Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682104/09CCB94CA76311EABBC1911CF8AEA228/CD69990AAA6111EAAEF51077F8AEA228.roa
File: CD69990AAA6111EAAEF51077F8AEA228.roa (raw, json)
Hash identifier: 66nblc4vo3caJGaaXr6x5DjXPXoBEzrDDtb7jGf9pro=
Subject key identifier: E9:9D:D2:F0:A0:29:E6:B1:08:A6:39:C9:32:33:58:FB:EF:87:4E:2B
Certificate issuer: /CN=F3682104AF/serialNumber=8B1026953ECF7C4CE139FE9A59BDD7228A153544
Certificate serial: 15
Authority key identifier: 8B:10:26:95:3E:CF:7C:4C:E1:39:FE:9A:59:BD:D7:22:8A:15:35:44
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/ixAmlT7PfEzhOf6aWb3XIooVNUQ.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3682104/09CCB94CA76311EABBC1911CF8AEA228/CD69990AAA6111EAAEF51077F8AEA228.roa
Signing time: Tue 09 Jun 2020 14:59:23 +0000
ROA not before: Tue 09 Jun 2020 14:59:17 +0000
ROA not after: Tue 31 Dec 2030 14:59:17 +0000
asID: 33771
IP address blocks: 41.80.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3682104/09CCB94CA76311EABBC1911CF8AEA228/ixAmlT7PfEzhOf6aWb3XIooVNUQ.crl
rsync://rpki.afrinic.net/repository/member_repository/F3682104/09CCB94CA76311EABBC1911CF8AEA228/ixAmlT7PfEzhOf6aWb3XIooVNUQ.mft
rsync://rpki.afrinic.net/repository/afrinic/ixAmlT7PfEzhOf6aWb3XIooVNUQ.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21 (0x15)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3682104AF/serialNumber=8B1026953ECF7C4CE139FE9A59BDD7228A153544
Validity
Not Before: Jun 9 14:59:17 2020 GMT
Not After : Dec 31 14:59:17 2030 GMT
Subject: CN=5edfa3ca-ebf0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:00:f8:fb:18:08:27:e0:74:8d:e4:eb:8c:9b:
e5:45:df:de:72:b6:5a:3b:fd:0f:b6:4c:ca:23:05:
7b:2d:2e:df:a3:fd:a8:3c:e4:0b:5e:d9:f4:93:56:
b8:c1:84:f9:b2:e8:04:4f:5a:d4:ee:b9:64:c8:0d:
e4:17:6c:b4:62:65:64:b6:d4:94:df:37:29:d8:52:
72:b7:fd:66:f8:d8:40:6b:19:74:03:ca:bc:6b:f4:
c0:f7:88:b7:3f:d0:55:bd:1e:b3:ae:4b:9e:d7:0e:
fa:e3:fe:d6:02:62:a8:6b:d7:a3:90:16:34:8a:d5:
82:c4:2b:bf:d3:26:99:27:85:45:9e:60:37:29:e0:
d6:60:66:7a:6e:f7:ef:31:53:31:01:3c:29:d4:91:
74:8c:6e:f0:3d:40:f7:bd:a6:ee:5c:a2:f4:8e:48:
41:aa:36:e4:62:31:d9:3d:3d:a8:ff:54:fa:4e:7c:
58:a3:dd:98:c9:0a:d3:81:38:4e:dc:4b:77:bc:8d:
b3:68:1a:fc:6b:2d:5e:bd:f6:f2:59:7e:f3:27:cf:
fb:05:aa:26:20:2d:c1:d1:a7:ef:19:22:d9:89:ff:
47:5e:0d:17:86:e3:8c:f8:a7:66:b6:31:6f:13:31:
45:f1:28:ef:57:03:7d:c6:0a:e0:29:8c:73:99:1f:
9b:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:9D:D2:F0:A0:29:E6:B1:08:A6:39:C9:32:33:58:FB:EF:87:4E:2B
X509v3 Authority Key Identifier:
keyid:8B:10:26:95:3E:CF:7C:4C:E1:39:FE:9A:59:BD:D7:22:8A:15:35:44
