Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36A3983/09B8183E9B9C11EFA012F94F762E951A/06EE82A89B9E11EFA256DA5A762E951A.roa
File: 06EE82A89B9E11EFA256DA5A762E951A.roa (raw, json)
Hash identifier: 2jh2P8eMrHu4GkQNFQFJgeOA87Bp3duiKWGcRIfCjWE=
Subject key identifier: 4F:50:EA:4D:DD:AD:49:9F:85:81:34:8E:BB:36:94:22:BA:D5:C5:51
Certificate issuer: /CN=F36A3983AF/serialNumber=8A1FCF281F3A37A550E64137D908550AE890233A
Certificate serial: 02
Authority key identifier: 8A:1F:CF:28:1F:3A:37:A5:50:E6:41:37:D9:08:55:0A:E8:90:23:3A
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/ih_PKB86N6VQ5kE32QhVCuiQIzo.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36A3983/09B8183E9B9C11EFA012F94F762E951A/06EE82A89B9E11EFA256DA5A762E951A.roa
Signing time: Tue 05 Nov 2024 17:47:29 +0000
ROA not before: Tue 05 Nov 2024 17:47:26 +0000
ROA not after: Sun 01 Feb 2026 17:47:26 +0000
asID: 37192
IP address blocks: 41.78.88.0/22 maxlen: 22
2c0f:ff88::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36A3983/09B8183E9B9C11EFA012F94F762E951A/ih_PKB86N6VQ5kE32QhVCuiQIzo.crl
rsync://rpki.afrinic.net/repository/member_repository/F36A3983/09B8183E9B9C11EFA012F94F762E951A/ih_PKB86N6VQ5kE32QhVCuiQIzo.mft
rsync://rpki.afrinic.net/repository/afrinic/ih_PKB86N6VQ5kE32QhVCuiQIzo.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36A3983AF/serialNumber=8A1FCF281F3A37A550E64137D908550AE890233A
Validity
Not Before: Nov 5 17:47:26 2024 GMT
Not After : Feb 1 17:47:26 2026 GMT
Subject: CN=672a5a31-6142
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:c4:5e:a4:30:bc:35:56:6e:ba:66:48:83:4b:
f9:87:41:76:b7:97:34:5d:6c:14:fd:16:fb:03:cc:
31:70:4e:b4:c7:87:74:f9:b5:7c:6f:28:b6:7e:56:
f7:0f:97:09:88:f5:6f:81:ba:80:d2:1d:64:a2:91:
90:42:71:26:b6:e8:f3:f4:6c:7d:91:3a:c5:db:48:
07:6f:3b:14:db:c1:23:e3:6b:ca:aa:eb:3a:ab:9d:
11:32:1d:cd:53:80:f0:a0:1b:a7:c4:70:2b:34:45:
37:88:0d:d0:58:23:ed:98:6d:04:c2:58:2d:58:30:
07:f4:63:d1:a9:42:0a:3e:1a:19:cb:c1:4d:11:d8:
0f:29:59:00:ee:21:9e:db:a4:3d:09:41:49:d6:fb:
6f:fa:96:60:94:1c:db:47:4d:11:fe:f2:f2:db:63:
cb:83:8f:9e:cf:1c:21:b4:01:13:e0:1d:5b:ac:5a:
01:91:30:a7:0f:1d:f3:06:75:fe:6f:07:8e:83:81:
e9:1e:97:66:e6:ef:be:af:6a:4f:f5:5b:d4:58:20:
e7:45:b5:b5:3e:f2:6e:cd:fe:37:0d:f0:42:6a:25:
8e:9f:ee:61:fe:5b:41:ca:30:53:99:28:5c:4a:c8:
af:3a:b7:63:3a:3b:bd:49:9c:1f:8e:38:ed:ca:66:
24:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:50:EA:4D:DD:AD:49:9F:85:81:34:8E:BB:36:94:22:BA:D5:C5:51
X509v3 Authority Key Identifier:
keyid:8A:1F:CF:28:1F:3A:37:A5:50:E6:41:37:D9:08:55:0A:E8:90:23:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36A3983/09B8183E9B9C11EFA012F94F762E951A/ih_PKB86N6VQ5kE32QhVCuiQIzo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/ih_PKB86N6VQ5kE32QhVCuiQIzo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36A3983/09B8183E9B9C11EFA012F94F762E951A/06EE82A89B9E11EFA256DA5A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
