Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3663C93/6244699AB48311EE8AD30EBF775412E6/E436B8B2B48411EE9FE3FDC1775412E6.roa
File: E436B8B2B48411EE9FE3FDC1775412E6.roa (raw, json)
Hash identifier: ELA1dr8trMb+co/i6AdEjTAHd80LHiztSUPBhtVeG7k=
Subject key identifier: 0C:A8:A4:81:96:26:2C:AC:69:FC:D5:99:9A:E7:53:B6:E1:15:57:11
Certificate issuer: /CN=F3663C93AF/serialNumber=139653264E61F8C30D4F304F4E004D4A4AF70DDD
Certificate serial: 0C
Authority key identifier: 13:96:53:26:4E:61:F8:C3:0D:4F:30:4F:4E:00:4D:4A:4A:F7:0D:DD
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/E5ZTJk5h-MMNTzBPTgBNSkr3Dd0.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3663C93/6244699AB48311EE8AD30EBF775412E6/E436B8B2B48411EE9FE3FDC1775412E6.roa
Signing time: Tue 16 Jan 2024 15:35:35 +0000
ROA not before: Tue 16 Jan 2024 15:35:32 +0000
ROA not after: Wed 15 Jan 2025 15:35:32 +0000
asID: 328446
IP address blocks: 41.222.125.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3663C93/6244699AB48311EE8AD30EBF775412E6/E5ZTJk5h-MMNTzBPTgBNSkr3Dd0.crl
rsync://rpki.afrinic.net/repository/member_repository/F3663C93/6244699AB48311EE8AD30EBF775412E6/E5ZTJk5h-MMNTzBPTgBNSkr3Dd0.mft
rsync://rpki.afrinic.net/repository/afrinic/E5ZTJk5h-MMNTzBPTgBNSkr3Dd0.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 27 Nov 2024 00:05:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 12 (0xc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3663C93AF/serialNumber=139653264E61F8C30D4F304F4E004D4A4AF70DDD
Validity
Not Before: Jan 16 15:35:32 2024 GMT
Not After : Jan 15 15:35:32 2025 GMT
Subject: CN=65a6a247-beaa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:92:a2:17:8b:8c:16:22:0e:77:5c:70:56:2d:
5d:9c:2b:d8:f5:be:e8:9d:e5:06:e2:9e:bc:da:63:
a1:db:90:a8:ae:ab:cd:68:7e:4d:83:3a:5a:81:3a:
27:1d:d3:d3:95:46:0d:93:b0:65:7a:89:94:cf:06:
b7:b6:a5:57:04:44:a0:de:ea:bd:88:86:2f:4b:ec:
a2:da:cf:33:12:ff:cc:5e:4f:2e:cd:67:5a:0d:11:
56:81:4a:be:0a:74:e1:71:5f:dd:8f:cd:a5:bd:25:
90:23:73:d1:d3:ee:2c:cb:f8:96:5e:da:bc:98:8e:
2b:c4:ec:ee:06:3f:be:ee:f0:1e:62:84:cd:41:01:
5c:0a:07:65:e5:38:17:f8:99:03:64:d9:ba:5f:cf:
e9:b6:de:bf:f5:3c:d1:ff:cd:58:20:32:43:32:a9:
65:48:56:15:d4:b8:e6:c9:85:d2:14:f1:84:1a:ea:
87:ee:bd:2e:e2:a7:3f:64:c1:39:b9:df:96:d8:5f:
17:0a:f2:2e:2c:34:dc:f6:65:24:bf:68:de:51:cb:
55:9e:42:db:5f:aa:45:26:5b:63:f6:db:fc:77:d3:
e1:3f:97:0a:00:d2:1f:b1:dd:61:60:d9:a0:69:f7:
b6:3e:d8:20:e0:44:0c:60:56:5d:d3:f8:21:24:43:
08:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:A8:A4:81:96:26:2C:AC:69:FC:D5:99:9A:E7:53:B6:E1:15:57:11
X509v3 Authority Key Identifier:
