Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368B07F/9A1299DEB9C411E78B59C061F8AEA228/AA5225C0D58E11EE8D26517A775412E6.roa
File: AA5225C0D58E11EE8D26517A775412E6.roa (raw, json)
Hash identifier: tJX8jsW6xqCFPxUYtuTHYXG1DXTHpA7xdmIPD9JG+dM=
Subject key identifier: 53:02:B0:94:FE:68:9F:2D:F2:0A:C8:20:B2:06:25:BD:0D:2D:B7:20
Certificate issuer: /CN=F368B07FAF/serialNumber=78825B2BC908A40FEF62B26482D61A98575FCBD3
Certificate serial: 095A
Authority key identifier: 78:82:5B:2B:C9:08:A4:0F:EF:62:B2:64:82:D6:1A:98:57:5F:CB:D3
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/eIJbK8kIpA_vYrJkgtYamFdfy9M.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368B07F/9A1299DEB9C411E78B59C061F8AEA228/AA5225C0D58E11EE8D26517A775412E6.roa
Signing time: Tue 27 Feb 2024 16:38:41 +0000
ROA not before: Tue 27 Feb 2024 16:38:38 +0000
ROA not after: Sun 01 Mar 2026 16:38:38 +0000
asID: 37314
IP address blocks: 41.79.20.0/22 maxlen: 22
41.79.20.0/24 maxlen: 24
41.79.21.0/24 maxlen: 24
41.79.22.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368B07F/9A1299DEB9C411E78B59C061F8AEA228/eIJbK8kIpA_vYrJkgtYamFdfy9M.crl
rsync://rpki.afrinic.net/repository/member_repository/F368B07F/9A1299DEB9C411E78B59C061F8AEA228/eIJbK8kIpA_vYrJkgtYamFdfy9M.mft
rsync://rpki.afrinic.net/repository/afrinic/eIJbK8kIpA_vYrJkgtYamFdfy9M.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 24 May 2024 00:05:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2394 (0x95a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368B07FAF/serialNumber=78825B2BC908A40FEF62B26482D61A98575FCBD3
Validity
Not Before: Feb 27 16:38:38 2024 GMT
Not After : Mar 1 16:38:38 2026 GMT
Subject: CN=65de1011-35ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:5d:c4:5e:a2:0f:9d:f3:73:19:1a:3a:05:d9:
30:68:db:92:b4:e7:86:d6:15:bd:db:13:29:48:b1:
9c:56:06:35:95:b7:3f:3e:21:17:90:94:e6:68:65:
85:23:98:e7:59:70:52:c1:f2:ea:fb:47:cc:8f:e6:
79:1f:d0:57:99:8b:1b:6a:27:57:66:04:18:59:81:
f7:92:e7:1b:98:47:c3:2d:cb:df:53:a3:e8:b8:a2:
19:a7:6b:aa:0a:f1:3e:85:8f:8e:f2:81:57:d5:fc:
b8:02:55:85:33:3e:13:19:fb:6a:26:7b:80:ee:b9:
23:88:db:9d:16:86:62:8f:ac:ad:e3:7f:1c:c4:2d:
41:14:5a:9a:d3:dc:d1:d9:e4:bc:3f:d2:21:1f:04:
9a:6f:46:f0:06:f4:38:e9:69:7d:7e:45:6c:a2:56:
60:e7:94:9a:08:a3:00:38:15:ae:04:fe:c6:08:c9:
fc:39:3c:97:59:a7:87:42:db:f2:d6:f9:51:00:95:
4e:bf:3f:4f:c9:3d:ce:66:08:5c:0a:70:0f:8d:9e:
da:1f:05:60:fe:97:8c:22:ce:5c:aa:80:2c:0a:18:
8b:06:82:27:63:8d:38:0d:44:ba:20:f0:24:c1:c7:
07:37:19:4a:45:23:86:c0:7c:66:ea:37:e3:85:59:
9e:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:02:B0:94:FE:68:9F:2D:F2:0A:C8:20:B2:06:25:BD:0D:2D:B7:20
X509v3 Authority Key Identifier:
