Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3642CB1/2A238452348911EF96C98D9E762E951A/CD63089443D511EFBF754787762E951A.roa
File: CD63089443D511EFBF754787762E951A.roa (raw, json)
Hash identifier: rXdaal/ApEINvTRYPpslBerAIR2l4UEEtidE419g51Q=
Subject key identifier: 25:3A:D3:BE:6A:A8:08:A8:6F:35:32:95:1B:FC:0D:13:B9:AE:2F:EF
Certificate issuer: /CN=F3642CB1AF/serialNumber=482DEEC29130ED202D8399D69A13269AA612AFD3
Certificate serial: 22
Authority key identifier: 48:2D:EE:C2:91:30:ED:20:2D:83:99:D6:9A:13:26:9A:A6:12:AF:D3
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/SC3uwpEw7SAtg5nWmhMmmqYSr9M.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3642CB1/2A238452348911EF96C98D9E762E951A/CD63089443D511EFBF754787762E951A.roa
Signing time: Wed 17 Jul 2024 00:45:02 +0000
ROA not before: Wed 17 Jul 2024 00:00:59 +0000
ROA not after: Mon 14 Dec 2026 00:00:59 +0000
asID: 37030
IP address blocks: 197.191.1.0/24 maxlen: 24
197.191.3.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3642CB1/2A238452348911EF96C98D9E762E951A/SC3uwpEw7SAtg5nWmhMmmqYSr9M.crl
rsync://rpki.afrinic.net/repository/member_repository/F3642CB1/2A238452348911EF96C98D9E762E951A/SC3uwpEw7SAtg5nWmhMmmqYSr9M.mft
rsync://rpki.afrinic.net/repository/afrinic/SC3uwpEw7SAtg5nWmhMmmqYSr9M.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 21 Sep 2024 00:05:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 34 (0x22)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3642CB1AF/serialNumber=482DEEC29130ED202D8399D69A13269AA612AFD3
Validity
Not Before: Jul 17 00:00:59 2024 GMT
Not After : Dec 14 00:00:59 2026 GMT
Subject: CN=6697140e-30f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:b6:6a:f5:44:00:8d:06:08:fa:8b:e1:6d:10:
49:51:02:d6:b7:06:77:b4:00:17:06:3c:12:ed:6a:
ea:7a:e9:81:de:64:26:87:f4:a3:a4:cc:43:84:6f:
07:ce:d9:f3:54:89:bb:4d:8a:ae:d7:53:94:98:0e:
a8:77:f5:b4:16:b1:d4:63:68:04:35:8f:d9:ab:c7:
fe:02:50:a7:69:3f:ce:09:3b:60:79:ea:88:1c:79:
60:9d:b9:65:a3:46:32:05:d7:e6:02:e4:93:34:40:
3f:34:2c:4a:0a:5d:d3:4c:2f:17:8f:6d:41:f3:0c:
5a:ed:9d:e7:0b:db:90:df:c7:ba:95:c6:6a:a9:5f:
97:b9:cc:1c:46:2d:db:9d:82:6f:84:b9:23:a9:94:
d8:1f:60:8d:67:19:60:2b:71:ac:a4:b6:d4:c1:09:
13:a9:17:4f:1d:42:e9:89:d7:66:a8:cb:74:94:5d:
6b:c5:92:46:fe:36:2c:96:b6:45:c8:71:7c:9a:1a:
20:2f:56:de:16:cb:8b:e7:91:3b:3e:8e:7a:58:67:
c5:03:7f:bd:e9:c8:67:1d:db:1f:30:06:9c:0d:cb:
95:d7:f9:ad:94:bd:38:22:0a:a3:0b:2e:73:f3:56:
71:a7:71:6f:f9:00:ec:f5:d2:12:19:c6:2c:18:46:
f8:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:3A:D3:BE:6A:A8:08:A8:6F:35:32:95:1B:FC:0D:13:B9:AE:2F:EF
X509v3 Authority Key Identifier:
