Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36E6854/385FBE92230D11EFA27C81277DDC24C2/41B9BD06230F11EF89072D357DDC24C2.roa
File: 41B9BD06230F11EF89072D357DDC24C2.roa (raw, json)
Hash identifier: Vju6CP63vk7sWntfujwYKbfkTEsNT3KYrBm9nMWtFv8=
Subject key identifier: 89:81:77:C0:D4:85:20:F2:74:CA:62:0F:35:BA:68:04:68:13:E3:A1
Certificate issuer: /CN=F36E6854AF/serialNumber=7B9AB89C2DFA6E3A3EC875EE57FE2C0D9A7141C0
Certificate serial: 02
Authority key identifier: 7B:9A:B8:9C:2D:FA:6E:3A:3E:C8:75:EE:57:FE:2C:0D:9A:71:41:C0
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/e5q4nC36bjo-yHXuV_4sDZpxQcA.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36E6854/385FBE92230D11EFA27C81277DDC24C2/41B9BD06230F11EF89072D357DDC24C2.roa
Signing time: Wed 05 Jun 2024 07:43:11 +0000
ROA not before: Wed 05 Jun 2024 07:43:07 +0000
ROA not after: Mon 05 Jun 2034 07:43:07 +0000
asID: 36946
IP address blocks: 196.49.0.0/24 maxlen: 24
2001:43f8:940::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36E6854/385FBE92230D11EFA27C81277DDC24C2/e5q4nC36bjo-yHXuV_4sDZpxQcA.crl
rsync://rpki.afrinic.net/repository/member_repository/F36E6854/385FBE92230D11EFA27C81277DDC24C2/e5q4nC36bjo-yHXuV_4sDZpxQcA.mft
rsync://rpki.afrinic.net/repository/afrinic/e5q4nC36bjo-yHXuV_4sDZpxQcA.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 26 Oct 2024 00:05:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36E6854AF/serialNumber=7B9AB89C2DFA6E3A3EC875EE57FE2C0D9A7141C0
Validity
Not Before: Jun 5 07:43:07 2024 GMT
Not After : Jun 5 07:43:07 2034 GMT
Subject: CN=6660170f-a655
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:a2:3c:2d:63:8c:4a:ad:cc:a2:92:98:40:92:
9e:06:db:7e:f2:08:d5:18:61:da:3b:01:b7:fc:29:
af:de:07:ae:11:35:ee:cd:b9:86:04:a5:1f:f3:69:
3c:2f:63:c7:f0:8c:76:df:4a:16:f1:6e:66:05:f8:
69:96:01:88:8c:b5:ae:c0:ad:33:cc:f1:67:d9:cd:
3f:dd:2d:59:3a:8a:58:38:5a:5b:c2:da:cb:44:d7:
10:4d:03:da:32:22:cb:6c:1c:ee:99:8f:97:66:67:
d4:82:ce:ff:d0:77:3d:da:d1:3b:18:67:e3:06:b9:
9b:11:2b:79:dc:2f:24:1b:28:ab:62:6b:9f:a0:30:
3f:25:5d:ad:19:5a:43:b0:23:a6:6e:b1:fd:75:20:
88:99:41:e7:45:30:91:a9:83:25:b6:a4:66:ca:85:
e3:5f:29:0d:ab:7b:7d:80:69:e8:77:77:3c:1f:b3:
89:c3:38:33:4b:ae:76:1d:c2:1f:34:dc:23:5e:3b:
a6:b2:8e:76:71:bc:e4:1b:71:6e:ab:21:1e:35:46:
21:34:f6:ec:99:b8:02:06:9c:3f:2f:38:da:6e:91:
f1:13:67:72:90:9b:7f:59:d8:a0:bb:2c:e7:71:3a:
f9:f0:2f:46:87:b7:0d:e5:54:71:d2:45:56:71:2f:
85:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:81:77:C0:D4:85:20:F2:74:CA:62:0F:35:BA:68:04:68:13:E3:A1
X509v3 Authority Key Identifier:
keyid:7B:9A:B8:9C:2D:FA:6E:3A:3E:C8:75:EE:57:FE:2C:0D:9A:71:41:C0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36E6854/385FBE92230D11EFA27C81277DDC24C2/e5q4nC36bjo-yHXuV_4sDZpxQcA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/e5q4nC36bjo-yHXuV_4sDZpxQcA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36E6854/385FBE92230D11EFA27C81277DDC24C2/41B9BD06230F11EF89072D357DDC24C2.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
