Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36F8B97/E559EB4C370411EC9F5EF526D8A014CE/BAA0E2DEA1B411EFA1EE2F5D762E951A.roa
File: BAA0E2DEA1B411EFA1EE2F5D762E951A.roa (raw, json)
Hash identifier: K1xKU9htAsSiqeoEzSyp58rJTSDbVeGSEYylDFoKes4=
Subject key identifier: B0:B8:D1:F5:AF:C7:37:2D:36:8E:65:BB:87:62:52:6C:75:C4:50:0D
Certificate issuer: /CN=F36F8B97AF/serialNumber=429F70A01A2B5922FEEB4BF0C83D73C5F574F25D
Certificate serial: 0477
Authority key identifier: 42:9F:70:A0:1A:2B:59:22:FE:EB:4B:F0:C8:3D:73:C5:F5:74:F2:5D
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/Qp9woBorWSL-60vwyD1zxfV08l0.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36F8B97/E559EB4C370411EC9F5EF526D8A014CE/BAA0E2DEA1B411EFA1EE2F5D762E951A.roa
Signing time: Wed 13 Nov 2024 11:45:07 +0000
ROA not before: Wed 13 Nov 2024 11:45:03 +0000
ROA not after: Thu 30 Nov 2034 11:45:03 +0000
asID: 37235
IP address blocks: 41.74.192.0/22 maxlen: 24
41.74.200.0/23 maxlen: 24
41.74.202.0/24 maxlen: 24
2c0f:f1e0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36F8B97/E559EB4C370411EC9F5EF526D8A014CE/Qp9woBorWSL-60vwyD1zxfV08l0.crl
rsync://rpki.afrinic.net/repository/member_repository/F36F8B97/E559EB4C370411EC9F5EF526D8A014CE/Qp9woBorWSL-60vwyD1zxfV08l0.mft
rsync://rpki.afrinic.net/repository/afrinic/Qp9woBorWSL-60vwyD1zxfV08l0.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1143 (0x477)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36F8B97AF/serialNumber=429F70A01A2B5922FEEB4BF0C83D73C5F574F25D
Validity
Not Before: Nov 13 11:45:03 2024 GMT
Not After : Nov 30 11:45:03 2034 GMT
Subject: CN=67349143-d03f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:11:bf:6b:15:16:1d:d3:ef:db:4e:ef:06:c3:
1d:fc:36:40:da:b4:89:c6:bd:6c:cb:74:bf:4b:b1:
1d:b5:58:c8:1d:af:33:53:30:96:85:dd:c5:41:95:
4e:94:5f:d8:ea:62:7b:ca:54:92:81:e6:03:dc:36:
2e:16:73:53:b7:71:68:32:95:25:32:d5:33:c9:32:
ee:48:63:9a:2c:8a:9f:22:a8:7b:5e:ff:49:a6:52:
39:34:f6:ec:a2:d1:2b:c8:e6:5b:4e:bc:4a:24:75:
00:56:d6:b0:df:26:de:70:a6:22:27:cf:ce:2a:7d:
32:f6:ad:e8:8f:20:d9:70:3f:62:c1:87:fd:ae:15:
51:8f:22:33:1d:74:bd:9a:dc:73:50:43:62:89:88:
75:80:1e:4e:bb:da:dc:07:a2:bc:67:43:44:f9:bd:
e2:2b:b3:ba:26:ba:ba:78:4c:e7:2e:f6:08:16:a8:
d7:cf:4f:13:ae:0f:c7:5f:85:6e:e8:d6:40:79:93:
7e:a5:d9:4d:06:da:a9:4d:36:a0:c1:8b:73:63:be:
7b:19:61:4a:18:db:aa:e6:b0:54:3c:53:d8:1d:76:
df:36:4d:2b:50:14:57:36:48:c5:f3:ba:2b:29:60:
45:7b:0e:f9:52:ef:31:d5:c5:8e:84:4c:a1:37:3a:
d3:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:B8:D1:F5:AF:C7:37:2D:36:8E:65:BB:87:62:52:6C:75:C4:50:0D
X509v3 Authority Key Identifier:
keyid:42:9F:70:A0:1A:2B:59:22:FE:EB:4B:F0:C8:3D:73:C5:F5:74:F2:5D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36F8B97/E559EB4C370411EC9F5EF526D8A014CE/Qp9woBorWSL-60vwyD1zxfV08l0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/Qp9woBorWSL-60vwyD1zxfV08l0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36F8B97/E559EB4C370411EC9F5EF526D8A014CE/BAA0E2DEA1B411EFA1EE2F5D762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
