Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36A7021/E503991C02C311EFBD1277F5007001B1/8A38C304166411EFB6DD9865017001B1.roa
File: 8A38C304166411EFB6DD9865017001B1.roa (raw, json)
Hash identifier: BNl8LzAAIi2V4u4Uq6J4OERouFI7xdVKsG2qa+DYXuM=
Subject key identifier: 31:EA:11:E0:0B:9A:A2:E6:FF:EF:8B:D8:42:74:A2:EE:72:F3:01:41
Certificate issuer: /CN=F36A7021AF/serialNumber=4B48662004089F5BB68194AB04B830CD433A2B70
Certificate serial: 30
Authority key identifier: 4B:48:66:20:04:08:9F:5B:B6:81:94:AB:04:B8:30:CD:43:3A:2B:70
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/S0hmIAQIn1u2gZSrBLgwzUM6K3A.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36A7021/E503991C02C311EFBD1277F5007001B1/8A38C304166411EFB6DD9865017001B1.roa
Signing time: Mon 20 May 2024 04:50:54 +0000
ROA not before: Mon 20 May 2024 04:50:51 +0000
ROA not after: Thu 20 May 2027 04:50:51 +0000
asID: 36867
IP address blocks: 41.223.206.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36A7021/E503991C02C311EFBD1277F5007001B1/S0hmIAQIn1u2gZSrBLgwzUM6K3A.crl
rsync://rpki.afrinic.net/repository/member_repository/F36A7021/E503991C02C311EFBD1277F5007001B1/S0hmIAQIn1u2gZSrBLgwzUM6K3A.mft
rsync://rpki.afrinic.net/repository/afrinic/S0hmIAQIn1u2gZSrBLgwzUM6K3A.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 26 Nov 2024 00:05:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 48 (0x30)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36A7021AF/serialNumber=4B48662004089F5BB68194AB04B830CD433A2B70
Validity
Not Before: May 20 04:50:51 2024 GMT
Not After : May 20 04:50:51 2027 GMT
Subject: CN=664ad6ae-d1bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:5e:4e:84:1e:77:12:8b:48:5f:01:ee:61:9e:
92:81:8c:d3:09:c5:1f:5a:77:ef:aa:cd:2e:e3:1a:
ad:f5:f1:04:ab:9f:a3:b4:7d:43:e6:cf:f0:02:1b:
bc:f4:98:10:c7:b5:c1:18:1c:c0:d1:08:89:9b:5d:
09:c6:08:eb:38:3a:e3:0a:8f:a0:3f:af:45:50:eb:
fe:b3:c1:56:18:6d:50:04:1f:b3:45:54:67:36:7e:
f8:89:a5:f7:87:0a:c7:84:ea:33:28:f9:cd:ea:c7:
f2:57:74:cf:c2:c2:5a:0e:94:31:2f:84:9a:c1:95:
1b:95:45:18:88:64:f3:91:d7:23:6b:ef:33:d0:e6:
b6:10:06:0c:62:7e:87:2e:bc:20:d9:2c:4f:38:7a:
41:07:75:37:8a:d9:9b:fc:3e:a8:d6:ec:e9:33:84:
88:13:f8:52:ce:bb:74:77:05:d0:9f:40:74:10:2f:
bb:f7:63:67:bd:02:f1:2b:d0:ca:ca:41:e6:8c:60:
7e:00:8b:b4:cf:c9:01:77:52:6a:bf:34:82:1e:6f:
0a:c9:81:3d:b0:e9:8d:6f:fc:73:05:18:33:3a:e6:
33:bb:25:a4:c1:25:41:db:34:ee:9e:fb:55:ac:8e:
f6:fa:73:db:28:95:28:de:ae:43:2a:af:3c:1b:aa:
f8:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:EA:11:E0:0B:9A:A2:E6:FF:EF:8B:D8:42:74:A2:EE:72:F3:01:41
X509v3 Authority Key Identifier:
keyid:4B:48:66:20:04:08:9F:5B:B6:81:94:AB:04:B8:30:CD:43:3A:2B:70
