Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F363EA80/23D54B28DDDA11ED86532E0D306D8C1D/71B9ADBAF48311ED8AC17D2C4AD9E6FC.roa
File: 71B9ADBAF48311ED8AC17D2C4AD9E6FC.roa (raw, json)
Hash identifier: H2R++FRMLxMiqVXy8BRmuUKzD8njGoupil4sDGEQyh4=
Subject key identifier: 16:0B:F6:94:6B:8E:0C:5E:7D:53:07:78:86:C7:78:F1:EE:BF:0A:58
Certificate issuer: /CN=F363EA80AF/serialNumber=C67C6231120941235581D5942565ABF7419DCECC
Certificate serial: 28
Authority key identifier: C6:7C:62:31:12:09:41:23:55:81:D5:94:25:65:AB:F7:41:9D:CE:CC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/xnxiMRIJQSNVgdWUJWWr90Gdzsw.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F363EA80/23D54B28DDDA11ED86532E0D306D8C1D/71B9ADBAF48311ED8AC17D2C4AD9E6FC.roa
Signing time: Wed 17 May 2023 07:21:30 +0000
ROA not before: Wed 17 May 2023 07:21:20 +0000
ROA not after: Tue 16 May 2028 07:21:20 +0000
asID: 19711
IP address blocks: 41.84.224.0/19 maxlen: 19
41.215.144.0/20 maxlen: 20
154.119.96.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F363EA80/23D54B28DDDA11ED86532E0D306D8C1D/xnxiMRIJQSNVgdWUJWWr90Gdzsw.crl
rsync://rpki.afrinic.net/repository/member_repository/F363EA80/23D54B28DDDA11ED86532E0D306D8C1D/xnxiMRIJQSNVgdWUJWWr90Gdzsw.mft
rsync://rpki.afrinic.net/repository/afrinic/xnxiMRIJQSNVgdWUJWWr90Gdzsw.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 28 Jun 2024 00:05:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 40 (0x28)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F363EA80AF/serialNumber=C67C6231120941235581D5942565ABF7419DCECC
Validity
Not Before: May 17 07:21:20 2023 GMT
Not After : May 16 07:21:20 2028 GMT
Subject: CN=6464807a-c85c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:38:a1:a2:37:59:b6:d7:c5:51:c5:4e:94:17:
68:a9:fe:57:84:9b:85:00:db:04:02:17:f2:f9:17:
95:d2:7f:96:52:fa:72:3a:05:11:75:03:c1:a7:49:
cc:0b:6b:6a:cc:3b:03:3c:13:4d:67:f6:12:dd:e7:
84:c7:ae:90:59:32:4e:4f:de:bd:8a:15:11:42:5b:
85:8f:61:d2:c9:d3:c6:63:c0:41:42:d9:18:56:8e:
80:40:5d:27:83:ad:73:d1:f0:0d:3e:f0:f0:b3:8b:
f1:9c:8a:36:98:cc:e4:c9:33:2f:ef:66:90:02:c3:
35:d1:92:fb:73:bb:e8:86:52:7d:a6:06:eb:54:1d:
a2:99:1e:d7:34:01:cf:02:26:e7:90:d5:2c:cf:eb:
04:ad:61:6c:fe:05:b0:c8:4a:47:f8:fe:a0:93:2b:
4c:29:c7:fd:65:ae:4b:41:f7:8c:3d:a2:2d:c7:e6:
9f:5d:ce:54:5b:2a:31:1e:0e:1d:0b:3a:7b:d2:11:
6d:a1:b4:41:1a:28:4c:4b:5f:9d:67:d0:b8:c0:07:
27:1a:88:26:57:32:72:7e:75:a1:ad:4e:32:bc:d2:
8a:46:ca:07:e0:4a:82:96:ff:bf:4d:82:ac:34:33:
5d:f0:c7:ac:8e:2f:bc:5a:e8:83:1a:e6:d9:bf:ae:
94:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:0B:F6:94:6B:8E:0C:5E:7D:53:07:78:86:C7:78:F1:EE:BF:0A:58
X509v3 Authority Key Identifier:
keyid:C6:7C:62:31:12:09:41:23:55:81:D5:94:25:65:AB:F7:41:9D:CE:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F363EA80/23D54B28DDDA11ED86532E0D306D8C1D/xnxiMRIJQSNVgdWUJWWr90Gdzsw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/xnxiMRIJQSNVgdWUJWWr90Gdzsw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F363EA80/23D54B28DDDA11ED86532E0D306D8C1D/71B9ADBAF48311ED8AC17D2C4AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
