Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36974EE/FD906910158111ECB0810771D8A014CE/0CDD5F3CB91711EEB1AAD090775412E6.roa
File: 0CDD5F3CB91711EEB1AAD090775412E6.roa (raw, json)
Hash identifier: fIeogtbVHebaWJFqwZgG7oLm/IxLe2gNCJE8qm7UqBY=
Subject key identifier: AD:4D:96:82:62:E7:00:D7:D9:A4:49:5B:95:60:E3:7E:BF:F5:FD:A8
Certificate issuer: /CN=F36974EEAF/serialNumber=9C7A278DAD89ED63E93E25219B4CDA00B1006193
Certificate serial: 037C
Authority key identifier: 9C:7A:27:8D:AD:89:ED:63:E9:3E:25:21:9B:4C:DA:00:B1:00:61:93
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/nHonja2J7WPpPiUhm0zaALEAYZM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36974EE/FD906910158111ECB0810771D8A014CE/0CDD5F3CB91711EEB1AAD090775412E6.roa
Signing time: Mon 22 Jan 2024 11:11:55 +0000
ROA not before: Mon 22 Jan 2024 11:11:51 +0000
ROA not after: Tue 21 Jan 2025 11:11:51 +0000
asID: 24691
IP address blocks: 41.207.160.0/19 maxlen: 24
196.168.0.0/14 maxlen: 24
197.148.96.0/19 maxlen: 24
2c0f:f578::/32 maxlen: 64
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36974EE/FD906910158111ECB0810771D8A014CE/nHonja2J7WPpPiUhm0zaALEAYZM.crl
rsync://rpki.afrinic.net/repository/member_repository/F36974EE/FD906910158111ECB0810771D8A014CE/nHonja2J7WPpPiUhm0zaALEAYZM.mft
rsync://rpki.afrinic.net/repository/afrinic/nHonja2J7WPpPiUhm0zaALEAYZM.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 23 Jun 2024 00:04:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 892 (0x37c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36974EEAF/serialNumber=9C7A278DAD89ED63E93E25219B4CDA00B1006193
Validity
Not Before: Jan 22 11:11:51 2024 GMT
Not After : Jan 21 11:11:51 2025 GMT
Subject: CN=65ae4d7b-f6e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:31:44:8e:b5:40:96:e1:e1:1d:cc:36:2a:a3:
5a:79:df:87:a5:34:8e:fd:73:e1:55:42:eb:85:fc:
0e:e5:ee:84:bf:bb:01:a6:98:ac:75:37:35:54:28:
91:7e:d1:54:40:e4:75:48:9a:32:62:ff:af:72:04:
9e:83:cd:22:f1:f5:d8:89:95:6a:dd:e8:24:90:06:
b0:8c:ae:61:64:86:92:75:39:7e:3f:37:90:cc:b5:
67:ac:e4:fc:89:42:5d:26:06:db:82:5a:5c:fe:2d:
9a:76:bd:52:86:d2:05:ec:73:08:9e:4e:b0:23:f7:
95:fa:3b:fc:46:3d:aa:cc:f8:99:6b:bb:2c:b2:6d:
f8:a0:30:8f:f3:e6:1d:8a:08:43:3a:cb:f8:42:a9:
67:66:60:73:28:16:09:6c:3c:06:68:68:69:15:9c:
e8:f6:0d:dc:fd:4c:66:53:80:2b:0f:5f:bc:bb:f7:
0b:0e:4b:f7:29:5f:de:32:b3:b9:04:99:06:3b:9a:
7e:db:1b:80:42:42:3e:71:79:f4:49:72:98:fc:b0:
a5:bb:f2:c7:5d:ca:7e:4b:91:16:aa:f1:a6:97:99:
84:5a:0c:24:dd:e4:4c:da:ba:a2:ef:de:cd:ee:49:
55:c6:86:17:7f:96:6d:72:82:67:02:da:8e:8e:f5:
e6:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:4D:96:82:62:E7:00:D7:D9:A4:49:5B:95:60:E3:7E:BF:F5:FD:A8
X509v3 Authority Key Identifier:
keyid:9C:7A:27:8D:AD:89:ED:63:E9:3E:25:21:9B:4C:DA:00:B1:00:61:93
