Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36F854A/202ED20208F411ED927C0D98F1222468/4E341B66638F11EEAE8F3A334AD9E6FC.roa
File: 4E341B66638F11EEAE8F3A334AD9E6FC.roa (raw, json)
Hash identifier: u8+tUOrRrY4s158s9cBRWpl8atAcZbRDPn+y7aqq15Q=
Subject key identifier: 40:91:07:3E:53:CA:C5:3D:80:05:40:3A:FD:83:D8:FB:E8:7D:C0:F0
Certificate issuer: /CN=F36F854AAF/serialNumber=36892679B2E0C85F556D947DF2191619BA2ABFE6
Certificate serial: 01EB
Authority key identifier: 36:89:26:79:B2:E0:C8:5F:55:6D:94:7D:F2:19:16:19:BA:2A:BF:E6
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/NokmebLgyF9VbZR98hkWGboqv-Y.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36F854A/202ED20208F411ED927C0D98F1222468/4E341B66638F11EEAE8F3A334AD9E6FC.roa
Signing time: Thu 05 Oct 2023 14:56:04 +0000
ROA not before: Thu 05 Oct 2023 14:56:00 +0000
ROA not after: Mon 05 Oct 2026 14:56:00 +0000
asID: 37028
IP address blocks: 41.183.0.0/16 maxlen: 24
196.10.112.0/22 maxlen: 24
196.10.116.0/23 maxlen: 24
196.11.125.0/24 maxlen: 24
196.11.126.0/23 maxlen: 24
196.11.128.0/22 maxlen: 24
196.11.132.0/23 maxlen: 24
196.11.134.0/24 maxlen: 24
2c0f:fdf8::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36F854A/202ED20208F411ED927C0D98F1222468/NokmebLgyF9VbZR98hkWGboqv-Y.crl
rsync://rpki.afrinic.net/repository/member_repository/F36F854A/202ED20208F411ED927C0D98F1222468/NokmebLgyF9VbZR98hkWGboqv-Y.mft
rsync://rpki.afrinic.net/repository/afrinic/NokmebLgyF9VbZR98hkWGboqv-Y.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 491 (0x1eb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36F854AAF/serialNumber=36892679B2E0C85F556D947DF2191619BA2ABFE6
Validity
Not Before: Oct 5 14:56:00 2023 GMT
Not After : Oct 5 14:56:00 2026 GMT
Subject: CN=651ece84-fe23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:b2:f8:11:60:58:23:5c:41:2e:e2:92:6f:5e:
c6:43:e2:07:aa:05:b0:23:fa:30:7a:7b:ad:54:d8:
f6:8a:40:2f:87:f3:f9:c2:26:f2:1c:a2:4d:f9:1a:
ea:94:9e:f8:5b:5a:bc:3f:7d:a3:36:ad:b9:c0:68:
61:5e:89:6b:06:a3:f1:0a:b5:2c:14:0d:27:78:a1:
d1:a7:d9:6a:c1:b3:6b:0f:f5:f5:30:5f:a0:03:b8:
92:17:82:f9:37:cd:e9:c6:21:b1:72:66:53:91:5c:
fd:df:0d:b7:37:5c:ed:93:0d:9a:1b:02:09:70:c2:
26:b8:78:10:a1:6d:54:97:fd:a3:de:4c:c5:1d:45:
a7:3b:80:61:7a:63:92:ab:d0:ed:72:50:b0:08:f6:
84:4d:1d:c9:57:c9:86:26:06:ef:ae:ab:49:89:97:
09:1d:9d:2b:90:81:53:53:58:8e:a1:77:0c:f7:5d:
0c:5d:2e:0e:56:2b:49:2b:bf:47:d4:68:36:c0:29:
2b:40:1d:bb:9d:62:ca:b9:7b:75:e2:54:fe:1c:8f:
75:a1:7a:53:c8:18:54:4f:b4:41:b7:fe:29:f9:7a:
64:d4:73:78:ca:12:53:08:1f:18:cd:5b:bc:a4:4a:
bc:d3:5e:cf:88:36:6f:81:93:91:6e:6a:8a:64:89:
5b:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:91:07:3E:53:CA:C5:3D:80:05:40:3A:FD:83:D8:FB:E8:7D:C0:F0
X509v3 Authority Key Identifier:
