Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36E201D/BE11947C2FCD11EE8CE3D7484AD9E6FC/74FF55AC311311EEAA4CBB2E4AD9E6FC.roa
File: 74FF55AC311311EEAA4CBB2E4AD9E6FC.roa (raw, json)
Hash identifier: YFcZ13YkooKk8gZs9EKDPRGIE46mgixe3+C0QIIMAH0=
Subject key identifier: FA:B4:08:33:C6:DF:E7:5C:D3:16:8D:F1:97:70:25:76:7A:5B:3C:F4
Certificate issuer: /CN=F36E201DAF/serialNumber=0D306F48073DDD72DC70E9DBA7A49C4F6EDCBC82
Certificate serial: 08
Authority key identifier: 0D:30:6F:48:07:3D:DD:72:DC:70:E9:DB:A7:A4:9C:4F:6E:DC:BC:82
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/DTBvSAc93XLccOnbp6ScT27cvII.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36E201D/BE11947C2FCD11EE8CE3D7484AD9E6FC/74FF55AC311311EEAA4CBB2E4AD9E6FC.roa
Signing time: Wed 02 Aug 2023 09:03:33 +0000
ROA not before: Wed 02 Aug 2023 09:03:30 +0000
ROA not after: Sat 01 Aug 2043 09:03:30 +0000
asID: 37110
IP address blocks: 41.223.152.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36E201D/BE11947C2FCD11EE8CE3D7484AD9E6FC/DTBvSAc93XLccOnbp6ScT27cvII.crl
rsync://rpki.afrinic.net/repository/member_repository/F36E201D/BE11947C2FCD11EE8CE3D7484AD9E6FC/DTBvSAc93XLccOnbp6ScT27cvII.mft
rsync://rpki.afrinic.net/repository/afrinic/DTBvSAc93XLccOnbp6ScT27cvII.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8 (0x8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36E201DAF/serialNumber=0D306F48073DDD72DC70E9DBA7A49C4F6EDCBC82
Validity
Not Before: Aug 2 09:03:30 2023 GMT
Not After : Aug 1 09:03:30 2043 GMT
Subject: CN=64ca1be5-37e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:f4:05:bb:93:95:58:38:2b:ce:e8:b4:1b:05:
2f:7c:d2:fd:75:e2:8c:14:d6:02:ec:90:23:7b:12:
6e:25:2f:8a:37:3d:2d:39:b4:07:d4:a3:32:7c:b0:
df:ef:a4:5f:75:48:f3:f8:a8:b9:3a:94:20:c7:7d:
05:3c:b9:91:50:b6:4a:12:ac:18:1d:0a:e3:be:0b:
67:ee:52:32:24:5b:19:c7:1a:8b:2c:25:ab:68:43:
cc:f1:2d:0c:3b:8a:64:8c:19:ab:f6:a9:f2:c0:22:
38:1c:f6:c2:49:d6:ee:ae:02:08:9a:ea:fe:1e:89:
73:be:89:f9:cf:da:39:71:ed:a5:f0:c4:df:6f:b6:
c0:70:15:58:d8:4f:f8:2f:82:37:63:5c:74:87:e8:
43:c9:e1:fe:30:f7:da:88:54:05:e9:cb:47:1f:65:
7f:8d:14:ff:fb:3d:72:68:75:9c:cc:99:f5:dd:22:
43:98:8e:27:98:5b:bf:16:55:e2:7a:96:15:0b:6d:
a6:47:10:d6:0d:09:ac:ea:a0:01:4b:b9:2c:14:27:
3b:05:a5:51:6b:7b:25:0d:1a:b7:b0:0b:e1:5f:af:
a1:3d:67:b0:2a:41:e7:77:28:55:fc:f6:41:72:f1:
29:99:3a:7a:93:32:2f:ca:6e:c3:5b:71:2c:dd:38:
c1:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:B4:08:33:C6:DF:E7:5C:D3:16:8D:F1:97:70:25:76:7A:5B:3C:F4
X509v3 Authority Key Identifier:
keyid:0D:30:6F:48:07:3D:DD:72:DC:70:E9:DB:A7:A4:9C:4F:6E:DC:BC:82
