Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F367FC8B/7B5474960EA911EE99CD2B764AD9E6FC/67F33B340F4A11EE89ED45634AD9E6FC.roa
File: 67F33B340F4A11EE89ED45634AD9E6FC.roa (raw, json)
Hash identifier: bd7NHUTD+OvvQZs6e+zFirgtzIrC4L3GtStY8srlMjc=
Subject key identifier: C4:7F:12:D6:B3:28:83:76:2B:5C:EB:0A:DC:D7:62:38:42:A0:4A:5F
Certificate issuer: /CN=F367FC8BAF/serialNumber=77412D7CC1053CE19D379CCC6007B925A1E74CA1
Certificate serial: 03
Authority key identifier: 77:41:2D:7C:C1:05:3C:E1:9D:37:9C:CC:60:07:B9:25:A1:E7:4C:A1
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/d0EtfMEFPOGdN5zMYAe5JaHnTKE.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F367FC8B/7B5474960EA911EE99CD2B764AD9E6FC/67F33B340F4A11EE89ED45634AD9E6FC.roa
Signing time: Tue 20 Jun 2023 09:11:14 +0000
ROA not before: Tue 20 Jun 2023 09:11:04 +0000
ROA not after: Thu 20 Jun 2024 09:11:04 +0000
asID: 9129
IP address blocks: 41.209.0.0/18 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F367FC8B/7B5474960EA911EE99CD2B764AD9E6FC/d0EtfMEFPOGdN5zMYAe5JaHnTKE.crl
rsync://rpki.afrinic.net/repository/member_repository/F367FC8B/7B5474960EA911EE99CD2B764AD9E6FC/d0EtfMEFPOGdN5zMYAe5JaHnTKE.mft
rsync://rpki.afrinic.net/repository/afrinic/d0EtfMEFPOGdN5zMYAe5JaHnTKE.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 04 Jun 2024 00:04:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3 (0x3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F367FC8BAF/serialNumber=77412D7CC1053CE19D379CCC6007B925A1E74CA1
Validity
Not Before: Jun 20 09:11:04 2023 GMT
Not After : Jun 20 09:11:04 2024 GMT
Subject: CN=64916d32-13f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:2f:1e:84:e6:eb:09:39:ed:bb:0b:5f:9b:45:
e1:d2:fd:3d:a4:40:d5:b2:c6:97:18:ed:5a:c8:44:
22:3d:7b:30:46:cc:52:86:45:ef:47:83:54:e6:8d:
f1:52:c5:8a:f9:66:c5:75:6f:4e:8d:9b:5b:f6:bc:
5b:9f:00:10:e2:15:f1:db:fc:aa:6e:1a:e9:29:be:
95:11:c9:03:fa:38:ef:6d:9a:29:51:42:f1:07:da:
3e:ef:80:70:4b:4d:23:7c:44:95:ee:e7:35:3a:f5:
ae:60:a2:c6:11:08:52:c9:b5:f1:4c:77:bd:d3:fb:
6f:3f:5e:89:dc:b6:71:40:0e:21:ff:57:76:c3:29:
61:40:9c:90:84:55:be:cc:02:ec:34:b7:18:d0:fb:
95:5d:89:aa:01:b4:fa:1c:24:ff:34:38:9c:18:6a:
49:da:d6:a4:32:4a:04:14:db:34:c4:99:eb:f6:7c:
f9:7a:5b:ea:a6:fa:b3:ef:be:18:2b:66:8f:c0:23:
44:24:87:a7:18:85:78:9a:a1:bd:5d:af:e2:81:69:
3b:97:cd:08:6c:74:ce:1a:2a:33:b7:a5:0c:8c:dc:
a2:e3:1f:6d:42:51:61:5e:a2:92:7d:d1:e4:34:2d:
88:7f:ba:e2:9c:5f:47:2f:1c:73:fe:69:b8:e7:88:
93:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:7F:12:D6:B3:28:83:76:2B:5C:EB:0A:DC:D7:62:38:42:A0:4A:5F
X509v3 Authority Key Identifier:
keyid:77:41:2D:7C:C1:05:3C:E1:9D:37:9C:CC:60:07:B9:25:A1:E7:4C:A1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F367FC8B/7B5474960EA911EE99CD2B764AD9E6FC/d0EtfMEFPOGdN5zMYAe5JaHnTKE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/d0EtfMEFPOGdN5zMYAe5JaHnTKE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F367FC8B/7B5474960EA911EE99CD2B764AD9E6FC/67F33B340F4A11EE89ED45634AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
41.209.0.0/18
Signature Algorithm: sha256WithRSAEncryption
2a:6c:cf:2a:b6:fb:d6:c1:1a:b1:9e:c5:18:7d:c1:67:40:92:
e4:16:6c:a7:3a:60:f0:11:b0:b5:58:c3:03:63:4c:d8:a1:a9:
c1:99:5a:65:47:f5:aa:7e:e8:0f:39:8a:f0:de:0e:c3:fc:9d:
99:27:e2:58:47:51:c2:07:33:b0:b1:02:66:b8:75:66:08:0e:
0e:de:74:e6:0f:34:f7:60:be:c3:d0:18:8e:50:23:65:ec:93:
e1:5a:40:b2:fa:20:4d:38:71:d5:f5:2a:71:ce:b2:c4:eb:4c:
24:d2:90:c6:63:1d:c1:26:7c:7d:29:b2:ec:4d:46:3c:47:3d:
a7:f9:51:a0:41:e6:ce:73:33:4f:6f:57:55:ef:69:a2:be:56:
3d:e8:94:7a:3c:05:42:10:fc:f7:97:9f:48:c9:48:23:cb:b9:
c8:20:77:31:c0:bd:8a:eb:e0:06:b1:37:32:41:2e:a4:b8:19:
19:20:3f:cc:8d:c1:b4:44:3d:67:f1:7d:4c:cd:08:db:f3:b4:
1e:0a:eb:76:cc:54:6f:21:d3:4c:81:71:28:25:e4:83:45:73:
e7:ce:42:94:41:d4:3d:66:56:b0:30:01:57:ba:18:28:98:f4:
2e:a3:da:51:41:b6:88:95:7b:75:0f:08:c1:d9:0f:a3:8f:0c:
9f:7a:45:6c
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBAzANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY3
RkM4QkFGMTEwLwYDVQQFEyg3NzQxMkQ3Q0MxMDUzQ0UxOUQzNzlDQ0M2MDA3Qjky
NUExRTc0Q0ExMB4XDTIzMDYyMDA5MTEwNFoXDTI0MDYyMDA5MTEwNFowGDEWMBQG
A1UEAxMNNjQ5MTZkMzItMTNmODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOkvHoTm6wk57bsLX5tF4dL9PaRA1bLGlxjtWshEIj17MEbMUoZF70eDVOaN
8VLFivlmxXVvTo2bW/a8W58AEOIV8dv8qm4a6Sm+lRHJA/o4722aKVFC8QfaPu+A
cEtNI3xEle7nNTr1rmCixhEIUsm18Ux3vdP7bz9eidy2cUAOIf9XdsMpYUCckIRV
vswC7DS3GND7lV2JqgG0+hwk/zQ4nBhqSdrWpDJKBBTbNMSZ6/Z8+Xpb6qb6s+++
GCtmj8AjRCSHpxiFeJqhvV2v4oFpO5fNCGx0zhoqM7elDIzcouMfbUJRYV6ikn3R
5DQtiH+64pxfRy8cc/5puOeIk5kCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBTEfxLW
syiDditc6wrc12I4QqBKXzAfBgNVHSMEGDAWgBR3QS18wQU84Z03nMxgB7kloedM
oTAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2N0ZDOEIvN0I1NDc0OTYwRUE5MTFFRTk5Q0QyQjc2NEFEOUU2RkMvZDBFdGZN
RUZQT0dkTjV6TVlBZTVKYUhuVEtFLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvZDBFdGZNRUZQT0dkTjV6TVlBZTVKYUhuVEtFLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2N0ZDOEIvN0I1NDc0OTYwRUE5MTFFRTk5Q0QyQjc2NEFE
OUU2RkMvNjdGMzNCMzQwRjRBMTFFRTg5RUQ0NTYzNEFEOUU2RkMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBinRADANBgkqhkiG9w0BAQsF
AAOCAQEAKmzPKrb71sEasZ7FGH3BZ0CS5BZspzpg8BGwtVjDA2NM2KGpwZlaZUf1
qn7oDzmK8N4Ow/ydmSfiWEdRwgczsLECZrh1ZggODt505g8092C+w9AYjlAjZeyT
4VpAsvogTThx1fUqcc6yxOtMJNKQxmMdwSZ8fSmy7E1GPEc9p/lRoEHmznMzT29X
Ve9por5WPeiUejwFQhD895efSMlII8u5yCB3McC9iuvgBrE3MkEupLgZGSA/zI3B
tEQ9Z/F9TM0I2/O0HgrrdsxUbyHTTIFxKCXkg0Vz585ClEHUPWZWsDABV7oYKJj0
LqPaUUG2iJV7dQ8IwdkPo48Mn3pFbA==
-----END CERTIFICATE-----
Generated at Sun Jun 2 03:39:44 2024 by rpki-client on console-ams.rpki-client.org