41.74.192.0/22
41.74.200.0-41.74.202.255
IPv6:
2c0f:f1e0::/32
Signature Algorithm: sha256WithRSAEncryption
6a:33:6e:94:a8:cf:98:cc:5c:42:fa:a0:5b:b4:4e:f4:61:6a:
4f:a6:9f:fc:b0:44:64:6e:be:b5:b8:d9:d6:2b:cc:37:33:8b:
92:96:6a:65:b8:d5:c7:c5:db:86:df:ac:ee:bd:8a:6e:26:ed:
38:df:3f:ab:1c:dd:e8:e8:0c:8e:b9:29:a1:15:56:81:bb:ec:
c4:f2:58:70:59:63:59:8d:37:51:b3:ac:08:e4:ea:57:09:8f:
77:c2:cb:f6:a9:18:2f:0e:10:e0:16:19:20:c7:4d:f9:5d:bb:
f7:21:cc:7c:af:02:ad:48:b6:60:d6:6a:7c:8e:03:b5:10:ea:
4d:dc:57:e5:19:83:4a:77:e4:f1:b2:bf:09:40:9f:9e:be:8a:
66:fb:24:e4:01:27:dd:fe:2e:ee:61:d2:ee:ab:e9:30:ad:6a:
9e:56:fb:c4:19:1e:68:05:7e:a4:5f:0d:db:f1:c9:c0:6c:26:
0f:03:d5:09:d3:58:6b:19:7e:24:a8:73:e2:23:39:fe:ac:45:
cb:83:24:c6:02:4f:f0:c7:53:aa:f1:d9:72:02:fa:95:33:0a:
4a:00:69:74:1d:9d:db:06:33:dd:5d:d0:2d:dc:2d:dd:b4:b2:
35:d5:40:83:e9:ec:41:29:95:3c:2f:e0:d6:18:b9:23:02:d2:
1b:fc:dc:8d
-----BEGIN CERTIFICATE-----
MIIFoDCCBIigAwIBAgICBHcwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
RjhCOTdBRjExMC8GA1UEBRMoNDI5RjcwQTAxQTJCNTkyMkZFRUI0QkYwQzgzRDcz
QzVGNTc0RjI1RDAeFw0yNDExMTMxMTQ1MDNaFw0zNDExMzAxMTQ1MDNaMBgxFjAU
BgNVBAMTDTY3MzQ5MTQzLWQwM2YwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC/Eb9rFRYd0+/bTu8Gwx38NkDatInGvWzLdL9LsR21WMgdrzNTMJaF3cVB
lU6UX9jqYnvKVJKB5gPcNi4Wc1O3cWgylSUy1TPJMu5IY5osip8iqHte/0mmUjk0
9uyi0SvI5ltOvEokdQBW1rDfJt5wpiInz84qfTL2reiPINlwP2LBh/2uFVGPIjMd
dL2a3HNQQ2KJiHWAHk672twHorxnQ0T5veIrs7omurp4TOcu9ggWqNfPTxOuD8df
hW7o1kB5k36l2U0G2qlNNqDBi3NjvnsZYUoY26rmsFQ8U9gddt82TStQFFc2SMXz
uispYEV7DvlS7zHVxY6ETKE3OtNXAgMBAAGjggLCMIICvjAdBgNVHQ4EFgQUsLjR
9a/HNy02jmW7h2JSbHXEUA0wHwYDVR0jBBgwFoAUQp9woBorWSL+60vwyD1zxfV0
8l0wDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkY4Qjk3L0U1NTlFQjRDMzcwNDExRUM5RjVFRjUyNkQ4QTAxNENFL1FwOXdv
Qm9yV1NMLTYwdnd5RDF6eGZWMDhsMC5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL1FwOXdvQm9yV1NMLTYwdnd5RDF6eGZWMDhsMC5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkY4Qjk3L0U1NTlFQjRDMzcwNDExRUM5RjVFRjUyNkQ4
QTAxNENFL0JBQTBFMkRFQTFCNDExRUZBMUVFMkY1RDc2MkU5NTFBLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwPAYIKwYBBQUHAQcBAf8ELTArMBoEAgABMBQDBAIpSsAwDAMEAylKyAMEAClK
yjANBAIAAjAHAwUALA/x4DANBgkqhkiG9w0BAQsFAAOCAQEAajNulKjPmMxcQvqg
W7RO9GFqT6af/LBEZG6+tbjZ1ivMNzOLkpZqZbjVx8Xbht+s7r2KbibtON8/qxzd
6OgMjrkpoRVWgbvsxPJYcFljWY03UbOsCOTqVwmPd8LL9qkYLw4Q4BYZIMdN+V27
9yHMfK8CrUi2YNZqfI4DtRDqTdxX5RmDSnfk8bK/CUCfnr6KZvsk5AEn3f4u7mHS
7qvpMK1qnlb7xBkeaAV+pF8N2/HJwGwmDwPVCdNYaxl+JKhz4iM5/qxFy4MkxgJP
8MdTqvHZcgL6lTMKSgBpdB2d2wYz3V3QLdwt3bSyNdVAg+nsQSmVPC/g1hi5IwLS
G/zcjQ==
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:53:00 2024 by rpki-client on console-fra.rpki-client.org