Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36432B6/F3AB7302B75811ED8B42AC8FF1222468/A3334908B75911ED9D1DD491F1222468.roa
File: A3334908B75911ED9D1DD491F1222468.roa (raw, json)
Hash identifier: kfeGWGsJ8YUWnbsW+Omh/kxV1I9agx30BHnCONag860=
Subject key identifier: F2:C3:4D:86:C4:44:CB:BC:FB:AF:25:9B:90:17:AB:B1:E5:BF:44:54
Certificate issuer: /CN=F36432B6AF/serialNumber=1C91B5AF9B60EA3F1C1DB87EAEC6DA7C2EA0A877
Certificate serial: 03
Authority key identifier: 1C:91:B5:AF:9B:60:EA:3F:1C:1D:B8:7E:AE:C6:DA:7C:2E:A0:A8:77
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/HJG1r5tg6j8cHbh-rsbafC6gqHc.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36432B6/F3AB7302B75811ED8B42AC8FF1222468/A3334908B75911ED9D1DD491F1222468.roa
Signing time: Tue 28 Feb 2023 11:18:34 +0000
ROA not before: Tue 28 Feb 2023 11:18:29 +0000
ROA not after: Thu 28 Feb 2030 11:18:29 +0000
asID: 36992
IP address blocks: 41.152.0.0/15 maxlen: 24
41.222.128.0/21 maxlen: 24
102.56.0.0/13 maxlen: 24
105.80.0.0/12 maxlen: 24
105.200.0.0/13 maxlen: 24
197.120.0.0/13 maxlen: 24
197.192.0.0/13 maxlen: 24
2c0f:fc88::/31 maxlen: 64
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36432B6/F3AB7302B75811ED8B42AC8FF1222468/HJG1r5tg6j8cHbh-rsbafC6gqHc.crl
rsync://rpki.afrinic.net/repository/member_repository/F36432B6/F3AB7302B75811ED8B42AC8FF1222468/HJG1r5tg6j8cHbh-rsbafC6gqHc.mft
rsync://rpki.afrinic.net/repository/afrinic/HJG1r5tg6j8cHbh-rsbafC6gqHc.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3 (0x3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36432B6AF/serialNumber=1C91B5AF9B60EA3F1C1DB87EAEC6DA7C2EA0A877
Validity
Not Before: Feb 28 11:18:29 2023 GMT
Not After : Feb 28 11:18:29 2030 GMT
Subject: CN=63fde30a-dfc9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:42:f4:8d:3b:c9:1f:a3:66:cd:bd:d3:e3:9e:
b5:c3:c8:81:9b:ff:0a:4a:28:69:8b:1c:27:9c:ad:
ae:3f:89:00:ae:40:87:b1:a5:ba:8a:76:4f:c4:5a:
b9:24:13:17:27:8c:7d:a6:64:4f:40:76:0f:c7:41:
d1:2f:36:5d:27:db:8b:31:76:3b:7f:3d:cd:da:3e:
72:61:01:e7:e7:e3:83:a8:f6:a2:86:43:e7:cb:88:
5b:75:17:81:ad:76:d9:b3:9a:89:48:87:81:56:65:
60:8f:70:41:62:9b:3f:a1:e7:93:a6:e1:9e:24:5b:
d6:5e:c8:78:39:ad:5e:43:0f:63:d9:4a:6e:82:d0:
2d:12:88:8c:f7:0e:f9:9d:be:dd:41:10:33:06:c9:
41:6a:dd:73:ee:5b:c3:d5:fc:53:ab:fd:38:22:40:
61:b7:b9:fb:c2:28:2c:d7:cc:54:d2:7f:98:cf:55:
fa:f2:8b:24:d6:b1:69:2d:f0:69:33:2c:7f:8b:93:
43:bf:e3:a6:2f:95:f4:e8:8e:18:bf:27:1d:62:3b:
99:71:d5:d8:e6:e5:24:11:2c:d7:d4:22:5f:35:c6:
4d:09:82:1d:bc:df:10:3b:b0:80:a0:f3:42:26:d7:
40:bd:81:18:d4:e4:75:4d:88:75:55:93:10:32:6b:
6b:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:C3:4D:86:C4:44:CB:BC:FB:AF:25:9B:90:17:AB:B1:E5:BF:44:54
X509v3 Authority Key Identifier:
keyid:1C:91:B5:AF:9B:60:EA:3F:1C:1D:B8:7E:AE:C6:DA:7C:2E:A0:A8:77
