Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3663CEE/1FBC442083BE11EA8A65B730F8AEA228/AE18FBD67CA911EEB6D3DD404AD9E6FC.roa
File: AE18FBD67CA911EEB6D3DD404AD9E6FC.roa (raw, json)
Hash identifier: EUXpIG95DQgNgpSPlS78r4ZPbIQJ7nP3j1DIht+45k0=
Subject key identifier: 8F:93:39:B1:70:0E:45:D8:47:D1:FA:40:16:5E:0B:1C:07:7F:5F:BF
Certificate issuer: /CN=F3663CEEAF/serialNumber=CB88587527B383916CC0B1D8866653C33431E45D
Certificate serial: 0532
Authority key identifier: CB:88:58:75:27:B3:83:91:6C:C0:B1:D8:86:66:53:C3:34:31:E4:5D
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/y4hYdSezg5FswLHYhmZTwzQx5F0.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3663CEE/1FBC442083BE11EA8A65B730F8AEA228/AE18FBD67CA911EEB6D3DD404AD9E6FC.roa
Signing time: Mon 06 Nov 2023 13:37:51 +0000
ROA not before: Mon 06 Nov 2023 13:37:41 +0000
ROA not after: Sun 06 Nov 2033 13:37:41 +0000
asID: 327693
IP address blocks: 41.76.224.0/21 maxlen: 24
102.67.176.0/21 maxlen: 24
154.73.184.0/21 maxlen: 24
2c0f:f708::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3663CEE/1FBC442083BE11EA8A65B730F8AEA228/y4hYdSezg5FswLHYhmZTwzQx5F0.crl
rsync://rpki.afrinic.net/repository/member_repository/F3663CEE/1FBC442083BE11EA8A65B730F8AEA228/y4hYdSezg5FswLHYhmZTwzQx5F0.mft
rsync://rpki.afrinic.net/repository/afrinic/y4hYdSezg5FswLHYhmZTwzQx5F0.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 28 Nov 2024 00:05:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1330 (0x532)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3663CEEAF/serialNumber=CB88587527B383916CC0B1D8866653C33431E45D
Validity
Not Before: Nov 6 13:37:41 2023 GMT
Not After : Nov 6 13:37:41 2033 GMT
Subject: CN=6548ec2f-c8cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:7c:74:a8:21:8c:c8:b2:d2:9b:64:9b:51:aa:
1a:ef:07:46:1a:12:64:e9:68:45:3e:2f:f4:25:e8:
88:b6:a0:ad:ca:35:ba:39:f4:91:7e:4b:cf:cb:74:
23:a5:3e:4b:79:36:1e:d2:ff:c6:31:57:b7:5f:5b:
be:c4:fa:1e:a4:a0:ff:d0:c4:8e:3d:87:e4:9a:b8:
0f:74:f5:5a:ec:51:64:02:9c:10:71:4d:ac:38:57:
7a:eb:0b:fe:99:57:db:45:a9:58:9c:06:0a:16:d4:
96:82:3f:38:82:95:ad:19:e7:c0:08:71:14:1b:f7:
17:90:23:e6:5f:f2:28:c1:01:1e:09:33:5d:d1:2d:
72:a0:d4:f9:e1:02:b4:6b:a7:7a:46:ad:e5:0c:0c:
6a:1b:1a:1f:79:ca:24:d3:c1:e6:4e:18:00:e5:33:
79:2e:2c:45:69:5d:b2:27:48:da:45:7c:c4:6d:b5:
99:1a:df:6a:29:80:80:b7:a7:e9:11:29:c7:05:ab:
74:5b:2c:63:31:a4:5f:54:ec:ec:73:a0:c0:d3:79:
65:2a:da:4c:09:56:e0:35:f0:e2:49:56:d2:99:4a:
50:93:09:97:c5:a3:aa:fd:13:b4:96:1d:8a:52:71:
59:0d:fa:5a:03:85:0c:1e:51:92:70:4b:6a:a9:a1:
00:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:93:39:B1:70:0E:45:D8:47:D1:FA:40:16:5E:0B:1C:07:7F:5F:BF
X509v3 Authority Key Identifier:
keyid:CB:88:58:75:27:B3:83:91:6C:C0:B1:D8:86:66:53:C3:34:31:E4:5D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3663CEE/1FBC442083BE11EA8A65B730F8AEA228/y4hYdSezg5FswLHYhmZTwzQx5F0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/y4hYdSezg5FswLHYhmZTwzQx5F0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3663CEE/1FBC442083BE11EA8A65B730F8AEA228/AE18FBD67CA911EEB6D3DD404AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
