Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36A7FC6/831676A6EE3911ED836CCC6A4AD9E6FC/BF20A39AEE3B11EDAF5A30714AD9E6FC.roa
File: BF20A39AEE3B11EDAF5A30714AD9E6FC.roa (raw, json)
Hash identifier: mI0iIhL2HBeib+WYLErZMM/gUVIPLMDd1pR4CFqFMDw=
Subject key identifier: 09:4E:F8:1A:A2:2E:6E:7E:1A:A5:99:5B:6F:DE:66:E5:EA:25:B4:89
Certificate issuer: /CN=F36A7FC6AF/serialNumber=1AC49EE7B15886E7DCDE79321E8242C9932483C9
Certificate serial: 02
Authority key identifier: 1A:C4:9E:E7:B1:58:86:E7:DC:DE:79:32:1E:82:42:C9:93:24:83:C9
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/GsSe57FYhufc3nkyHoJCyZMkg8k.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36A7FC6/831676A6EE3911ED836CCC6A4AD9E6FC/BF20A39AEE3B11EDAF5A30714AD9E6FC.roa
Signing time: Tue 09 May 2023 07:33:10 +0000
ROA not before: Tue 09 May 2023 07:33:05 +0000
ROA not after: Fri 09 May 2025 07:33:05 +0000
asID: 36864
IP address blocks: 41.203.192.0/20 maxlen: 24
196.200.48.0/20 maxlen: 24
2c0f:f900::/32 maxlen: 64
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36A7FC6/831676A6EE3911ED836CCC6A4AD9E6FC/GsSe57FYhufc3nkyHoJCyZMkg8k.crl
rsync://rpki.afrinic.net/repository/member_repository/F36A7FC6/831676A6EE3911ED836CCC6A4AD9E6FC/GsSe57FYhufc3nkyHoJCyZMkg8k.mft
rsync://rpki.afrinic.net/repository/afrinic/GsSe57FYhufc3nkyHoJCyZMkg8k.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36A7FC6AF/serialNumber=1AC49EE7B15886E7DCDE79321E8242C9932483C9
Validity
Not Before: May 9 07:33:05 2023 GMT
Not After : May 9 07:33:05 2025 GMT
Subject: CN=6459f735-2e91
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:11:69:39:52:6f:f7:1c:2d:dd:3e:40:9f:90:
8d:af:a3:ea:f7:f3:61:54:1e:64:cb:d1:44:ba:de:
e6:aa:8d:85:68:61:82:e3:5d:b5:0f:e9:8d:e5:c7:
c0:d3:cf:d9:76:e4:b2:50:6f:39:fe:4c:bd:08:ce:
c7:84:db:8a:64:67:66:49:03:f5:1b:7e:f6:ce:87:
3f:a2:0d:0a:0f:58:66:75:04:a1:1b:c2:87:b7:e8:
79:0e:12:42:8d:09:fb:d1:5f:37:5c:ad:0c:a5:70:
60:e0:7b:f9:86:33:77:9a:fd:35:16:33:74:a4:64:
1d:c3:49:f0:05:eb:c7:dc:a2:66:25:b1:b1:cb:c1:
1b:df:d0:a2:b6:c7:8a:3d:46:6c:6d:ea:91:31:0a:
14:ce:d2:9c:0a:b3:aa:d1:20:66:fc:b0:a8:ff:44:
2d:53:c5:d2:37:56:78:af:08:dd:fd:2d:f2:c0:09:
b3:55:fb:32:55:d6:00:85:19:ca:55:f1:c4:f7:00:
33:64:be:a2:7a:63:26:35:2c:60:ce:c0:3c:da:35:
9b:de:75:fe:6f:84:28:fd:ed:13:c8:f7:08:f2:c2:
0e:13:33:99:85:2a:2c:90:9a:0f:cc:14:d7:50:9a:
25:d5:bf:b3:9a:d5:90:8a:55:41:6b:ef:4d:65:ab:
8a:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:4E:F8:1A:A2:2E:6E:7E:1A:A5:99:5B:6F:DE:66:E5:EA:25:B4:89
X509v3 Authority Key Identifier:
keyid:1A:C4:9E:E7:B1:58:86:E7:DC:DE:79:32:1E:82:42:C9:93:24:83:C9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36A7FC6/831676A6EE3911ED836CCC6A4AD9E6FC/GsSe57FYhufc3nkyHoJCyZMkg8k.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/GsSe57FYhufc3nkyHoJCyZMkg8k.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36A7FC6/831676A6EE3911ED836CCC6A4AD9E6FC/BF20A39AEE3B11EDAF5A30714AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
