Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3655D2C/1D64C2FCC4C311EE9C41994C775412E6/93B700F2C4F311EE8E31E298775412E6.roa
File: 93B700F2C4F311EE8E31E298775412E6.roa (raw, json)
Hash identifier: jxWkgZfYWgXiUGFUDEKR/McM7BfyCoS5P8Hm5K309v0=
Subject key identifier: 7C:CC:BC:1C:A4:4A:02:32:C2:D3:96:90:E2:DB:6C:42:74:B8:28:07
Certificate issuer: /CN=F3655D2CAF/serialNumber=FDF4BF0013B1F1AACA39551BA626CA24683DAE66
Certificate serial: 46
Authority key identifier: FD:F4:BF:00:13:B1:F1:AA:CA:39:55:1B:A6:26:CA:24:68:3D:AE:66
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/_fS_ABOx8arKOVUbpibKJGg9rmY.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3655D2C/1D64C2FCC4C311EE9C41994C775412E6/93B700F2C4F311EE8E31E298775412E6.roa
Signing time: Tue 06 Feb 2024 13:28:13 +0000
ROA not before: Tue 06 Feb 2024 13:28:10 +0000
ROA not after: Sat 06 Feb 2027 13:28:10 +0000
asID: 36905
IP address blocks: 41.223.28.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3655D2C/1D64C2FCC4C311EE9C41994C775412E6/_fS_ABOx8arKOVUbpibKJGg9rmY.crl
rsync://rpki.afrinic.net/repository/member_repository/F3655D2C/1D64C2FCC4C311EE9C41994C775412E6/_fS_ABOx8arKOVUbpibKJGg9rmY.mft
rsync://rpki.afrinic.net/repository/afrinic/_fS_ABOx8arKOVUbpibKJGg9rmY.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 70 (0x46)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3655D2CAF/serialNumber=FDF4BF0013B1F1AACA39551BA626CA24683DAE66
Validity
Not Before: Feb 6 13:28:10 2024 GMT
Not After : Feb 6 13:28:10 2027 GMT
Subject: CN=65c233ed-a5e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:30:2b:2e:70:84:f6:91:e8:d5:a7:0e:15:94:
13:bc:4d:d6:4e:5f:a6:a7:80:79:e5:1a:f5:9d:70:
15:1a:0b:e7:6a:27:fd:5f:c7:3d:82:9c:91:2c:83:
4a:26:e0:ac:f4:df:49:ab:13:14:1b:a9:20:9d:a0:
e5:67:f6:26:90:b5:36:09:ec:4b:60:4b:65:d6:c4:
8c:44:19:ff:ba:0e:22:6f:e6:67:c5:c2:88:fc:c9:
8f:ea:64:de:5f:78:fd:cf:94:eb:0a:75:30:92:a0:
24:4a:71:cf:a9:aa:f4:e9:38:9c:cd:6f:ae:8a:f4:
57:6e:b1:32:8c:67:14:05:37:d8:11:90:84:db:e0:
2b:90:bc:a6:b7:05:c7:8b:ec:fd:cb:ec:d9:38:a3:
a5:21:9a:15:5a:4b:fc:73:c7:da:7f:23:4a:bd:73:
04:13:9a:95:a6:d6:e6:d6:e5:78:64:00:be:01:98:
0d:53:19:85:e2:f3:c6:ca:4c:17:7e:f3:23:9e:00:
ac:41:31:9d:f5:b7:20:4e:46:85:ce:d3:c5:b3:ad:
b2:eb:f3:03:43:ab:c9:43:26:91:57:82:83:22:28:
7e:86:77:97:53:dc:6d:63:d0:ef:af:45:0f:49:d9:
1f:25:f4:02:3d:84:0f:46:07:15:49:1c:ae:1a:9a:
dd:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:CC:BC:1C:A4:4A:02:32:C2:D3:96:90:E2:DB:6C:42:74:B8:28:07
X509v3 Authority Key Identifier:
keyid:FD:F4:BF:00:13:B1:F1:AA:CA:39:55:1B:A6:26:CA:24:68:3D:AE:66