keyid:36:89:26:79:B2:E0:C8:5F:55:6D:94:7D:F2:19:16:19:BA:2A:BF:E6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36F854A/202ED20208F411ED927C0D98F1222468/NokmebLgyF9VbZR98hkWGboqv-Y.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/NokmebLgyF9VbZR98hkWGboqv-Y.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36F854A/202ED20208F411ED927C0D98F1222468/4E341B66638F11EEAE8F3A334AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
41.183.0.0/16
196.10.112.0-196.10.117.255
196.11.125.0-196.11.134.255
IPv6:
2c0f:fdf8::/32
Signature Algorithm: sha256WithRSAEncryption
7f:6a:a1:5d:ed:c6:30:31:0f:0d:6e:35:26:4e:e0:d0:93:ad:
26:58:50:3e:56:7b:96:54:ff:02:d4:96:8d:cc:8c:58:3f:c7:
da:81:b2:ef:5a:37:42:fd:ad:9b:97:47:ec:eb:c8:dd:0e:c1:
8a:e6:f9:92:7c:57:b2:00:8a:41:86:06:8d:94:a8:2f:5d:ce:
0d:88:13:e2:fc:b2:7a:06:40:1a:83:24:81:4b:82:ef:28:60:
38:6c:cc:52:9d:3b:04:20:1c:57:53:7d:f3:99:f6:f8:49:68:
b4:a3:38:7a:18:bd:ce:0f:a7:22:fa:d3:a4:ef:89:36:b7:88:
48:56:6b:ce:5a:52:85:b5:b1:cc:39:3f:74:71:65:94:68:b3:
4b:fc:6c:3d:36:10:3c:aa:5c:fd:a3:91:a1:14:10:40:f7:81:
e7:dc:5b:dd:e9:5d:6a:2f:ed:26:47:99:89:99:f0:08:08:c5:
d9:49:63:d9:3f:92:5b:4e:56:db:c3:2a:56:d1:b3:ac:e5:89:
80:18:fb:c4:3a:cd:5c:7f:4e:d4:c3:ec:0c:0d:2e:39:13:47:
17:42:26:05:48:81:1d:72:b7:fd:c3:2c:05:a5:b2:ec:de:bf:
d6:f6:ad:d8:17:60:8d:fc:f3:aa:57:c9:10:68:86:1d:25:58:
7b:4a:6e:fb
-----BEGIN CERTIFICATE-----
MIIFrTCCBJWgAwIBAgICAeswDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
Rjg1NEFBRjExMC8GA1UEBRMoMzY4OTI2NzlCMkUwQzg1RjU1NkQ5NDdERjIxOTE2
MTlCQTJBQkZFNjAeFw0yMzEwMDUxNDU2MDBaFw0yNjEwMDUxNDU2MDBaMBgxFjAU
BgNVBAMTDTY1MWVjZTg0LWZlMjMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDXsvgRYFgjXEEu4pJvXsZD4geqBbAj+jB6e61U2PaKQC+H8/nCJvIcok35
GuqUnvhbWrw/faM2rbnAaGFeiWsGo/EKtSwUDSd4odGn2WrBs2sP9fUwX6ADuJIX
gvk3zenGIbFyZlORXP3fDbc3XO2TDZobAglwwia4eBChbVSX/aPeTMUdRac7gGF6
Y5Kr0O1yULAI9oRNHclXyYYmBu+uq0mJlwkdnSuQgVNTWI6hdwz3XQxdLg5WK0kr
v0fUaDbAKStAHbudYsq5e3XiVP4cj3WhelPIGFRPtEG3/in5emTUc3jKElMIHxjN
W7ykSrzTXs+INm+Bk5FuaopkiVsnAgMBAAGjggLPMIICyzAdBgNVHQ4EFgQUQJEH
PlPKxT2ABUA6/YPY++h9wPAwHwYDVR0jBBgwFoAUNokmebLgyF9VbZR98hkWGboq
v+YwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkY4NTRBLzIwMkVEMjAyMDhGNDExRUQ5MjdDMEQ5OEYxMjIyNDY4L05va21l
YkxneUY5VmJaUjk4aGtXR2JvcXYtWS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL05va21lYkxneUY5VmJaUjk4aGtXR2JvcXYtWS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkY4NTRBLzIwMkVEMjAyMDhGNDExRUQ5MjdDMEQ5OEYx
MjIyNDY4LzRFMzQxQjY2NjM4RjExRUVBRThGM0EzMzRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwSQYIKwYBBQUHAQcBAf8EOjA4MCcEAgABMCEDAwAptzAMAwQExApwAwQBxAp0
MAwDBADEC30DBADEC4YwDQQCAAIwBwMFACwP/fgwDQYJKoZIhvcNAQELBQADggEB
AH9qoV3txjAxDw1uNSZO4NCTrSZYUD5We5ZU/wLUlo3MjFg/x9qBsu9aN0L9rZuX
R+zryN0OwYrm+ZJ8V7IAikGGBo2UqC9dzg2IE+L8snoGQBqDJIFLgu8oYDhszFKd
OwQgHFdTffOZ9vhJaLSjOHoYvc4PpyL606TviTa3iEhWa85aUoW1scw5P3RxZZRo
s0v8bD02EDyqXP2jkaEUEED3gefcW93pXWov7SZHmYmZ8AgIxdlJY9k/kltOVtvD
KlbRs6zliYAY+8Q6zVx/TtTD7AwNLjkTRxdCJgVIgR1yt/3DLAWlsuzev9b2rdgX
YI3886pXyRBohh0lWHtKbvs=
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:05:32 2024 by rpki-client on console-ams.rpki-client.org