Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36DE46F/EB4934CCD5FE11E99528193BF8AEA228/4D5B7DFA9A9911EAB460C75DF8AEA228.roa
File: 4D5B7DFA9A9911EAB460C75DF8AEA228.roa (raw, json)
Hash identifier: 08HHiOipKJGcq74gZtGxaBA7hKxLZk9ttDnVaGPnEtA=
Subject key identifier: D7:66:28:4F:38:44:E7:CE:49:6D:37:3E:13:0E:26:C8:56:6A:46:90
Certificate issuer: /CN=F36DE46FAF/serialNumber=68C5E4BAD5DCD564A2562753C9ACB632BD24CB50
Certificate serial: 0117
Authority key identifier: 68:C5:E4:BA:D5:DC:D5:64:A2:56:27:53:C9:AC:B6:32:BD:24:CB:50
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/aMXkutXc1WSiVidTyay2Mr0ky1A.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36DE46F/EB4934CCD5FE11E99528193BF8AEA228/4D5B7DFA9A9911EAB460C75DF8AEA228.roa
Signing time: Wed 20 May 2020 12:56:21 +0000
ROA not before: Wed 20 May 2020 12:56:16 +0000
ROA not after: Fri 28 Feb 2031 12:56:16 +0000
asID: 36969
IP address blocks: 41.87.28.0/23 maxlen: 23
41.221.106.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36DE46F/EB4934CCD5FE11E99528193BF8AEA228/aMXkutXc1WSiVidTyay2Mr0ky1A.crl
rsync://rpki.afrinic.net/repository/member_repository/F36DE46F/EB4934CCD5FE11E99528193BF8AEA228/aMXkutXc1WSiVidTyay2Mr0ky1A.mft
rsync://rpki.afrinic.net/repository/afrinic/aMXkutXc1WSiVidTyay2Mr0ky1A.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 279 (0x117)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36DE46FAF/serialNumber=68C5E4BAD5DCD564A2562753C9ACB632BD24CB50
Validity
Not Before: May 20 12:56:16 2020 GMT
Not After : Feb 28 12:56:16 2031 GMT
Subject: CN=5ec528f5-c563
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:9b:f2:02:3f:8a:12:92:9a:7c:d3:74:94:82:
ed:1f:cd:67:fe:5a:9a:e3:ca:e5:3f:f8:5e:a0:30:
3e:cb:f0:27:66:05:15:be:6c:a4:71:a3:07:b9:5f:
ee:b5:4e:05:e7:b1:c9:b6:7f:2a:77:82:7c:15:bc:
8a:88:05:1d:4d:18:86:7b:ab:2d:ea:8f:c6:cb:44:
d2:22:81:ab:df:ea:8e:85:d3:2c:9b:9f:07:a0:fa:
a4:f8:60:38:46:18:f9:e6:7c:b7:05:3c:a3:b9:47:
81:14:65:0d:23:6f:9b:07:94:ad:6c:76:50:6f:ee:
c6:3a:3c:d7:64:81:1e:9a:12:7a:86:22:fa:d2:a4:
b0:05:bc:33:37:43:c2:50:a4:1d:6c:7c:28:a0:d4:
48:a6:d9:33:0d:ee:17:b2:9a:a4:e6:85:ce:cc:9d:
24:b5:46:53:c8:de:a0:3e:66:32:b4:8a:6e:5e:1a:
47:0a:47:9f:2e:82:bc:8f:f8:dd:bf:06:46:d3:19:
f6:ec:1f:eb:0c:60:54:a3:26:88:d0:7a:17:60:d7:
4e:2a:d8:df:0a:ea:62:2d:ea:dc:23:1a:39:42:0b:
72:b0:23:2c:74:fe:bd:04:81:77:bd:f9:f4:d4:01:
f3:41:9d:52:2b:e4:a9:00:b0:5f:8f:9f:29:03:3f:
69:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:66:28:4F:38:44:E7:CE:49:6D:37:3E:13:0E:26:C8:56:6A:46:90
X509v3 Authority Key Identifier:
keyid:68:C5:E4:BA:D5:DC:D5:64:A2:56:27:53:C9:AC:B6:32:BD:24:CB:50
