBA94E9B1FF8AEA228/F341215E599D11EE8F4A61714AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
197.243.0.0/17
Signature Algorithm: sha256WithRSAEncryption
3b:db:75:40:eb:99:9c:4b:e1:80:8b:56:5e:f4:ee:4e:55:00:
87:8f:c9:8a:4c:0d:28:94:eb:a3:c0:99:d5:92:64:df:de:d9:
14:66:8a:62:0e:da:a9:65:d8:f3:22:de:db:3e:1a:f9:19:26:
eb:b0:16:20:51:2e:df:f4:12:35:49:19:8d:7e:fc:10:43:d8:
7c:b6:28:c5:28:89:7b:c3:f0:ac:db:c8:43:85:6a:10:e6:dc:
74:22:3b:e2:46:af:a4:72:04:43:7f:df:f8:f1:9f:bd:3d:55:
05:57:b6:d7:1f:10:0d:99:fb:0e:c7:4e:82:e7:db:08:d8:bf:
af:9d:00:09:14:e0:62:13:ac:2d:1f:17:c9:0e:ea:4c:64:cf:
bb:d0:7c:80:be:32:35:8c:a2:2d:2a:37:c8:91:bd:c0:8f:14:
14:13:51:16:46:46:a0:5e:46:8a:0c:ff:54:1d:22:a3:78:7d:
3b:05:21:97:10:ce:0a:c4:95:4a:ad:47:7b:8b:a9:ce:46:08:
e8:61:7d:e4:04:27:51:d2:be:4d:04:75:e0:32:04:34:20:ac:
c3:89:08:87:a1:a7:c8:80:8b:30:71:49:f6:39:f5:72:31:05:
c4:2d:25:14:bd:fe:2a:37:4f:59:5d:b4:80:fd:7b:72:98:6c:
67:4c:be:04
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICBBowDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
M0FERjdBRjExMC8GA1UEBRMoRTczRDMwMUY5MTBENTZFQkFCN0ExMTEwM0JFOEJF
Mjc1Mzg4QjcyQjAeFw0yMzA5MjMyMzE1MzdaFw0yODA5MjMyMzE1MzdaMBgxFjAU
BgNVBAMTDTY1MGUyMDFlLTk1ZmYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC+JOrW0AZ7Cgfv4/qv6GDqL6tWx4kILOChA1nlMRVQoAsJ9WI8CW61T+MO
/DlttEqgT+T3vumzVXwESAED3XAXl3oirGMn/lCwOW822GwSiB3lAuhL1k/k/j0E
Yh0iZmYkLGmHbYPveTT3UPx+BCMgbYlJYEtMS2UlojOFdRkkPRwEUI6tsSLPj4M4
4N1uWXExvYYwW3C+LHsacaxgB4zBivJy3Qib4QEdNQWexZH1KdxK9Wr25713YaXD
vrriWTboIs3Bkz2mT8LQt1BN94I1Hvf+4VBp9H0OIG6QQEy2iQzdBtW+PDjUCmeb
OMeyEdAM9G+vgFXjQZS/YlIdUcH5AgMBAAGjggKlMIICoTAdBgNVHQ4EFgQU/6Ob
3/ZM1TANGNQbRCZI+uj/nigwHwYDVR0jBBgwFoAU5z0wH5ENVuurehEQO+i+J1OI
tyswDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjNBREY3L0IzMTIzRjkwM0JCQTExRUJBOTRFOUIxRkY4QUVBMjI4LzV6MHdI
NUVOVnV1cmVoRVFPLWktSjFPSXR5cy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljLzV6MHdINUVOVnV1cmVoRVFPLWktSjFPSXR5cy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjNBREY3L0IzMTIzRjkwM0JCQTExRUJBOTRFOUIxRkY4
QUVBMjI4L0YzNDEyMTVFNTk5RDExRUU4RjRBNjE3MTRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAfF8wAwDQYJKoZIhvcNAQEL
BQADggEBADvbdUDrmZxL4YCLVl707k5VAIePyYpMDSiU66PAmdWSZN/e2RRmimIO
2qll2PMi3ts+GvkZJuuwFiBRLt/0EjVJGY1+/BBD2Hy2KMUoiXvD8KzbyEOFahDm
3HQiO+JGr6RyBEN/3/jxn709VQVXttcfEA2Z+w7HToLn2wjYv6+dAAkU4GITrC0f
F8kO6kxkz7vQfIC+MjWMoi0qN8iRvcCPFBQTURZGRqBeRooM/1QdIqN4fTsFIZcQ
zgrElUqtR3uLqc5GCOhhfeQEJ1HSvk0EdeAyBDQgrMOJCIehp8iAizBxSfY59XIx
BcQtJRS9/io3T1ldtID9e3KYbGdMvgQ=
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:08:53 2024 by rpki-client on console-fra.rpki-client.org