Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F4A1/798026D03F5C11EFB83C797E762E951A/A69C50CE3F5E11EF9DDD6C8C762E951A.roa
File: A69C50CE3F5E11EF9DDD6C8C762E951A.roa (raw, json)
Hash identifier: 80ny1NpqsV9rSVRUHTW3nCJZGXl2CugmUA2kHB+WbzU=
Subject key identifier: 23:C3:BE:F8:35:A4:D3:DA:78:BD:EF:72:9C:92:A6:CB:3F:56:77:D0
Certificate issuer: /CN=F368F4A1AF/serialNumber=84F01FC338DD2C141EA45D317B211F76CF5D0015
Certificate serial: 02
Authority key identifier: 84:F0:1F:C3:38:DD:2C:14:1E:A4:5D:31:7B:21:1F:76:CF:5D:00:15
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/hPAfwzjdLBQepF0xeyEfds9dABU.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F4A1/798026D03F5C11EFB83C797E762E951A/A69C50CE3F5E11EF9DDD6C8C762E951A.roa
Signing time: Thu 11 Jul 2024 08:22:03 +0000
ROA not before: Thu 11 Jul 2024 08:21:59 +0000
ROA not after: Tue 31 Jul 2035 08:21:59 +0000
asID: 49902
IP address blocks: 41.242.124.0/22 maxlen: 23
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F4A1/798026D03F5C11EFB83C797E762E951A/hPAfwzjdLBQepF0xeyEfds9dABU.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F4A1/798026D03F5C11EFB83C797E762E951A/hPAfwzjdLBQepF0xeyEfds9dABU.mft
rsync://rpki.afrinic.net/repository/afrinic/hPAfwzjdLBQepF0xeyEfds9dABU.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 28 Nov 2024 00:05:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F4A1AF/serialNumber=84F01FC338DD2C141EA45D317B211F76CF5D0015
Validity
Not Before: Jul 11 08:21:59 2024 GMT
Not After : Jul 31 08:21:59 2035 GMT
Subject: CN=668f962b-143c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:b0:50:7b:b8:e2:f0:0a:e1:f6:c2:33:3a:07:
4e:4c:5d:f9:4d:ca:b2:0f:98:67:68:65:ec:00:0f:
41:76:ef:e3:04:af:c5:41:9c:a3:bb:14:9e:b0:ff:
32:b7:37:db:77:e3:7c:98:35:e8:4f:d4:27:43:83:
a3:dd:d3:ca:8f:5e:a1:cd:6e:a2:1e:68:79:6d:54:
ca:60:22:73:8a:03:0a:8a:1b:3d:69:83:94:ad:a4:
37:05:2c:a8:5c:60:9d:46:58:3f:df:bc:8c:44:41:
5c:e6:28:f2:9e:ed:52:14:9a:f8:b2:04:f5:53:a7:
4a:25:00:e1:df:91:40:0a:05:e0:1d:60:3c:37:0d:
1c:60:d1:4e:e1:94:1a:dc:b3:10:7b:d9:d0:9d:9c:
03:cd:90:d0:3c:68:df:34:6f:69:ea:1d:0b:76:89:
d1:b6:15:71:5d:3c:93:b7:44:90:b4:90:69:fd:b4:
aa:83:06:e5:4b:cf:a0:14:a3:c5:f6:97:d5:fc:97:
a1:f8:31:84:f0:cd:7d:ff:24:91:7c:b6:f6:9d:10:
58:fb:51:e0:31:df:99:68:c9:6c:a1:86:7c:ab:dc:
0c:12:b8:2f:65:dd:31:91:55:5b:34:38:b8:d5:a7:
0c:f8:2e:41:9b:37:36:de:50:8f:55:56:ea:91:8a:
d8:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:C3:BE:F8:35:A4:D3:DA:78:BD:EF:72:9C:92:A6:CB:3F:56:77:D0
X509v3 Authority Key Identifier:
keyid:84:F0:1F:C3:38:DD:2C:14:1E:A4:5D:31:7B:21:1F:76:CF:5D:00:15