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36A7021/E503991C02C311EFBD1277F5007001B1/S0hmIAQIn1u2gZSrBLgwzUM6K3A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/S0hmIAQIn1u2gZSrBLgwzUM6K3A.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36A7021/E503991C02C311EFBD1277F5007001B1/8A38C304166411EFB6DD9865017001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
41.223.206.0/24
Signature Algorithm: sha256WithRSAEncryption
52:24:bb:22:37:80:ee:82:5b:4d:d0:ee:f9:5d:34:b1:cf:48:
08:79:1c:14:7e:a6:8e:d8:f9:64:9a:d5:0b:d8:9c:95:00:cc:
cc:da:ae:2a:de:08:9a:78:40:c1:5a:90:d2:c8:8c:4f:63:34:
1c:95:6c:df:38:3e:cd:be:61:91:17:a8:66:f3:6e:c1:56:59:
1a:b1:01:f7:c0:1c:94:17:af:d6:3f:bc:1c:0f:e4:39:20:ce:
55:9b:cf:61:9a:8a:34:6f:65:99:16:eb:14:7e:5a:ff:fc:1f:
6c:21:92:37:fc:53:fe:e1:f4:1c:0c:c1:09:42:49:9f:05:e8:
d7:6c:ed:ac:92:c3:af:a0:f8:9a:c3:c9:5c:25:3a:88:75:b0:
2b:c3:63:07:50:53:0a:05:c7:4d:d7:ce:c8:b4:e3:55:c8:db:
15:b9:fe:e0:6f:aa:54:3c:da:dd:71:35:ff:a8:40:f6:a3:6e:
b0:b1:59:17:64:bd:3a:68:b0:73:f2:eb:ab:35:68:a5:3d:4d:
a0:76:f6:64:cc:ef:5b:d3:ec:34:43:5c:41:98:4a:09:3b:62:
0a:1d:db:85:b9:47:b5:25:54:55:67:b4:58:16:e5:e1:10:b7:
4c:6d:2b:4f:92:20:88:9e:cd:f0:54:65:86:8b:dd:ca:7b:be:
39:fd:d4:a1
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBMDANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZB
NzAyMUFGMTEwLwYDVQQFEyg0QjQ4NjYyMDA0MDg5RjVCQjY4MTk0QUIwNEI4MzBD
RDQzM0EyQjcwMB4XDTI0MDUyMDA0NTA1MVoXDTI3MDUyMDA0NTA1MVowGDEWMBQG
A1UEAxMNNjY0YWQ2YWUtZDFiZjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKpeToQedxKLSF8B7mGekoGM0wnFH1p376rNLuMarfXxBKufo7R9Q+bP8AIb
vPSYEMe1wRgcwNEIiZtdCcYI6zg64wqPoD+vRVDr/rPBVhhtUAQfs0VUZzZ++Iml
94cKx4TqMyj5zerH8ld0z8LCWg6UMS+EmsGVG5VFGIhk85HXI2vvM9DmthAGDGJ+
hy68INksTzh6QQd1N4rZm/w+qNbs6TOEiBP4Us67dHcF0J9AdBAvu/djZ70C8SvQ
yspB5oxgfgCLtM/JAXdSar80gh5vCsmBPbDpjW/8cwUYMzrmM7slpMElQds07p77
VayO9vpz2yiVKN6uQyqvPBuq+KcCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBQx6hHg
C5qi5v/vi9hCdKLucvMBQTAfBgNVHSMEGDAWgBRLSGYgBAifW7aBlKsEuDDNQzor
cDAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2QTcwMjEvRTUwMzk5MUMwMkMzMTFFRkJEMTI3N0Y1MDA3MDAxQjEvUzBobUlB
UUluMXUyZ1pTckJMZ3d6VU02SzNBLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvUzBobUlBUUluMXUyZ1pTckJMZ3d6VU02SzNBLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2QTcwMjEvRTUwMzk5MUMwMkMzMTFFRkJEMTI3N0Y1MDA3
MDAxQjEvOEEzOEMzMDQxNjY0MTFFRkI2REQ5ODY1MDE3MDAxQjEucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEACnfzjANBgkqhkiG9w0BAQsF
AAOCAQEAUiS7IjeA7oJbTdDu+V00sc9ICHkcFH6mjtj5ZJrVC9iclQDMzNquKt4I
mnhAwVqQ0siMT2M0HJVs3zg+zb5hkReoZvNuwVZZGrEB98AclBev1j+8HA/kOSDO
VZvPYZqKNG9lmRbrFH5a//wfbCGSN/xT/uH0HAzBCUJJnwXo12ztrJLDr6D4msPJ
XCU6iHWwK8NjB1BTCgXHTdfOyLTjVcjbFbn+4G+qVDza3XE1/6hA9qNusLFZF2S9
Omiwc/LrqzVopT1NoHb2ZMzvW9PsNENcQZhKCTtiCh3bhblHtSVUVWe0WBbl4RC3
TG0rT5IgiJ7N8FRlhovdynu+Of3UoQ==
-----END CERTIFICATE-----
Generated at Sun Nov 24 05:19:32 2024 by rpki-client on console-ams.rpki-client.org