Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F367B3D1/C4C3AEB0C11F11EFA0B58AA4762E951A/1561360CC12111EFA3DCFAAD762E951A.roa
File: 1561360CC12111EFA3DCFAAD762E951A.roa (raw, json)
Hash identifier: m44/mD69fqilQr5qakXjjSIMYxNycWbNcH5wLm+55Bk=
Subject key identifier: 48:AC:29:7A:50:DF:16:F6:47:89:FC:69:2A:38:C5:74:82:AE:FD:F3
Certificate issuer: /CN=F367B3D1AF/serialNumber=F07D3134A0CC3C04290398157CA05592E72BCFAB
Certificate serial: 04
Authority key identifier: F0:7D:31:34:A0:CC:3C:04:29:03:98:15:7C:A0:55:92:E7:2B:CF:AB
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/8H0xNKDMPAQpA5gVfKBVkucrz6s.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F367B3D1/C4C3AEB0C11F11EFA0B58AA4762E951A/1561360CC12111EFA3DCFAAD762E951A.roa
Signing time: Mon 23 Dec 2024 11:28:51 +0000
ROA not before: Mon 23 Dec 2024 11:28:47 +0000
ROA not after: Sat 23 Dec 2034 11:28:47 +0000
asID: 37163
IP address blocks: 41.78.52.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F367B3D1/C4C3AEB0C11F11EFA0B58AA4762E951A/8H0xNKDMPAQpA5gVfKBVkucrz6s.crl
rsync://rpki.afrinic.net/repository/member_repository/F367B3D1/C4C3AEB0C11F11EFA0B58AA4762E951A/8H0xNKDMPAQpA5gVfKBVkucrz6s.mft
rsync://rpki.afrinic.net/repository/afrinic/8H0xNKDMPAQpA5gVfKBVkucrz6s.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 03:22:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4 (0x4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F367B3D1AF
Validity
Not Before: Dec 23 11:28:47 2024 GMT
Not After : Dec 23 11:28:47 2034 GMT
Subject: CN=67694973-c261
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:51:ad:7c:89:ce:84:b4:18:90:f1:8c:61:5c:
9d:43:b3:8e:f0:49:3b:e0:d7:ff:1d:3c:6d:a1:61:
2c:65:b5:f1:82:7b:1b:ad:80:21:7c:86:41:9e:d4:
66:db:83:a1:b5:cb:33:42:59:68:5b:6d:19:a6:cf:
e2:b1:06:e7:89:9f:b8:cb:12:96:99:8a:37:1e:96:
01:71:4b:44:d3:ec:6a:cb:22:8e:0e:10:eb:a5:1a:
eb:26:80:f4:c4:ed:89:82:02:36:60:41:f7:d4:28:
dc:3f:a9:a2:7c:49:e6:b1:4d:a0:16:86:de:0c:18:
7d:69:30:0b:cf:43:17:87:c8:1e:01:14:42:f5:2c:
15:cc:c6:03:7d:30:1c:4b:f4:43:dc:25:fb:dd:5e:
f1:83:74:c5:73:7f:16:c1:3b:39:5e:2f:cd:60:65:
78:93:10:ef:a9:ef:37:bc:78:1f:03:ec:67:2e:c0:
fb:00:2c:62:9b:2c:fc:f1:04:ae:07:02:bf:d8:9f:
ae:36:91:c7:c1:ea:ae:6a:fb:72:db:63:3c:1e:1c:
9f:91:15:6a:6f:b4:79:1d:63:91:83:90:76:f9:40:
2a:d4:eb:8d:d2:17:02:fc:ed:d3:c1:0b:d4:32:2b:
73:3d:58:a8:d1:69:5e:86:f1:6a:d5:0c:1d:b6:54:
91:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:AC:29:7A:50:DF:16:F6:47:89:FC:69:2A:38:C5:74:82:AE:FD:F3
X509v3 Authority Key Identifier:
keyid:F0:7D:31:34:A0:CC:3C:04:29:03:98:15:7C:A0:55:92:E7:2B:CF:AB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F367B3D1/C4C3AEB0C11F11EFA0B58AA4762E951A/8H0xNKDMPAQpA5gVfKBVkucrz6s.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/8H0xNKDMPAQpA5gVfKBVkucrz6s.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F367B3D1/C4C3AEB0C11F11EFA0B58AA4762E951A/1561360CC12111EFA3DCFAAD762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
41.78.52.0/22
Signature Algorithm: sha256WithRSAEncryption
a0:c5:5a:1d:aa:09:5d:df:25:c6:9a:71:ba:89:84:e7:85:9e:
22:88:76:a8:4d:ee:0d:e7:e3:cf:c4:84:7f:04:e9:54:7e:34:
9c:b4:29:2f:ba:13:21:7a:87:ff:7d:54:8d:3b:2a:08:bc:e1:
bb:4b:27:6c:5b:7d:41:f8:e6:29:72:40:45:0e:17:01:3a:52:
4e:99:14:10:dd:dc:13:ae:49:0f:d8:f0:47:39:98:a6:c7:02:
44:4a:41:f1:5d:f3:fd:8a:f9:ca:ac:18:c3:18:7c:8e:e3:11:
65:93:31:30:a0:7c:d9:1e:85:28:de:49:fa:2b:38:ca:a7:c7:
4e:fa:e1:0a:6e:e3:72:d8:42:9e:6e:01:07:dc:b2:01:eb:a8:
1c:0c:4c:44:ab:45:09:c3:69:22:b8:7c:ee:58:a3:f5:2e:ec:
97:12:5c:e4:1b:c7:69:c2:a3:d7:fc:7d:78:31:f9:22:4f:fe:
86:d0:ce:45:84:bf:76:7e:27:cf:60:3e:52:55:8c:7a:fe:95:
d6:a2:ec:61:71:ea:23:92:f1:98:d9:81:54:ae:31:48:4e:93:
b2:92:eb:12:48:73:7b:f4:9c:fd:27:e1:c1:d3:2b:d5:70:c0:
7e:d3:6f:cc:2d:ba:43:24:2d:12:26:a5:e2:17:9e:4f:dc:8d:
d4:2f:16:b3
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBBDANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY3
QjNEMUFGMTEwLwYDVQQFEyhGMDdEMzEzNEEwQ0MzQzA0MjkwMzk4MTU3Q0EwNTU5
MkU3MkJDRkFCMB4XDTI0MTIyMzExMjg0N1oXDTM0MTIyMzExMjg0N1owGDEWMBQG
A1UEAxMNNjc2OTQ5NzMtYzI2MTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALpRrXyJzoS0GJDxjGFcnUOzjvBJO+DX/x08baFhLGW18YJ7G62AIXyGQZ7U
ZtuDobXLM0JZaFttGabP4rEG54mfuMsSlpmKNx6WAXFLRNPsassijg4Q66Ua6yaA
9MTtiYICNmBB99Qo3D+ponxJ5rFNoBaG3gwYfWkwC89DF4fIHgEUQvUsFczGA30w
HEv0Q9wl+91e8YN0xXN/FsE7OV4vzWBleJMQ76nvN7x4HwPsZy7A+wAsYpss/PEE
rgcCv9ifrjaRx8Hqrmr7cttjPB4cn5EVam+0eR1jkYOQdvlAKtTrjdIXAvzt08EL
1DIrcz1YqNFpXobxatUMHbZUka0CAwEAAaOCAqUwggKhMB0GA1UdDgQWBBRIrCl6
UN8W9keJ/GkqOMV0gq798zAfBgNVHSMEGDAWgBTwfTE0oMw8BCkDmBV8oFWS5yvP
qzAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2N0IzRDEvQzRDM0FFQjBDMTFGMTFFRkEwQjU4QUE0NzYyRTk1MUEvOEgweE5L
RE1QQVFwQTVnVmZLQlZrdWNyejZzLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvOEgweE5LRE1QQVFwQTVnVmZLQlZrdWNyejZzLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2N0IzRDEvQzRDM0FFQjBDMTFGMTFFRkEwQjU4QUE0NzYy
RTk1MUEvMTU2MTM2MENDMTIxMTFFRkEzRENGQUFENzYyRTk1MUEucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAilONDANBgkqhkiG9w0BAQsF
AAOCAQEAoMVaHaoJXd8lxppxuomE54WeIoh2qE3uDefjz8SEfwTpVH40nLQpL7oT
IXqH/31UjTsqCLzhu0snbFt9QfjmKXJARQ4XATpSTpkUEN3cE65JD9jwRzmYpscC
REpB8V3z/Yr5yqwYwxh8juMRZZMxMKB82R6FKN5J+is4yqfHTvrhCm7jcthCnm4B
B9yyAeuoHAxMRKtFCcNpIrh87lij9S7slxJc5BvHacKj1/x9eDH5Ik/+htDORYS/
dn4nz2A+UlWMev6V1qLsYXHqI5LxmNmBVK4xSE6TspLrEkhze/Sc/SfhwdMr1XDA
ftNvzC26QyQtEial4heeT9yN1C8Wsw==
-----END CERTIFICATE-----
Generated at Wed Feb 5 14:59:07 2025 by rpki-client