Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F364744F/3B02F8B2ADC311EA8F42EF77F8AEA228/CB8C83A0C88511ED940C44A3F1222468.roa
File: CB8C83A0C88511ED940C44A3F1222468.roa (raw, json)
Hash identifier: FlRKAeloaznza0Vyrk2FzdR3/23YEw2VW6tyntdnTAo=
Subject key identifier: DF:66:7E:D1:3D:AE:0A:65:DE:1F:6D:B6:18:99:98:F2:93:20:D9:97
Certificate issuer: /CN=F364744FAF/serialNumber=80AF060E4640C32653D0F00C3024514A9F149538
Certificate serial: 0408
Authority key identifier: 80:AF:06:0E:46:40:C3:26:53:D0:F0:0C:30:24:51:4A:9F:14:95:38
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/gK8GDkZAwyZT0PAMMCRRSp8UlTg.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F364744F/3B02F8B2ADC311EA8F42EF77F8AEA228/CB8C83A0C88511ED940C44A3F1222468.roa
Signing time: Wed 22 Mar 2023 07:47:29 +0000
ROA not before: Wed 22 Mar 2023 07:47:24 +0000
ROA not after: Wed 23 Mar 2033 07:47:24 +0000
asID: 37337
IP address blocks: 41.79.48.0/22 maxlen: 24
102.223.24.0/22 maxlen: 24
2c0f:f840::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F364744F/3B02F8B2ADC311EA8F42EF77F8AEA228/gK8GDkZAwyZT0PAMMCRRSp8UlTg.crl
rsync://rpki.afrinic.net/repository/member_repository/F364744F/3B02F8B2ADC311EA8F42EF77F8AEA228/gK8GDkZAwyZT0PAMMCRRSp8UlTg.mft
rsync://rpki.afrinic.net/repository/afrinic/gK8GDkZAwyZT0PAMMCRRSp8UlTg.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1032 (0x408)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F364744FAF/serialNumber=80AF060E4640C32653D0F00C3024514A9F149538
Validity
Not Before: Mar 22 07:47:24 2023 GMT
Not After : Mar 23 07:47:24 2033 GMT
Subject: CN=641ab291-5846
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:fc:86:7c:61:28:04:85:49:68:73:06:3b:84:
ae:4f:04:a5:a9:d0:79:20:82:a3:89:47:ff:58:28:
9a:bc:95:a4:1e:02:95:09:57:5f:3a:f1:6b:bd:a2:
20:83:77:54:8f:d4:d6:fd:8c:90:15:6a:ac:eb:60:
37:f1:de:dc:73:9b:a2:45:9a:06:63:de:aa:b0:3d:
ce:4b:20:0a:35:68:cb:a8:a4:61:05:eb:cf:d6:6c:
d0:03:f3:5f:90:a2:ac:d7:b9:32:50:ca:f3:05:3a:
92:e3:4a:0d:b7:6b:eb:e7:74:36:46:47:9b:70:b5:
3c:5e:92:94:53:63:21:b7:63:f6:88:eb:bc:88:51:
68:00:0a:24:2c:a6:fc:bd:b7:bf:84:70:9b:ae:e9:
17:3d:83:0e:29:30:e5:61:f0:8a:50:2e:9a:c4:22:
eb:81:47:21:50:b3:64:b9:a8:05:6b:a4:10:5f:58:
f3:69:50:00:e2:bb:a7:2b:7d:52:ed:04:d8:ff:b1:
1e:b5:9b:31:c4:23:54:aa:bf:cd:f1:8e:90:c7:97:
68:b3:cc:e3:43:2c:8c:96:6c:7e:63:78:45:49:2b:
42:47:0b:34:4f:ee:8e:f4:1a:b0:b7:6e:5e:73:25:
32:3c:f2:3e:d2:30:2a:75:42:c4:70:0b:23:bf:d3:
02:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:66:7E:D1:3D:AE:0A:65:DE:1F:6D:B6:18:99:98:F2:93:20:D9:97
X509v3 Authority Key Identifier:
keyid:80:AF:06:0E:46:40:C3:26:53:D0:F0:0C:30:24:51:4A:9F:14:95:38
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F364744F/3B02F8B2ADC311EA8F42EF77F8AEA228/gK8GDkZAwyZT0PAMMCRRSp8UlTg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/gK8GDkZAwyZT0PAMMCRRSp8UlTg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F364744F/3B02F8B2ADC311EA8F42EF77F8AEA228/CB8C83A0C88511ED940C44A3F1222468.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
