Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36E201D/BE11947C2FCD11EE8CE3D7484AD9E6FC/52FAF038311311EE9319652E4AD9E6FC.roa
File: 52FAF038311311EE9319652E4AD9E6FC.roa (raw, json)
Hash identifier: CPXHz3C00Kr9ga8MYMPZ99obmxz+ufFsJiCHPSIPn0I=
Subject key identifier: 96:8A:7C:07:08:C9:EF:37:F8:46:A8:29:CB:25:86:51:05:76:F7:C5
Certificate issuer: /CN=F36E201DAF/serialNumber=0D306F48073DDD72DC70E9DBA7A49C4F6EDCBC82
Certificate serial: 06
Authority key identifier: 0D:30:6F:48:07:3D:DD:72:DC:70:E9:DB:A7:A4:9C:4F:6E:DC:BC:82
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/DTBvSAc93XLccOnbp6ScT27cvII.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36E201D/BE11947C2FCD11EE8CE3D7484AD9E6FC/52FAF038311311EE9319652E4AD9E6FC.roa
Signing time: Wed 02 Aug 2023 09:02:36 +0000
ROA not before: Wed 02 Aug 2023 09:02:32 +0000
ROA not after: Sat 01 Aug 2043 09:02:32 +0000
asID: 37110
IP address blocks: 41.77.128.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36E201D/BE11947C2FCD11EE8CE3D7484AD9E6FC/DTBvSAc93XLccOnbp6ScT27cvII.crl
rsync://rpki.afrinic.net/repository/member_repository/F36E201D/BE11947C2FCD11EE8CE3D7484AD9E6FC/DTBvSAc93XLccOnbp6ScT27cvII.mft
rsync://rpki.afrinic.net/repository/afrinic/DTBvSAc93XLccOnbp6ScT27cvII.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 04 Jun 2024 00:04:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6 (0x6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36E201DAF/serialNumber=0D306F48073DDD72DC70E9DBA7A49C4F6EDCBC82
Validity
Not Before: Aug 2 09:02:32 2023 GMT
Not After : Aug 1 09:02:32 2043 GMT
Subject: CN=64ca1bac-cbfe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:68:e9:9a:3a:8a:06:0c:58:90:df:29:ee:31:
30:5b:73:61:e7:a4:e8:19:e2:97:18:8b:58:9f:8f:
1f:d8:a7:92:1c:41:09:8e:1f:27:24:83:50:f8:58:
a2:01:c2:6f:95:51:f0:de:b9:0a:1c:0c:33:a7:76:
df:77:f3:c3:b2:d5:7d:84:d6:be:7d:8d:56:e6:ed:
a1:2f:5b:3e:66:25:53:64:6c:39:26:74:50:78:cd:
97:9b:b5:92:f5:fd:43:e0:33:4f:50:22:44:2e:0a:
d5:0b:27:46:4c:05:53:2c:f5:fa:02:28:ed:b0:27:
a9:de:b2:67:e9:43:01:ac:18:99:3e:93:7b:22:48:
22:20:be:2b:19:1a:94:bf:b2:2f:60:1a:e9:71:15:
0a:45:51:f2:69:4f:5e:4a:37:1c:c1:be:e3:e8:d0:
ce:e3:c8:57:ac:47:d8:52:79:89:db:69:39:24:d9:
d5:b9:fe:82:29:d8:c7:ac:77:1a:13:97:47:be:81:
6b:b4:71:08:a9:23:1c:48:29:85:1d:a6:0c:f3:37:
27:a9:75:3c:23:b7:e7:12:e7:54:d0:2d:90:84:02:
06:cf:98:1c:31:d8:f1:5e:d7:ca:36:57:61:34:eb:
37:52:0c:bd:a9:5c:c2:57:57:79:af:35:ff:07:d5:
df:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:8A:7C:07:08:C9:EF:37:F8:46:A8:29:CB:25:86:51:05:76:F7:C5
X509v3 Authority Key Identifier:
keyid:0D:30:6F:48:07:3D:DD:72:DC:70:E9:DB:A7:A4:9C:4F:6E:DC:BC:82
