Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36DE42D/DD92018241DA11EE8310FE374AD9E6FC/0E5411CC41E311EE82D6E3514AD9E6FC.roa
File: 0E5411CC41E311EE82D6E3514AD9E6FC.roa (raw, json)
Hash identifier: 3TJK0gE+dAU3VH/PHstp9QZrPkjTTl+asVnrwcQTUME=
Subject key identifier: 21:60:6C:AF:12:90:31:D0:2C:B7:81:79:A6:2A:B8:21:07:D6:DC:59
Certificate issuer: /CN=F36DE42DAF/serialNumber=5A659972FEFD8131888ECA98B8F433266CD0E176
Certificate serial: 11
Authority key identifier: 5A:65:99:72:FE:FD:81:31:88:8E:CA:98:B8:F4:33:26:6C:D0:E1:76
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/WmWZcv79gTGIjsqYuPQzJmzQ4XY.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36DE42D/DD92018241DA11EE8310FE374AD9E6FC/0E5411CC41E311EE82D6E3514AD9E6FC.roa
Signing time: Wed 23 Aug 2023 18:29:55 +0000
ROA not before: Wed 23 Aug 2023 18:29:52 +0000
ROA not after: Tue 23 Aug 2033 18:29:52 +0000
asID: 29614
IP address blocks: 41.204.32.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36DE42D/DD92018241DA11EE8310FE374AD9E6FC/WmWZcv79gTGIjsqYuPQzJmzQ4XY.crl
rsync://rpki.afrinic.net/repository/member_repository/F36DE42D/DD92018241DA11EE8310FE374AD9E6FC/WmWZcv79gTGIjsqYuPQzJmzQ4XY.mft
rsync://rpki.afrinic.net/repository/afrinic/WmWZcv79gTGIjsqYuPQzJmzQ4XY.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 30 Jun 2024 00:05:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17 (0x11)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36DE42DAF/serialNumber=5A659972FEFD8131888ECA98B8F433266CD0E176
Validity
Not Before: Aug 23 18:29:52 2023 GMT
Not After : Aug 23 18:29:52 2033 GMT
Subject: CN=64e65023-7637
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:57:24:8a:62:c4:94:aa:2c:60:6a:04:c8:32:
54:73:7e:be:0c:0f:6d:d5:31:1b:fd:c8:e8:ea:03:
9d:37:ef:6f:cb:0f:f8:61:c6:5b:f1:c6:3a:8d:f6:
19:9d:81:3b:99:90:b1:28:f3:31:0f:bb:7b:82:af:
02:94:25:37:86:04:f9:fe:bb:07:d1:2c:52:ec:60:
72:af:1a:0d:77:2e:6c:74:71:94:56:26:09:d3:fd:
a3:b8:52:55:e3:6f:0c:6e:27:c6:af:ac:6b:24:58:
91:93:51:41:34:82:1c:15:d3:d4:fc:cb:7e:42:78:
31:e1:4a:b8:24:0c:e7:99:6c:2d:a5:74:26:c6:6f:
a7:47:c1:12:9b:3a:10:23:27:15:74:78:b9:5a:34:
50:a8:c1:91:85:cb:9e:3f:06:c4:1d:8d:fe:24:5d:
de:88:59:ce:18:c4:94:8c:07:61:bf:59:0e:41:b2:
87:74:1f:25:06:fe:18:54:55:ff:d9:53:6a:97:e4:
af:96:07:c5:38:30:06:d7:8a:0f:58:aa:5a:29:bf:
cd:aa:ed:1a:86:df:4c:dd:7f:5d:7e:f3:a1:84:e0:
31:f1:57:31:2b:42:dc:af:d9:0f:a8:a8:e7:9b:1f:
d7:fe:36:c1:f5:b3:2f:10:45:2b:ae:62:cb:85:7a:
ab:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:60:6C:AF:12:90:31:D0:2C:B7:81:79:A6:2A:B8:21:07:D6:DC:59
X509v3 Authority Key Identifier:
keyid:5A:65:99:72:FE:FD:81:31:88:8E:CA:98:B8:F4:33:26:6C:D0:E1:76
