Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36C2BF2/DABAB87E19EC11EFBCBF5E2C017001B1/FE708AD21C4911EF81BE34EA7CDC24C2.roa
File: FE708AD21C4911EF81BE34EA7CDC24C2.roa (raw, json)
Hash identifier: ZiopXrdqLTsU+61ziIshjn2/qWu+FsJbH9OdegqZ2vo=
Subject key identifier: C2:BC:23:A4:81:BF:28:C0:D1:A0:51:DB:8C:B1:E2:D5:70:B9:27:91
Certificate issuer: /CN=F36C2BF2AF/serialNumber=FB85E08E5DBB05C95B7BD0DA7E5FE6FCE39826FF
Certificate serial: 13
Authority key identifier: FB:85:E0:8E:5D:BB:05:C9:5B:7B:D0:DA:7E:5F:E6:FC:E3:98:26:FF
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/-4Xgjl27Bclbe9Dafl_m_OOYJv8.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36C2BF2/DABAB87E19EC11EFBCBF5E2C017001B1/FE708AD21C4911EF81BE34EA7CDC24C2.roa
Signing time: Mon 27 May 2024 16:56:00 +0000
ROA not before: Tue 28 May 2024 16:55:57 +0000
ROA not after: Thu 28 May 2026 16:55:57 +0000
asID: 37517
IP address blocks: 41.74.128.0/20 maxlen: 21
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36C2BF2/DABAB87E19EC11EFBCBF5E2C017001B1/-4Xgjl27Bclbe9Dafl_m_OOYJv8.crl
rsync://rpki.afrinic.net/repository/member_repository/F36C2BF2/DABAB87E19EC11EFBCBF5E2C017001B1/-4Xgjl27Bclbe9Dafl_m_OOYJv8.mft
rsync://rpki.afrinic.net/repository/afrinic/-4Xgjl27Bclbe9Dafl_m_OOYJv8.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19 (0x13)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36C2BF2AF/serialNumber=FB85E08E5DBB05C95B7BD0DA7E5FE6FCE39826FF
Validity
Not Before: May 28 16:55:57 2024 GMT
Not After : May 28 16:55:57 2026 GMT
Subject: CN=6654bb20-e22f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:eb:88:db:41:9f:55:97:b7:08:fc:bc:44:d0:
55:7c:0f:ed:37:0a:fa:fc:b3:e6:a1:96:59:eb:b0:
8c:6f:19:b2:61:3a:23:a2:4f:75:34:a4:53:50:85:
e9:70:c8:e9:db:65:3b:a9:8e:7b:a2:9e:0b:4c:87:
01:e3:ae:94:1e:79:bb:28:24:b0:c2:e9:b1:88:ab:
0b:52:f7:60:f0:92:47:7d:f6:b2:77:a7:76:80:82:
4b:0d:7a:1d:07:a8:dc:a4:18:1f:7f:4e:1f:b0:5c:
88:61:e1:a9:ae:03:5d:bd:2c:35:6f:3c:da:bb:95:
64:fd:49:7f:f6:21:a5:b9:7b:22:a9:03:e8:4c:e4:
97:b8:0f:5c:90:00:eb:d6:03:97:25:f6:d9:24:f5:
04:56:61:ee:fc:f8:4d:57:0e:f7:cb:b7:21:15:47:
19:cc:9e:9d:2e:d1:d8:de:cf:10:22:84:ab:a1:0f:
ce:f1:45:be:99:7f:30:c1:f9:c6:4a:0a:71:f6:d3:
c7:be:a8:22:c0:37:a1:05:8f:68:0b:88:18:c2:3e:
ba:37:1c:bc:aa:91:a9:78:1b:db:d4:d7:30:cb:b7:
7b:fe:5e:31:e3:5b:52:e9:56:fc:8e:34:f8:dd:87:
7c:f5:11:ec:f0:92:75:57:b8:1e:5a:e8:a5:93:ea:
65:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:BC:23:A4:81:BF:28:C0:D1:A0:51:DB:8C:B1:E2:D5:70:B9:27:91
X509v3 Authority Key Identifier:
keyid:FB:85:E0:8E:5D:BB:05:C9:5B:7B:D0:DA:7E:5F:E6:FC:E3:98:26:FF