41.84.224.0/19
41.215.144.0/20
154.119.96.0/19
Signature Algorithm: sha256WithRSAEncryption
7f:4e:cc:55:e2:ee:f8:78:25:3e:06:dd:ac:ba:21:97:14:a8:
c0:54:71:50:2f:e9:8f:91:a8:cb:3c:bb:08:82:75:60:39:5a:
f2:68:0c:01:eb:3e:fb:48:f1:8e:e3:64:8e:ea:ff:2d:25:1e:
07:c4:44:6c:7b:af:fd:17:09:5c:e6:2c:0b:50:c2:a3:5a:c2:
f8:87:b8:68:2a:4a:31:c2:af:42:44:c6:ec:93:c6:0f:fd:f3:
53:71:dc:cd:1b:87:a7:b5:14:ec:6d:0f:0a:7a:bf:ce:ad:4c:
3c:89:62:69:c7:d5:c1:82:5c:e7:35:88:1c:c8:ed:64:da:15:
c9:a8:6e:de:17:49:04:ab:ae:b7:69:80:ba:29:2e:0b:73:78:
60:d3:cd:e2:cf:d2:cf:12:c7:c2:49:55:db:a8:6a:24:23:99:
b1:aa:a4:5b:10:b2:3e:ce:db:17:d1:c9:85:73:18:c1:35:84:
db:cb:9e:72:a1:5f:50:90:c5:5a:fb:c4:42:e4:c9:69:c6:db:
3d:b7:39:b4:22:27:b6:d0:ef:35:8e:94:7b:b4:16:d8:07:ff:
36:64:d9:b6:e8:34:1a:7e:7c:c5:87:32:46:8d:f4:25:5d:e6:
7b:78:1e:4e:9d:e6:46:85:32:1b:f3:4e:6f:74:a2:b2:01:c2:
33:62:5c:eb
-----BEGIN CERTIFICATE-----
MIIFjjCCBHagAwIBAgIBKDANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDDApGMzYz
RUE4MEFGMTEwLwYDVQQFEyhDNjdDNjIzMTEyMDk0MTIzNTU4MUQ1OTQyNTY1QUJG
NzQxOURDRUNDMB4XDTIzMDUxNzA3MjEyMFoXDTI4MDUxNjA3MjEyMFowGDEWMBQG
A1UEAxMNNjQ2NDgwN2EtYzg1YzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALw4oaI3WbbXxVHFTpQXaKn+V4SbhQDbBAIX8vkXldJ/llL6cjoFEXUDwadJ
zAtrasw7AzwTTWf2Et3nhMeukFkyTk/evYoVEUJbhY9h0snTxmPAQULZGFaOgEBd
J4Otc9HwDT7w8LOL8ZyKNpjM5MkzL+9mkALDNdGS+3O76IZSfaYG61Qdopke1zQB
zwIm55DVLM/rBK1hbP4FsMhKR/j+oJMrTCnH/WWuS0H3jD2iLcfmn13OVFsqMR4O
HQs6e9IRbaG0QRooTEtfnWfQuMAHJxqIJlcycn51oa1OMrzSikbKB+BKgpb/v02C
rDQzXfDHrI4vvFrogxrm2b+ulEkCAwEAAaOCArEwggKtMB0GA1UdDgQWBBQWC/aU
a44MXn1TB3iGx3jx7r8KWDAfBgNVHSMEGDAWgBTGfGIxEglBI1WB1ZQlZav3QZ3O
zDAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2M0VBODAvMjNENTRCMjhERERBMTFFRDg2NTMyRTBEMzA2RDhDMUQveG54aU1S
SUpRU05WZ2RXVUpXV3I5MEdkenN3LmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMveG54aU1SSUpRU05WZ2RXVUpXV3I5MEdkenN3LmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2M0VBODAvMjNENTRCMjhERERBMTFFRDg2NTMyRTBEMzA2
RDhDMUQvNzFCOUFEQkFGNDgzMTFFRDhBQzE3RDJDNEFEOUU2RkMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDArBggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEBSlU4AMEBCnXkAMEBZp3YDAN
BgkqhkiG9w0BAQsFAAOCAQEAf07MVeLu+HglPgbdrLohlxSowFRxUC/pj5Goyzy7
CIJ1YDla8mgMAes++0jxjuNkjur/LSUeB8REbHuv/RcJXOYsC1DCo1rC+Ie4aCpK
McKvQkTG7JPGD/3zU3HczRuHp7UU7G0PCnq/zq1MPIliacfVwYJc5zWIHMjtZNoV
yahu3hdJBKuut2mAuikuC3N4YNPN4s/SzxLHwklV26hqJCOZsaqkWxCyPs7bF9HJ
hXMYwTWE28uecqFfUJDFWvvEQuTJacbbPbc5tCInttDvNY6Ue7QW2Af/NmTZtug0
Gn58xYcyRo30JV3me3geTp3mRoUyG/NOb3SisgHCM2Jc6w==
-----END CERTIFICATE-----
Generated at Wed Jun 26 06:21:08 2024 by rpki-client on console-fra.rpki-client.org