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36E201D/BE11947C2FCD11EE8CE3D7484AD9E6FC/DTBvSAc93XLccOnbp6ScT27cvII.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/DTBvSAc93XLccOnbp6ScT27cvII.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36E201D/BE11947C2FCD11EE8CE3D7484AD9E6FC/52FAF038311311EE9319652E4AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
41.77.128.0/21
Signature Algorithm: sha256WithRSAEncryption
b5:35:2d:fd:4a:f9:9e:2b:13:21:d0:c5:bf:ce:8e:62:af:dd:
40:62:3c:86:04:b6:a9:66:23:17:90:d4:45:b2:85:07:64:74:
8b:6e:56:f2:b1:a0:5d:04:f1:f4:11:57:f6:24:72:47:6c:98:
b3:af:80:72:78:e3:13:19:4f:79:f3:0d:21:e1:e5:09:8b:7e:
81:e9:82:19:da:94:94:e5:0f:fd:79:c0:c6:99:87:37:7c:21:
d5:4d:e3:3d:c6:cb:45:3c:2e:4e:4a:59:77:82:f2:29:ff:51:
77:23:1a:1f:7a:f4:9c:8b:64:02:9d:77:10:b0:04:90:59:cb:
6f:51:6a:14:7d:fe:63:44:cb:6d:eb:bf:ed:48:9e:9a:9b:b6:
72:04:94:ba:84:90:8d:86:26:39:50:e1:50:e2:e4:13:ab:c4:
bf:8a:e4:0b:6b:88:22:e9:e6:85:62:8c:16:4e:f3:73:2b:c4:
e3:0b:1a:a8:6e:72:dd:f7:36:1b:28:7b:b4:b6:0f:ee:69:bc:
e9:99:18:f8:28:6b:e1:6f:dc:47:f4:d7:7b:83:3a:44:e8:74:
d6:33:71:5a:4b:25:39:bc:8d:17:56:1f:f5:bf:1e:df:ea:27:
37:dc:42:2b:f2:57:fc:d0:a9:30:83:74:26:ee:07:6f:65:a4:
1a:73:7d:c1
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBBjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZF
MjAxREFGMTEwLwYDVQQFEygwRDMwNkY0ODA3M0RERDcyREM3MEU5REJBN0E0OUM0
RjZFRENCQzgyMB4XDTIzMDgwMjA5MDIzMloXDTQzMDgwMTA5MDIzMlowGDEWMBQG
A1UEAxMNNjRjYTFiYWMtY2JmZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM9o6Zo6igYMWJDfKe4xMFtzYeek6BnilxiLWJ+PH9inkhxBCY4fJySDUPhY
ogHCb5VR8N65ChwMM6d233fzw7LVfYTWvn2NVubtoS9bPmYlU2RsOSZ0UHjNl5u1
kvX9Q+AzT1AiRC4K1QsnRkwFUyz1+gIo7bAnqd6yZ+lDAawYmT6TeyJIIiC+Kxka
lL+yL2Aa6XEVCkVR8mlPXko3HMG+4+jQzuPIV6xH2FJ5idtpOSTZ1bn+ginYx6x3
GhOXR76Ba7RxCKkjHEgphR2mDPM3J6l1PCO35xLnVNAtkIQCBs+YHDHY8V7XyjZX
YTTrN1IMvalcwldXea81/wfV35kCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBSWinwH
CMnvN/hGqCnLJYZRBXb3xTAfBgNVHSMEGDAWgBQNMG9IBz3dctxw6dunpJxPbty8
gjAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2RTIwMUQvQkUxMTk0N0MyRkNEMTFFRThDRTNENzQ4NEFEOUU2RkMvRFRCdlNB
YzkzWExjY09uYnA2U2NUMjdjdklJLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvRFRCdlNBYzkzWExjY09uYnA2U2NUMjdjdklJLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2RTIwMUQvQkUxMTk0N0MyRkNEMTFFRThDRTNENzQ4NEFE
OUU2RkMvNTJGQUYwMzgzMTEzMTFFRTkzMTk2NTJFNEFEOUU2RkMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAylNgDANBgkqhkiG9w0BAQsF
AAOCAQEAtTUt/Ur5nisTIdDFv86OYq/dQGI8hgS2qWYjF5DURbKFB2R0i25W8rGg
XQTx9BFX9iRyR2yYs6+AcnjjExlPefMNIeHlCYt+gemCGdqUlOUP/XnAxpmHN3wh
1U3jPcbLRTwuTkpZd4LyKf9RdyMaH3r0nItkAp13ELAEkFnLb1FqFH3+Y0TLbeu/
7Uiempu2cgSUuoSQjYYmOVDhUOLkE6vEv4rkC2uIIunmhWKMFk7zcyvE4wsaqG5y
3fc2Gyh7tLYP7mm86ZkY+Chr4W/cR/TXe4M6ROh01jNxWkslObyNF1Yf9b8e3+on
N9xCK/JX/NCpMIN0Ju4Hb2WkGnN9wQ==
-----END CERTIFICATE-----
Generated at Sun Jun 2 03:35:36 2024 by rpki-client on console-fra.rpki-client.org