Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3654AEE/20C2F95ED87411EE97DDF74D775412E6/788D2BE0D8AC11EE9DB58DA2775412E6.roa
File: 788D2BE0D8AC11EE9DB58DA2775412E6.roa (raw, json)
Hash identifier: 65eF1Tp/RlXNcWyLpB3YoIRfdS2c/kR79xeADgOJBXo=
Subject key identifier: 5A:B3:17:55:06:52:61:9E:CD:B0:F1:BF:C2:1D:9B:32:91:D6:33:C7
Certificate issuer: /CN=F3654AEEAF/serialNumber=096DB3D3BDEEBB7D247066DC8B25B964CC4099D7
Certificate serial: 09
Authority key identifier: 09:6D:B3:D3:BD:EE:BB:7D:24:70:66:DC:8B:25:B9:64:CC:40:99:D7
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/CW2z073uu30kcGbciyW5ZMxAmdc.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3654AEE/20C2F95ED87411EE97DDF74D775412E6/788D2BE0D8AC11EE9DB58DA2775412E6.roa
Signing time: Sat 02 Mar 2024 15:49:36 +0000
ROA not before: Sat 02 Mar 2024 15:49:33 +0000
ROA not after: Sun 31 Mar 2030 15:49:33 +0000
asID: 36938
IP address blocks: 41.222.78.0/24 maxlen: 24
41.222.79.0/24 maxlen: 24
2c0f:f098::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3654AEE/20C2F95ED87411EE97DDF74D775412E6/CW2z073uu30kcGbciyW5ZMxAmdc.crl
rsync://rpki.afrinic.net/repository/member_repository/F3654AEE/20C2F95ED87411EE97DDF74D775412E6/CW2z073uu30kcGbciyW5ZMxAmdc.mft
rsync://rpki.afrinic.net/repository/afrinic/CW2z073uu30kcGbciyW5ZMxAmdc.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9 (0x9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3654AEEAF/serialNumber=096DB3D3BDEEBB7D247066DC8B25B964CC4099D7
Validity
Not Before: Mar 2 15:49:33 2024 GMT
Not After : Mar 31 15:49:33 2030 GMT
Subject: CN=65e34a90-9916
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:0c:e8:79:0b:f4:9f:a2:ea:bf:83:9b:e7:90:
2e:4b:a1:cc:e6:d0:b1:c2:cb:77:81:8f:97:dc:6d:
18:83:b8:96:3e:f7:2c:c0:a1:bf:a9:d7:13:05:d2:
cf:89:98:e6:4c:36:d7:39:8d:00:91:37:87:f0:e1:
db:c3:eb:e6:6e:8e:54:ab:fe:c8:a5:f1:f1:60:8b:
06:b3:8a:2c:39:32:c1:cd:1b:f0:a6:1a:57:fa:11:
27:a2:ce:fb:ea:fb:2d:6d:58:49:28:20:b4:c7:2c:
8f:3c:a2:56:94:24:8f:52:c1:d0:f1:46:9a:f7:74:
9a:29:80:e4:b7:6d:08:9c:4b:6e:6f:ca:ac:a7:7c:
d1:6c:1d:b7:25:7d:dd:1e:4c:99:c5:d7:29:62:5b:
65:82:fd:ad:de:82:84:bd:2b:34:64:09:8e:52:4b:
17:0e:ce:a3:ae:b3:41:16:d3:91:ee:14:8c:75:f5:
0d:33:72:ca:60:d6:3e:12:28:c0:df:d4:be:54:b8:
3a:60:7e:47:d6:d6:02:e6:e2:da:83:86:6a:34:e0:
31:ff:fc:94:ef:e8:07:8a:3f:0e:6d:31:2d:36:14:
ba:76:8b:ea:09:14:39:65:40:9d:f4:57:d0:56:31:
b3:37:cb:2d:92:6e:ee:9c:de:a3:3a:d9:e9:cb:29:
e0:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:B3:17:55:06:52:61:9E:CD:B0:F1:BF:C2:1D:9B:32:91:D6:33:C7
X509v3 Authority Key Identifier:
keyid:09:6D:B3:D3:BD:EE:BB:7D:24:70:66:DC:8B:25:B9:64:CC:40:99:D7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3654AEE/20C2F95ED87411EE97DDF74D775412E6/CW2z073uu30kcGbciyW5ZMxAmdc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CW2z073uu30kcGbciyW5ZMxAmdc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3654AEE/20C2F95ED87411EE97DDF74D775412E6/788D2BE0D8AC11EE9DB58DA2775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
