Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36C7A8F/0D485FCA0A9A11EE955F44294AD9E6FC/20911B1A0AAB11EE98E6EE5A4AD9E6FC.roa
File: 20911B1A0AAB11EE98E6EE5A4AD9E6FC.roa (raw, json)
Hash identifier: 3LYqrUAm+YgDBSHjb0aEV7V78Rp6eI1SjXprGGtvbe8=
Subject key identifier: 22:29:C0:4F:24:5A:58:20:6D:F9:3F:8D:67:4B:98:C5:CB:86:82:72
Certificate issuer: /CN=F36C7A8FAF/serialNumber=E99E81FC8FE487C2F84DC9AFADC1FCDBB4029AF9
Certificate serial: 0B
Authority key identifier: E9:9E:81:FC:8F:E4:87:C2:F8:4D:C9:AF:AD:C1:FC:DB:B4:02:9A:F9
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/6Z6B_I_kh8L4TcmvrcH827QCmvk.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36C7A8F/0D485FCA0A9A11EE955F44294AD9E6FC/20911B1A0AAB11EE98E6EE5A4AD9E6FC.roa
Signing time: Wed 14 Jun 2023 12:01:00 +0000
ROA not before: Wed 14 Jun 2023 12:00:56 +0000
ROA not after: Fri 13 Jun 2025 12:00:56 +0000
asID: 36959
IP address blocks: 41.222.16.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36C7A8F/0D485FCA0A9A11EE955F44294AD9E6FC/6Z6B_I_kh8L4TcmvrcH827QCmvk.crl
rsync://rpki.afrinic.net/repository/member_repository/F36C7A8F/0D485FCA0A9A11EE955F44294AD9E6FC/6Z6B_I_kh8L4TcmvrcH827QCmvk.mft
rsync://rpki.afrinic.net/repository/afrinic/6Z6B_I_kh8L4TcmvrcH827QCmvk.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 11 (0xb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36C7A8FAF/serialNumber=E99E81FC8FE487C2F84DC9AFADC1FCDBB4029AF9
Validity
Not Before: Jun 14 12:00:56 2023 GMT
Not After : Jun 13 12:00:56 2025 GMT
Subject: CN=6489abfc-fb40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:96:98:b8:a7:ea:0e:f1:b8:ee:be:a8:33:60:
71:bb:5c:c1:35:78:3c:0f:a2:2f:03:ca:c5:13:0f:
1b:35:22:25:50:ac:d0:25:d5:51:5f:c7:79:03:c3:
e1:2e:55:ef:a9:ee:f5:6a:e0:89:58:0d:2e:0c:ed:
85:65:41:27:16:9d:30:fd:6f:f4:d6:44:c9:c1:bd:
f1:2a:e4:64:e7:2c:b4:55:df:27:a4:38:2c:d9:09:
8e:16:08:30:33:d8:dd:f4:03:80:6e:2d:e5:0b:8f:
ee:e5:bc:b0:43:e2:fb:0a:33:e0:01:3f:9d:2a:39:
c5:4e:22:eb:56:5e:b3:66:f7:18:a7:86:44:4b:1d:
d2:9d:e3:f2:9a:5f:77:b7:e2:dc:67:6b:4c:92:36:
db:73:01:34:e5:17:24:e7:63:68:b3:eb:db:e3:2e:
56:24:13:e8:19:f5:43:50:3b:01:94:45:a8:15:7a:
45:6d:4f:97:f6:07:60:b7:5d:01:44:31:b4:bb:50:
ff:2a:ab:23:3b:6a:21:24:56:20:75:2f:91:0b:c2:
0c:88:53:75:09:16:09:f6:c2:66:0e:ff:73:40:96:
1c:92:52:5e:ed:e4:7a:9f:c2:18:2c:47:2c:6d:f4:
03:32:5f:7a:9d:a7:92:07:80:cf:ff:f8:f7:79:92:
1d:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:29:C0:4F:24:5A:58:20:6D:F9:3F:8D:67:4B:98:C5:CB:86:82:72
X509v3 Authority Key Identifier:
keyid:E9:9E:81:FC:8F:E4:87:C2:F8:4D:C9:AF:AD:C1:FC:DB:B4:02:9A:F9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36C7A8F/0D485FCA0A9A11EE955F44294AD9E6FC/6Z6B_I_kh8L4TcmvrcH827QCmvk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/6Z6B_I_kh8L4TcmvrcH827QCmvk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36C7A8F/0D485FCA0A9A11EE955F44294AD9E6FC/20911B1A0AAB11EE98E6EE5A4AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