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36DE46F/EB4934CCD5FE11E99528193BF8AEA228/aMXkutXc1WSiVidTyay2Mr0ky1A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/aMXkutXc1WSiVidTyay2Mr0ky1A.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36DE46F/EB4934CCD5FE11E99528193BF8AEA228/4D5B7DFA9A9911EAB460C75DF8AEA228.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
41.87.28.0/23
41.221.106.0/23
Signature Algorithm: sha256WithRSAEncryption
50:08:2b:10:67:76:98:44:ec:31:43:f1:b3:a9:d6:b7:41:c4:
20:81:53:52:ed:fc:90:04:99:09:31:65:fb:ca:80:d2:41:c1:
07:8a:41:63:8d:08:c1:7c:2c:48:69:80:b5:1c:8c:c4:3d:31:
34:89:b8:09:63:a1:9d:01:8f:bd:39:35:6a:48:ad:92:c4:b2:
c0:bb:d2:f3:04:b2:c2:22:3b:d7:15:f1:1a:b9:5b:9b:4b:53:
7f:05:a5:48:c2:4c:4a:b2:b9:6e:18:8f:82:e0:61:75:d8:4b:
b6:76:9e:da:a4:bf:e5:23:aa:ca:08:1d:b9:a5:d2:80:57:5d:
ea:9a:7a:44:d9:28:da:6d:9d:4e:ea:cd:44:a7:87:fe:19:56:
7c:00:d0:03:59:5e:a2:7c:4e:ff:aa:e4:c3:f5:d3:93:49:8b:
16:55:bd:09:31:b1:da:7c:e2:87:83:fb:5b:88:d7:0a:21:5d:
08:f1:20:cc:fe:92:9c:6f:d6:4e:4d:de:20:07:79:ae:9a:89:
11:00:55:81:64:32:9f:6a:19:5b:1a:d9:95:25:b5:5e:f8:33:
71:16:b5:53:85:1b:cd:6e:89:03:ba:ce:47:10:83:10:4c:3e:
d4:9e:1e:2c:2d:b8:32:6a:96:d6:46:ba:0f:b0:7a:6f:b6:0c:
61:ea:6f:bc
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgICARcwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
REU0NkZBRjExMC8GA1UEBRMoNjhDNUU0QkFENURDRDU2NEEyNTYyNzUzQzlBQ0I2
MzJCRDI0Q0I1MDAeFw0yMDA1MjAxMjU2MTZaFw0zMTAyMjgxMjU2MTZaMBgxFjAU
BgNVBAMTDTVlYzUyOGY1LWM1NjMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDGm/ICP4oSkpp803SUgu0fzWf+WprjyuU/+F6gMD7L8CdmBRW+bKRxowe5
X+61TgXnscm2fyp3gnwVvIqIBR1NGIZ7qy3qj8bLRNIigavf6o6F0yybnweg+qT4
YDhGGPnmfLcFPKO5R4EUZQ0jb5sHlK1sdlBv7sY6PNdkgR6aEnqGIvrSpLAFvDM3
Q8JQpB1sfCig1Eim2TMN7heymqTmhc7MnSS1RlPI3qA+ZjK0im5eGkcKR58ugryP
+N2/BkbTGfbsH+sMYFSjJojQehdg104q2N8K6mIt6twjGjlCC3KwIyx0/r0EgXe9
+fTUAfNBnVIr5KkAsF+PnykDP2nLAgMBAAGjggKrMIICpzAdBgNVHQ4EFgQU12Yo
TzhE585JbTc+Ew4myFZqRpAwHwYDVR0jBBgwFoAUaMXkutXc1WSiVidTyay2Mr0k
y1AwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkRFNDZGL0VCNDkzNENDRDVGRTExRTk5NTI4MTkzQkY4QUVBMjI4L2FNWGt1
dFhjMVdTaVZpZFR5YXkyTXIwa3kxQS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL2FNWGt1dFhjMVdTaVZpZFR5YXkyTXIwa3kxQS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkRFNDZGL0VCNDkzNENDRDVGRTExRTk5NTI4MTkzQkY4
QUVBMjI4LzRENUI3REZBOUE5OTExRUFCNDYwQzc1REY4QUVBMjI4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBAEpVxwDBAEp3WowDQYJKoZI
hvcNAQELBQADggEBAFAIKxBndphE7DFD8bOp1rdBxCCBU1Lt/JAEmQkxZfvKgNJB
wQeKQWONCMF8LEhpgLUcjMQ9MTSJuAljoZ0Bj705NWpIrZLEssC70vMEssIiO9cV
8Rq5W5tLU38FpUjCTEqyuW4Yj4LgYXXYS7Z2ntqkv+UjqsoIHbml0oBXXeqaekTZ
KNptnU7qzUSnh/4ZVnwA0ANZXqJ8Tv+q5MP105NJixZVvQkxsdp84oeD+1uI1woh
XQjxIMz+kpxv1k5N3iAHea6aiREAVYFkMp9qGVsa2ZUltV74M3EWtVOFG81uiQO6
zkcQgxBMPtSeHiwtuDJqltZGug+wem+2DGHqb7w=
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:10:18 2024 by rpki-client on console-fra.rpki-client.org