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36C2BF2/DABAB87E19EC11EFBCBF5E2C017001B1/-4Xgjl27Bclbe9Dafl_m_OOYJv8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/-4Xgjl27Bclbe9Dafl_m_OOYJv8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36C2BF2/DABAB87E19EC11EFBCBF5E2C017001B1/FE708AD21C4911EF81BE34EA7CDC24C2.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
41.74.128.0/20
Signature Algorithm: sha256WithRSAEncryption
8a:90:4c:52:68:49:b3:3e:ad:a6:c4:31:ec:9a:04:b8:a6:9c:
bd:a9:77:4c:61:30:cb:25:98:16:ca:ff:79:7c:f7:d4:1e:e2:
b6:cb:ec:fb:57:e6:f7:ce:8c:16:9f:29:c0:7a:53:5a:8b:2a:
c1:35:14:76:18:fd:f2:66:74:10:ca:8b:b5:14:a1:da:0c:0a:
1f:ef:a2:df:98:65:27:2f:34:0f:97:5c:d7:51:c1:f1:b4:77:
a0:df:10:5d:ea:cb:0e:6b:ae:6f:83:d1:a4:d2:1f:be:a9:3b:
16:bf:91:be:8d:50:c1:7f:2c:51:dc:e0:22:12:75:17:98:c7:
56:72:a9:7f:f8:8a:0e:fb:1f:ec:88:9f:9b:d0:d8:07:5a:5c:
48:bd:91:2e:7a:0b:04:4e:a2:77:e9:bc:45:0c:b5:df:3f:1f:
12:72:ba:9a:76:1b:2d:80:69:b7:38:11:82:2e:e9:a2:0e:c5:
90:b2:d5:e0:a2:86:90:2d:7f:da:52:a3:2d:97:b4:9e:14:d9:
0f:65:3c:df:a0:e0:89:d2:35:4e:4c:8d:cc:e3:b6:d6:b7:06:
d6:6b:f2:72:22:1e:80:74:62:4e:45:bd:99:83:63:93:95:6c:
f2:da:b1:24:05:b0:89:72:57:2d:18:10:75:e3:81:35:a2:f6:
a0:59:35:f0
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBEzANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZD
MkJGMkFGMTEwLwYDVQQFEyhGQjg1RTA4RTVEQkIwNUM5NUI3QkQwREE3RTVGRTZG
Q0UzOTgyNkZGMB4XDTI0MDUyODE2NTU1N1oXDTI2MDUyODE2NTU1N1owGDEWMBQG
A1UEAxMNNjY1NGJiMjAtZTIyZjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKnriNtBn1WXtwj8vETQVXwP7TcK+vyz5qGWWeuwjG8ZsmE6I6JPdTSkU1CF
6XDI6dtlO6mOe6KeC0yHAeOulB55uygksMLpsYirC1L3YPCSR332snendoCCSw16
HQeo3KQYH39OH7BciGHhqa4DXb0sNW882ruVZP1Jf/Yhpbl7IqkD6Ezkl7gPXJAA
69YDlyX22ST1BFZh7vz4TVcO98u3IRVHGcyenS7R2N7PECKEq6EPzvFFvpl/MMH5
xkoKcfbTx76oIsA3oQWPaAuIGMI+ujccvKqRqXgb29TXMMu3e/5eMeNbUulW/I40
+N2HfPUR7PCSdVe4HlropZPqZckCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBTCvCOk
gb8owNGgUduMseLVcLknkTAfBgNVHSMEGDAWgBT7heCOXbsFyVt70Np+X+b845gm
/zAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2QzJCRjIvREFCQUI4N0UxOUVDMTFFRkJDQkY1RTJDMDE3MDAxQjEvLTRYZ2ps
MjdCY2xiZTlEYWZsX21fT09ZSnY4LmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvLTRYZ2psMjdCY2xiZTlEYWZsX21fT09ZSnY4LmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2QzJCRjIvREFCQUI4N0UxOUVDMTFFRkJDQkY1RTJDMDE3
MDAxQjEvRkU3MDhBRDIxQzQ5MTFFRjgxQkUzNEVBN0NEQzI0QzIucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBClKgDANBgkqhkiG9w0BAQsF
AAOCAQEAipBMUmhJsz6tpsQx7JoEuKacval3TGEwyyWYFsr/eXz31B7itsvs+1fm
986MFp8pwHpTWosqwTUUdhj98mZ0EMqLtRSh2gwKH++i35hlJy80D5dc11HB8bR3
oN8QXerLDmuub4PRpNIfvqk7Fr+Rvo1QwX8sUdzgIhJ1F5jHVnKpf/iKDvsf7Iif
m9DYB1pcSL2RLnoLBE6id+m8RQy13z8fEnK6mnYbLYBptzgRgi7pog7FkLLV4KKG
kC1/2lKjLZe0nhTZD2U836DgidI1TkyNzOO21rcG1mvyciIegHRiTkW9mYNjk5Vs
8tqxJAWwiXJXLRgQdeOBNaL2oFk18A==
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:52:58 2024 by rpki-client on console-fra.rpki-client.org