Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36C3384/A7F90D10B30011EB848B4A5CF8AEA228/2C728DBAC14B11EC9F51E27DF1222468.roa
File: 2C728DBAC14B11EC9F51E27DF1222468.roa (raw, json)
Hash identifier: t3mngpyGGP9DMjPB0fDOfVfZpvTJQA8nleduB2V83gI=
Subject key identifier: 8A:33:93:35:8E:A5:27:1E:02:36:83:5B:89:2E:36:3E:F7:3B:25:48
Certificate issuer: /CN=F36C3384AF/serialNumber=32E6680B0A20A80019EBBAC02D331EB30270DE87
Certificate serial: 0175
Authority key identifier: 32:E6:68:0B:0A:20:A8:00:19:EB:BA:C0:2D:33:1E:B3:02:70:DE:87
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/MuZoCwogqAAZ67rALTMeswJw3oc.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36C3384/A7F90D10B30011EB848B4A5CF8AEA228/2C728DBAC14B11EC9F51E27DF1222468.roa
Signing time: Thu 21 Apr 2022 08:15:16 +0000
ROA not before: Thu 21 Apr 2022 08:15:11 +0000
ROA not after: Sat 21 Apr 2040 08:15:11 +0000
asID: 328594
IP address blocks: 41.242.152.0/21 maxlen: 21
41.242.152.0/22 maxlen: 22
41.242.152.0/23 maxlen: 23
41.242.152.0/24 maxlen: 24
41.242.153.0/24 maxlen: 24
41.242.154.0/23 maxlen: 23
41.242.154.0/24 maxlen: 24
41.242.155.0/24 maxlen: 24
41.242.156.0/22 maxlen: 22
41.242.156.0/23 maxlen: 23
41.242.156.0/24 maxlen: 24
41.242.157.0/24 maxlen: 24
41.242.158.0/23 maxlen: 23
41.242.158.0/24 maxlen: 24
41.242.159.0/24 maxlen: 24
2c0f:eb98::/32 maxlen: 32
2c0f:eb98::/48 maxlen: 48
2c0f:eb98:13::/48 maxlen: 48
2c0f:eb98:14::/48 maxlen: 48
2c0f:eb98:ffff::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36C3384/A7F90D10B30011EB848B4A5CF8AEA228/MuZoCwogqAAZ67rALTMeswJw3oc.crl
rsync://rpki.afrinic.net/repository/member_repository/F36C3384/A7F90D10B30011EB848B4A5CF8AEA228/MuZoCwogqAAZ67rALTMeswJw3oc.mft
rsync://rpki.afrinic.net/repository/afrinic/MuZoCwogqAAZ67rALTMeswJw3oc.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 09 May 2024 00:04:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 373 (0x175)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36C3384AF/serialNumber=32E6680B0A20A80019EBBAC02D331EB30270DE87
Validity
Not Before: Apr 21 08:15:11 2022 GMT
Not After : Apr 21 08:15:11 2040 GMT
Subject: CN=62611293-9b42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:90:4e:21:83:ae:39:30:ce:07:88:b9:60:37:
a7:db:39:5d:59:da:40:88:05:d8:61:46:09:41:a1:
45:b5:7d:8b:bf:48:24:13:68:3d:d7:47:02:b5:b7:
ec:2d:da:1e:05:2a:9f:f1:ce:a2:91:b2:cc:49:5b:
bf:ba:b2:69:06:38:0c:7a:00:57:d4:a1:fa:c4:fb:
51:71:d9:73:48:ca:95:74:99:32:cb:9b:ca:99:d3:
75:5d:55:d1:e9:6b:83:9a:0f:41:f5:38:c0:64:9c:
ab:6e:67:3b:39:db:00:d5:ef:4e:01:12:de:21:ae:
05:0d:4d:1d:83:94:7e:2e:91:eb:94:53:a4:b2:af:
5e:34:5d:db:41:40:9a:97:6a:20:03:84:02:cf:4d:
c6:63:d2:d1:e1:02:cc:12:d4:89:aa:25:5b:d1:62:
8a:7f:d1:0c:62:4a:c3:71:f2:0f:c8:e2:c0:6d:07:
be:f2:db:a1:82:1c:18:be:3d:24:c0:aa:d7:af:a1:
83:9d:6b:6e:b8:a4:10:b8:5b:57:52:48:b6:b3:43:
85:2a:91:f4:c0:45:c3:68:ea:d8:c2:07:c2:d4:b8:
5f:72:74:cd:89:6e:84:6d:d4:59:f7:26:22:95:b9:
50:b1:b6:68:8e:40:1c:58:80:d2:d0:ca:29:b8:42:
f1:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:33:93:35:8E:A5:27:1E:02:36:83:5B:89:2E:36:3E:F7:3B:25:48
