Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36DE42D/DD92018241DA11EE8310FE374AD9E6FC/F62D4A1A41E111EEAB1E864D4AD9E6FC.roa
File: F62D4A1A41E111EEAB1E864D4AD9E6FC.roa (raw, json)
Hash identifier: cFAo+wqTSQNV3wV3FVduOPs4bmdlZBBXmrehWIFAAig=
Subject key identifier: 2F:D2:67:4A:CB:D4:7A:03:BA:10:5B:7D:73:0C:92:16:DE:F2:F2:31
Certificate issuer: /CN=F36DE42DAF/serialNumber=5A659972FEFD8131888ECA98B8F433266CD0E176
Certificate serial: 0B
Authority key identifier: 5A:65:99:72:FE:FD:81:31:88:8E:CA:98:B8:F4:33:26:6C:D0:E1:76
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/WmWZcv79gTGIjsqYuPQzJmzQ4XY.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36DE42D/DD92018241DA11EE8310FE374AD9E6FC/F62D4A1A41E111EEAB1E864D4AD9E6FC.roa
Signing time: Wed 23 Aug 2023 18:22:05 +0000
ROA not before: Wed 23 Aug 2023 18:22:02 +0000
ROA not after: Tue 23 Aug 2033 18:22:02 +0000
asID: 29614
IP address blocks: 41.66.192.0/18 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36DE42D/DD92018241DA11EE8310FE374AD9E6FC/WmWZcv79gTGIjsqYuPQzJmzQ4XY.crl
rsync://rpki.afrinic.net/repository/member_repository/F36DE42D/DD92018241DA11EE8310FE374AD9E6FC/WmWZcv79gTGIjsqYuPQzJmzQ4XY.mft
rsync://rpki.afrinic.net/repository/afrinic/WmWZcv79gTGIjsqYuPQzJmzQ4XY.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 30 Sep 2024 00:05:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 11 (0xb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36DE42DAF/serialNumber=5A659972FEFD8131888ECA98B8F433266CD0E176
Validity
Not Before: Aug 23 18:22:02 2023 GMT
Not After : Aug 23 18:22:02 2033 GMT
Subject: CN=64e64e4d-337a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:02:48:8d:53:1c:05:a8:be:a7:e0:2b:05:ec:
ea:2b:3e:fd:bf:bf:43:89:c7:76:e8:eb:15:3b:8c:
0c:aa:dd:10:dd:95:52:b4:df:d9:db:d7:ff:da:79:
86:81:01:a3:a5:1f:26:b2:0e:43:6e:11:cc:1d:02:
f6:39:5e:7d:36:34:c8:4f:42:31:bc:ed:2a:99:07:
61:90:46:cb:6b:b1:c7:ae:5c:59:23:92:1b:1c:bf:
b4:11:30:69:f0:9e:01:8f:a3:6a:6c:cf:de:2a:3f:
13:82:2d:48:7a:80:8c:19:59:88:3b:65:b4:c6:a6:
c1:4a:68:51:00:40:df:98:1a:4b:b4:e5:4c:28:ff:
62:f4:44:25:54:3d:96:33:d7:53:02:8b:fa:a0:b4:
45:24:fd:3c:84:bb:9c:84:a5:85:24:b0:76:92:58:
f8:61:35:47:8d:01:7d:d0:2e:24:ef:ef:77:9d:83:
54:fa:08:79:aa:1e:55:2d:05:05:31:d9:f6:da:9b:
0e:94:1b:13:71:51:a9:3f:ac:0a:67:8e:3b:9f:e9:
58:e3:3e:ab:81:0a:57:8e:ba:45:c2:3e:fe:ae:c0:
eb:75:1f:ae:6f:31:61:a8:1f:e9:8c:bd:80:f2:1b:
78:df:0c:7b:b9:a5:72:2e:4c:f4:cb:59:2f:76:e1:
8f:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:D2:67:4A:CB:D4:7A:03:BA:10:5B:7D:73:0C:92:16:DE:F2:F2:31
X509v3 Authority Key Identifier:
keyid:5A:65:99:72:FE:FD:81:31:88:8E:CA:98:B8:F4:33:26:6C:D0:E1:76
