Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F367BA6A/0F4A37F4ECD911EE9F732C67775412E6/4FC97CC233BF11EFB31AEC43762E951A.roa
File: 4FC97CC233BF11EFB31AEC43762E951A.roa (raw, json)
Hash identifier: Z3GPAFp7xfyyNWigxxn0aMlTMxfhtzldl+K+KryO1JQ=
Subject key identifier: 28:7F:82:26:00:AD:F3:43:6C:3B:B4:ED:07:E3:8F:40:3A:EA:15:B2
Certificate issuer: /CN=F367BA6AAF/serialNumber=4F48E7EA30C989B15D363937763553A07E16CD8E
Certificate serial: 7C
Authority key identifier: 4F:48:E7:EA:30:C9:89:B1:5D:36:39:37:76:35:53:A0:7E:16:CD:8E
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/T0jn6jDJibFdNjk3djVToH4WzY4.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F367BA6A/0F4A37F4ECD911EE9F732C67775412E6/4FC97CC233BF11EFB31AEC43762E951A.roa
Signing time: Wed 26 Jun 2024 13:23:44 +0000
ROA not before: Wed 26 Jun 2024 13:23:40 +0000
ROA not after: Mon 26 Jun 2034 13:23:40 +0000
asID: 328866
IP address blocks: 41.92.251.0/24 maxlen: 24
41.92.252.0/24 maxlen: 24
41.92.253.0/24 maxlen: 24
41.92.254.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F367BA6A/0F4A37F4ECD911EE9F732C67775412E6/T0jn6jDJibFdNjk3djVToH4WzY4.crl
rsync://rpki.afrinic.net/repository/member_repository/F367BA6A/0F4A37F4ECD911EE9F732C67775412E6/T0jn6jDJibFdNjk3djVToH4WzY4.mft
rsync://rpki.afrinic.net/repository/afrinic/T0jn6jDJibFdNjk3djVToH4WzY4.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 124 (0x7c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F367BA6AAF/serialNumber=4F48E7EA30C989B15D363937763553A07E16CD8E
Validity
Not Before: Jun 26 13:23:40 2024 GMT
Not After : Jun 26 13:23:40 2034 GMT
Subject: CN=667c1660-68d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:5b:40:af:8d:84:53:a2:fa:f8:b4:ea:8e:22:
88:fe:c0:7d:e1:dc:b9:54:cc:9c:4d:34:e9:e0:8f:
15:9b:7f:55:51:c6:a9:51:0d:44:42:5c:02:cc:6b:
cc:20:16:46:8a:6d:67:4a:d7:72:13:c7:31:71:30:
c6:60:1b:ff:43:7a:4f:3c:3e:31:c5:06:02:55:af:
43:aa:55:7a:27:e8:cf:ac:c2:f0:cd:67:d5:28:b3:
d1:66:cb:13:6d:5d:38:1b:ed:0d:43:06:9b:7a:51:
7b:6b:22:a7:50:9d:81:f1:6f:8c:0d:36:bd:73:01:
fe:a2:fe:e1:5d:78:18:ce:14:75:6c:4e:ed:d3:de:
39:dc:c7:d6:3a:a1:ab:9a:39:4b:c2:a3:2f:6f:9d:
81:e4:9c:f5:92:99:b6:28:e1:07:25:ac:6d:67:8d:
4d:8b:88:a1:ec:62:42:3e:7b:3b:9c:8d:31:99:07:
7b:71:75:46:cb:8a:63:9f:e1:9d:1d:42:a6:53:47:
10:b0:82:ef:8b:17:30:08:c6:91:66:a0:71:88:ab:
45:19:87:aa:42:60:8c:14:ba:8a:bc:6a:1f:34:80:
75:8c:26:69:22:cc:ac:4e:b3:bb:c0:72:6f:05:c5:
4d:f2:eb:0b:48:58:40:1a:bb:cc:bc:fb:13:ae:c6:
c3:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:7F:82:26:00:AD:F3:43:6C:3B:B4:ED:07:E3:8F:40:3A:EA:15:B2
X509v3 Authority Key Identifier:
keyid:4F:48:E7:EA:30:C9:89:B1:5D:36:39:37:76:35:53:A0:7E:16:CD:8E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F367BA6A/0F4A37F4ECD911EE9F732C67775412E6/T0jn6jDJibFdNjk3djVToH4WzY4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/T0jn6jDJibFdNjk3djVToH4WzY4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F367BA6A/0F4A37F4ECD911EE9F732C67775412E6/4FC97CC233BF11EFB31AEC43762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