41.76.224.0/21
102.67.176.0/21
154.73.184.0/21
IPv6:
2c0f:f708::/32
Signature Algorithm: sha256WithRSAEncryption
69:37:10:be:c0:90:e4:f0:2c:cb:13:4e:97:56:fb:a0:70:17:
5c:b2:c8:58:49:58:c9:85:50:44:a6:e3:18:f7:fe:fc:cb:88:
39:2c:a9:0b:d8:5b:41:7c:d0:1d:b4:32:a4:ae:2c:a8:b2:1c:
fc:75:08:e0:dc:fb:20:ba:d0:e7:eb:4f:cb:e1:a1:1a:b7:b2:
b7:74:3f:c6:2e:c4:be:3f:49:3e:1d:a2:bf:a0:8c:f2:9b:4f:
09:93:31:e5:a5:2c:9c:d7:4a:4e:06:a2:b5:e8:d5:ed:46:2a:
b8:4f:bf:49:43:a5:49:16:b0:c4:e9:88:e0:c3:09:c0:ef:09:
cf:9b:86:6b:2e:5d:64:7d:40:48:97:8b:c2:bc:60:63:8f:a8:
d7:f3:3d:3a:a7:d0:91:ae:78:18:c0:cd:7b:dd:93:fc:5a:b7:
f1:a6:7d:fc:96:ab:b9:3e:9d:ea:02:9f:68:18:b9:98:02:c8:
80:41:03:d8:f0:70:61:28:f3:01:65:e1:72:ae:e7:a7:19:a6:
e0:39:43:47:b7:9e:09:91:bd:8f:1a:cc:fe:4b:19:32:78:42:
fd:f1:93:5d:09:8a:96:cf:45:bf:06:fb:37:c1:32:16:f9:61:
1d:90:64:01:a5:fb:54:43:35:79:3c:f2:be:b3:0a:70:8a:77:
32:af:e3:bc
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgICBTIwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
NjNDRUVBRjExMC8GA1UEBRMoQ0I4ODU4NzUyN0IzODM5MTZDQzBCMUQ4ODY2NjUz
QzMzNDMxRTQ1RDAeFw0yMzExMDYxMzM3NDFaFw0zMzExMDYxMzM3NDFaMBgxFjAU
BgNVBAMTDTY1NDhlYzJmLWM4Y2YwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDWfHSoIYzIstKbZJtRqhrvB0YaEmTpaEU+L/Ql6Ii2oK3KNbo59JF+S8/L
dCOlPkt5Nh7S/8YxV7dfW77E+h6koP/QxI49h+SauA909VrsUWQCnBBxTaw4V3rr
C/6ZV9tFqVicBgoW1JaCPziCla0Z58AIcRQb9xeQI+Zf8ijBAR4JM13RLXKg1Pnh
ArRrp3pGreUMDGobGh95yiTTweZOGADlM3kuLEVpXbInSNpFfMRttZka32opgIC3
p+kRKccFq3RbLGMxpF9U7OxzoMDTeWUq2kwJVuA18OJJVtKZSlCTCZfFo6r9E7SW
HYpScVkN+loDhQweUZJwS2qpoQDhAgMBAAGjggLAMIICvDAdBgNVHQ4EFgQUj5M5
sXAORdhH0fpAFl4LHAd/X78wHwYDVR0jBBgwFoAUy4hYdSezg5FswLHYhmZTwzQx
5F0wDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjYzQ0VFLzFGQkM0NDIwODNCRTExRUE4QTY1QjczMEY4QUVBMjI4L3k0aFlk
U2V6ZzVGc3dMSFlobVpUd3pReDVGMC5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL3k0aFlkU2V6ZzVGc3dMSFlobVpUd3pReDVGMC5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjYzQ0VFLzFGQkM0NDIwODNCRTExRUE4QTY1QjczMEY4
QUVBMjI4L0FFMThGQkQ2N0NBOTExRUVCNkQzREQ0MDRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwOgYIKwYBBQUHAQcBAf8EKzApMBgEAgABMBIDBAMpTOADBANmQ7ADBAOaSbgw
DQQCAAIwBwMFACwP9wgwDQYJKoZIhvcNAQELBQADggEBAGk3EL7AkOTwLMsTTpdW
+6BwF1yyyFhJWMmFUESm4xj3/vzLiDksqQvYW0F80B20MqSuLKiyHPx1CODc+yC6
0OfrT8vhoRq3srd0P8YuxL4/ST4dor+gjPKbTwmTMeWlLJzXSk4GorXo1e1GKrhP
v0lDpUkWsMTpiODDCcDvCc+bhmsuXWR9QEiXi8K8YGOPqNfzPTqn0JGueBjAzXvd
k/xat/GmffyWq7k+neoCn2gYuZgCyIBBA9jwcGEo8wFl4XKu56cZpuA5Q0e3ngmR
vY8azP5LGTJ4Qv3xk10JipbPRb8G+zfBMhb5YR2QZAGl+1RDNXk88r6zCnCKdzKv
47w=
-----END CERTIFICATE-----
Generated at Tue Nov 26 02:29:21 2024 by rpki-client on console-ams.rpki-client.org