Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36C01B9/895D9300DA2E11EEA0B0C4A6775412E6/87EC9E40DADC11EEA133B7C7775412E6.roa
File: 87EC9E40DADC11EEA133B7C7775412E6.roa (raw, json)
Hash identifier: 5VW/J5ZFbmjnGDspDLD+LjDMxZWuJWxDOWcJVCysC8c=
Subject key identifier: 11:36:6D:D9:8D:D1:F3:9A:65:99:59:5F:36:F1:AA:69:E4:A1:F7:FD
Certificate issuer: /CN=F36C01B9AF/serialNumber=E2FB6437B4C94D5F51221B1650563A48FF54BE09
Certificate serial: 03
Authority key identifier: E2:FB:64:37:B4:C9:4D:5F:51:22:1B:16:50:56:3A:48:FF:54:BE:09
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/4vtkN7TJTV9RIhsWUFY6SP9Uvgk.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36C01B9/895D9300DA2E11EEA0B0C4A6775412E6/87EC9E40DADC11EEA133B7C7775412E6.roa
Signing time: Tue 05 Mar 2024 10:38:40 +0000
ROA not before: Tue 05 Mar 2024 10:38:37 +0000
ROA not after: Sun 05 Mar 2028 10:38:37 +0000
asID: 25543
IP address blocks: 41.138.105.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36C01B9/895D9300DA2E11EEA0B0C4A6775412E6/4vtkN7TJTV9RIhsWUFY6SP9Uvgk.crl
rsync://rpki.afrinic.net/repository/member_repository/F36C01B9/895D9300DA2E11EEA0B0C4A6775412E6/4vtkN7TJTV9RIhsWUFY6SP9Uvgk.mft
rsync://rpki.afrinic.net/repository/afrinic/4vtkN7TJTV9RIhsWUFY6SP9Uvgk.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 04 Jun 2024 00:04:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3 (0x3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36C01B9AF/serialNumber=E2FB6437B4C94D5F51221B1650563A48FF54BE09
Validity
Not Before: Mar 5 10:38:37 2024 GMT
Not After : Mar 5 10:38:37 2028 GMT
Subject: CN=65e6f630-7e59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:f5:bc:b8:69:d3:3a:1f:e8:0c:fd:99:c5:ce:
50:6d:22:6c:ef:31:cc:27:d3:fd:41:8e:2c:a7:38:
f4:4e:7d:81:5d:a7:e9:a6:9e:49:55:a8:81:58:ab:
15:37:ec:6c:d2:06:b1:7e:74:bb:dc:0a:ee:1d:86:
dc:b9:6a:c4:61:27:28:1d:23:5d:55:a2:4c:fd:38:
35:8e:a6:d8:dd:27:b5:0c:87:09:fb:a2:4f:ec:f8:
51:90:60:83:9b:2a:e5:38:9c:21:34:e6:8e:b3:07:
8d:e8:4a:6c:45:8e:13:19:53:0b:7c:f6:85:4a:79:
43:4d:31:51:b5:c3:c7:33:a3:da:d5:3c:40:07:5b:
d3:ac:ae:c6:5d:56:ca:d3:b0:cc:0b:68:a2:2f:15:
32:8f:57:10:e1:65:55:33:d7:71:0a:45:2e:41:61:
23:fb:9c:6e:5d:20:43:cc:30:e0:93:5d:c7:94:6f:
a3:bd:c8:28:98:f5:c1:43:82:4b:f6:7e:8a:ad:f1:
f4:3c:c8:c0:ff:f0:21:37:fb:1f:1c:f3:c6:ce:27:
63:0e:d6:b0:18:58:83:71:fb:16:02:61:00:01:52:
ef:02:bc:74:05:13:d2:3a:3b:4d:1a:49:e6:c4:96:
64:9a:4b:1b:bf:cc:e9:4a:35:1b:c3:6b:2f:1e:1c:
63:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:36:6D:D9:8D:D1:F3:9A:65:99:59:5F:36:F1:AA:69:E4:A1:F7:FD
X509v3 Authority Key Identifier:
keyid:E2:FB:64:37:B4:C9:4D:5F:51:22:1B:16:50:56:3A:48:FF:54:BE:09