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36974EE/FD906910158111ECB0810771D8A014CE/nHonja2J7WPpPiUhm0zaALEAYZM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/nHonja2J7WPpPiUhm0zaALEAYZM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36974EE/FD906910158111ECB0810771D8A014CE/0CDD5F3CB91711EEB1AAD090775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
41.207.160.0/19
196.168.0.0/14
197.148.96.0/19
IPv6:
2c0f:f578::/32
Signature Algorithm: sha256WithRSAEncryption
7e:66:8a:15:01:13:42:b6:96:eb:50:2f:93:7a:60:e5:61:e2:
de:91:05:61:01:09:e1:b5:15:3c:56:c7:44:cb:97:44:00:13:
64:a4:49:a4:0c:a7:ce:10:05:a6:d1:8a:1d:31:d2:82:2e:92:
87:27:84:f8:c2:d3:6a:8f:1b:cc:d2:15:fd:96:38:71:45:b9:
e9:d4:55:a3:6e:97:7f:8f:40:49:5d:76:a2:0b:1a:f7:0c:8b:
5a:a1:61:18:31:d2:3d:f6:7d:69:9a:a5:07:3e:f2:93:c0:ff:
1e:2d:48:aa:7c:a9:e0:49:55:0d:ba:ac:22:25:52:9f:a2:ea:
19:c3:1e:6e:c4:ea:de:60:ac:d6:54:f7:47:5a:4d:09:19:55:
77:c6:89:8d:18:fd:c8:25:d0:15:a4:d8:f5:c8:99:93:83:47:
0e:c7:50:7d:98:ae:e7:68:fb:ff:82:94:9b:db:7c:ea:55:8d:
b5:97:89:59:06:31:c5:88:ff:8d:8f:83:d6:e2:7a:d6:2c:40:
ef:51:ec:4d:1a:6d:b9:d6:05:66:48:db:d5:ad:ad:94:94:dc:
ac:48:dd:08:f8:13:87:d5:ab:10:12:75:bd:f0:49:30:3b:06:
7e:66:77:5b:52:94:14:53:79:3a:39:35:06:96:1c:ae:7e:96:
f3:49:1a:4c
-----BEGIN CERTIFICATE-----
MIIFnTCCBIWgAwIBAgICA3wwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
OTc0RUVBRjExMC8GA1UEBRMoOUM3QTI3OERBRDg5RUQ2M0U5M0UyNTIxOUI0Q0RB
MDBCMTAwNjE5MzAeFw0yNDAxMjIxMTExNTFaFw0yNTAxMjExMTExNTFaMBgxFjAU
BgNVBAMTDTY1YWU0ZDdiLWY2ZTkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDHMUSOtUCW4eEdzDYqo1p534elNI79c+FVQuuF/A7l7oS/uwGmmKx1NzVU
KJF+0VRA5HVImjJi/69yBJ6DzSLx9diJlWrd6CSQBrCMrmFkhpJ1OX4/N5DMtWes
5PyJQl0mBtuCWlz+LZp2vVKG0gXscwieTrAj95X6O/xGParM+JlruyyybfigMI/z
5h2KCEM6y/hCqWdmYHMoFglsPAZoaGkVnOj2Ddz9TGZTgCsPX7y79wsOS/cpX94y
s7kEmQY7mn7bG4BCQj5xefRJcpj8sKW78sddyn5LkRaq8aaXmYRaDCTd5EzauqLv
3s3uSVXGhhd/lm1ygmcC2o6O9ebDAgMBAAGjggK/MIICuzAdBgNVHQ4EFgQUrU2W
gmLnANfZpElblWDjfr/1/agwHwYDVR0jBBgwFoAUnHonja2J7WPpPiUhm0zaALEA
YZMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjk3NEVFL0ZEOTA2OTEwMTU4MTExRUNCMDgxMDc3MUQ4QTAxNENFL25Ib25q
YTJKN1dQcFBpVWhtMHphQUxFQVlaTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL25Ib25qYTJKN1dQcFBpVWhtMHphQUxFQVlaTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjk3NEVFL0ZEOTA2OTEwMTU4MTExRUNCMDgxMDc3MUQ4
QTAxNENFLzBDREQ1RjNDQjkxNzExRUVCMUFBRDA5MDc3NTQxMkU2LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwOQYIKwYBBQUHAQcBAf8EKjAoMBcEAgABMBEDBAUpz6ADAwLEqAMEBcWUYDAN
BAIAAjAHAwUALA/1eDANBgkqhkiG9w0BAQsFAAOCAQEAfmaKFQETQraW61Avk3pg
5WHi3pEFYQEJ4bUVPFbHRMuXRAATZKRJpAynzhAFptGKHTHSgi6ShyeE+MLTao8b
zNIV/ZY4cUW56dRVo26Xf49ASV12ogsa9wyLWqFhGDHSPfZ9aZqlBz7yk8D/Hi1I
qnyp4ElVDbqsIiVSn6LqGcMebsTq3mCs1lT3R1pNCRlVd8aJjRj9yCXQFaTY9ciZ
k4NHDsdQfZiu52j7/4KUm9t86lWNtZeJWQYxxYj/jY+D1uJ61ixA71HsTRptudYF
Zkjb1a2tlJTcrEjdCPgTh9WrEBJ1vfBJMDsGfmZ3W1KUFFN5Ojk1BpYcrn6W80ka
TA==
-----END CERTIFICATE-----
Generated at Fri Jun 21 03:08:12 2024 by rpki-client on console-ams.rpki-client.org