41.203.192.0/20
196.200.48.0/20
IPv6:
2c0f:f900::/32
Signature Algorithm: sha256WithRSAEncryption
1d:01:2d:fe:ab:c4:b3:7f:6b:9a:39:55:4a:5f:df:6e:c3:b3:
c5:d2:67:dd:97:6d:98:b3:02:b6:37:98:3d:84:66:cd:89:06:
1e:1d:0f:cc:15:03:34:59:f5:b9:77:e5:34:bb:af:33:9c:ef:
20:9c:49:8f:60:ab:1f:6b:e0:53:9a:d6:f5:69:3e:99:c4:42:
d3:e7:17:ee:c6:2e:7d:ba:8c:a0:6a:c4:9c:85:34:75:71:e5:
d1:4e:ac:8e:4e:3f:5d:79:bf:a2:f4:7f:fc:ba:6b:8a:11:97:
e2:ac:5d:9e:56:b4:02:6b:93:64:ca:6e:20:18:04:21:f3:42:
30:28:63:7d:c6:ac:66:19:ca:08:34:bd:76:4a:4b:f5:7e:5f:
5e:1e:04:f4:0d:f3:d6:65:2f:b1:53:21:9e:5f:90:16:61:6a:
16:2e:d2:85:18:18:a9:c3:e9:bc:0e:1c:47:23:4f:00:4a:ca:
78:e0:40:99:43:86:24:2c:63:ac:d9:0c:6a:a6:be:f6:2b:a2:
42:2e:92:cd:b0:da:da:91:c1:8c:a0:1e:e0:e1:78:c7:db:0f:
d9:18:d1:01:71:03:3d:2e:36:01:ba:6e:64:6e:09:dc:1a:68:
97:8a:71:40:a5:e5:68:f0:a4:4c:b0:19:6d:46:7b:06:32:85:
89:38:38:6a
-----BEGIN CERTIFICATE-----
MIIFlzCCBH+gAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZB
N0ZDNkFGMTEwLwYDVQQFEygxQUM0OUVFN0IxNTg4NkU3RENERTc5MzIxRTgyNDJD
OTkzMjQ4M0M5MB4XDTIzMDUwOTA3MzMwNVoXDTI1MDUwOTA3MzMwNVowGDEWMBQG
A1UEAxMNNjQ1OWY3MzUtMmU5MTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOERaTlSb/ccLd0+QJ+Qja+j6vfzYVQeZMvRRLre5qqNhWhhguNdtQ/pjeXH
wNPP2XbkslBvOf5MvQjOx4TbimRnZkkD9Rt+9s6HP6INCg9YZnUEoRvCh7foeQ4S
Qo0J+9FfN1ytDKVwYOB7+YYzd5r9NRYzdKRkHcNJ8AXrx9yiZiWxscvBG9/QorbH
ij1GbG3qkTEKFM7SnAqzqtEgZvywqP9ELVPF0jdWeK8I3f0t8sAJs1X7MlXWAIUZ
ylXxxPcAM2S+onpjJjUsYM7APNo1m951/m+EKP3tE8j3CPLCDhMzmYUqLJCaD8wU
11CaJdW/s5rVkIpVQWvvTWWrivMCAwEAAaOCArowggK2MB0GA1UdDgQWBBQJTvga
oi5ufhqlmVtv3mbl6iW0iTAfBgNVHSMEGDAWgBQaxJ7nsViG59zeeTIegkLJkySD
yTAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2QTdGQzYvODMxNjc2QTZFRTM5MTFFRDgzNkNDQzZBNEFEOUU2RkMvR3NTZTU3
RllodWZjM25reUhvSkN5Wk1rZzhrLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvR3NTZTU3RllodWZjM25reUhvSkN5Wk1rZzhrLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2QTdGQzYvODMxNjc2QTZFRTM5MTFFRDgzNkNDQzZBNEFE
OUU2RkMvQkYyMEEzOUFFRTNCMTFFREFGNUEzMDcxNEFEOUU2RkMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDA0BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEBCnLwAMEBMTIMDANBAIAAjAH
AwUALA/5ADANBgkqhkiG9w0BAQsFAAOCAQEAHQEt/qvEs39rmjlVSl/fbsOzxdJn
3ZdtmLMCtjeYPYRmzYkGHh0PzBUDNFn1uXflNLuvM5zvIJxJj2CrH2vgU5rW9Wk+
mcRC0+cX7sYufbqMoGrEnIU0dXHl0U6sjk4/XXm/ovR//LprihGX4qxdnla0AmuT
ZMpuIBgEIfNCMChjfcasZhnKCDS9dkpL9X5fXh4E9A3z1mUvsVMhnl+QFmFqFi7S
hRgYqcPpvA4cRyNPAErKeOBAmUOGJCxjrNkMaqa+9iuiQi6SzbDa2pHBjKAe4OF4
x9sP2RjRAXEDPS42AbpuZG4J3Bpol4pxQKXlaPCkTLAZbUZ7BjKFiTg4ag==
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:52:58 2024 by rpki-client on console-fra.rpki-client.org