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36DE42D/DD92018241DA11EE8310FE374AD9E6FC/WmWZcv79gTGIjsqYuPQzJmzQ4XY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/WmWZcv79gTGIjsqYuPQzJmzQ4XY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36DE42D/DD92018241DA11EE8310FE374AD9E6FC/0E5411CC41E311EE82D6E3514AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
41.204.32.0/19
Signature Algorithm: sha256WithRSAEncryption
15:9d:6e:58:c4:ab:19:48:f6:6c:15:1e:a6:e0:49:14:bf:16:
31:4e:ce:96:47:e0:4c:07:e0:14:9a:51:b7:55:69:8f:00:0f:
6a:9a:fa:f3:d0:0d:ba:90:74:7e:f5:6d:bb:56:96:d4:14:51:
a5:4a:f5:67:1a:b4:b5:56:25:33:e0:a2:a3:92:8a:bf:a2:96:
e3:82:43:13:94:be:90:c7:16:2e:ce:90:d0:22:cc:c5:60:68:
ef:49:ba:29:51:f1:b1:6a:e1:f7:e6:23:4b:c9:ed:fb:c4:d2:
65:5a:33:6c:23:d6:4e:64:37:e6:59:97:4c:6f:ed:e6:66:6a:
d7:6a:be:2c:e1:10:e6:a5:6e:49:d6:86:fa:64:9f:6d:89:f1:
be:7b:58:7b:ff:12:60:fd:2b:98:46:75:b3:a1:f4:4a:6e:7b:
fe:cd:93:c9:34:58:73:29:4a:16:f0:9f:25:e0:9d:6d:51:1f:
d0:18:d8:b4:3a:9e:5d:d7:98:6d:f3:8f:00:40:ea:83:e3:d5:
9d:d5:2a:a8:2d:c0:15:63:e2:58:63:eb:91:f8:e7:2d:19:12:
8b:fc:23:06:8f:8c:3d:5c:f3:0d:74:ab:0c:79:93:2e:28:39:
76:b9:86:2a:62:73:1f:41:32:08:70:d9:75:99:d2:a9:20:1b:
08:64:09:3e
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBETANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZE
RTQyREFGMTEwLwYDVQQFEyg1QTY1OTk3MkZFRkQ4MTMxODg4RUNBOThCOEY0MzMy
NjZDRDBFMTc2MB4XDTIzMDgyMzE4Mjk1MloXDTMzMDgyMzE4Mjk1MlowGDEWMBQG
A1UEAxMNNjRlNjUwMjMtNzYzNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK1XJIpixJSqLGBqBMgyVHN+vgwPbdUxG/3I6OoDnTfvb8sP+GHGW/HGOo32
GZ2BO5mQsSjzMQ+7e4KvApQlN4YE+f67B9EsUuxgcq8aDXcubHRxlFYmCdP9o7hS
VeNvDG4nxq+sayRYkZNRQTSCHBXT1PzLfkJ4MeFKuCQM55lsLaV0JsZvp0fBEps6
ECMnFXR4uVo0UKjBkYXLnj8GxB2N/iRd3ohZzhjElIwHYb9ZDkGyh3QfJQb+GFRV
/9lTapfkr5YHxTgwBteKD1iqWim/zartGobfTN1/XX7zoYTgMfFXMStC3K/ZD6io
55sf1/42wfWzLxBFK65iy4V6q1sCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBQhYGyv
EpAx0Cy3gXmmKrghB9bcWTAfBgNVHSMEGDAWgBRaZZly/v2BMYiOypi49DMmbNDh
djAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2REU0MkQvREQ5MjAxODI0MURBMTFFRTgzMTBGRTM3NEFEOUU2RkMvV21XWmN2
NzlnVEdJanNxWXVQUXpKbXpRNFhZLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvV21XWmN2NzlnVEdJanNxWXVQUXpKbXpRNFhZLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2REU0MkQvREQ5MjAxODI0MURBMTFFRTgzMTBGRTM3NEFE
OUU2RkMvMEU1NDExQ0M0MUUzMTFFRTgyRDZFMzUxNEFEOUU2RkMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBSnMIDANBgkqhkiG9w0BAQsF
AAOCAQEAFZ1uWMSrGUj2bBUepuBJFL8WMU7OlkfgTAfgFJpRt1VpjwAPapr689AN
upB0fvVtu1aW1BRRpUr1Zxq0tVYlM+Cio5KKv6KW44JDE5S+kMcWLs6Q0CLMxWBo
70m6KVHxsWrh9+YjS8nt+8TSZVozbCPWTmQ35lmXTG/t5mZq12q+LOEQ5qVuSdaG
+mSfbYnxvntYe/8SYP0rmEZ1s6H0Sm57/s2TyTRYcylKFvCfJeCdbVEf0BjYtDqe
XdeYbfOPAEDqg+PVndUqqC3AFWPiWGPrkfjnLRkSi/wjBo+MPVzzDXSrDHmTLig5
drmGKmJzH0EyCHDZdZnSqSAbCGQJPg==
-----END CERTIFICATE-----
Generated at Fri Jun 28 03:15:19 2024 by rpki-client on console-fra.rpki-client.org