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36432B6/F3AB7302B75811ED8B42AC8FF1222468/HJG1r5tg6j8cHbh-rsbafC6gqHc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/HJG1r5tg6j8cHbh-rsbafC6gqHc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36432B6/F3AB7302B75811ED8B42AC8FF1222468/A3334908B75911ED9D1DD491F1222468.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
41.152.0.0/15
41.222.128.0/21
102.56.0.0/13
105.80.0.0/12
105.200.0.0/13
197.120.0.0/13
197.192.0.0/13
IPv6:
2c0f:fc88::/31
Signature Algorithm: sha256WithRSAEncryption
72:f0:cc:ca:4c:a2:00:33:69:26:a1:a6:d0:21:1b:3a:95:b7:
84:47:db:f8:d7:c1:5d:c0:e2:59:f5:88:4c:7f:9c:07:44:9f:
32:44:44:2c:e3:23:b0:cd:18:e5:11:4f:c0:e8:5f:13:05:19:
ca:05:9a:7f:31:61:8d:60:2f:d4:55:03:3e:f3:f0:39:6d:a9:
f1:80:48:f9:f7:18:b2:5b:5a:34:33:8c:96:4a:ad:a3:57:3b:
bf:2f:1f:3b:ea:4e:b9:9e:28:f9:bd:10:fb:be:d5:99:8c:ea:
c2:eb:c9:4a:ac:14:30:ca:ea:ee:82:e9:59:d1:4d:14:12:44:
96:06:4c:ad:fe:0c:bc:14:e7:70:c9:80:26:49:26:57:d2:de:
89:84:4b:62:77:8e:ec:56:6b:21:0b:f8:d9:cd:23:10:92:2e:
02:7e:b8:3a:39:f5:d5:df:95:8f:54:9c:0e:8f:e8:fd:ac:e7:
85:dc:64:45:bf:1a:69:36:84:7d:9f:d9:67:a8:30:a8:34:9b:
18:02:28:2b:54:70:31:98:15:19:b2:2c:77:46:8f:ef:5b:63:
be:ea:97:18:ff:5a:de:0e:ec:5b:73:19:36:6f:0f:3e:ee:af:
b9:18:6c:5d:b4:12:bf:4a:7f:18:37:43:bb:30:00:58:aa:ab:
3a:20:a7:45
-----BEGIN CERTIFICATE-----
MIIFrzCCBJegAwIBAgIBAzANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDDApGMzY0
MzJCNkFGMTEwLwYDVQQFEygxQzkxQjVBRjlCNjBFQTNGMUMxREI4N0VBRUM2REE3
QzJFQTBBODc3MB4XDTIzMDIyODExMTgyOVoXDTMwMDIyODExMTgyOVowGDEWMBQG
A1UEAwwNNjNmZGUzMGEtZGZjOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMlC9I07yR+jZs290+OetcPIgZv/CkooaYscJ5ytrj+JAK5Ah7Gluop2T8Ra
uSQTFyeMfaZkT0B2D8dB0S82XSfbizF2O389zdo+cmEB5+fjg6j2ooZD58uIW3UX
ga122bOaiUiHgVZlYI9wQWKbP6Hnk6bhniRb1l7IeDmtXkMPY9lKboLQLRKIjPcO
+Z2+3UEQMwbJQWrdc+5bw9X8U6v9OCJAYbe5+8IoLNfMVNJ/mM9V+vKLJNaxaS3w
aTMsf4uTQ7/jpi+V9OiOGL8nHWI7mXHV2OblJBEs19QiXzXGTQmCHbzfEDuwgKDz
QibXQL2BGNTkdU2IdVWTEDJra40CAwEAAaOCAtIwggLOMB0GA1UdDgQWBBTyw02G
xETLvPuvJZuQF6ux5b9EVDAfBgNVHSMEGDAWgBQckbWvm2DqPxwduH6uxtp8LqCo
dzAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NDMyQjYvRjNBQjczMDJCNzU4MTFFRDhCNDJBQzhGRjEyMjI0NjgvSEpHMXI1
dGc2ajhjSGJoLXJzYmFmQzZncUhjLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvSEpHMXI1dGc2ajhjSGJoLXJzYmFmQzZncUhjLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2NDMyQjYvRjNBQjczMDJCNzU4MTFFRDhCNDJBQzhGRjEy
MjI0NjgvQTMzMzQ5MDhCNzU5MTFFRDlEMURENDkxRjEyMjI0Njgucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDBMBggrBgEFBQcBBwEB/wQ9MDswKgQCAAEwJAMDASmYAwQDKd6AAwMDZjgDAwRp
UAMDA2nIAwMDxXgDAwPFwDANBAIAAjAHAwUBLA/8iDANBgkqhkiG9w0BAQsFAAOC
AQEAcvDMykyiADNpJqGm0CEbOpW3hEfb+NfBXcDiWfWITH+cB0SfMkRELOMjsM0Y
5RFPwOhfEwUZygWafzFhjWAv1FUDPvPwOW2p8YBI+fcYsltaNDOMlkqto1c7vy8f
O+pOuZ4o+b0Q+77VmYzqwuvJSqwUMMrq7oLpWdFNFBJElgZMrf4MvBTncMmAJkkm
V9LeiYRLYneO7FZrIQv42c0jEJIuAn64Ojn11d+Vj1ScDo/o/aznhdxkRb8aaTaE
fZ/ZZ6gwqDSbGAIoK1RwMZgVGbIsd0aP71tjvuqXGP9a3g7sW3MZNm8PPu6vuRhs
XbQSv0p/GDdDuzAAWKqrOiCnRQ==
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:03:33 2024 by rpki-client on console-ams.rpki-client.org