Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/828A9BC4450C11EFBB5D9A55762E951A.roa
File: 828A9BC4450C11EFBB5D9A55762E951A.roa (raw, json)
Hash identifier: o3FZ2UN4jDpi6GgCoIr6dfEVReBLSFXp88j+tYUYcck=
Subject key identifier: CD:B0:4D:22:A2:CB:41:A8:6E:94:EA:65:99:72:D9:1F:54:BF:DE:57
Certificate issuer: /CN=F367B216AF/serialNumber=2F407FECD8B7DDDCA5D5B90A5E19589D06C101DC
Certificate serial: 068B
Authority key identifier: 2F:40:7F:EC:D8:B7:DD:DC:A5:D5:B9:0A:5E:19:58:9D:06:C1:01:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/L0B_7Ni33dyl1bkKXhlYnQbBAdw.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/828A9BC4450C11EFBB5D9A55762E951A.roa
Signing time: Thu 18 Jul 2024 13:49:11 +0000
ROA not before: Thu 18 Jul 2024 13:49:06 +0000
ROA not after: Tue 18 Jul 2034 13:49:06 +0000
asID: 20011
IP address blocks: 41.132.32.0/20 maxlen: 24
41.135.0.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/L0B_7Ni33dyl1bkKXhlYnQbBAdw.crl
rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/L0B_7Ni33dyl1bkKXhlYnQbBAdw.mft
rsync://rpki.afrinic.net/repository/afrinic/L0B_7Ni33dyl1bkKXhlYnQbBAdw.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1675 (0x68b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F367B216AF/serialNumber=2F407FECD8B7DDDCA5D5B90A5E19589D06C101DC
Validity
Not Before: Jul 18 13:49:06 2024 GMT
Not After : Jul 18 13:49:06 2034 GMT
Subject: CN=66991d57-e40a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:9f:0d:69:4d:69:c8:e8:7a:b2:e9:cd:d8:36:
9d:e9:28:1a:2c:1a:00:e1:f3:c4:2d:fc:4a:7f:d4:
16:7a:1e:41:d4:d1:d1:b2:d4:51:c8:d6:1a:f0:9a:
7d:8d:2c:e8:f4:6b:de:31:24:cb:e5:fd:49:73:a6:
bd:7c:ed:30:15:e9:82:7c:41:fb:56:c9:a3:32:da:
be:32:7a:40:e9:1b:90:d5:94:07:2e:f5:76:00:6c:
c6:99:40:d6:59:ea:f4:c0:70:9b:3d:9b:a9:73:44:
e2:c3:87:10:37:2d:3c:d4:bf:72:f1:4d:39:34:8a:
8f:e8:e6:58:f8:da:27:58:ef:6e:2c:06:87:9c:f0:
92:d1:7a:75:c7:54:e5:b0:93:1c:15:25:bb:10:f0:
49:dd:f1:71:58:0e:f4:cf:34:13:6a:76:b7:61:77:
7b:75:7f:ff:6d:5c:b9:c9:dd:ff:2b:b3:53:4a:39:
c4:8e:16:f3:8a:f9:a4:5a:d2:0f:45:98:0a:21:81:
0a:80:1a:e3:1d:0d:a1:38:b8:8d:d0:cd:97:17:c3:
48:d3:eb:e6:1c:a7:5e:fd:fb:2d:79:f2:da:82:aa:
de:1b:cb:87:7c:46:09:a3:9a:8e:af:a8:65:09:f3:
db:89:9b:54:8d:96:90:c3:51:71:7c:0c:c3:26:29:
bd:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:B0:4D:22:A2:CB:41:A8:6E:94:EA:65:99:72:D9:1F:54:BF:DE:57
X509v3 Authority Key Identifier:
keyid:2F:40:7F:EC:D8:B7:DD:DC:A5:D5:B9:0A:5E:19:58:9D:06:C1:01:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/L0B_7Ni33dyl1bkKXhlYnQbBAdw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/L0B_7Ni33dyl1bkKXhlYnQbBAdw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/828A9BC4450C11EFBB5D9A55762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