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36E201D/BE11947C2FCD11EE8CE3D7484AD9E6FC/DTBvSAc93XLccOnbp6ScT27cvII.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/DTBvSAc93XLccOnbp6ScT27cvII.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36E201D/BE11947C2FCD11EE8CE3D7484AD9E6FC/74FF55AC311311EEAA4CBB2E4AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
41.223.152.0/22
Signature Algorithm: sha256WithRSAEncryption
4c:b5:4a:ab:1a:13:e9:a8:43:2d:16:4b:3b:cd:5d:6f:a7:15:
59:08:07:d0:4c:40:f8:91:48:0e:46:cf:6f:13:2f:ec:45:c1:
89:b3:c9:f1:ca:6d:47:b4:9c:40:00:c3:5b:b1:7d:5f:db:3c:
e1:8a:3b:35:89:34:a3:b9:01:96:c1:cd:3a:d0:98:ec:06:76:
bc:64:00:4d:71:a5:79:ef:d0:b4:0b:bd:92:4c:cd:80:37:14:
06:16:f3:0a:37:45:8b:fd:49:f2:f5:ce:60:03:bc:91:8c:6b:
22:a1:da:de:fe:f1:3e:01:e4:3a:dc:c5:07:46:9c:9a:da:85:
fb:0e:1c:1c:77:0f:b2:ec:3f:00:17:0c:5f:66:9e:31:82:0c:
64:c6:16:af:40:78:30:b1:f5:73:ee:ab:cd:3f:39:31:fa:65:
f4:93:49:70:af:e0:8a:93:fe:55:e7:ed:dc:20:67:71:e0:53:
07:58:12:cd:a3:cd:da:9f:bd:57:15:ad:af:89:9f:d2:eb:00:
81:07:47:e5:06:ed:97:6c:62:38:7b:92:3a:01:47:ff:e0:a3:
25:0a:ae:6e:d2:ca:b3:35:a8:e3:11:33:d2:92:7e:c7:82:a0:
0d:5d:52:c9:d6:19:34:8d:3f:bf:4b:40:96:3a:d3:9f:b1:2b:
85:19:bc:74
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBCDANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZF
MjAxREFGMTEwLwYDVQQFEygwRDMwNkY0ODA3M0RERDcyREM3MEU5REJBN0E0OUM0
RjZFRENCQzgyMB4XDTIzMDgwMjA5MDMzMFoXDTQzMDgwMTA5MDMzMFowGDEWMBQG
A1UEAxMNNjRjYTFiZTUtMzdlNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL70BbuTlVg4K87otBsFL3zS/XXijBTWAuyQI3sSbiUvijc9LTm0B9SjMnyw
3++kX3VI8/iouTqUIMd9BTy5kVC2ShKsGB0K474LZ+5SMiRbGccaiywlq2hDzPEt
DDuKZIwZq/ap8sAiOBz2wknW7q4CCJrq/h6Jc76J+c/aOXHtpfDE32+2wHAVWNhP
+C+CN2NcdIfoQ8nh/jD32ohUBenLRx9lf40U//s9cmh1nMyZ9d0iQ5iOJ5hbvxZV
4nqWFQttpkcQ1g0JrOqgAUu5LBQnOwWlUWt7JQ0at7AL4V+voT1nsCpB53coVfz2
QXLxKZk6epMyL8puw1txLN04wZkCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBT6tAgz
xt/nXNMWjfGXcCV2els89DAfBgNVHSMEGDAWgBQNMG9IBz3dctxw6dunpJxPbty8
gjAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2RTIwMUQvQkUxMTk0N0MyRkNEMTFFRThDRTNENzQ4NEFEOUU2RkMvRFRCdlNB
YzkzWExjY09uYnA2U2NUMjdjdklJLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvRFRCdlNBYzkzWExjY09uYnA2U2NUMjdjdklJLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2RTIwMUQvQkUxMTk0N0MyRkNEMTFFRThDRTNENzQ4NEFE
OUU2RkMvNzRGRjU1QUMzMTEzMTFFRUFBNENCQjJFNEFEOUU2RkMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAinfmDANBgkqhkiG9w0BAQsF
AAOCAQEATLVKqxoT6ahDLRZLO81db6cVWQgH0ExA+JFIDkbPbxMv7EXBibPJ8cpt
R7ScQADDW7F9X9s84Yo7NYk0o7kBlsHNOtCY7AZ2vGQATXGlee/QtAu9kkzNgDcU
BhbzCjdFi/1J8vXOYAO8kYxrIqHa3v7xPgHkOtzFB0acmtqF+w4cHHcPsuw/ABcM
X2aeMYIMZMYWr0B4MLH1c+6rzT85Mfpl9JNJcK/gipP+Veft3CBnceBTB1gSzaPN
2p+9VxWtr4mf0usAgQdH5Qbtl2xiOHuSOgFH/+CjJQqubtLKszWo4xEz0pJ+x4Kg
DV1SydYZNI0/v0tAljrTn7ErhRm8dA==
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:05:29 2024 by rpki-client on console-ams.rpki-client.org