Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36E4B69/DE14770E887311EE89B811434AD9E6FC/D2F9CEC4BE4B11EE8D656598775412E6.roa
File: D2F9CEC4BE4B11EE8D656598775412E6.roa (raw, json)
Hash identifier: Cxpb4VpHsS5nAkYLG5LF8Ro6WmVM8kJPPNxJ4wnGbyc=
Subject key identifier: 27:BF:C2:E5:4E:7F:06:A8:9F:81:29:B7:EE:34:AC:01:37:85:64:57
Certificate issuer: /CN=F36E4B69AF/serialNumber=CA6642EA9AFCC73AA24AA4047544B17C2603CBD2
Certificate serial: 4E
Authority key identifier: CA:66:42:EA:9A:FC:C7:3A:A2:4A:A4:04:75:44:B1:7C:26:03:CB:D2
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/ymZC6pr8xzqiSqQEdUSxfCYDy9I.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36E4B69/DE14770E887311EE89B811434AD9E6FC/D2F9CEC4BE4B11EE8D656598775412E6.roa
Signing time: Mon 29 Jan 2024 02:12:17 +0000
ROA not before: Mon 29 Jan 2024 02:12:12 +0000
ROA not after: Mon 29 Jan 2029 02:12:12 +0000
asID: 36912
IP address blocks: 41.202.192.0/19 maxlen: 19
102.244.0.0/14 maxlen: 14
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36E4B69/DE14770E887311EE89B811434AD9E6FC/ymZC6pr8xzqiSqQEdUSxfCYDy9I.crl
rsync://rpki.afrinic.net/repository/member_repository/F36E4B69/DE14770E887311EE89B811434AD9E6FC/ymZC6pr8xzqiSqQEdUSxfCYDy9I.mft
rsync://rpki.afrinic.net/repository/afrinic/ymZC6pr8xzqiSqQEdUSxfCYDy9I.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 26 Nov 2024 00:05:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 78 (0x4e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36E4B69AF/serialNumber=CA6642EA9AFCC73AA24AA4047544B17C2603CBD2
Validity
Not Before: Jan 29 02:12:12 2024 GMT
Not After : Jan 29 02:12:12 2029 GMT
Subject: CN=65b70981-ca7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:53:da:51:6f:f7:4a:ff:f4:52:3f:86:26:9d:
06:31:14:83:e1:ea:65:5c:21:4b:bc:b3:89:44:fb:
ec:2a:1a:a0:68:bc:3b:ac:a8:48:7b:e5:16:98:23:
d8:4e:32:40:44:a7:eb:21:89:7b:1f:a6:b1:3d:14:
fb:c4:68:6c:22:d8:26:98:6f:e7:ee:bd:00:82:0b:
c9:72:8c:d1:cf:24:50:63:db:fd:3d:f4:9b:3b:ce:
e5:f8:de:9d:54:8e:4e:bc:63:22:e8:a8:31:ba:b5:
c9:53:f9:bd:70:e3:64:e3:2e:41:41:a0:40:16:a2:
33:cb:47:98:df:c6:96:b8:27:40:ed:96:de:19:e6:
2d:61:19:56:c9:52:a1:d1:2f:8a:f7:26:51:98:b7:
9d:b0:06:d8:ef:58:c5:db:65:aa:6f:d7:18:55:56:
20:ec:05:d8:da:da:0a:8c:13:86:db:f2:1b:ae:e7:
a0:0a:e5:ee:c1:bf:b6:e3:a2:68:9c:45:8b:b8:39:
2e:e9:34:ce:1e:4e:6f:97:9c:55:a5:03:a6:28:5e:
54:0a:5c:21:c7:96:43:a2:5a:c1:c9:37:08:aa:72:
bf:a4:58:40:a4:73:49:96:0c:fc:a9:6d:1e:6a:aa:
c5:7f:0d:7d:87:15:7b:34:7a:f8:75:b7:44:87:f7:
dd:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:BF:C2:E5:4E:7F:06:A8:9F:81:29:B7:EE:34:AC:01:37:85:64:57
X509v3 Authority Key Identifier:
keyid:CA:66:42:EA:9A:FC:C7:3A:A2:4A:A4:04:75:44:B1:7C:26:03:CB:D2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36E4B69/DE14770E887311EE89B811434AD9E6FC/ymZC6pr8xzqiSqQEdUSxfCYDy9I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/ymZC6pr8xzqiSqQEdUSxfCYDy9I.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36E4B69/DE14770E887311EE89B811434AD9E6FC/D2F9CEC4BE4B11EE8D656598775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
41.202.192.0/19
102.244.0.0/14
Signature Algorithm: sha256WithRSAEncryption
69:d0:0d:f5:09:0b:b6:69:17:3b:0d:d5:cb:c3:54:4b:1b:91:
c3:eb:20:0a:be:17:cb:1a:f1:d8:c4:70:1a:4b:c5:a9:df:4f:
bf:30:cd:e1:1c:4c:ea:18:f9:af:3b:04:fe:0f:9f:1b:f2:51:
1d:6a:3b:93:a5:7c:cd:ec:e4:ee:ed:03:3d:65:ba:42:5f:42:
80:22:f3:f2:55:fb:fd:1a:97:9a:0f:6a:50:1e:d5:62:95:22:
e9:6d:5b:26:be:17:24:ac:6e:f2:5c:7d:0f:b9:f2:32:02:21:
bc:0b:f6:31:cb:a6:c9:58:e9:ac:b5:5b:02:17:dc:14:fc:4a:
ee:09:67:b2:e0:bb:3a:c5:ad:b2:e8:03:35:09:ef:c2:0d:4d:
61:76:72:c0:6c:6d:92:bf:46:8c:f8:8f:0a:b9:80:5f:ce:e9:
30:4c:9d:07:af:4a:c6:bd:84:ad:b6:8b:49:82:e1:a2:b4:20:
54:86:e3:70:3a:fa:c7:1e:79:f6:90:7e:cf:b2:1f:ff:10:5f:
21:8e:ba:e1:b0:6f:42:7a:29:4a:16:75:0b:0f:55:24:bc:9e:
22:c0:07:60:d3:34:9b:cd:aa:da:b2:77:65:7b:b2:31:e2:0f:
8c:f4:c9:41:2d:9a:77:77:90:b8:89:88:15:f4:99:c9:2c:07:
9f:aa:a0:4b
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgIBTjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZF
NEI2OUFGMTEwLwYDVQQFEyhDQTY2NDJFQTlBRkNDNzNBQTI0QUE0MDQ3NTQ0QjE3
QzI2MDNDQkQyMB4XDTI0MDEyOTAyMTIxMloXDTI5MDEyOTAyMTIxMlowGDEWMBQG
A1UEAxMNNjViNzA5ODEtY2E3ZjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMNT2lFv90r/9FI/hiadBjEUg+HqZVwhS7yziUT77CoaoGi8O6yoSHvlFpgj
2E4yQESn6yGJex+msT0U+8RobCLYJphv5+69AIILyXKM0c8kUGPb/T30mzvO5fje
nVSOTrxjIuioMbq1yVP5vXDjZOMuQUGgQBaiM8tHmN/GlrgnQO2W3hnmLWEZVslS
odEvivcmUZi3nbAG2O9Yxdtlqm/XGFVWIOwF2NraCowThtvyG67noArl7sG/tuOi
aJxFi7g5Luk0zh5Ob5ecVaUDpiheVApcIceWQ6Jawck3CKpyv6RYQKRzSZYM/Klt
HmqqxX8NfYcVezR6+HW3RIf33e0CAwEAAaOCAqowggKmMB0GA1UdDgQWBBQnv8Ll
Tn8GqJ+BKbfuNKwBN4VkVzAfBgNVHSMEGDAWgBTKZkLqmvzHOqJKpAR1RLF8JgPL
0jAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2RTRCNjkvREUxNDc3MEU4ODczMTFFRTg5QjgxMTQzNEFEOUU2RkMveW1aQzZw
cjh4enFpU3FRRWRVU3hmQ1lEeTlJLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMveW1aQzZwcjh4enFpU3FRRWRVU3hmQ1lEeTlJLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2RTRCNjkvREUxNDc3MEU4ODczMTFFRTg5QjgxMTQzNEFE
OUU2RkMvRDJGOUNFQzRCRTRCMTFFRThENjU2NTk4Nzc1NDEyRTYucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAkBggrBgEFBQcBBwEB/wQVMBMwEQQCAAEwCwMEBSnKwAMDAmb0MA0GCSqGSIb3
DQEBCwUAA4IBAQBp0A31CQu2aRc7DdXLw1RLG5HD6yAKvhfLGvHYxHAaS8Wp30+/
MM3hHEzqGPmvOwT+D58b8lEdajuTpXzN7OTu7QM9ZbpCX0KAIvPyVfv9GpeaD2pQ
HtVilSLpbVsmvhckrG7yXH0PufIyAiG8C/Yxy6bJWOmstVsCF9wU/EruCWey4Ls6
xa2y6AM1Ce/CDU1hdnLAbG2Sv0aM+I8KuYBfzukwTJ0Hr0rGvYSttotJguGitCBU
huNwOvrHHnn2kH7Psh//EF8hjrrhsG9CeilKFnULD1UkvJ4iwAdg0zSbzarasndl
e7Ix4g+M9MlBLZp3d5C4iYgV9JnJLAefqqBL
-----END CERTIFICATE-----
Generated at Sun Nov 24 03:19:44 2024 by rpki-client on console-ams.rpki-client.org