X509v3 Authority Key Identifier:
keyid:32:E6:68:0B:0A:20:A8:00:19:EB:BA:C0:2D:33:1E:B3:02:70:DE:87
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36C3384/A7F90D10B30011EB848B4A5CF8AEA228/MuZoCwogqAAZ67rALTMeswJw3oc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/MuZoCwogqAAZ67rALTMeswJw3oc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36C3384/A7F90D10B30011EB848B4A5CF8AEA228/2C728DBAC14B11EC9F51E27DF1222468.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
41.242.152.0/21
IPv6:
2c0f:eb98::/32
Signature Algorithm: sha256WithRSAEncryption
b6:33:6a:7d:13:3a:31:74:e7:4b:5d:b8:4c:7b:a5:3e:9c:94:
fc:0d:2e:d3:51:56:fd:6e:c3:d0:e7:07:39:f9:28:29:ab:bd:
84:6f:db:bc:a2:0a:26:9e:f0:a2:1f:a3:0a:99:66:a7:59:ad:
01:c9:87:45:fc:2a:9e:a3:0f:a2:04:f8:c3:4b:00:06:1a:99:
8a:d5:4f:55:fe:71:a2:f5:1a:89:7e:da:c8:d7:02:7b:f5:f4:
61:02:ee:10:41:fc:4e:97:ae:f3:ba:bb:4a:63:d4:69:4d:9c:
33:01:33:20:43:dd:1d:37:ff:02:38:7d:50:59:72:73:f3:87:
f1:83:cf:f9:f4:89:75:8c:20:f3:87:73:e4:30:e9:9f:5e:bf:
8f:68:5f:0e:e6:99:f9:cf:5c:d2:5f:f3:28:6c:18:59:99:29:
62:24:f9:26:21:57:c5:97:b7:62:de:2e:a8:44:43:b8:a8:92:
f2:59:df:56:19:29:2d:45:ec:a3:04:5e:aa:e9:a2:d2:46:eb:
f3:1c:7e:c0:13:7a:a4:4d:35:b3:ed:b3:18:99:27:28:e5:6a:
ed:b7:42:60:f7:68:24:30:e4:c6:56:bc:01:ff:3f:48:6e:b9:
91:98:a0:33:5e:db:98:39:2a:05:a4:b7:6f:1d:44:6b:b3:1c:
7c:4c:cb:0b
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgICAXUwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
QzMzODRBRjExMC8GA1UEBRMoMzJFNjY4MEIwQTIwQTgwMDE5RUJCQUMwMkQzMzFF
QjMwMjcwREU4NzAeFw0yMjA0MjEwODE1MTFaFw00MDA0MjEwODE1MTFaMBgxFjAU
BgNVBAMMDTYyNjExMjkzLTliNDIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDGkE4hg645MM4HiLlgN6fbOV1Z2kCIBdhhRglBoUW1fYu/SCQTaD3XRwK1
t+wt2h4FKp/xzqKRssxJW7+6smkGOAx6AFfUofrE+1Fx2XNIypV0mTLLm8qZ03Vd
VdHpa4OaD0H1OMBknKtuZzs52wDV704BEt4hrgUNTR2DlH4ukeuUU6Syr140XdtB
QJqXaiADhALPTcZj0tHhAswS1ImqJVvRYop/0QxiSsNx8g/I4sBtB77y26GCHBi+
PSTAqtevoYOda264pBC4W1dSSLazQ4UqkfTARcNo6tjCB8LUuF9ydM2JboRt1Fn3
JiKVuVCxtmiOQBxYgNLQyim4QvH7AgMBAAGjggK0MIICsDAdBgNVHQ4EFgQUijOT
NY6lJx4CNoNbiS42Pvc7JUgwHwYDVR0jBBgwFoAUMuZoCwogqAAZ67rALTMeswJw
3ocwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkMzMzg0L0E3RjkwRDEwQjMwMDExRUI4NDhCNEE1Q0Y4QUVBMjI4L011Wm9D
d29ncUFBWjY3ckFMVE1lc3dKdzNvYy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL011Wm9Dd29ncUFBWjY3ckFMVE1lc3dKdzNvYy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkMzMzg0L0E3RjkwRDEwQjMwMDExRUI4NDhCNEE1Q0Y4
QUVBMjI4LzJDNzI4REJBQzE0QjExRUM5RjUxRTI3REYxMjIyNDY4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBAMp8pgwDQQCAAIwBwMFACwP
65gwDQYJKoZIhvcNAQELBQADggEBALYzan0TOjF050tduEx7pT6clPwNLtNRVv1u
w9DnBzn5KCmrvYRv27yiCiae8KIfowqZZqdZrQHJh0X8Kp6jD6IE+MNLAAYamYrV
T1X+caL1Gol+2sjXAnv19GEC7hBB/E6XrvO6u0pj1GlNnDMBMyBD3R03/wI4fVBZ
cnPzh/GDz/n0iXWMIPOHc+Qw6Z9ev49oXw7mmfnPXNJf8yhsGFmZKWIk+SYhV8WX
t2LeLqhEQ7iokvJZ31YZKS1F7KMEXqrpotJG6/McfsATeqRNNbPtsxiZJyjlau23
QmD3aCQw5MZWvAH/P0huuZGYoDNe25g5KgWkt28dRGuzHHxMyws=
-----END CERTIFICATE-----
Generated at Tue May 7 03:12:13 2024 by rpki-client on console-fra.rpki-client.org