Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36E2B8C/C8F9DF1E0B6211EE862D868A4AD9E6FC/FF66D1C20B6411EE8C76AC124AD9E6FC.roa
File: FF66D1C20B6411EE8C76AC124AD9E6FC.roa (raw, json)
Hash identifier: 6DBG7LFqSrn21+mhdoXIzWABS/IanksxkGhjCLp33DQ=
Subject key identifier: D4:72:04:86:CD:A4:10:9D:68:9F:0C:47:86:10:C7:AA:C0:E5:38:18
Certificate issuer: /CN=F36E2B8CAF/serialNumber=872130E69B3FB8035B1B25D3F6FB974A2A078ECC
Certificate serial: 02
Authority key identifier: 87:21:30:E6:9B:3F:B8:03:5B:1B:25:D3:F6:FB:97:4A:2A:07:8E:CC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/hyEw5ps_uANbGyXT9vuXSioHjsw.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36E2B8C/C8F9DF1E0B6211EE862D868A4AD9E6FC/FF66D1C20B6411EE8C76AC124AD9E6FC.roa
Signing time: Thu 15 Jun 2023 10:11:30 +0000
ROA not before: Thu 15 Jun 2023 10:11:26 +0000
ROA not after: Sat 15 Jun 2024 10:11:26 +0000
asID: 37684
IP address blocks: 41.242.0.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36E2B8C/C8F9DF1E0B6211EE862D868A4AD9E6FC/hyEw5ps_uANbGyXT9vuXSioHjsw.crl
rsync://rpki.afrinic.net/repository/member_repository/F36E2B8C/C8F9DF1E0B6211EE862D868A4AD9E6FC/hyEw5ps_uANbGyXT9vuXSioHjsw.mft
rsync://rpki.afrinic.net/repository/afrinic/hyEw5ps_uANbGyXT9vuXSioHjsw.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 03 Jun 2024 00:05:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36E2B8CAF/serialNumber=872130E69B3FB8035B1B25D3F6FB974A2A078ECC
Validity
Not Before: Jun 15 10:11:26 2023 GMT
Not After : Jun 15 10:11:26 2024 GMT
Subject: CN=648ae3d2-d96c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:dc:98:83:85:0f:ac:13:92:77:23:42:c8:55:
1b:0f:42:8d:8b:49:22:39:93:c5:a4:24:24:2d:14:
fc:79:c4:36:4c:c3:b8:7e:2e:8d:05:b6:c9:dc:02:
fb:d4:a8:25:70:35:6d:fb:f1:6c:7f:81:92:d4:3d:
21:a6:b5:90:20:22:5b:84:b7:53:d8:08:37:3b:a6:
b3:30:3c:25:60:74:2c:97:70:80:ed:0c:d0:c3:1c:
12:ac:c2:b2:53:80:51:fc:7e:d1:b6:cb:db:3e:cd:
bc:f7:09:20:1c:ce:f5:ab:d2:8d:f7:ed:b9:9d:0e:
15:fa:a0:92:a4:3b:e9:c1:3e:ca:22:14:e6:af:53:
82:ea:18:cd:3f:81:8f:6b:6f:d0:58:bf:ef:c8:7c:
b2:8c:63:31:56:2d:0e:1e:a1:d9:47:57:e3:c2:d1:
8e:30:ad:28:d8:68:79:17:d7:b9:87:96:31:d7:30:
4c:93:83:0c:ce:7d:e9:ff:35:a7:04:bc:e1:6c:7c:
0c:a3:3f:42:8e:15:b9:15:fc:5a:d6:cc:3d:60:58:
a0:be:87:de:b0:77:75:cf:46:8f:5a:cf:fd:ec:0f:
5e:28:0c:ec:d4:52:16:36:4e:b8:24:6e:6a:75:e9:
56:06:33:a2:c5:58:f9:6e:bb:60:1c:e4:ed:83:cd:
5d:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:72:04:86:CD:A4:10:9D:68:9F:0C:47:86:10:C7:AA:C0:E5:38:18
X509v3 Authority Key Identifier:
keyid:87:21:30:E6:9B:3F:B8:03:5B:1B:25:D3:F6:FB:97:4A:2A:07:8E:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36E2B8C/C8F9DF1E0B6211EE862D868A4AD9E6FC/hyEw5ps_uANbGyXT9vuXSioHjsw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/hyEw5ps_uANbGyXT9vuXSioHjsw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36E2B8C/C8F9DF1E0B6211EE862D868A4AD9E6FC/FF66D1C20B6411EE8C76AC124AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
41.242.0.0/22
Signature Algorithm: sha256WithRSAEncryption
28:b2:80:9f:d5:4c:8e:06:b9:df:b7:be:e7:fe:49:b5:88:d5:
7c:4a:e3:9e:a5:6c:7c:f8:8c:f1:0f:39:21:54:04:c4:6c:09:
88:fd:b3:7e:5e:5d:04:c8:75:ca:4b:eb:6d:0e:d1:18:d7:3d:
34:7a:c1:6b:53:56:5e:e5:66:9a:9f:4b:79:b6:d9:f4:35:37:
d4:b8:9a:94:c7:13:bb:86:e5:a4:d8:5b:55:26:ab:f8:45:2f:
00:0d:00:3f:a8:17:23:41:39:ea:03:af:7f:6f:32:d9:8a:d4:
d6:a3:e9:69:e3:5c:bf:ba:e3:d2:aa:ce:ec:57:05:de:ce:b3:
91:bc:7b:c1:88:e3:8c:b5:3f:4d:27:60:68:93:fa:9f:e6:1c:
bf:68:e1:b9:8e:97:6f:29:cd:88:51:71:d7:3b:56:91:e6:e9:
f7:54:d3:8e:96:69:65:e4:da:e2:85:56:b0:90:76:46:71:fb:
77:5e:8b:9d:a7:de:91:5c:83:f8:f4:4f:32:9b:d0:e0:14:53:
48:8e:e8:6a:a8:1a:ae:c3:4a:98:48:2a:d9:c6:11:78:51:c3:
3a:27:b7:3d:b9:66:7a:fb:7c:be:e2:42:32:7c:b4:51:c2:fc:
86:38:51:44:2e:56:fd:99:06:2d:54:94:2b:ae:b9:db:52:40:
11:09:20:d0
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZF
MkI4Q0FGMTEwLwYDVQQFEyg4NzIxMzBFNjlCM0ZCODAzNUIxQjI1RDNGNkZCOTc0
QTJBMDc4RUNDMB4XDTIzMDYxNTEwMTEyNloXDTI0MDYxNTEwMTEyNlowGDEWMBQG
A1UEAxMNNjQ4YWUzZDItZDk2YzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALfcmIOFD6wTkncjQshVGw9CjYtJIjmTxaQkJC0U/HnENkzDuH4ujQW2ydwC
+9SoJXA1bfvxbH+BktQ9Iaa1kCAiW4S3U9gINzumszA8JWB0LJdwgO0M0MMcEqzC
slOAUfx+0bbL2z7NvPcJIBzO9avSjfftuZ0OFfqgkqQ76cE+yiIU5q9TguoYzT+B
j2tv0Fi/78h8soxjMVYtDh6h2UdX48LRjjCtKNhoeRfXuYeWMdcwTJODDM596f81
pwS84Wx8DKM/Qo4VuRX8WtbMPWBYoL6H3rB3dc9Gj1rP/ewPXigM7NRSFjZOuCRu
anXpVgYzosVY+W67YBzk7YPNXZkCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBTUcgSG
zaQQnWifDEeGEMeqwOU4GDAfBgNVHSMEGDAWgBSHITDmmz+4A1sbJdP2+5dKKgeO
zDAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2RTJCOEMvQzhGOURGMUUwQjYyMTFFRTg2MkQ4NjhBNEFEOUU2RkMvaHlFdzVw
c191QU5iR3lYVDl2dVhTaW9IanN3LmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvaHlFdzVwc191QU5iR3lYVDl2dVhTaW9IanN3LmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2RTJCOEMvQzhGOURGMUUwQjYyMTFFRTg2MkQ4NjhBNEFE
OUU2RkMvRkY2NkQxQzIwQjY0MTFFRThDNzZBQzEyNEFEOUU2RkMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAinyADANBgkqhkiG9w0BAQsF
AAOCAQEAKLKAn9VMjga537e+5/5JtYjVfErjnqVsfPiM8Q85IVQExGwJiP2zfl5d
BMh1ykvrbQ7RGNc9NHrBa1NWXuVmmp9LebbZ9DU31LialMcTu4blpNhbVSar+EUv
AA0AP6gXI0E56gOvf28y2YrU1qPpaeNcv7rj0qrO7FcF3s6zkbx7wYjjjLU/TSdg
aJP6n+Ycv2jhuY6XbynNiFFx1ztWkebp91TTjpZpZeTa4oVWsJB2RnH7d16Lnafe
kVyD+PRPMpvQ4BRTSI7oaqgarsNKmEgq2cYReFHDOie3Pblmevt8vuJCMny0UcL8
hjhRRC5W/ZkGLVSUK66521JAEQkg0A==
-----END CERTIFICATE-----
Generated at Sat Jun 1 02:55:13 2024 by rpki-client on console-fra.rpki-client.org