41.78.88.0/22
IPv6:
2c0f:ff88::/32
Signature Algorithm: sha256WithRSAEncryption
9d:54:86:a8:a2:1b:e7:95:c7:b1:b7:ea:98:11:2f:08:b4:74:
9f:c7:d7:72:28:cc:59:34:99:8b:b9:ed:66:98:4d:63:25:10:
4e:15:58:2a:83:fd:00:02:8c:8a:bd:2e:2a:c6:78:b9:00:ed:
db:80:b7:7f:e6:f6:e9:5f:ff:e2:3c:1f:ad:52:ca:2b:48:dd:
6a:3e:ad:0d:ba:38:75:57:e6:b8:73:65:23:6c:72:64:26:9f:
ae:d7:4d:76:b0:88:af:a1:db:b3:c6:07:4e:ab:4f:df:81:9c:
01:14:c4:b7:cd:44:53:c9:eb:7e:d0:6f:cd:fc:9f:55:d5:a8:
35:e2:58:d0:d1:7b:aa:40:ca:95:91:b0:2f:a1:30:fc:ae:65:
29:d4:51:b9:d2:c8:d0:38:d0:35:2c:b4:ce:41:cf:4c:53:40:
33:78:6a:0f:c5:62:f5:57:5c:4b:b3:7f:37:09:f0:92:2c:8c:
78:65:35:70:82:0e:77:8f:5e:09:53:b3:8a:32:ea:79:be:8a:
2a:be:5d:44:e4:f2:6e:09:b7:ed:ba:c0:d6:27:88:45:af:a5:
6f:4a:ef:58:c8:88:74:16:f8:7e:ce:17:10:01:65:49:a9:b4:
6e:fd:17:03:59:04:38:69:b1:23:4d:f2:9e:7f:6c:3e:4c:36:
73:01:d1:97
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZB
Mzk4M0FGMTEwLwYDVQQFEyg4QTFGQ0YyODFGM0EzN0E1NTBFNjQxMzdEOTA4NTUw
QUU4OTAyMzNBMB4XDTI0MTEwNTE3NDcyNloXDTI2MDIwMTE3NDcyNlowGDEWMBQG
A1UEAxMNNjcyYTVhMzEtNjE0MjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMzEXqQwvDVWbrpmSINL+YdBdreXNF1sFP0W+wPMMXBOtMeHdPm1fG8otn5W
9w+XCYj1b4G6gNIdZKKRkEJxJrbo8/RsfZE6xdtIB287FNvBI+NryqrrOqudETId
zVOA8KAbp8RwKzRFN4gN0Fgj7ZhtBMJYLVgwB/Rj0alCCj4aGcvBTRHYDylZAO4h
ntukPQlBSdb7b/qWYJQc20dNEf7y8ttjy4OPns8cIbQBE+AdW6xaAZEwpw8d8wZ1
/m8HjoOB6R6XZubvvq9qT/Vb1Fgg50W1tT7ybs3+Nw3wQmoljp/uYf5bQcowU5ko
XErIrzq3Yzo7vUmcH4447cpmJN0CAwEAAaOCArQwggKwMB0GA1UdDgQWBBRPUOpN
3a1Jn4WBNI67NpQiutXFUTAfBgNVHSMEGDAWgBSKH88oHzo3pVDmQTfZCFUK6JAj
OjAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2QTM5ODMvMDlCODE4M0U5QjlDMTFFRkEwMTJGOTRGNzYyRTk1MUEvaWhfUEtC
ODZONlZRNWtFMzJRaFZDdWlRSXpvLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvaWhfUEtCODZONlZRNWtFMzJRaFZDdWlRSXpvLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2QTM5ODMvMDlCODE4M0U5QjlDMTFFRkEwMTJGOTRGNzYy
RTk1MUEvMDZFRTgyQTg5QjlFMTFFRkEyNTZEQTVBNzYyRTk1MUEucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAilOWDANBAIAAjAHAwUALA//
iDANBgkqhkiG9w0BAQsFAAOCAQEAnVSGqKIb55XHsbfqmBEvCLR0n8fXcijMWTSZ
i7ntZphNYyUQThVYKoP9AAKMir0uKsZ4uQDt24C3f+b26V//4jwfrVLKK0jdaj6t
Dbo4dVfmuHNlI2xyZCafrtdNdrCIr6Hbs8YHTqtP34GcARTEt81EU8nrftBvzfyf
VdWoNeJY0NF7qkDKlZGwL6Ew/K5lKdRRudLI0DjQNSy0zkHPTFNAM3hqD8Vi9Vdc
S7N/NwnwkiyMeGU1cIIOd49eCVOzijLqeb6KKr5dROTybgm37brA1ieIRa+lb0rv
WMiIdBb4fs4XEAFlSam0bv0XA1kEOGmxI03ynn9sPkw2cwHRlw==
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:05:19 2024 by rpki-client on console-ams.rpki-client.org