Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36C01B9/895D9300DA2E11EEA0B0C4A6775412E6/21F7D7AEDBAD11EE99FC00A0775412E6.roa
File: 21F7D7AEDBAD11EE99FC00A0775412E6.roa (raw, json)
Hash identifier: S6FUkX2k1t05WHVlaryt7gMTp9PglE0WnTW7E5HED7s=
Subject key identifier: CB:20:5C:C6:7E:9C:6E:66:5C:28:AA:11:26:73:9E:2F:D1:AA:CA:28
Certificate issuer: /CN=F36C01B9AF/serialNumber=E2FB6437B4C94D5F51221B1650563A48FF54BE09
Certificate serial: 14
Authority key identifier: E2:FB:64:37:B4:C9:4D:5F:51:22:1B:16:50:56:3A:48:FF:54:BE:09
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/4vtkN7TJTV9RIhsWUFY6SP9Uvgk.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36C01B9/895D9300DA2E11EEA0B0C4A6775412E6/21F7D7AEDBAD11EE99FC00A0775412E6.roa
Signing time: Wed 06 Mar 2024 11:31:54 +0000
ROA not before: Wed 06 Mar 2024 11:31:51 +0000
ROA not after: Fri 06 Mar 2026 11:31:51 +0000
asID: 25543
IP address blocks: 41.203.224.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36C01B9/895D9300DA2E11EEA0B0C4A6775412E6/4vtkN7TJTV9RIhsWUFY6SP9Uvgk.crl
rsync://rpki.afrinic.net/repository/member_repository/F36C01B9/895D9300DA2E11EEA0B0C4A6775412E6/4vtkN7TJTV9RIhsWUFY6SP9Uvgk.mft
rsync://rpki.afrinic.net/repository/afrinic/4vtkN7TJTV9RIhsWUFY6SP9Uvgk.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20 (0x14)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36C01B9AF/serialNumber=E2FB6437B4C94D5F51221B1650563A48FF54BE09
Validity
Not Before: Mar 6 11:31:51 2024 GMT
Not After : Mar 6 11:31:51 2026 GMT
Subject: CN=65e8542a-b896
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:21:00:26:32:79:9b:8b:3a:f8:e5:86:9d:7c:
74:23:a2:38:bd:d6:1a:95:a4:76:7c:14:5a:4b:2b:
c0:07:ce:25:f9:70:2f:66:4b:fd:98:9a:0d:d0:41:
7b:1a:30:8d:06:35:63:eb:b1:db:ab:c7:3b:77:e7:
d5:f1:7e:3e:0d:3e:87:58:89:22:9b:ad:c9:02:3c:
ec:39:89:6e:ca:b6:d9:df:e2:59:a5:5d:49:ff:2b:
dc:68:e0:66:02:ca:6d:a5:1d:db:5d:6d:4c:3f:ea:
4a:35:cc:cb:ad:4c:52:b1:a7:82:06:dd:9a:d2:c0:
4c:f0:b9:42:ec:81:18:a3:99:e4:25:1f:9d:ac:60:
3b:bf:87:41:32:f0:90:e8:29:3b:31:56:51:bc:f5:
7f:ca:a2:67:d7:3e:ab:a3:20:b8:46:5c:cf:5f:89:
a4:05:eb:0e:78:bb:0f:ad:9c:da:b3:08:a6:81:33:
22:29:16:ef:ee:f5:ba:a1:ca:f2:e1:bb:ce:1f:5f:
cb:3f:ce:a2:f3:6c:e8:13:ce:a1:96:80:68:b0:67:
7b:14:7d:46:ac:f1:63:94:a2:7f:89:2c:07:51:ca:
03:01:68:24:0a:40:8c:5e:e1:26:46:49:9e:57:55:
30:73:e1:e6:5a:4e:05:46:b5:bf:8d:f9:07:bc:31:
ae:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:20:5C:C6:7E:9C:6E:66:5C:28:AA:11:26:73:9E:2F:D1:AA:CA:28
X509v3 Authority Key Identifier:
keyid:E2:FB:64:37:B4:C9:4D:5F:51:22:1B:16:50:56:3A:48:FF:54:BE:09