41.222.78.0/23
IPv6:
2c0f:f098::/32
Signature Algorithm: sha256WithRSAEncryption
ae:e4:43:fa:d1:25:be:2e:1c:51:a9:2f:7f:bc:da:55:ed:a9:
0d:9c:bc:bd:8a:72:98:64:10:d5:af:db:29:ed:f7:2f:7e:5c:
23:65:88:eb:ba:66:de:9a:92:4f:49:34:93:93:bf:33:49:4c:
3d:dc:42:d1:38:e9:78:32:f0:be:f8:91:b6:34:fc:10:43:3f:
8f:fc:16:fe:b1:81:c1:70:5d:f9:77:5c:9d:bd:b0:52:4c:dd:
0f:07:aa:c8:9e:a8:60:e0:2b:32:27:9c:81:eb:dc:90:0b:9f:
86:32:88:5b:81:9d:fa:3c:9a:a6:97:b6:d8:32:50:5e:e5:d4:
83:63:22:81:38:1b:2e:e4:67:f8:61:0f:bc:f3:17:6d:f2:fd:
fd:82:70:99:f2:a5:ad:3c:30:5e:39:ed:bd:89:af:9c:42:30:
7a:cc:65:9a:82:ab:f2:ec:cc:db:8d:67:4b:7a:84:f0:88:57:
58:ad:27:29:25:8b:e9:90:e3:7d:6e:51:fe:fb:75:2a:e9:79:
23:57:93:49:f3:c4:e4:0b:55:3b:d2:bb:9a:fc:5e:92:de:86:
29:37:82:24:a8:3f:15:b7:69:62:b9:33:6c:7d:46:8b:5b:32:
22:9b:8c:84:09:b6:3c:5f:76:a8:07:91:81:42:ad:69:42:ac:
2a:c9:fc:36
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgIBCTANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY1
NEFFRUFGMTEwLwYDVQQFEygwOTZEQjNEM0JERUVCQjdEMjQ3MDY2REM4QjI1Qjk2
NENDNDA5OUQ3MB4XDTI0MDMwMjE1NDkzM1oXDTMwMDMzMTE1NDkzM1owGDEWMBQG
A1UEAxMNNjVlMzRhOTAtOTkxNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANUM6HkL9J+i6r+Dm+eQLkuhzObQscLLd4GPl9xtGIO4lj73LMChv6nXEwXS
z4mY5kw21zmNAJE3h/Dh28Pr5m6OVKv+yKXx8WCLBrOKLDkywc0b8KYaV/oRJ6LO
++r7LW1YSSggtMcsjzyiVpQkj1LB0PFGmvd0mimA5LdtCJxLbm/KrKd80WwdtyV9
3R5MmcXXKWJbZYL9rd6ChL0rNGQJjlJLFw7Oo66zQRbTke4UjHX1DTNyymDWPhIo
wN/UvlS4OmB+R9bWAubi2oOGajTgMf/8lO/oB4o/Dm0xLTYUunaL6gkUOWVAnfRX
0FYxszfLLZJu7pzeozrZ6csp4J8CAwEAAaOCArQwggKwMB0GA1UdDgQWBBRasxdV
BlJhns2w8b/CHZsykdYzxzAfBgNVHSMEGDAWgBQJbbPTve67fSRwZtyLJblkzECZ
1zAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NTRBRUUvMjBDMkY5NUVEODc0MTFFRTk3RERGNzRENzc1NDEyRTYvQ1cyejA3
M3V1MzBrY0diY2l5VzVaTXhBbWRjLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvQ1cyejA3M3V1MzBrY0diY2l5VzVaTXhBbWRjLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2NTRBRUUvMjBDMkY5NUVEODc0MTFFRTk3RERGNzRENzc1
NDEyRTYvNzg4RDJCRTBEOEFDMTFFRTlEQjU4REEyNzc1NDEyRTYucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEASneTjANBAIAAjAHAwUALA/w
mDANBgkqhkiG9w0BAQsFAAOCAQEAruRD+tElvi4cUakvf7zaVe2pDZy8vYpymGQQ
1a/bKe33L35cI2WI67pm3pqST0k0k5O/M0lMPdxC0TjpeDLwvviRtjT8EEM/j/wW
/rGBwXBd+Xdcnb2wUkzdDweqyJ6oYOArMiecgevckAufhjKIW4Gd+jyappe22DJQ
XuXUg2MigTgbLuRn+GEPvPMXbfL9/YJwmfKlrTwwXjntvYmvnEIwesxlmoKr8uzM
241nS3qE8IhXWK0nKSWL6ZDjfW5R/vt1Kul5I1eTSfPE5AtVO9K7mvxekt6GKTeC
JKg/FbdpYrkzbH1Gi1syIpuMhAm2PF92qAeRgUKtaUKsKsn8Ng==
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:03:34 2024 by rpki-client on console-ams.rpki-client.org