Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3668A5F/B89B73A41D2E11ECB9DF207ED8A014CE/DF0B42061D3011ECBD63FB02D8A014CE.roa
File: DF0B42061D3011ECBD63FB02D8A014CE.roa (raw, json)
Hash identifier: /YQXCdcgCrNhLL360EhRhY7BDY5J8NgmUeOOyfGlQ8Y=
Subject key identifier: DE:CD:22:3E:A1:AD:6A:87:8B:1F:26:99:B3:57:CC:E7:BC:5A:91:1B
Certificate issuer: /CN=F3668A5FAF/serialNumber=16B8DF5B3BE74C1AE68E31C170115AA737BD5E70
Certificate serial: 02
Authority key identifier: 16:B8:DF:5B:3B:E7:4C:1A:E6:8E:31:C1:70:11:5A:A7:37:BD:5E:70
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/FrjfWzvnTBrmjjHBcBFapze9XnA.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3668A5F/B89B73A41D2E11ECB9DF207ED8A014CE/DF0B42061D3011ECBD63FB02D8A014CE.roa
Signing time: Fri 24 Sep 2021 12:13:48 +0000
ROA not before: Fri 24 Sep 2021 12:13:44 +0000
ROA not after: Tue 31 Dec 2030 12:13:44 +0000
asID: 37608
IP address blocks: 41.242.96.0/20 maxlen: 20
2c0f:f9f0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3668A5F/B89B73A41D2E11ECB9DF207ED8A014CE/FrjfWzvnTBrmjjHBcBFapze9XnA.crl
rsync://rpki.afrinic.net/repository/member_repository/F3668A5F/B89B73A41D2E11ECB9DF207ED8A014CE/FrjfWzvnTBrmjjHBcBFapze9XnA.mft
rsync://rpki.afrinic.net/repository/afrinic/FrjfWzvnTBrmjjHBcBFapze9XnA.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 27 Nov 2024 00:05:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3668A5FAF/serialNumber=16B8DF5B3BE74C1AE68E31C170115AA737BD5E70
Validity
Not Before: Sep 24 12:13:44 2021 GMT
Not After : Dec 31 12:13:44 2030 GMT
Subject: CN=614dc0fc-94ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:a1:a0:1f:0a:71:00:ea:ec:cf:68:93:9b:44:
ee:81:b6:4e:d8:d6:c6:fd:99:dc:b9:01:5d:b0:9d:
7f:30:89:fd:cb:46:cf:2a:5d:7b:c2:06:c8:d2:8e:
04:1d:0a:92:35:13:54:af:ff:93:7a:9e:5f:6d:7d:
92:65:90:2f:a1:a9:a5:56:74:5a:30:16:d9:10:f9:
38:b6:6e:ca:3c:ca:0e:46:a0:09:07:92:ca:6d:37:
61:20:2a:f6:4e:87:43:1d:d6:fb:b0:21:d9:e1:7f:
77:f3:43:01:ea:5e:8b:4a:f2:21:95:31:fb:b4:99:
40:04:cc:b5:60:ad:2a:44:e9:e7:de:f2:c8:f8:e3:
4e:64:52:3b:e2:1e:f0:dc:1a:8a:88:6d:6c:d1:6f:
3f:1d:5b:00:c4:54:9a:28:e5:62:90:f7:5a:e5:86:
a6:45:2a:02:02:3d:a9:c9:55:aa:b9:b3:10:a9:e1:
e7:30:f9:7a:29:e7:12:e3:ab:2a:32:1f:0f:ef:fe:
ae:a4:71:11:5a:80:c6:77:b4:a7:9a:1c:4a:37:5a:
32:0d:01:a9:e7:91:b4:3a:6f:0c:a0:06:15:8d:bd:
4d:1e:08:11:41:91:f4:e5:f9:52:7c:66:88:bd:5f:
47:20:33:2a:00:bc:8f:8d:1b:68:55:d7:78:83:9c:
19:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:CD:22:3E:A1:AD:6A:87:8B:1F:26:99:B3:57:CC:E7:BC:5A:91:1B
X509v3 Authority Key Identifier:
keyid:16:B8:DF:5B:3B:E7:4C:1A:E6:8E:31:C1:70:11:5A:A7:37:BD:5E:70
