Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36709ED/978FB7C6A97011EEB936A996775412E6/41F9AFDEA97411EEB0AFAB9C775412E6.roa
File: 41F9AFDEA97411EEB0AFAB9C775412E6.roa (raw, json)
Hash identifier: Pt7jFsZb/eRJPwvxWbE2QqRIPTR2VlpkPA1ZKM5aPIE=
Subject key identifier: E9:40:A4:27:DB:B5:62:CF:B6:6B:C0:B1:E5:34:37:12:E1:66:89:A7
Certificate issuer: /CN=F36709EDAF/serialNumber=6F22BBC87A0F084A04E488AE91F46EC88A0FB6BB
Certificate serial: 04
Authority key identifier: 6F:22:BB:C8:7A:0F:08:4A:04:E4:88:AE:91:F4:6E:C8:8A:0F:B6:BB
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/byK7yHoPCEoE5IiukfRuyIoPtrs.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36709ED/978FB7C6A97011EEB936A996775412E6/41F9AFDEA97411EEB0AFAB9C775412E6.roa
Signing time: Tue 02 Jan 2024 13:38:48 +0000
ROA not before: Tue 02 Jan 2024 13:38:45 +0000
ROA not after: Thu 01 Jan 2026 13:38:45 +0000
asID: 329297
IP address blocks: 102.211.172.0/22 maxlen: 22
102.211.172.0/24 maxlen: 24
102.211.173.0/24 maxlen: 24
102.211.174.0/24 maxlen: 24
102.211.175.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36709ED/978FB7C6A97011EEB936A996775412E6/byK7yHoPCEoE5IiukfRuyIoPtrs.crl
rsync://rpki.afrinic.net/repository/member_repository/F36709ED/978FB7C6A97011EEB936A996775412E6/byK7yHoPCEoE5IiukfRuyIoPtrs.mft
rsync://rpki.afrinic.net/repository/afrinic/byK7yHoPCEoE5IiukfRuyIoPtrs.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 04 Jun 2024 00:04:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4 (0x4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36709EDAF/serialNumber=6F22BBC87A0F084A04E488AE91F46EC88A0FB6BB
Validity
Not Before: Jan 2 13:38:45 2024 GMT
Not After : Jan 1 13:38:45 2026 GMT
Subject: CN=659411e8-d125
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:1c:8c:80:70:8b:fb:2f:33:aa:29:3f:10:e2:
1b:5e:c1:4a:1e:64:25:fd:a2:f7:da:7d:a7:ca:50:
2c:ee:f9:ab:b3:af:51:81:d4:f4:68:d1:55:9f:74:
db:95:f9:4b:88:2a:a3:06:c9:4b:4a:c0:7c:ff:5f:
0e:76:49:1f:8a:de:30:e7:84:0e:60:b1:e8:bc:8d:
77:ff:0e:91:3f:30:33:1c:0a:df:97:47:3d:ab:de:
ba:5f:ad:3b:03:a1:6e:59:b9:e7:4f:d4:fd:8c:c1:
b3:be:60:ad:35:a1:5b:b3:6f:f1:70:60:f8:a9:09:
ea:5a:42:08:97:68:59:b3:f6:cd:46:12:ca:a3:f3:
fb:fc:5a:1a:e0:98:99:db:c9:8b:21:c9:8e:9b:fd:
30:d8:d0:60:98:1f:45:6c:53:aa:21:89:16:e4:87:
a7:1d:90:25:bc:60:19:d7:94:84:04:fc:96:ee:76:
49:fa:b4:e0:d7:8b:77:4e:b2:ec:f3:62:6d:06:07:
76:ea:dc:69:e2:22:23:cc:7c:f2:26:d1:6b:65:75:
db:36:ec:db:de:bd:4f:e4:c6:e0:fc:6e:0e:55:f6:
34:ea:a5:c6:6f:61:7d:03:b9:4c:1a:d0:c3:b5:a4:
f5:4f:40:88:3f:2d:27:f2:29:6b:48:c6:38:0a:32:
4f:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:40:A4:27:DB:B5:62:CF:B6:6B:C0:B1:E5:34:37:12:E1:66:89:A7
X509v3 Authority Key Identifier:
keyid:6F:22:BB:C8:7A:0F:08:4A:04:E4:88:AE:91:F4:6E:C8:8A:0F:B6:BB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36709ED/978FB7C6A97011EEB936A996775412E6/byK7yHoPCEoE5IiukfRuyIoPtrs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/byK7yHoPCEoE5IiukfRuyIoPtrs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36709ED/978FB7C6A97011EEB936A996775412E6/41F9AFDEA97411EEB0AFAB9C775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.211.172.0/22
Signature Algorithm: sha256WithRSAEncryption
7f:d4:15:c3:fa:7e:67:3c:e0:b5:c5:d1:91:81:c9:43:94:0c:
01:53:01:c1:5f:1e:cb:48:c1:b0:ea:b4:c5:f4:37:f3:5f:b3:
47:a6:89:b4:e1:43:82:4d:a7:1f:6a:b9:9f:05:d5:f2:4c:1f:
37:ac:36:53:4e:e2:6a:08:25:6e:92:b8:23:c7:17:68:ea:67:
c8:a5:00:16:99:81:aa:3a:c6:4d:43:4e:ec:34:54:32:54:1a:
4a:d7:2c:a0:16:0a:1d:dc:08:8c:f9:49:3e:1e:51:ca:f2:8a:
ad:84:18:6c:f3:40:a1:ba:51:c7:f8:58:39:71:bb:df:37:1d:
5f:76:b2:9e:85:89:a6:ef:b0:18:b1:76:33:88:c2:78:c0:e4:
87:51:85:d2:6a:73:a7:bd:31:22:0e:da:f6:35:fd:98:8f:29:
93:c6:f4:ce:5b:59:e0:00:61:7f:93:03:58:f0:7f:98:2f:35:
7f:4f:f8:b7:42:05:d2:8f:bc:0b:f7:f7:5c:fe:88:f5:47:c8:
ac:8b:1d:85:06:2e:6a:8c:c1:c2:74:a2:67:6a:38:76:66:c7:
6d:84:ad:e4:93:05:90:21:8e:63:53:65:65:02:7f:4b:5d:9a:
a3:da:ce:e8:f0:a8:26:6a:e2:04:4d:10:8e:72:49:0c:24:44:
78:b6:47:79
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBBDANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY3
MDlFREFGMTEwLwYDVQQFEyg2RjIyQkJDODdBMEYwODRBMDRFNDg4QUU5MUY0NkVD
ODhBMEZCNkJCMB4XDTI0MDEwMjEzMzg0NVoXDTI2MDEwMTEzMzg0NVowGDEWMBQG
A1UEAxMNNjU5NDExZTgtZDEyNTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALccjIBwi/svM6opPxDiG17BSh5kJf2i99p9p8pQLO75q7OvUYHU9GjRVZ90
25X5S4gqowbJS0rAfP9fDnZJH4reMOeEDmCx6LyNd/8OkT8wMxwK35dHPaveul+t
OwOhblm550/U/YzBs75grTWhW7Nv8XBg+KkJ6lpCCJdoWbP2zUYSyqPz+/xaGuCY
mdvJiyHJjpv9MNjQYJgfRWxTqiGJFuSHpx2QJbxgGdeUhAT8lu52Sfq04NeLd06y
7PNibQYHdurcaeIiI8x88ibRa2V12zbs2969T+TG4PxuDlX2NOqlxm9hfQO5TBrQ
w7Wk9U9AiD8tJ/Ipa0jGOAoyT3kCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBTpQKQn
27Viz7ZrwLHlNDcS4WaJpzAfBgNVHSMEGDAWgBRvIrvIeg8ISgTkiK6R9G7Iig+2
uzAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NzA5RUQvOTc4RkI3QzZBOTcwMTFFRUI5MzZBOTk2Nzc1NDEyRTYvYnlLN3lI
b1BDRW9FNUlpdWtmUnV5SW9QdHJzLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvYnlLN3lIb1BDRW9FNUlpdWtmUnV5SW9QdHJzLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2NzA5RUQvOTc4RkI3QzZBOTcwMTFFRUI5MzZBOTk2Nzc1
NDEyRTYvNDFGOUFGREVBOTc0MTFFRUIwQUZBQjlDNzc1NDEyRTYucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAmbTrDANBgkqhkiG9w0BAQsF
AAOCAQEAf9QVw/p+ZzzgtcXRkYHJQ5QMAVMBwV8ey0jBsOq0xfQ381+zR6aJtOFD
gk2nH2q5nwXV8kwfN6w2U07iagglbpK4I8cXaOpnyKUAFpmBqjrGTUNO7DRUMlQa
StcsoBYKHdwIjPlJPh5RyvKKrYQYbPNAobpRx/hYOXG73zcdX3aynoWJpu+wGLF2
M4jCeMDkh1GF0mpzp70xIg7a9jX9mI8pk8b0zltZ4ABhf5MDWPB/mC81f0/4t0IF
0o+8C/f3XP6I9UfIrIsdhQYuaozBwnSiZ2o4dmbHbYSt5JMFkCGOY1NlZQJ/S12a
o9rO6PCoJmriBE0QjnJJDCREeLZHeQ==
-----END CERTIFICATE-----
Generated at Sun Jun 2 03:39:41 2024 by rpki-client on console-ams.rpki-client.org