196.49.0.0/24
IPv6:
2001:43f8:940::/48
Signature Algorithm: sha256WithRSAEncryption
ae:34:62:c9:a0:eb:1d:a9:80:81:ed:fc:ab:1a:03:ae:f0:a6:
65:8e:fe:d3:b4:77:96:49:ad:9d:1e:c4:70:b2:c4:a3:54:b0:
1f:bf:e8:49:3e:1f:59:9d:c4:85:d5:6d:d2:7b:51:b7:a7:45:
84:42:c0:3c:9e:e7:3b:06:ce:31:f4:35:80:a5:b1:b6:a0:64:
3c:33:80:2b:61:3f:8d:78:17:6a:11:32:d6:4f:da:e0:9f:f9:
c9:40:58:20:38:47:ed:fc:c8:30:43:14:25:b0:8c:ba:c3:8d:
b2:a4:8e:40:70:1b:86:25:f7:3d:75:a7:76:01:01:fa:e2:1d:
ac:1c:cf:24:23:be:12:a6:b0:d5:5a:a1:41:ed:f2:6c:fd:62:
34:f0:ab:30:08:d0:f3:aa:ba:ed:5a:4a:13:cc:75:ee:82:06:
ba:6c:a4:ce:58:e8:b6:fe:ed:d8:4e:22:f0:4f:ea:16:fa:5a:
48:76:4e:bd:2c:40:22:fe:da:7a:2c:a7:2f:8c:5b:bc:61:eb:
0e:a1:cc:fe:94:ef:29:50:95:75:26:3e:04:e6:ca:63:51:39:
4e:58:40:fa:40:90:66:d6:a8:98:03:71:ab:ff:73:b2:fe:c9:
94:07:17:f5:42:99:5a:1a:eb:ed:fd:49:04:3c:73:2f:5e:d1:
f9:e0:62:65
-----BEGIN CERTIFICATE-----
MIIFkzCCBHugAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZF
Njg1NEFGMTEwLwYDVQQFEyg3QjlBQjg5QzJERkE2RTNBM0VDODc1RUU1N0ZFMkMw
RDlBNzE0MUMwMB4XDTI0MDYwNTA3NDMwN1oXDTM0MDYwNTA3NDMwN1owGDEWMBQG
A1UEAxMNNjY2MDE3MGYtYTY1NTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANeiPC1jjEqtzKKSmECSngbbfvII1Rhh2jsBt/wpr94HrhE17s25hgSlH/Np
PC9jx/CMdt9KFvFuZgX4aZYBiIy1rsCtM8zxZ9nNP90tWTqKWDhaW8Lay0TXEE0D
2jIiy2wc7pmPl2Zn1ILO/9B3PdrROxhn4wa5mxEredwvJBsoq2Jrn6AwPyVdrRla
Q7Ajpm6x/XUgiJlB50UwkamDJbakZsqF418pDat7fYBp6Hd3PB+zicM4M0uudh3C
HzTcI147prKOdnG85BtxbqshHjVGITT27Jm4AgacPy842m6R8RNncpCbf1nYoLss
53E6+fAvRoe3DeVUcdJFVnEvhT8CAwEAAaOCArYwggKyMB0GA1UdDgQWBBSJgXfA
1IUg8nTKYg81umgEaBPjoTAfBgNVHSMEGDAWgBR7mricLfpuOj7Ide5X/iwNmnFB
wDAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2RTY4NTQvMzg1RkJFOTIyMzBEMTFFRkEyN0M4MTI3N0REQzI0QzIvZTVxNG5D
MzZiam8teUhYdVZfNHNEWnB4UWNBLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvZTVxNG5DMzZiam8teUhYdVZfNHNEWnB4UWNBLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2RTY4NTQvMzg1RkJFOTIyMzBEMTFFRkEyN0M4MTI3N0RE
QzI0QzIvNDFCOUJEMDYyMzBGMTFFRjg5MDcyRDM1N0REQzI0QzIucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAwBggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEAMQxADAPBAIAAjAJAwcAIAFD
+AlAMA0GCSqGSIb3DQEBCwUAA4IBAQCuNGLJoOsdqYCB7fyrGgOu8KZljv7TtHeW
Sa2dHsRwssSjVLAfv+hJPh9ZncSF1W3Se1G3p0WEQsA8nuc7Bs4x9DWApbG2oGQ8
M4ArYT+NeBdqETLWT9rgn/nJQFggOEft/MgwQxQlsIy6w42ypI5AcBuGJfc9dad2
AQH64h2sHM8kI74SprDVWqFB7fJs/WI08KswCNDzqrrtWkoTzHXugga6bKTOWOi2
/u3YTiLwT+oW+lpIdk69LEAi/tp6LKcvjFu8YesOocz+lO8pUJV1Jj4E5spjUTlO
WED6QJBm1qiYA3Gr/3Oy/smUBxf1QplaGuvt/UkEPHMvXtH54GJl
-----END CERTIFICATE-----
Generated at Thu Oct 24 06:47:51 2024 by rpki-client on console-fra.rpki-client.org