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36C01B9/895D9300DA2E11EEA0B0C4A6775412E6/4vtkN7TJTV9RIhsWUFY6SP9Uvgk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/4vtkN7TJTV9RIhsWUFY6SP9Uvgk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36C01B9/895D9300DA2E11EEA0B0C4A6775412E6/21F7D7AEDBAD11EE99FC00A0775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
41.203.224.0/20
Signature Algorithm: sha256WithRSAEncryption
76:1e:d9:52:1b:ca:29:12:f5:7f:94:c6:6f:d2:7c:8d:51:50:
7a:24:06:fa:ba:95:03:11:3a:27:bf:a5:e1:19:6a:a3:a3:b8:
5d:3a:8b:65:c0:5f:c2:7d:f7:a9:38:aa:d0:35:36:1c:ee:97:
b2:a7:9a:94:54:b5:be:33:58:55:82:4d:c7:5a:9a:04:31:e6:
39:4a:8b:26:09:23:6b:31:83:42:92:1e:63:6b:19:62:81:98:
89:b9:e9:42:de:7c:b2:78:cb:27:fa:41:5a:10:34:70:31:f3:
39:84:5f:c9:19:9f:22:da:3d:b6:e0:03:fe:c6:69:98:4d:c3:
81:77:cb:3d:6e:11:a6:f0:de:6c:78:4b:2e:2b:75:6d:32:47:
8f:20:ee:af:c2:81:25:0b:a6:11:6a:cd:17:1d:50:b4:fd:2b:
00:8e:d6:19:b6:ae:f4:c3:0c:0c:4e:86:d7:a6:52:35:70:69:
84:df:ab:3e:fd:b3:59:2e:f3:ad:fd:0e:2c:14:69:d9:6f:cf:
b7:8c:46:54:ca:96:46:55:8b:40:7a:fc:41:7c:22:a2:46:6c:
df:83:c8:3f:53:7d:ba:52:81:ae:63:15:56:43:45:fe:ce:ae:
c4:cb:b8:12:d6:29:ce:e0:30:7c:1e:dc:1b:c3:87:f5:85:a8:
3c:1e:35:f4
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBFDANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZD
MDFCOUFGMTEwLwYDVQQFEyhFMkZCNjQzN0I0Qzk0RDVGNTEyMjFCMTY1MDU2M0E0
OEZGNTRCRTA5MB4XDTI0MDMwNjExMzE1MVoXDTI2MDMwNjExMzE1MVowGDEWMBQG
A1UEAxMNNjVlODU0MmEtYjg5NjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL0hACYyeZuLOvjlhp18dCOiOL3WGpWkdnwUWksrwAfOJflwL2ZL/ZiaDdBB
exowjQY1Y+ux26vHO3fn1fF+Pg0+h1iJIputyQI87DmJbsq22d/iWaVdSf8r3Gjg
ZgLKbaUd211tTD/qSjXMy61MUrGnggbdmtLATPC5QuyBGKOZ5CUfnaxgO7+HQTLw
kOgpOzFWUbz1f8qiZ9c+q6MguEZcz1+JpAXrDni7D62c2rMIpoEzIikW7+71uqHK
8uG7zh9fyz/OovNs6BPOoZaAaLBnexR9RqzxY5Sif4ksB1HKAwFoJApAjF7hJkZJ
nldVMHPh5lpOBUa1v435B7wxrnUCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBTLIFzG
fpxuZlwoqhEmc54v0arKKDAfBgNVHSMEGDAWgBTi+2Q3tMlNX1EiGxZQVjpI/1S+
CTAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2QzAxQjkvODk1RDkzMDBEQTJFMTFFRUEwQjBDNEE2Nzc1NDEyRTYvNHZ0a043
VEpUVjlSSWhzV1VGWTZTUDlVdmdrLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvNHZ0a043VEpUVjlSSWhzV1VGWTZTUDlVdmdrLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2QzAxQjkvODk1RDkzMDBEQTJFMTFFRUEwQjBDNEE2Nzc1
NDEyRTYvMjFGN0Q3QUVEQkFEMTFFRTk5RkMwMEEwNzc1NDEyRTYucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBCnL4DANBgkqhkiG9w0BAQsF
AAOCAQEAdh7ZUhvKKRL1f5TGb9J8jVFQeiQG+rqVAxE6J7+l4Rlqo6O4XTqLZcBf
wn33qTiq0DU2HO6XsqealFS1vjNYVYJNx1qaBDHmOUqLJgkjazGDQpIeY2sZYoGY
ibnpQt58snjLJ/pBWhA0cDHzOYRfyRmfIto9tuAD/sZpmE3DgXfLPW4RpvDebHhL
Lit1bTJHjyDur8KBJQumEWrNFx1QtP0rAI7WGbau9MMMDE6G16ZSNXBphN+rPv2z
WS7zrf0OLBRp2W/Pt4xGVMqWRlWLQHr8QXwiokZs34PIP1N9ulKBrmMVVkNF/s6u
xMu4EtYpzuAwfB7cG8OH9YWoPB419A==
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:05:22 2024 by rpki-client on console-ams.rpki-client.org