keyid:13:96:53:26:4E:61:F8:C3:0D:4F:30:4F:4E:00:4D:4A:4A:F7:0D:DD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3663C93/6244699AB48311EE8AD30EBF775412E6/E5ZTJk5h-MMNTzBPTgBNSkr3Dd0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/E5ZTJk5h-MMNTzBPTgBNSkr3Dd0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3663C93/6244699AB48311EE8AD30EBF775412E6/E436B8B2B48411EE9FE3FDC1775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
41.222.125.0/24
Signature Algorithm: sha256WithRSAEncryption
54:ed:9d:5d:f7:cc:c8:73:23:2f:eb:0b:dc:22:6c:4b:07:83:
c7:17:ea:25:f0:3d:f2:6b:80:17:70:b8:cd:5e:99:68:c1:7a:
5a:41:15:54:68:25:24:0d:4d:86:b1:f1:1a:62:37:74:3a:c1:
cb:38:69:87:5e:d4:ad:18:cc:4a:f0:e1:2b:6b:80:2c:14:6c:
b3:5f:b9:16:84:ba:c3:c3:35:56:e2:62:81:d2:b2:ed:fe:de:
f0:86:3c:1f:97:62:a4:91:fb:e8:0c:0d:d5:9c:52:a4:de:7a:
c3:2d:95:18:1d:c5:7f:4d:40:a5:c8:d0:f8:6d:5b:a7:ca:c1:
05:03:20:a0:5b:8a:87:fb:39:0a:54:5a:30:d7:e4:a9:2e:1c:
98:f6:d0:87:82:de:b9:41:8d:99:86:aa:44:ff:4f:23:ea:15:
c8:41:80:7f:6e:98:4b:cd:ab:f1:b3:5f:7b:01:1d:ad:f5:ed:
4c:3b:e8:46:09:76:b4:ac:6a:dd:3b:72:fc:eb:1f:bc:87:8b:
da:e7:27:28:7e:2e:18:7e:80:40:20:21:6f:01:50:24:91:be:
91:a5:c1:7a:20:00:22:cc:90:84:63:29:4f:41:84:1b:75:32:
1e:05:c5:3f:2b:d4:28:5a:ed:ec:5f:07:95:35:b1:cf:6f:8c:
cf:ed:c5:af
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBDDANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY2
M0M5M0FGMTEwLwYDVQQFEygxMzk2NTMyNjRFNjFGOEMzMEQ0RjMwNEY0RTAwNEQ0
QTRBRjcwREREMB4XDTI0MDExNjE1MzUzMloXDTI1MDExNTE1MzUzMlowGDEWMBQG
A1UEAxMNNjVhNmEyNDctYmVhYTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKySoheLjBYiDndccFYtXZwr2PW+6J3lBuKevNpjoduQqK6rzWh+TYM6WoE6
Jx3T05VGDZOwZXqJlM8Gt7alVwREoN7qvYiGL0vsotrPMxL/zF5PLs1nWg0RVoFK
vgp04XFf3Y/Npb0lkCNz0dPuLMv4ll7avJiOK8Ts7gY/vu7wHmKEzUEBXAoHZeU4
F/iZA2TZul/P6bbev/U80f/NWCAyQzKpZUhWFdS45smF0hTxhBrqh+69LuKnP2TB
ObnflthfFwryLiw03PZlJL9o3lHLVZ5C21+qRSZbY/bb/HfT4T+XCgDSH7HdYWDZ
oGn3tj7YIOBEDGBWXdP4ISRDCFsCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBQMqKSB
liYsrGn81Zma51O24RVXETAfBgNVHSMEGDAWgBQTllMmTmH4ww1PME9OAE1KSvcN
3TAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NjNDOTMvNjI0NDY5OUFCNDgzMTFFRThBRDMwRUJGNzc1NDEyRTYvRTVaVEpr
NWgtTU1OVHpCUFRnQk5Ta3IzRGQwLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvRTVaVEprNWgtTU1OVHpCUFRnQk5Ta3IzRGQwLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2NjNDOTMvNjI0NDY5OUFCNDgzMTFFRThBRDMwRUJGNzc1
NDEyRTYvRTQzNkI4QjJCNDg0MTFFRTlGRTNGREMxNzc1NDEyRTYucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEACnefTANBgkqhkiG9w0BAQsF
AAOCAQEAVO2dXffMyHMjL+sL3CJsSweDxxfqJfA98muAF3C4zV6ZaMF6WkEVVGgl
JA1NhrHxGmI3dDrByzhph17UrRjMSvDhK2uALBRss1+5FoS6w8M1VuJigdKy7f7e
8IY8H5dipJH76AwN1ZxSpN56wy2VGB3Ff01ApcjQ+G1bp8rBBQMgoFuKh/s5ClRa
MNfkqS4cmPbQh4LeuUGNmYaqRP9PI+oVyEGAf26YS82r8bNfewEdrfXtTDvoRgl2
tKxq3Tty/OsfvIeL2ucnKH4uGH6AQCAhbwFQJJG+kaXBeiAAIsyQhGMpT0GEG3Uy
HgXFPyvUKFrt7F8HlTWxz2+Mz+3Frw==
-----END CERTIFICATE-----
Generated at Mon Nov 25 04:43:45 2024 by rpki-client on console-ams.rpki-client.org