keyid:78:82:5B:2B:C9:08:A4:0F:EF:62:B2:64:82:D6:1A:98:57:5F:CB:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368B07F/9A1299DEB9C411E78B59C061F8AEA228/eIJbK8kIpA_vYrJkgtYamFdfy9M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/eIJbK8kIpA_vYrJkgtYamFdfy9M.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368B07F/9A1299DEB9C411E78B59C061F8AEA228/AA5225C0D58E11EE8D26517A775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
41.79.20.0/22
Signature Algorithm: sha256WithRSAEncryption
2f:de:b1:7e:b9:f6:a5:41:f1:0f:f0:5e:a5:19:09:30:81:40:
e3:8d:e2:1c:ea:8c:0a:6e:ba:51:2e:f2:cd:99:ad:16:44:0e:
83:32:e6:2d:c0:6f:05:f2:3d:0f:a1:64:b7:b0:0d:c7:6e:f6:
a7:3c:46:75:5d:04:04:b9:85:20:af:b2:55:9b:ca:84:e1:a5:
98:43:fb:bc:58:c8:7a:3b:51:92:60:7a:47:bd:a9:68:c7:2f:
e3:57:dd:16:0a:d7:41:12:5e:b7:9a:3c:61:ff:b1:6f:f9:45:
21:ec:ff:32:cc:d6:66:2e:b2:75:68:5f:3c:27:92:ea:e0:79:
f7:6b:74:e3:9e:47:d8:97:7d:0d:70:78:6f:8c:36:b1:17:d3:
5d:02:ac:27:a8:3a:da:b8:c4:37:da:f6:f9:88:b4:0c:85:63:
3b:92:5a:23:62:d3:27:9a:e6:cf:91:cb:44:1d:1d:d8:63:57:
7d:e2:c8:5b:5e:eb:00:7e:78:57:db:fb:7b:ba:02:82:ce:e1:
1f:55:14:3f:ff:75:53:6a:ed:ee:95:48:ae:7f:a4:41:6a:b2:
43:c1:5b:09:4f:d0:1d:74:ea:be:5d:96:9b:50:93:9c:fc:bd:
ce:99:de:cc:ce:70:19:e6:7b:4d:30:50:47:25:50:44:c1:4e:
37:4f:60:9b
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICCVowDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
OEIwN0ZBRjExMC8GA1UEBRMoNzg4MjVCMkJDOTA4QTQwRkVGNjJCMjY0ODJENjFB
OTg1NzVGQ0JEMzAeFw0yNDAyMjcxNjM4MzhaFw0yNjAzMDExNjM4MzhaMBgxFjAU
BgNVBAMTDTY1ZGUxMDExLTM1Y2UwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDGXcReog+d83MZGjoF2TBo25K054bWFb3bEylIsZxWBjWVtz8+IReQlOZo
ZYUjmOdZcFLB8ur7R8yP5nkf0FeZixtqJ1dmBBhZgfeS5xuYR8Mty99To+i4ohmn
a6oK8T6Fj47ygVfV/LgCVYUzPhMZ+2ome4DuuSOI250WhmKPrK3jfxzELUEUWprT
3NHZ5Lw/0iEfBJpvRvAG9DjpaX1+RWyiVmDnlJoIowA4Fa4E/sYIyfw5PJdZp4dC
2/LW+VEAlU6/P0/JPc5mCFwKcA+NntofBWD+l4wizlyqgCwKGIsGgidjjTgNRLog
8CTBxwc3GUpFI4bAfGbqN+OFWZ4FAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUUwKw
lP5ony3yCsggsgYlvQ0ttyAwHwYDVR0jBBgwFoAUeIJbK8kIpA/vYrJkgtYamFdf
y9MwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjhCMDdGLzlBMTI5OURFQjlDNDExRTc4QjU5QzA2MUY4QUVBMjI4L2VJSmJL
OGtJcEFfdllySmtndFlhbUZkZnk5TS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL2VJSmJLOGtJcEFfdllySmtndFlhbUZkZnk5TS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjhCMDdGLzlBMTI5OURFQjlDNDExRTc4QjU5QzA2MUY4
QUVBMjI4L0FBNTIyNUMwRDU4RTExRUU4RDI2NTE3QTc3NTQxMkU2LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAIpTxQwDQYJKoZIhvcNAQEL
BQADggEBAC/esX659qVB8Q/wXqUZCTCBQOON4hzqjApuulEu8s2ZrRZEDoMy5i3A
bwXyPQ+hZLewDcdu9qc8RnVdBAS5hSCvslWbyoThpZhD+7xYyHo7UZJgeke9qWjH
L+NX3RYK10ESXreaPGH/sW/5RSHs/zLM1mYusnVoXzwnkurgefdrdOOeR9iXfQ1w
eG+MNrEX010CrCeoOtq4xDfa9vmItAyFYzuSWiNi0yea5s+Ry0QdHdhjV33iyFte
6wB+eFfb+3u6AoLO4R9VFD//dVNq7e6VSK5/pEFqskPBWwlP0B106r5dlptQk5z8
vc6Z3szOcBnme00wUEclUETBTjdPYJs=
-----END CERTIFICATE-----
Generated at Wed May 22 01:46:01 2024 by rpki-client on console-fra.rpki-client.org