keyid:48:2D:EE:C2:91:30:ED:20:2D:83:99:D6:9A:13:26:9A:A6:12:AF:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3642CB1/2A238452348911EF96C98D9E762E951A/SC3uwpEw7SAtg5nWmhMmmqYSr9M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/SC3uwpEw7SAtg5nWmhMmmqYSr9M.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3642CB1/2A238452348911EF96C98D9E762E951A/CD63089443D511EFBF754787762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
197.191.1.0/24
197.191.3.0/24
Signature Algorithm: sha256WithRSAEncryption
24:a4:ec:8e:07:d5:1b:ee:7e:a9:b2:21:46:12:c7:55:f7:23:
75:92:e8:68:6c:eb:48:9c:cc:15:89:1a:0c:eb:48:2f:4d:56:
af:5a:ed:48:42:4e:45:f7:b9:9f:4c:27:01:55:62:f4:9b:d0:
4b:5f:9c:9f:ca:36:dc:22:24:ea:cd:70:6c:33:42:a1:2b:8b:
a0:10:87:00:7f:0e:25:b6:86:22:cb:9f:81:54:9f:4e:94:57:
93:af:fc:00:7b:ce:37:f8:64:fc:8b:35:97:85:b2:d1:16:d0:
8b:6f:b2:b7:c7:ad:09:99:17:3b:a4:ad:3f:e4:87:47:52:30:
af:7b:b9:22:01:e3:5d:0e:5d:35:42:28:2b:bc:15:41:e3:6a:
11:7e:95:c2:db:10:b1:2e:0f:6d:63:95:07:8d:32:5b:de:e4:
0a:6a:8c:4b:5a:86:9b:bc:0a:fa:81:1e:51:f1:cf:5c:7a:e8:
2b:fc:36:cd:6d:e7:5c:92:ca:a2:af:27:b0:7f:9c:db:78:4e:
37:b1:de:1b:e4:96:e9:05:b7:d7:85:3c:36:07:2c:92:38:9f:
73:84:a9:05:b0:f8:a1:80:e8:4c:68:ab:cd:82:d1:df:6f:6d:
9c:09:de:be:79:34:ce:45:5b:69:7e:ac:ca:12:30:08:76:ea:
20:5c:d4:90
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgIBIjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY0
MkNCMUFGMTEwLwYDVQQFEyg0ODJERUVDMjkxMzBFRDIwMkQ4Mzk5RDY5QTEzMjY5
QUE2MTJBRkQzMB4XDTI0MDcxNzAwMDA1OVoXDTI2MTIxNDAwMDA1OVowGDEWMBQG
A1UEAxMNNjY5NzE0MGUtMzBmODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALS2avVEAI0GCPqL4W0QSVEC1rcGd7QAFwY8Eu1q6nrpgd5kJof0o6TMQ4Rv
B87Z81SJu02KrtdTlJgOqHf1tBax1GNoBDWP2avH/gJQp2k/zgk7YHnqiBx5YJ25
ZaNGMgXX5gLkkzRAPzQsSgpd00wvF49tQfMMWu2d5wvbkN/HupXGaqlfl7nMHEYt
252Cb4S5I6mU2B9gjWcZYCtxrKS21MEJE6kXTx1C6YnXZqjLdJRda8WSRv42LJa2
RchxfJoaIC9W3hbLi+eROz6OelhnxQN/venIZx3bHzAGnA3Lldf5rZS9OCIKowsu
c/NWcadxb/kA7PXSEhnGLBhG+D8CAwEAAaOCAqswggKnMB0GA1UdDgQWBBQlOtO+
aqgIqG81MpUb/A0Tua4v7zAfBgNVHSMEGDAWgBRILe7CkTDtIC2DmdaaEyaaphKv
0zAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NDJDQjEvMkEyMzg0NTIzNDg5MTFFRjk2Qzk4RDlFNzYyRTk1MUEvU0MzdXdw
RXc3U0F0ZzVuV21oTW1tcVlTcjlNLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvU0MzdXdwRXc3U0F0ZzVuV21oTW1tcVlTcjlNLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2NDJDQjEvMkEyMzg0NTIzNDg5MTFFRjk2Qzk4RDlFNzYy
RTk1MUEvQ0Q2MzA4OTQ0M0Q1MTFFRkJGNzU0Nzg3NzYyRTk1MUEucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAMW/AQMEAMW/AzANBgkqhkiG
9w0BAQsFAAOCAQEAJKTsjgfVG+5+qbIhRhLHVfcjdZLoaGzrSJzMFYkaDOtIL01W
r1rtSEJORfe5n0wnAVVi9JvQS1+cn8o23CIk6s1wbDNCoSuLoBCHAH8OJbaGIsuf
gVSfTpRXk6/8AHvON/hk/Is1l4Wy0RbQi2+yt8etCZkXO6StP+SHR1Iwr3u5IgHj
XQ5dNUIoK7wVQeNqEX6VwtsQsS4PbWOVB40yW97kCmqMS1qGm7wK+oEeUfHPXHro
K/w2zW3nXJLKoq8nsH+c23hON7HeG+SW6QW314U8Ngcskjifc4SpBbD4oYDoTGir
zYLR329tnAnevnk0zkVbaX6syhIwCHbqIFzUkA==
-----END CERTIFICATE-----
Generated at Thu Sep 19 03:58:07 2024 by rpki-client on console-fra.rpki-client.org