Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3698DD0/56C8EA4C667711ED967FC0A2F1222468/6DC5038018FE11EF8B80B516017001B1.roa
File: 6DC5038018FE11EF8B80B516017001B1.roa (raw, json)
Hash identifier: prIb+/59lGAY5m7ee/w0QfgAEg0BFXE2ZtOJctQ1wsI=
Subject key identifier: 21:62:6A:F6:73:B9:43:DE:B9:4D:C0:EC:46:30:F0:9B:3C:3B:5F:28
Certificate issuer: /CN=F3698DD0AF/serialNumber=C03FDD694F51AAE38F051456101617C56FD89C4A
Certificate serial: 0256
Authority key identifier: C0:3F:DD:69:4F:51:AA:E3:8F:05:14:56:10:16:17:C5:6F:D8:9C:4A
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/wD_daU9RquOPBRRWEBYXxW_YnEo.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3698DD0/56C8EA4C667711ED967FC0A2F1222468/6DC5038018FE11EF8B80B516017001B1.roa
Signing time: Thu 23 May 2024 12:17:31 +0000
ROA not before: Thu 23 May 2024 12:17:28 +0000
ROA not after: Fri 31 Dec 2049 12:17:28 +0000
asID: 37282
IP address blocks: 41.75.80.0/20 maxlen: 24
197.253.0.0/18 maxlen: 24
2c0f:fc98::/32 maxlen: 64
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3698DD0/56C8EA4C667711ED967FC0A2F1222468/wD_daU9RquOPBRRWEBYXxW_YnEo.crl
rsync://rpki.afrinic.net/repository/member_repository/F3698DD0/56C8EA4C667711ED967FC0A2F1222468/wD_daU9RquOPBRRWEBYXxW_YnEo.mft
rsync://rpki.afrinic.net/repository/afrinic/wD_daU9RquOPBRRWEBYXxW_YnEo.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 598 (0x256)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3698DD0AF/serialNumber=C03FDD694F51AAE38F051456101617C56FD89C4A
Validity
Not Before: May 23 12:17:28 2024 GMT
Not After : Dec 31 12:17:28 2049 GMT
Subject: CN=664f33db-5a2c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:1c:b2:3d:e8:4c:59:52:32:d2:f2:09:21:12:
63:ca:7b:4e:da:ee:9e:0e:5b:b9:ff:0c:9a:85:5f:
9e:46:71:cf:46:33:99:82:7b:2d:79:cf:7b:5e:27:
d9:d1:5c:86:38:87:6e:90:6d:57:35:86:67:72:43:
5c:93:4b:f8:51:b0:2c:1a:dd:63:f0:2e:be:09:25:
ef:07:69:0d:b6:a1:1c:8c:eb:5b:42:89:91:53:c1:
72:56:13:f9:49:f2:13:98:62:89:0d:ed:37:f5:f0:
cd:4d:8b:c9:2e:cb:b9:7e:b8:e3:e8:fe:7f:84:e8:
02:c0:82:a8:d5:ad:bc:69:1b:ba:c8:8f:8f:d6:80:
e6:d3:b9:19:32:eb:1b:63:f1:70:77:80:64:86:01:
bf:50:40:a9:eb:aa:f2:bb:e4:05:6b:66:14:6f:cc:
28:bc:40:46:2d:4d:98:66:5a:a8:03:6d:97:a9:5b:
33:3d:9f:a2:1d:9e:e7:77:ff:54:14:5f:81:61:8c:
7e:ea:2b:fc:96:5a:b4:bc:57:96:c4:ec:81:42:65:
c8:35:19:17:e5:2d:c8:84:60:37:3e:cf:56:1d:c7:
f5:48:af:f8:e6:68:7e:15:5d:ed:cb:03:b9:e0:06:
8a:5d:71:98:59:fd:65:db:d4:af:18:91:f9:50:23:
7b:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:62:6A:F6:73:B9:43:DE:B9:4D:C0:EC:46:30:F0:9B:3C:3B:5F:28
X509v3 Authority Key Identifier:
keyid:C0:3F:DD:69:4F:51:AA:E3:8F:05:14:56:10:16:17:C5:6F:D8:9C:4A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3698DD0/56C8EA4C667711ED967FC0A2F1222468/wD_daU9RquOPBRRWEBYXxW_YnEo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/wD_daU9RquOPBRRWEBYXxW_YnEo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3698DD0/56C8EA4C667711ED967FC0A2F1222468/6DC5038018FE11EF8B80B516017001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