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F4A1/798026D03F5C11EFB83C797E762E951A/hPAfwzjdLBQepF0xeyEfds9dABU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/hPAfwzjdLBQepF0xeyEfds9dABU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F4A1/798026D03F5C11EFB83C797E762E951A/A69C50CE3F5E11EF9DDD6C8C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
41.242.124.0/22
Signature Algorithm: sha256WithRSAEncryption
14:4c:97:e8:bb:ab:e2:a7:2b:fa:0b:9f:44:4b:16:2a:e1:d7:
f4:eb:70:cf:40:4c:65:e1:f9:b7:ee:5c:d7:09:a2:0f:aa:b6:
06:fb:3b:e3:09:17:48:94:7e:34:54:42:a0:13:af:43:e5:ef:
29:89:20:c3:95:dd:95:ee:21:48:2a:42:ce:a0:97:55:9e:1a:
42:75:08:4a:7e:8b:d0:a3:82:d6:0f:2c:fc:67:75:68:96:98:
74:e9:62:de:f8:aa:b4:7f:13:b1:72:a1:91:08:0c:be:b9:8e:
44:c3:f3:d2:5e:52:4f:ef:05:d5:45:b5:2d:f0:23:e3:cd:fc:
98:50:9b:a2:04:f3:7b:d8:23:00:f2:a0:86:91:3a:20:b7:c2:
f4:38:45:00:a4:4d:c9:32:c3:53:51:6c:02:19:74:f7:25:1e:
3c:cb:e6:63:cf:1e:97:05:4c:30:d9:10:c3:38:a0:ec:45:fa:
a5:3b:ec:53:fb:05:82:50:b3:c6:0a:8f:3c:fa:ae:91:35:19:
3d:93:28:d6:bf:e0:67:07:c1:8f:f8:ec:1d:5f:e1:45:75:ce:
98:53:97:34:95:b4:a7:0e:ac:5e:f7:19:10:c3:96:e4:0e:6c:
e6:8d:a8:6f:a6:f6:06:b3:20:20:a4:d8:0d:9e:dc:dc:62:0e:
5a:eb:af:47
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY4
RjRBMUFGMTEwLwYDVQQFEyg4NEYwMUZDMzM4REQyQzE0MUVBNDVEMzE3QjIxMUY3
NkNGNUQwMDE1MB4XDTI0MDcxMTA4MjE1OVoXDTM1MDczMTA4MjE1OVowGDEWMBQG
A1UEAxMNNjY4Zjk2MmItMTQzYzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKmwUHu44vAK4fbCMzoHTkxd+U3Ksg+YZ2hl7AAPQXbv4wSvxUGco7sUnrD/
Mrc323fjfJg16E/UJ0ODo93Tyo9eoc1uoh5oeW1UymAic4oDCoobPWmDlK2kNwUs
qFxgnUZYP9+8jERBXOYo8p7tUhSa+LIE9VOnSiUA4d+RQAoF4B1gPDcNHGDRTuGU
GtyzEHvZ0J2cA82Q0Dxo3zRvaeodC3aJ0bYVcV08k7dEkLSQaf20qoMG5UvPoBSj
xfaX1fyXofgxhPDNff8kkXy29p0QWPtR4DHfmWjJbKGGfKvcDBK4L2XdMZFVWzQ4
uNWnDPguQZs3Nt5Qj1VW6pGK2GMCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBQjw774
NaTT2ni973KckqbLP1Z30DAfBgNVHSMEGDAWgBSE8B/DON0sFB6kXTF7IR92z10A
FTAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2OEY0QTEvNzk4MDI2RDAzRjVDMTFFRkI4M0M3OTdFNzYyRTk1MUEvaFBBZnd6
amRMQlFlcEYweGV5RWZkczlkQUJVLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvaFBBZnd6amRMQlFlcEYweGV5RWZkczlkQUJVLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2OEY0QTEvNzk4MDI2RDAzRjVDMTFFRkI4M0M3OTdFNzYy
RTk1MUEvQTY5QzUwQ0UzRjVFMTFFRjlEREQ2QzhDNzYyRTk1MUEucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAinyfDANBgkqhkiG9w0BAQsF
AAOCAQEAFEyX6Lur4qcr+gufREsWKuHX9Otwz0BMZeH5t+5c1wmiD6q2Bvs74wkX
SJR+NFRCoBOvQ+XvKYkgw5Xdle4hSCpCzqCXVZ4aQnUISn6L0KOC1g8s/Gd1aJaY
dOli3viqtH8TsXKhkQgMvrmORMPz0l5ST+8F1UW1LfAj4838mFCbogTze9gjAPKg
hpE6ILfC9DhFAKRNyTLDU1FsAhl09yUePMvmY88elwVMMNkQwzig7EX6pTvsU/sF
glCzxgqPPPqukTUZPZMo1r/gZwfBj/jsHV/hRXXOmFOXNJW0pw6sXvcZEMOW5A5s
5o2ob6b2BrMgIKTYDZ7c3GIOWuuvRw==
-----END CERTIFICATE-----
Generated at Tue Nov 26 04:54:57 2024 by rpki-client on console-ams.rpki-client.org