41.132.32.0/20
41.135.0.0/19
Signature Algorithm: sha256WithRSAEncryption
d4:e9:6b:b6:8e:3d:3c:e0:d6:c4:5f:11:68:fd:1a:5e:e2:c0:
b6:4d:29:57:b6:64:2f:b6:2f:24:79:62:dd:7d:dd:b9:1f:5b:
d0:75:39:ea:16:d5:6c:38:51:12:80:8c:ae:0e:d1:3d:22:72:
ad:cb:db:24:4c:49:95:67:77:0d:8a:56:55:8b:64:25:78:13:
11:83:47:76:c0:4e:84:91:5a:0e:2d:7e:41:be:d4:be:d4:b8:
e0:00:dc:fa:9f:64:11:72:cc:bf:a8:b8:1b:cb:79:e4:d8:af:
d9:3d:5d:51:01:d1:ee:cd:84:14:0e:6a:e0:c5:29:6d:c7:a3:
36:43:24:80:5f:a1:eb:31:49:58:cc:d1:4a:df:f2:53:f1:28:
dc:b7:6d:df:5d:03:a8:d7:0c:36:fa:1a:34:4a:64:1e:05:90:
53:2f:e6:43:10:cb:cb:7a:4d:35:07:24:5a:65:e3:a6:d6:36:
90:7b:3a:07:65:f6:6b:fe:da:6d:0b:7d:bc:e0:60:fa:b9:e4:
12:a4:9a:49:a5:5d:14:a2:49:a4:54:98:bb:3e:20:ba:59:21:
69:98:7f:e4:43:3a:12:c5:35:13:97:96:b7:c1:eb:45:f6:ac:
2c:12:a1:11:94:53:85:dc:5d:d2:a8:50:6b:16:d8:f1:3f:43:
f2:b7:ea:87
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgICBoswDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
N0IyMTZBRjExMC8GA1UEBRMoMkY0MDdGRUNEOEI3REREQ0E1RDVCOTBBNUUxOTU4
OUQwNkMxMDFEQzAeFw0yNDA3MTgxMzQ5MDZaFw0zNDA3MTgxMzQ5MDZaMBgxFjAU
BgNVBAMTDTY2OTkxZDU3LWU0MGEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQClnw1pTWnI6Hqy6c3YNp3pKBosGgDh88Qt/Ep/1BZ6HkHU0dGy1FHI1hrw
mn2NLOj0a94xJMvl/Ulzpr187TAV6YJ8QftWyaMy2r4yekDpG5DVlAcu9XYAbMaZ
QNZZ6vTAcJs9m6lzROLDhxA3LTzUv3LxTTk0io/o5lj42idY724sBoec8JLRenXH
VOWwkxwVJbsQ8End8XFYDvTPNBNqdrdhd3t1f/9tXLnJ3f8rs1NKOcSOFvOK+aRa
0g9FmAohgQqAGuMdDaE4uI3QzZcXw0jT6+Ycp179+y158tqCqt4by4d8Rgmjmo6v
qGUJ89uJm1SNlpDDUXF8DMMmKb0LAgMBAAGjggKrMIICpzAdBgNVHQ4EFgQUzbBN
IqLLQahulOplmXLZH1S/3lcwHwYDVR0jBBgwFoAUL0B/7Ni33dyl1bkKXhlYnQbB
AdwwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjdCMjE2LzM2QUMwRjk2ODdENTExRUJBQUZGMzQ0N0Y4QUVBMjI4L0wwQl83
TmkzM2R5bDFia0tYaGxZblFiQkFkdy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0wwQl83TmkzM2R5bDFia0tYaGxZblFiQkFkdy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjdCMjE2LzM2QUMwRjk2ODdENTExRUJBQUZGMzQ0N0Y4
QUVBMjI4LzgyOEE5QkM0NDUwQzExRUZCQjVEOUE1NTc2MkU5NTFBLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBAQphCADBAUphwAwDQYJKoZI
hvcNAQELBQADggEBANTpa7aOPTzg1sRfEWj9Gl7iwLZNKVe2ZC+2LyR5Yt193bkf
W9B1OeoW1Ww4URKAjK4O0T0icq3L2yRMSZVndw2KVlWLZCV4ExGDR3bAToSRWg4t
fkG+1L7UuOAA3PqfZBFyzL+ouBvLeeTYr9k9XVEB0e7NhBQOauDFKW3HozZDJIBf
oesxSVjM0Urf8lPxKNy3bd9dA6jXDDb6GjRKZB4FkFMv5kMQy8t6TTUHJFpl46bW
NpB7Ogdl9mv+2m0LfbzgYPq55BKkmkmlXRSiSaRUmLs+ILpZIWmYf+RDOhLFNROX
lrfB60X2rCwSoRGUU4XcXdKoUGsW2PE/Q/K36oc=
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:08:54 2024 by rpki-client on console-fra.rpki-client.org