41.75.80.0/20
197.253.0.0/18
IPv6:
2c0f:fc98::/32
Signature Algorithm: sha256WithRSAEncryption
22:4c:75:3e:f3:17:56:fa:1c:00:70:16:74:16:b7:bb:a7:df:
fb:fc:f6:db:ed:bf:a1:f7:ba:ac:31:56:4b:d7:a1:fc:f5:6c:
5c:6e:e5:63:44:53:f2:36:03:12:1d:35:ab:93:ba:3e:0d:13:
6f:8f:9e:1a:d0:c0:9c:5b:c0:5d:c4:08:8a:84:2a:99:0c:1f:
66:2d:ba:22:98:4c:52:7a:e3:4b:b8:78:c3:78:27:ff:7b:9f:
3f:77:51:b7:1c:5f:d0:18:78:2f:ab:8d:e4:a7:6d:33:27:c9:
97:a7:16:77:ac:2f:74:da:9f:eb:e8:91:51:f1:7a:e5:d8:a9:
c4:78:f4:56:6b:4b:90:8e:2e:6d:a8:c4:a9:26:cf:56:53:19:
a4:04:f2:56:21:45:9a:d7:92:3f:74:8b:46:3d:1b:b9:f2:a5:
67:7b:60:d1:28:3c:a5:2c:51:1d:a9:fb:e2:bd:e5:08:9a:b8:
1a:0b:45:ba:27:42:3a:99:7b:e3:6c:95:9b:d1:38:18:14:7c:
67:1d:f4:07:8e:6a:cd:35:89:ff:3f:4c:eb:77:26:19:b7:10:
9c:93:23:e2:8a:52:79:bc:0c:1c:24:d7:c2:0b:c8:6b:45:d0:
bb:dd:65:19:90:5a:19:f6:dd:d4:9e:04:cf:59:d6:90:68:8f:
9b:78:ae:d0
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgICAlYwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
OThERDBBRjExMC8GA1UEBRMoQzAzRkRENjk0RjUxQUFFMzhGMDUxNDU2MTAxNjE3
QzU2RkQ4OUM0QTAeFw0yNDA1MjMxMjE3MjhaFw00OTEyMzExMjE3MjhaMBgxFjAU
BgNVBAMTDTY2NGYzM2RiLTVhMmMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC9HLI96ExZUjLS8gkhEmPKe07a7p4OW7n/DJqFX55Gcc9GM5mCey15z3te
J9nRXIY4h26QbVc1hmdyQ1yTS/hRsCwa3WPwLr4JJe8HaQ22oRyM61tCiZFTwXJW
E/lJ8hOYYokN7Tf18M1Ni8kuy7l+uOPo/n+E6ALAgqjVrbxpG7rIj4/WgObTuRky
6xtj8XB3gGSGAb9QQKnrqvK75AVrZhRvzCi8QEYtTZhmWqgDbZepWzM9n6Idnud3
/1QUX4FhjH7qK/yWWrS8V5bE7IFCZcg1GRflLciEYDc+z1Ydx/VIr/jmaH4VXe3L
A7ngBopdcZhZ/WXb1K8YkflQI3svAgMBAAGjggK6MIICtjAdBgNVHQ4EFgQUIWJq
9nO5Q965TcDsRjDwmzw7XygwHwYDVR0jBBgwFoAUwD/daU9RquOPBRRWEBYXxW/Y
nEowDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjk4REQwLzU2QzhFQTRDNjY3NzExRUQ5NjdGQzBBMkYxMjIyNDY4L3dEX2Rh
VTlScXVPUEJSUldFQllYeFdfWW5Fby5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL3dEX2RhVTlScXVPUEJSUldFQllYeFdfWW5Fby5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjk4REQwLzU2QzhFQTRDNjY3NzExRUQ5NjdGQzBBMkYx
MjIyNDY4LzZEQzUwMzgwMThGRTExRUY4QjgwQjUxNjAxNzAwMUIxLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwNAYIKwYBBQUHAQcBAf8EJTAjMBIEAgABMAwDBAQpS1ADBAbF/QAwDQQCAAIw
BwMFACwP/JgwDQYJKoZIhvcNAQELBQADggEBACJMdT7zF1b6HABwFnQWt7un3/v8
9tvtv6H3uqwxVkvXofz1bFxu5WNEU/I2AxIdNauTuj4NE2+PnhrQwJxbwF3ECIqE
KpkMH2YtuiKYTFJ640u4eMN4J/97nz93UbccX9AYeC+rjeSnbTMnyZenFnesL3Ta
n+vokVHxeuXYqcR49FZrS5COLm2oxKkmz1ZTGaQE8lYhRZrXkj90i0Y9G7nypWd7
YNEoPKUsUR2p++K95QiauBoLRbonQjqZe+NslZvROBgUfGcd9AeOas01if8/TOt3
Jhm3EJyTI+KKUnm8DBwk18ILyGtF0LvdZRmQWhn23dSeBM9Z1pBoj5t4rtA=
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:05:15 2024 by rpki-client on console-ams.rpki-client.org