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3655D2C/1D64C2FCC4C311EE9C41994C775412E6/_fS_ABOx8arKOVUbpibKJGg9rmY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/_fS_ABOx8arKOVUbpibKJGg9rmY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3655D2C/1D64C2FCC4C311EE9C41994C775412E6/93B700F2C4F311EE8E31E298775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
41.223.28.0/22
Signature Algorithm: sha256WithRSAEncryption
a3:ff:5f:b2:71:f5:d5:e7:8e:c3:20:64:13:ed:d8:c4:fb:28:
95:1a:9b:5d:26:4a:b4:71:14:76:5c:9e:8f:59:2d:e7:47:7f:
4c:94:ee:65:8a:b3:5e:08:4f:44:1c:f2:f4:c4:3e:12:a0:96:
39:b1:7e:3f:f3:94:30:86:4c:cd:88:db:0c:32:0d:f9:ee:ce:
13:01:a6:89:0b:ed:1d:39:c8:f2:52:cb:ad:71:58:c0:c4:33:
72:2b:5b:3e:ba:93:58:43:04:b7:a4:06:aa:4c:51:95:22:4f:
65:bd:09:bf:8a:03:c3:3b:35:22:91:d7:50:cc:c3:dd:55:09:
dc:88:43:97:a4:68:be:f9:fb:d2:c2:21:da:dd:a7:f7:15:c1:
e2:f0:33:73:80:b5:7b:73:b9:f4:06:1d:f9:53:18:2b:59:07:
ed:db:1e:a1:49:a1:da:f0:96:b2:f3:dc:f8:50:12:4c:4d:11:
75:b9:e3:01:04:65:e6:ed:de:f8:9d:61:03:a1:4c:f4:80:07:
85:10:8a:b0:52:d0:3e:34:49:bd:9d:a8:ac:03:1c:c5:d6:ca:
f8:f0:ec:2d:0a:73:7a:f6:5c:2b:8e:c4:0b:67:b2:e8:38:98:
b4:27:6e:1f:2c:18:b1:e9:04:60:c6:cc:1d:53:c2:06:a5:f5:
4c:c1:9e:35
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBRjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY1
NUQyQ0FGMTEwLwYDVQQFEyhGREY0QkYwMDEzQjFGMUFBQ0EzOTU1MUJBNjI2Q0Ey
NDY4M0RBRTY2MB4XDTI0MDIwNjEzMjgxMFoXDTI3MDIwNjEzMjgxMFowGDEWMBQG
A1UEAxMNNjVjMjMzZWQtYTVlMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKEwKy5whPaR6NWnDhWUE7xN1k5fpqeAeeUa9Z1wFRoL52on/V/HPYKckSyD
SibgrPTfSasTFBupIJ2g5Wf2JpC1NgnsS2BLZdbEjEQZ/7oOIm/mZ8XCiPzJj+pk
3l94/c+U6wp1MJKgJEpxz6mq9Ok4nM1vror0V26xMoxnFAU32BGQhNvgK5C8prcF
x4vs/cvs2TijpSGaFVpL/HPH2n8jSr1zBBOalabW5tbleGQAvgGYDVMZheLzxspM
F37zI54ArEExnfW3IE5Ghc7TxbOtsuvzA0OryUMmkVeCgyIofoZ3l1PcbWPQ769F
D0nZHyX0Aj2ED0YHFUkcrhqa3c0CAwEAAaOCAqUwggKhMB0GA1UdDgQWBBR8zLwc
pEoCMsLTlpDi22xCdLgoBzAfBgNVHSMEGDAWgBT99L8AE7Hxqso5VRumJsokaD2u
ZjAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NTVEMkMvMUQ2NEMyRkNDNEMzMTFFRTlDNDE5OTRDNzc1NDEyRTYvX2ZTX0FC
T3g4YXJLT1ZVYnBpYktKR2c5cm1ZLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvX2ZTX0FCT3g4YXJLT1ZVYnBpYktKR2c5cm1ZLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2NTVEMkMvMUQ2NEMyRkNDNEMzMTFFRTlDNDE5OTRDNzc1
NDEyRTYvOTNCNzAwRjJDNEYzMTFFRThFMzFFMjk4Nzc1NDEyRTYucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAinfHDANBgkqhkiG9w0BAQsF
AAOCAQEAo/9fsnH11eeOwyBkE+3YxPsolRqbXSZKtHEUdlyej1kt50d/TJTuZYqz
XghPRBzy9MQ+EqCWObF+P/OUMIZMzYjbDDIN+e7OEwGmiQvtHTnI8lLLrXFYwMQz
citbPrqTWEMEt6QGqkxRlSJPZb0Jv4oDwzs1IpHXUMzD3VUJ3IhDl6Rovvn70sIh
2t2n9xXB4vAzc4C1e3O59AYd+VMYK1kH7dseoUmh2vCWsvPc+FASTE0RdbnjAQRl
5u3e+J1hA6FM9IAHhRCKsFLQPjRJvZ2orAMcxdbK+PDsLQpzevZcK47EC2ey6DiY
tCduHywYsekEYMbMHVPCBqX1TMGeNQ==
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:52:54 2024 by rpki-client on console-fra.rpki-client.org