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3682104/09CCB94CA76311EABBC1911CF8AEA228/ixAmlT7PfEzhOf6aWb3XIooVNUQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/ixAmlT7PfEzhOf6aWb3XIooVNUQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682104/09CCB94CA76311EABBC1911CF8AEA228/CD69990AAA6111EAAEF51077F8AEA228.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
41.80.0.0/15
Signature Algorithm: sha256WithRSAEncryption
2a:6f:05:c0:ed:39:de:6d:2a:12:4a:a8:d0:a6:c3:08:95:60:
88:2b:60:24:4e:31:d0:b7:3d:24:b9:b7:ae:b0:8b:94:0d:1c:
22:c3:8a:fb:0d:19:36:c3:94:7d:c2:7d:71:71:47:ed:59:35:
37:10:63:74:7b:de:c2:52:3c:08:24:24:b3:72:1f:39:ec:57:
9f:47:b0:ba:03:a5:cc:f8:98:fc:51:1c:e3:8e:12:51:a6:7e:
4b:c7:90:5e:37:6a:68:7d:71:17:f0:d2:b3:2f:89:a9:74:47:
a8:52:e7:e8:76:2b:60:9d:73:d8:f0:b7:3f:a5:9e:cc:4f:6d:
99:65:e5:2f:73:b6:19:bb:18:e7:52:dc:b2:95:7a:0f:75:dc:
c8:2c:c4:00:44:fd:4a:79:a3:37:f7:58:32:3d:c2:d8:6d:27:
78:2f:90:9b:b7:4f:e9:35:75:34:08:e5:84:43:ce:ee:71:0f:
a6:2d:24:d4:ce:ad:37:d5:8b:a7:0e:33:c0:65:68:66:6b:d0:
c2:c5:06:a1:08:f3:60:7b:61:e0:4e:5b:b3:dc:58:9c:6c:89:
8d:ec:96:80:5b:86:41:0a:fc:20:09:4f:1a:e4:06:c5:27:d2:
ec:24:f8:26:60:be:f6:04:75:56:ee:95:8d:02:5c:e6:25:46:
5c:a5:27:4b
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIBFTANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY4
MjEwNEFGMTEwLwYDVQQFEyg4QjEwMjY5NTNFQ0Y3QzRDRTEzOUZFOUE1OUJERDcy
MjhBMTUzNTQ0MB4XDTIwMDYwOTE0NTkxN1oXDTMwMTIzMTE0NTkxN1owGDEWMBQG
A1UEAxMNNWVkZmEzY2EtZWJmMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALsA+PsYCCfgdI3k64yb5UXf3nK2Wjv9D7ZMyiMFey0u36P9qDzkC17Z9JNW
uMGE+bLoBE9a1O65ZMgN5BdstGJlZLbUlN83KdhScrf9ZvjYQGsZdAPKvGv0wPeI
tz/QVb0es65LntcO+uP+1gJiqGvXo5AWNIrVgsQrv9MmmSeFRZ5gNyng1mBmem73
7zFTMQE8KdSRdIxu8D1A972m7lyi9I5IQao25GIx2T09qP9U+k58WKPdmMkK04E4
TtxLd7yNs2ga/GstXr328ll+8yfP+wWqJiAtwdGn7xki2Yn/R14NF4bjjPinZrYx
bxMxRfEo71cDfcYK4CmMc5kfm0MCAwEAAaOCAqQwggKgMB0GA1UdDgQWBBTpndLw
oCnmsQimOckyM1j774dOKzAfBgNVHSMEGDAWgBSLECaVPs98TOE5/ppZvdciihU1
RDAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2ODIxMDQvMDlDQ0I5NENBNzYzMTFFQUJCQzE5MTFDRjhBRUEyMjgvaXhBbWxU
N1BmRXpoT2Y2YVdiM1hJb29WTlVRLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvaXhBbWxUN1BmRXpoT2Y2YVdiM1hJb29WTlVRLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2ODIxMDQvMDlDQ0I5NENBNzYzMTFFQUJCQzE5MTFDRjhB
RUEyMjgvQ0Q2OTk5MEFBQTYxMTFFQUFFRjUxMDc3RjhBRUEyMjgucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDASlQMA0GCSqGSIb3DQEBCwUA
A4IBAQAqbwXA7TnebSoSSqjQpsMIlWCIK2AkTjHQtz0kubeusIuUDRwiw4r7DRk2
w5R9wn1xcUftWTU3EGN0e97CUjwIJCSzch857FefR7C6A6XM+Jj8URzjjhJRpn5L
x5BeN2pofXEX8NKzL4mpdEeoUufoditgnXPY8Lc/pZ7MT22ZZeUvc7YZuxjnUtyy
lXoPddzILMQARP1KeaM391gyPcLYbSd4L5Cbt0/pNXU0COWEQ87ucQ+mLSTUzq03
1YunDjPAZWhma9DCxQahCPNge2HgTluz3FicbImN7JaAW4ZBCvwgCU8a5AbFJ9Ls
JPgmYL72BHVW7pWNAlzmJUZcpSdL
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:03:45 2024 by rpki-client on console-ams.rpki-client.org