Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3681ED0/5251C078CE2411EDA092D0ACF1222468/506B37B0FD0A11EEA3B5DB34017001B1.roa
File: 506B37B0FD0A11EEA3B5DB34017001B1.roa (raw, json)
Hash identifier: 12EkqcvUqaX3EcpZliJ64g6Wrfs7WAZ3LR6j5D262RI=
Subject key identifier: 07:48:06:2F:8A:62:23:B4:85:CC:3C:9C:39:85:9E:36:22:0C:E8:89
Certificate issuer: /CN=F3681ED0AF/serialNumber=4A83F31B1B0604CA6D0B72A453DAA3EB587B4C82
Certificate serial: 01A5
Authority key identifier: 4A:83:F3:1B:1B:06:04:CA:6D:0B:72:A4:53:DA:A3:EB:58:7B:4C:82
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/SoPzGxsGBMptC3KkU9qj61h7TII.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3681ED0/5251C078CE2411EDA092D0ACF1222468/506B37B0FD0A11EEA3B5DB34017001B1.roa
Signing time: Wed 17 Apr 2024 22:32:04 +0000
ROA not before: Wed 17 Apr 2024 22:32:00 +0000
ROA not after: Mon 17 Apr 2034 22:32:00 +0000
asID: 19905
IP address blocks: 41.189.160.0/19 maxlen: 24
154.160.0.0/12 maxlen: 24
196.201.32.0/19 maxlen: 24
2c0f:f7c0::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3681ED0/5251C078CE2411EDA092D0ACF1222468/SoPzGxsGBMptC3KkU9qj61h7TII.crl
rsync://rpki.afrinic.net/repository/member_repository/F3681ED0/5251C078CE2411EDA092D0ACF1222468/SoPzGxsGBMptC3KkU9qj61h7TII.mft
rsync://rpki.afrinic.net/repository/afrinic/SoPzGxsGBMptC3KkU9qj61h7TII.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:06:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 421 (0x1a5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3681ED0AF/serialNumber=4A83F31B1B0604CA6D0B72A453DAA3EB587B4C82
Validity
Not Before: Apr 17 22:32:00 2024 GMT
Not After : Apr 17 22:32:00 2034 GMT
Subject: CN=66204de4-4a6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:1e:04:c9:2c:90:d2:00:fb:d3:65:bb:33:d5:
47:c1:04:d4:1b:8d:5f:ff:52:ba:4b:65:f5:8f:28:
0d:67:e0:90:3a:55:a0:02:33:55:62:62:c3:2a:31:
a3:c9:41:14:39:26:82:3c:b9:7f:fc:91:64:2f:ca:
e6:93:42:4a:a5:b6:73:d0:db:a2:ab:0d:d3:6b:b9:
ad:94:0e:7b:20:ba:36:6e:5a:43:ca:7b:d5:a0:f3:
59:90:cb:c3:d4:ce:a4:4f:a0:b6:c4:cb:93:7c:b1:
3b:19:6d:c2:b5:52:d5:05:d1:1c:75:24:da:cd:35:
eb:75:37:5c:8a:aa:a6:b5:01:87:65:f3:ae:6d:e0:
de:7c:c7:05:1f:ff:3a:40:09:c8:bc:1a:5c:08:57:
fe:cb:81:ce:36:de:b2:03:63:ed:8d:72:54:36:2a:
60:c5:b2:87:f2:b5:6e:ab:8d:5c:3f:8d:94:a7:47:
c4:d4:69:62:e7:18:b0:b7:6e:8a:d6:a6:50:78:cf:
3d:3c:c3:e1:e1:45:01:ba:e5:17:7e:01:83:fe:e1:
e2:68:65:5f:ad:af:b3:b9:c8:5b:f7:78:80:87:81:
77:05:38:3d:fe:43:3d:c6:75:0e:b0:30:d8:8d:ca:
cb:b5:04:08:68:d5:ce:51:c9:c1:2a:75:84:b5:3e:
25:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:48:06:2F:8A:62:23:B4:85:CC:3C:9C:39:85:9E:36:22:0C:E8:89
X509v3 Authority Key Identifier:
keyid:4A:83:F3:1B:1B:06:04:CA:6D:0B:72:A4:53:DA:A3:EB:58:7B:4C:82