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36DE42D/DD92018241DA11EE8310FE374AD9E6FC/WmWZcv79gTGIjsqYuPQzJmzQ4XY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/WmWZcv79gTGIjsqYuPQzJmzQ4XY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36DE42D/DD92018241DA11EE8310FE374AD9E6FC/F62D4A1A41E111EEAB1E864D4AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
41.66.192.0/18
Signature Algorithm: sha256WithRSAEncryption
b0:c8:3a:93:02:73:1b:65:d4:39:e0:f7:ff:6e:e2:91:0c:18:
e3:8b:5b:be:22:db:f2:6b:24:8d:a1:47:66:f4:a5:b0:93:3f:
bc:0d:aa:82:1f:7c:f3:93:1e:f8:36:77:2f:4c:5d:36:f7:88:
c8:f9:43:11:6d:bf:67:d9:e1:40:ed:d6:cc:28:10:07:06:c0:
fc:44:16:f4:88:bb:5e:87:41:d7:57:0b:72:18:d8:df:a1:dd:
6e:0c:d0:b9:56:be:a1:3e:c9:34:16:23:4a:f8:70:7c:e5:4a:
10:5e:6c:a3:97:9d:50:ba:b4:53:f1:0e:c3:4d:eb:41:3e:80:
1e:c7:70:e5:37:31:0e:8b:80:c5:41:69:cd:3b:27:ec:65:27:
8f:5a:a0:5e:c0:4c:03:e5:9c:ad:f7:57:d0:74:4f:7c:fe:bd:
c4:98:d3:3d:ef:eb:e8:66:57:ef:87:71:40:f8:4e:4e:6a:15:
2a:5f:b5:bf:98:98:b9:0b:af:88:e0:98:36:ab:76:a8:05:e7:
44:fd:a2:95:90:22:00:92:be:94:4b:49:fb:84:d1:3a:e1:2d:
f4:77:68:80:4d:cf:c1:7b:f2:a6:37:53:d6:ec:c7:1b:cf:f5:
55:10:a5:24:98:c0:b0:9b:f6:8f:f3:89:36:b5:5f:0d:12:90:
1c:11:61:41
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBCzANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZE
RTQyREFGMTEwLwYDVQQFEyg1QTY1OTk3MkZFRkQ4MTMxODg4RUNBOThCOEY0MzMy
NjZDRDBFMTc2MB4XDTIzMDgyMzE4MjIwMloXDTMzMDgyMzE4MjIwMlowGDEWMBQG
A1UEAxMNNjRlNjRlNGQtMzM3YTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOsCSI1THAWovqfgKwXs6is+/b+/Q4nHdujrFTuMDKrdEN2VUrTf2dvX/9p5
hoEBo6UfJrIOQ24RzB0C9jlefTY0yE9CMbztKpkHYZBGy2uxx65cWSOSGxy/tBEw
afCeAY+jamzP3io/E4ItSHqAjBlZiDtltMamwUpoUQBA35gaS7TlTCj/YvREJVQ9
ljPXUwKL+qC0RST9PIS7nISlhSSwdpJY+GE1R40BfdAuJO/vd52DVPoIeaoeVS0F
BTHZ9tqbDpQbE3FRqT+sCmeOO5/pWOM+q4EKV466RcI+/q7A63Ufrm8xYagf6Yy9
gPIbeN8Me7mlci5M9MtZL3bhj38CAwEAAaOCAqUwggKhMB0GA1UdDgQWBBQv0mdK
y9R6A7oQW31zDJIW3vLyMTAfBgNVHSMEGDAWgBRaZZly/v2BMYiOypi49DMmbNDh
djAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2REU0MkQvREQ5MjAxODI0MURBMTFFRTgzMTBGRTM3NEFEOUU2RkMvV21XWmN2
NzlnVEdJanNxWXVQUXpKbXpRNFhZLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvV21XWmN2NzlnVEdJanNxWXVQUXpKbXpRNFhZLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2REU0MkQvREQ5MjAxODI0MURBMTFFRTgzMTBGRTM3NEFE
OUU2RkMvRjYyRDRBMUE0MUUxMTFFRUFCMUU4NjRENEFEOUU2RkMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBilCwDANBgkqhkiG9w0BAQsF
AAOCAQEAsMg6kwJzG2XUOeD3/27ikQwY44tbviLb8mskjaFHZvSlsJM/vA2qgh98
85Me+DZ3L0xdNveIyPlDEW2/Z9nhQO3WzCgQBwbA/EQW9Ii7XodB11cLchjY36Hd
bgzQuVa+oT7JNBYjSvhwfOVKEF5so5edULq0U/EOw03rQT6AHsdw5TcxDouAxUFp
zTsn7GUnj1qgXsBMA+WcrfdX0HRPfP69xJjTPe/r6GZX74dxQPhOTmoVKl+1v5iY
uQuviOCYNqt2qAXnRP2ilZAiAJK+lEtJ+4TROuEt9HdogE3PwXvypjdT1uzHG8/1
VRClJJjAsJv2j/OJNrVfDRKQHBFhQQ==
-----END CERTIFICATE-----
Generated at Sat Sep 28 04:04:20 2024 by rpki-client on console-fra.rpki-client.org