41.92.251.0-41.92.254.255
Signature Algorithm: sha256WithRSAEncryption
3a:df:cc:15:f4:09:11:3d:d8:3a:fb:ef:1b:30:7e:b7:31:59:
ce:84:21:a5:84:02:dd:91:d9:b1:9f:2f:11:d4:19:f1:ea:29:
ba:b8:dd:6d:e0:03:24:8a:e6:6d:e9:7e:7b:57:33:34:06:e4:
e5:c3:88:19:a0:49:c5:0d:29:37:1a:3f:9f:f5:ab:36:ed:4d:
7b:ac:60:fc:b7:55:cf:b0:e6:29:8f:18:82:4e:64:57:22:cd:
8b:9d:b3:dd:9b:9c:d7:e9:65:d2:b4:ff:be:af:e4:67:b5:41:
e9:f5:b9:f9:e8:65:cd:b8:55:74:4d:5e:c9:86:38:d3:04:ea:
1c:d7:f2:51:7a:bb:25:a9:fb:29:3f:3b:ab:08:9f:ea:ae:5d:
04:1f:ea:4e:b7:4a:a4:5c:ec:9f:ea:ac:e7:0e:3a:a9:10:61:
36:a3:6a:e5:84:2a:57:49:90:bc:34:a9:eb:a4:1c:59:8c:4b:
2b:3c:f4:34:fb:07:e7:73:aa:ad:d3:7e:c1:36:cc:c3:b5:8b:
55:8b:74:9c:f8:9d:9b:69:a9:b0:6c:04:b3:6a:78:1c:dd:66:
45:4d:53:57:2b:12:31:4e:e6:4c:ce:fd:24:db:64:90:94:0a:
ba:07:54:95:84:98:c3:07:f3:a4:e0:dc:52:ff:1e:a7:bb:cb:
9a:88:9e:98
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIBfDANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY3
QkE2QUFGMTEwLwYDVQQFEyg0RjQ4RTdFQTMwQzk4OUIxNUQzNjM5Mzc3NjM1NTNB
MDdFMTZDRDhFMB4XDTI0MDYyNjEzMjM0MFoXDTM0MDYyNjEzMjM0MFowGDEWMBQG
A1UEAxMNNjY3YzE2NjAtNjhkODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKhbQK+NhFOi+vi06o4iiP7AfeHcuVTMnE006eCPFZt/VVHGqVENREJcAsxr
zCAWRoptZ0rXchPHMXEwxmAb/0N6Tzw+McUGAlWvQ6pVeifoz6zC8M1n1Siz0WbL
E21dOBvtDUMGm3pRe2sip1CdgfFvjA02vXMB/qL+4V14GM4UdWxO7dPeOdzH1jqh
q5o5S8KjL2+dgeSc9ZKZtijhByWsbWeNTYuIoexiQj57O5yNMZkHe3F1RsuKY5/h
nR1CplNHELCC74sXMAjGkWagcYirRRmHqkJgjBS6irxqHzSAdYwmaSLMrE6zu8By
bwXFTfLrC0hYQBq7zLz7E67Gw4cCAwEAAaOCAq0wggKpMB0GA1UdDgQWBBQof4Im
AK3zQ2w7tO0H449AOuoVsjAfBgNVHSMEGDAWgBRPSOfqMMmJsV02OTd2NVOgfhbN
jjAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2N0JBNkEvMEY0QTM3RjRFQ0Q5MTFFRTlGNzMyQzY3Nzc1NDEyRTYvVDBqbjZq
REppYkZkTmprM2RqVlRvSDRXelk0LmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvVDBqbjZqREppYkZkTmprM2RqVlRvSDRXelk0LmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2N0JBNkEvMEY0QTM3RjRFQ0Q5MTFFRTlGNzMyQzY3Nzc1
NDEyRTYvNEZDOTdDQzIzM0JGMTFFRkIzMUFFQzQzNzYyRTk1MUEucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAnBggrBgEFBQcBBwEB/wQYMBYwFAQCAAEwDjAMAwQAKVz7AwQAKVz+MA0GCSqG
SIb3DQEBCwUAA4IBAQA638wV9AkRPdg6++8bMH63MVnOhCGlhALdkdmxny8R1Bnx
6im6uN1t4AMkiuZt6X57VzM0BuTlw4gZoEnFDSk3Gj+f9as27U17rGD8t1XPsOYp
jxiCTmRXIs2LnbPdm5zX6WXStP++r+RntUHp9bn56GXNuFV0TV7JhjjTBOoc1/JR
erslqfspPzurCJ/qrl0EH+pOt0qkXOyf6qznDjqpEGE2o2rlhCpXSZC8NKnrpBxZ
jEsrPPQ0+wfnc6qt037BNszDtYtVi3Sc+J2baamwbASzangc3WZFTVNXKxIxTuZM
zv0k22SQlAq6B1SVhJjDB/Ok4NxS/x6nu8uaiJ6Y
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:52:56 2024 by rpki-client on console-fra.rpki-client.org