41.222.16.0/21
Signature Algorithm: sha256WithRSAEncryption
77:03:0d:fb:6d:e5:a7:b4:68:26:07:b1:47:ff:d7:46:3b:e2:
b8:42:32:b7:db:9d:b6:e0:b2:d9:09:5e:c1:33:d8:df:bd:c5:
f5:48:ff:07:4c:9d:0d:66:93:c7:d2:56:b7:ce:54:01:2a:e5:
d6:8a:4f:53:ca:27:23:b2:65:15:8f:fb:4a:09:68:c9:38:66:
31:58:51:57:24:9e:6a:04:dd:9e:03:ff:36:9d:3c:3f:35:62:
9f:e1:25:88:4c:e8:01:b7:e7:e3:c8:3f:c7:8f:62:ed:6f:e9:
5f:67:f2:37:da:d1:15:cc:1e:fe:ba:98:d6:39:c1:cb:74:b9:
da:f9:f9:3c:9a:73:6a:31:25:f9:a3:fc:86:6d:65:da:c3:68:
1f:d1:25:31:17:98:ef:d4:0f:a0:9c:0c:0e:53:6c:92:60:71:
35:78:0d:9b:db:93:be:5b:8c:d6:36:ce:14:62:ee:b7:3f:73:
4c:25:eb:0f:54:39:f8:96:6d:2d:44:d9:bf:c7:86:18:f1:b4:
f4:c4:e4:33:23:52:79:8b:82:ed:d2:69:4d:1d:01:ee:ce:a9:
59:f2:2f:0c:7d:29:d5:ad:f0:20:50:91:59:5c:3d:98:24:25:
83:91:dd:5d:4d:7f:b4:9c:97:67:d6:80:30:f4:1e:61:e6:49:
da:03:6c:7e
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBCzANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZD
N0E4RkFGMTEwLwYDVQQFEyhFOTlFODFGQzhGRTQ4N0MyRjg0REM5QUZBREMxRkNE
QkI0MDI5QUY5MB4XDTIzMDYxNDEyMDA1NloXDTI1MDYxMzEyMDA1NlowGDEWMBQG
A1UEAxMNNjQ4OWFiZmMtZmI0MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN6WmLin6g7xuO6+qDNgcbtcwTV4PA+iLwPKxRMPGzUiJVCs0CXVUV/HeQPD
4S5V76nu9WrgiVgNLgzthWVBJxadMP1v9NZEycG98SrkZOcstFXfJ6Q4LNkJjhYI
MDPY3fQDgG4t5QuP7uW8sEPi+woz4AE/nSo5xU4i61Zes2b3GKeGREsd0p3j8ppf
d7fi3GdrTJI223MBNOUXJOdjaLPr2+MuViQT6Bn1Q1A7AZRFqBV6RW1Pl/YHYLdd
AUQxtLtQ/yqrIztqISRWIHUvkQvCDIhTdQkWCfbCZg7/c0CWHJJSXu3kep/CGCxH
LG30AzJfep2nkgeAz//493mSHTMCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBQiKcBP
JFpYIG35P41nS5jFy4aCcjAfBgNVHSMEGDAWgBTpnoH8j+SHwvhNya+twfzbtAKa
+TAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2QzdBOEYvMEQ0ODVGQ0EwQTlBMTFFRTk1NUY0NDI5NEFEOUU2RkMvNlo2Ql9J
X2toOEw0VGNtdnJjSDgyN1FDbXZrLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvNlo2Ql9JX2toOEw0VGNtdnJjSDgyN1FDbXZrLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2QzdBOEYvMEQ0ODVGQ0EwQTlBMTFFRTk1NUY0NDI5NEFE
OUU2RkMvMjA5MTFCMUEwQUFCMTFFRTk4RTZFRTVBNEFEOUU2RkMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAyneEDANBgkqhkiG9w0BAQsF
AAOCAQEAdwMN+23lp7RoJgexR//XRjviuEIyt9udtuCy2QlewTPY373F9Uj/B0yd
DWaTx9JWt85UASrl1opPU8onI7JlFY/7SgloyThmMVhRVySeagTdngP/Np08PzVi
n+EliEzoAbfn48g/x49i7W/pX2fyN9rRFcwe/rqY1jnBy3S52vn5PJpzajEl+aP8
hm1l2sNoH9ElMReY79QPoJwMDlNskmBxNXgNm9uTvluM1jbOFGLutz9zTCXrD1Q5
+JZtLUTZv8eGGPG09MTkMyNSeYuC7dJpTR0B7s6pWfIvDH0p1a3wIFCRWVw9mCQl
g5HdXU1/tJyXZ9aAMPQeYeZJ2gNsfg==
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:52:59 2024 by rpki-client on console-fra.rpki-client.org