41.79.48.0/22
102.223.24.0/22
IPv6:
2c0f:f840::/32
Signature Algorithm: sha256WithRSAEncryption
7c:c1:0f:aa:96:dc:30:7c:35:de:84:ab:54:82:95:a6:8b:ee:
40:1f:db:53:b1:ac:11:3e:d1:2f:19:2c:f3:77:4c:42:72:94:
2a:aa:97:a5:b2:7a:ed:41:77:a6:96:34:d5:4c:78:f6:d5:6a:
46:97:4e:6e:65:cd:0f:f1:f4:8e:38:cc:f9:48:81:d7:28:68:
11:82:bc:20:a3:0d:46:3b:ef:ad:f8:89:5b:75:00:ef:13:e9:
96:66:77:1a:53:4f:d7:81:c0:ba:90:dd:ab:c2:e1:26:df:b2:
62:5d:b6:c9:04:c7:a3:bd:d4:b7:05:23:ef:19:58:66:d0:a3:
38:7c:0f:54:38:ca:fb:66:2f:5c:b8:65:98:2b:b3:49:d9:31:
67:6f:f5:d2:a8:29:18:b5:42:c8:95:d0:5c:43:f0:60:a2:5c:
04:c2:e9:d0:23:ab:eb:66:22:4d:7f:7d:1c:ed:a4:d3:fb:14:
1c:6b:17:ac:86:d2:63:0a:fb:ba:9a:18:92:28:78:2f:0f:d7:
b3:bc:0e:a6:eb:d0:a4:50:dc:03:5f:33:e9:e3:98:b2:bb:de:
87:e4:ee:85:98:c4:5d:95:fb:5f:bf:ca:c4:b4:b0:40:05:30:
26:bd:b2:f3:98:fc:73:4c:f8:5e:c9:5b:9b:85:b0:29:34:d6:
6f:5c:3f:9d
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgICBAgwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
NDc0NEZBRjExMC8GA1UEBRMoODBBRjA2MEU0NjQwQzMyNjUzRDBGMDBDMzAyNDUx
NEE5RjE0OTUzODAeFw0yMzAzMjIwNzQ3MjRaFw0zMzAzMjMwNzQ3MjRaMBgxFjAU
BgNVBAMMDTY0MWFiMjkxLTU4NDYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC3/IZ8YSgEhUlocwY7hK5PBKWp0HkggqOJR/9YKJq8laQeApUJV1868Wu9
oiCDd1SP1Nb9jJAVaqzrYDfx3txzm6JFmgZj3qqwPc5LIAo1aMuopGEF68/WbNAD
81+QoqzXuTJQyvMFOpLjSg23a+vndDZGR5twtTxekpRTYyG3Y/aI67yIUWgACiQs
pvy9t7+EcJuu6Rc9gw4pMOVh8IpQLprEIuuBRyFQs2S5qAVrpBBfWPNpUADiu6cr
fVLtBNj/sR61mzHEI1Sqv83xjpDHl2izzONDLIyWbH5jeEVJK0JHCzRP7o70GrC3
bl5zJTI88j7SMCp1QsRwCyO/0wKbAgMBAAGjggK6MIICtjAdBgNVHQ4EFgQU32Z+
0T2uCmXeH222GJmY8pMg2ZcwHwYDVR0jBBgwFoAUgK8GDkZAwyZT0PAMMCRRSp8U
lTgwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjQ3NDRGLzNCMDJGOEIyQURDMzExRUE4RjQyRUY3N0Y4QUVBMjI4L2dLOEdE
a1pBd3laVDBQQU1NQ1JSU3A4VWxUZy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL2dLOEdEa1pBd3laVDBQQU1NQ1JSU3A4VWxUZy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjQ3NDRGLzNCMDJGOEIyQURDMzExRUE4RjQyRUY3N0Y4
QUVBMjI4L0NCOEM4M0EwQzg4NTExRUQ5NDBDNDRBM0YxMjIyNDY4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwNAYIKwYBBQUHAQcBAf8EJTAjMBIEAgABMAwDBAIpTzADBAJm3xgwDQQCAAIw
BwMFACwP+EAwDQYJKoZIhvcNAQELBQADggEBAHzBD6qW3DB8Nd6Eq1SClaaL7kAf
21OxrBE+0S8ZLPN3TEJylCqql6Wyeu1Bd6aWNNVMePbVakaXTm5lzQ/x9I44zPlI
gdcoaBGCvCCjDUY77634iVt1AO8T6ZZmdxpTT9eBwLqQ3avC4SbfsmJdtskEx6O9
1LcFI+8ZWGbQozh8D1Q4yvtmL1y4ZZgrs0nZMWdv9dKoKRi1QsiV0FxD8GCiXATC
6dAjq+tmIk1/fRztpNP7FBxrF6yG0mMK+7qaGJIoeC8P17O8Dqbr0KRQ3ANfM+nj
mLK73ofk7oWYxF2V+1+/ysS0sEAFMCa9svOY/HNM+F7JW5uFsCk01m9cP50=
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:08:53 2024 by rpki-client on console-fra.rpki-client.org