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3681ED0/5251C078CE2411EDA092D0ACF1222468/SoPzGxsGBMptC3KkU9qj61h7TII.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/SoPzGxsGBMptC3KkU9qj61h7TII.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3681ED0/5251C078CE2411EDA092D0ACF1222468/506B37B0FD0A11EEA3B5DB34017001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
41.189.160.0/19
154.160.0.0/12
196.201.32.0/19
IPv6:
2c0f:f7c0::/32
Signature Algorithm: sha256WithRSAEncryption
98:9a:02:a0:00:83:fe:bd:f9:61:37:59:83:32:7d:1d:e9:93:
f8:19:4e:d1:03:ea:6e:68:84:66:b9:65:18:dd:f8:b2:b3:a4:
de:77:4e:c7:4e:27:cf:73:9a:b2:b7:b4:3c:e2:63:e5:ae:79:
76:34:d7:9f:5a:51:ab:63:0d:c1:c8:47:b4:ed:d4:62:38:39:
57:b1:14:68:2b:50:22:3f:96:94:a0:11:8f:b2:fd:46:83:2c:
95:d1:4d:9d:f2:a6:d6:ae:5a:fe:62:89:e1:ce:53:5f:ed:cc:
86:43:92:52:13:11:fa:06:e9:cb:00:05:0b:77:83:f0:34:ae:
77:9f:4e:04:b7:3a:4f:29:00:22:53:32:47:3c:98:56:2d:7f:
7b:ec:5d:49:d1:01:d3:cc:09:ed:22:98:d2:7d:e4:ed:ff:55:
23:4d:0a:5f:39:0b:f2:15:09:b1:ec:a5:f3:3c:58:46:69:50:
76:c1:8a:4c:5b:7d:c0:f3:c2:06:ac:d1:df:30:56:54:51:aa:
81:79:c1:3c:5a:56:21:be:45:91:b5:58:77:0a:37:ab:d9:88:
b4:28:8e:68:c1:4b:bf:6f:0a:fc:ff:00:ff:81:62:9d:27:69:
5b:a7:c4:3c:fc:89:07:2e:01:d7:ab:02:ef:47:9d:81:07:28:
a9:c9:2e:a3
-----BEGIN CERTIFICATE-----
MIIFnTCCBIWgAwIBAgICAaUwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODFFRDBBRjExMC8GA1UEBRMoNEE4M0YzMUIxQjA2MDRDQTZEMEI3MkE0NTNEQUEz
RUI1ODdCNEM4MjAeFw0yNDA0MTcyMjMyMDBaFw0zNDA0MTcyMjMyMDBaMBgxFjAU
BgNVBAMTDTY2MjA0ZGU0LTRhNmMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC/HgTJLJDSAPvTZbsz1UfBBNQbjV//UrpLZfWPKA1n4JA6VaACM1ViYsMq
MaPJQRQ5JoI8uX/8kWQvyuaTQkqltnPQ26KrDdNrua2UDnsgujZuWkPKe9Wg81mQ
y8PUzqRPoLbEy5N8sTsZbcK1UtUF0Rx1JNrNNet1N1yKqqa1AYdl865t4N58xwUf
/zpACci8GlwIV/7Lgc423rIDY+2NclQ2KmDFsofytW6rjVw/jZSnR8TUaWLnGLC3
borWplB4zz08w+HhRQG65Rd+AYP+4eJoZV+tr7O5yFv3eICHgXcFOD3+Qz3GdQ6w
MNiNysu1BAho1c5RycEqdYS1PiWrAgMBAAGjggK/MIICuzAdBgNVHQ4EFgQUB0gG
L4piI7SFzDycOYWeNiIM6IkwHwYDVR0jBBgwFoAUSoPzGxsGBMptC3KkU9qj61h7
TIIwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgxRUQwLzUyNTFDMDc4Q0UyNDExRURBMDkyRDBBQ0YxMjIyNDY4L1NvUHpH
eHNHQk1wdEMzS2tVOXFqNjFoN1RJSS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL1NvUHpHeHNHQk1wdEMzS2tVOXFqNjFoN1RJSS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgxRUQwLzUyNTFDMDc4Q0UyNDExRURBMDkyRDBBQ0Yx
MjIyNDY4LzUwNkIzN0IwRkQwQTExRUVBM0I1REIzNDAxNzAwMUIxLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwOQYIKwYBBQUHAQcBAf8EKjAoMBcEAgABMBEDBAUpvaADAwSaoAMEBcTJIDAN
BAIAAjAHAwUALA/3wDANBgkqhkiG9w0BAQsFAAOCAQEAmJoCoACD/r35YTdZgzJ9
HemT+BlO0QPqbmiEZrllGN34srOk3ndOx04nz3Oasre0POJj5a55djTXn1pRq2MN
wchHtO3UYjg5V7EUaCtQIj+WlKARj7L9RoMsldFNnfKm1q5a/mKJ4c5TX+3MhkOS
UhMR+gbpywAFC3eD8DSud59OBLc6TykAIlMyRzyYVi1/e+xdSdEB08wJ7SKY0n3k
7f9VI00KXzkL8hUJseyl8zxYRmlQdsGKTFt9wPPCBqzR3zBWVFGqgXnBPFpWIb5F
kbVYdwo3q9mItCiOaMFLv28K/P8A/4FinSdpW6fEPPyJBy4B16sC70edgQcoqcku
ow==
-----END CERTIFICATE-----
Generated at Thu Nov 21 03:10:20 2024 by rpki-client on console-fra.rpki-client.org