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36C01B9/895D9300DA2E11EEA0B0C4A6775412E6/4vtkN7TJTV9RIhsWUFY6SP9Uvgk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/4vtkN7TJTV9RIhsWUFY6SP9Uvgk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36C01B9/895D9300DA2E11EEA0B0C4A6775412E6/87EC9E40DADC11EEA133B7C7775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
41.138.105.0/24
Signature Algorithm: sha256WithRSAEncryption
47:20:26:5b:4a:c2:15:45:c1:c0:e1:19:01:7b:60:70:a4:60:
51:af:eb:52:bc:c4:8f:6f:85:31:97:d7:a2:d6:ab:e5:e5:5e:
55:a7:12:1a:24:91:39:67:1b:64:c0:2e:07:cc:c1:fd:bf:b6:
ff:96:53:53:d2:e3:f2:34:d1:a3:72:29:2a:81:90:9f:77:b9:
0c:e7:b3:51:de:06:77:34:c6:99:2c:ec:27:48:c5:d8:45:19:
1c:46:25:ab:37:90:67:63:71:65:3a:3b:ae:15:a3:14:07:9a:
88:13:cb:95:b3:ef:bb:aa:9a:93:19:b0:47:fe:5e:fb:2c:fd:
21:f1:5d:ce:03:67:38:f6:b3:c6:50:cb:0a:a0:38:0a:6a:0b:
dc:06:bd:2b:ae:2c:d0:94:67:d4:f6:6c:ab:c6:e4:3e:36:68:
d8:cf:f1:87:b3:24:24:e6:33:f0:08:89:d3:5d:21:e2:d6:22:
d3:7b:83:a4:75:55:cb:b5:8f:07:6c:11:aa:9a:79:80:c3:1c:
dc:33:20:f5:ba:78:15:86:f0:02:ef:d1:80:33:1a:7d:0f:be:
e3:0b:98:40:42:a2:ab:82:75:84:2d:79:6c:c3:8f:12:dc:c9:
f6:c6:a8:aa:ad:31:5d:32:f9:07:11:aa:b4:6f:d0:43:a8:33:
db:04:77:1f
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBAzANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZD
MDFCOUFGMTEwLwYDVQQFEyhFMkZCNjQzN0I0Qzk0RDVGNTEyMjFCMTY1MDU2M0E0
OEZGNTRCRTA5MB4XDTI0MDMwNTEwMzgzN1oXDTI4MDMwNTEwMzgzN1owGDEWMBQG
A1UEAxMNNjVlNmY2MzAtN2U1OTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM/1vLhp0zof6Az9mcXOUG0ibO8xzCfT/UGOLKc49E59gV2n6aaeSVWogVir
FTfsbNIGsX50u9wK7h2G3LlqxGEnKB0jXVWiTP04NY6m2N0ntQyHCfuiT+z4UZBg
g5sq5TicITTmjrMHjehKbEWOExlTC3z2hUp5Q00xUbXDxzOj2tU8QAdb06yuxl1W
ytOwzAtooi8VMo9XEOFlVTPXcQpFLkFhI/ucbl0gQ8ww4JNdx5Rvo73IKJj1wUOC
S/Z+iq3x9DzIwP/wITf7Hxzzxs4nYw7WsBhYg3H7FgJhAAFS7wK8dAUT0jo7TRpJ
5sSWZJpLG7/M6Uo1G8NrLx4cY7UCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBQRNm3Z
jdHzmmWZWV828app5KH3/TAfBgNVHSMEGDAWgBTi+2Q3tMlNX1EiGxZQVjpI/1S+
CTAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2QzAxQjkvODk1RDkzMDBEQTJFMTFFRUEwQjBDNEE2Nzc1NDEyRTYvNHZ0a043
VEpUVjlSSWhzV1VGWTZTUDlVdmdrLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvNHZ0a043VEpUVjlSSWhzV1VGWTZTUDlVdmdrLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2QzAxQjkvODk1RDkzMDBEQTJFMTFFRUEwQjBDNEE2Nzc1
NDEyRTYvODdFQzlFNDBEQURDMTFFRUExMzNCN0M3Nzc1NDEyRTYucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEACmKaTANBgkqhkiG9w0BAQsF
AAOCAQEARyAmW0rCFUXBwOEZAXtgcKRgUa/rUrzEj2+FMZfXotar5eVeVacSGiSR
OWcbZMAuB8zB/b+2/5ZTU9Lj8jTRo3IpKoGQn3e5DOezUd4GdzTGmSzsJ0jF2EUZ
HEYlqzeQZ2NxZTo7rhWjFAeaiBPLlbPvu6qakxmwR/5e+yz9IfFdzgNnOPazxlDL
CqA4CmoL3Aa9K64s0JRn1PZsq8bkPjZo2M/xh7MkJOYz8AiJ010h4tYi03uDpHVV
y7WPB2wRqpp5gMMc3DMg9bp4FYbwAu/RgDMafQ++4wuYQEKiq4J1hC15bMOPEtzJ
9saoqq0xXTL5BxGqtG/QQ6gz2wR3Hw==
-----END CERTIFICATE-----
Generated at Sun Jun 2 03:35:35 2024 by rpki-client on console-fra.rpki-client.org