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3668A5F/B89B73A41D2E11ECB9DF207ED8A014CE/FrjfWzvnTBrmjjHBcBFapze9XnA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/FrjfWzvnTBrmjjHBcBFapze9XnA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3668A5F/B89B73A41D2E11ECB9DF207ED8A014CE/DF0B42061D3011ECBD63FB02D8A014CE.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
41.242.96.0/20
IPv6:
2c0f:f9f0::/32
Signature Algorithm: sha256WithRSAEncryption
6f:8e:23:39:e0:d3:60:71:5b:04:db:44:38:8f:90:3b:6c:57:
aa:ca:f9:d2:48:0f:b6:77:62:42:67:07:8d:6b:50:0b:5c:44:
b2:4f:5f:15:f0:44:e1:61:3c:2b:cc:e3:b8:2a:8a:bc:f9:ce:
85:5c:83:f8:0f:bd:68:e7:5d:24:5d:47:25:a3:59:ec:3e:fb:
43:85:0e:85:a4:f2:58:63:f3:2a:a9:a9:6b:2f:cb:b0:69:15:
58:00:92:a6:ee:f3:ed:fd:3f:aa:34:0f:af:0f:fa:65:70:6d:
9a:6a:d0:9c:dc:33:6e:88:6b:2a:26:b8:c3:d3:6d:57:7a:a3:
f5:ad:26:a6:d3:6d:90:10:08:7b:82:8a:91:02:57:63:7b:a1:
65:96:a6:41:2f:a0:eb:45:40:ff:2c:70:d6:02:e7:86:a2:a6:
3f:01:3b:50:bc:03:7f:d2:56:5a:9b:83:04:41:e7:9c:13:00:
e3:56:1e:0e:ed:2d:37:b4:b1:42:cd:53:f6:81:20:30:35:94:
48:31:05:63:f7:10:9f:ff:02:3d:5d:cf:1f:b6:e5:1e:8d:4e:
fd:80:51:8f:1f:bd:f5:a1:70:a2:82:b9:3b:f9:c9:39:a7:1e:
8f:b7:ec:73:96:35:18:49:a1:b2:f1:5e:79:e4:5e:9e:01:cd:
00:0b:b8:c6
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDDApGMzY2
OEE1RkFGMTEwLwYDVQQFEygxNkI4REY1QjNCRTc0QzFBRTY4RTMxQzE3MDExNUFB
NzM3QkQ1RTcwMB4XDTIxMDkyNDEyMTM0NFoXDTMwMTIzMTEyMTM0NFowGDEWMBQG
A1UEAwwNNjE0ZGMwZmMtOTRlZDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKShoB8KcQDq7M9ok5tE7oG2TtjWxv2Z3LkBXbCdfzCJ/ctGzypde8IGyNKO
BB0KkjUTVK//k3qeX219kmWQL6GppVZ0WjAW2RD5OLZuyjzKDkagCQeSym03YSAq
9k6HQx3W+7Ah2eF/d/NDAepei0ryIZUx+7SZQATMtWCtKkTp597yyPjjTmRSO+Ie
8NwaiohtbNFvPx1bAMRUmijlYpD3WuWGpkUqAgI9qclVqrmzEKnh5zD5einnEuOr
KjIfD+/+rqRxEVqAxne0p5ocSjdaMg0BqeeRtDpvDKAGFY29TR4IEUGR9OX5Unxm
iL1fRyAzKgC8j40baFXXeIOcGdUCAwEAAaOCArQwggKwMB0GA1UdDgQWBBTezSI+
oa1qh4sfJpmzV8znvFqRGzAfBgNVHSMEGDAWgBQWuN9bO+dMGuaOMcFwEVqnN71e
cDAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NjhBNUYvQjg5QjczQTQxRDJFMTFFQ0I5REYyMDdFRDhBMDE0Q0UvRnJqZld6
dm5UQnJtampIQmNCRmFwemU5WG5BLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvRnJqZld6dm5UQnJtampIQmNCRmFwemU5WG5BLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2NjhBNUYvQjg5QjczQTQxRDJFMTFFQ0I5REYyMDdFRDhB
MDE0Q0UvREYwQjQyMDYxRDMwMTFFQ0JENjNGQjAyRDhBMDE0Q0Uucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEBCnyYDANBAIAAjAHAwUALA/5
8DANBgkqhkiG9w0BAQsFAAOCAQEAb44jOeDTYHFbBNtEOI+QO2xXqsr50kgPtndi
QmcHjWtQC1xEsk9fFfBE4WE8K8zjuCqKvPnOhVyD+A+9aOddJF1HJaNZ7D77Q4UO
haTyWGPzKqmpay/LsGkVWACSpu7z7f0/qjQPrw/6ZXBtmmrQnNwzbohrKia4w9Nt
V3qj9a0mptNtkBAIe4KKkQJXY3uhZZamQS+g60VA/yxw1gLnhqKmPwE7ULwDf9JW
WpuDBEHnnBMA41YeDu0tN7SxQs1T9oEgMDWUSDEFY/cQn/8CPV3PH7blHo1O/YBR
jx+99aFwooK5O/nJOacej7fsc5Y1GEmhsvFeeeRengHNAAu4xg==
-----END CERTIFICATE-----
Generated at Mon Nov 25 02:58:27 2024 by rpki-client on console-fra.rpki-client.org