Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36F8F4F/8A377BBC2A7511EC90817559D8A014CE/394CCA22661911EE8EE6BB324AD9E6FC.roa
File: 394CCA22661911EE8EE6BB324AD9E6FC.roa (raw, json)
Hash identifier: +0IcxhM38lh4IkoNfS1FKvLpsiV4VGtwwZB62TnSd38=
Subject key identifier: 7D:99:7D:A3:86:E9:08:9A:3B:C7:A8:DE:50:B2:93:29:97:F5:3F:3C
Certificate issuer: /CN=F36F8F4FAF/serialNumber=DC17A0EC58652D31896123A65610C3A32046556B
Certificate serial: 0315
Authority key identifier: DC:17:A0:EC:58:65:2D:31:89:61:23:A6:56:10:C3:A3:20:46:55:6B
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/3Beg7FhlLTGJYSOmVhDDoyBGVWs.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36F8F4F/8A377BBC2A7511EC90817559D8A014CE/394CCA22661911EE8EE6BB324AD9E6FC.roa
Signing time: Sun 08 Oct 2023 20:28:22 +0000
ROA not before: Sun 08 Oct 2023 20:28:18 +0000
ROA not after: Wed 08 Oct 2025 20:28:18 +0000
asID: 21003
IP address blocks: 41.208.106.0/24 maxlen: 24
41.208.107.0/24 maxlen: 24
41.208.108.0/24 maxlen: 24
41.208.109.0/24 maxlen: 24
41.208.110.0/24 maxlen: 24
41.208.111.0/24 maxlen: 24
41.208.112.0/24 maxlen: 24
41.208.113.0/24 maxlen: 24
41.208.114.0/24 maxlen: 24
41.208.115.0/24 maxlen: 24
41.208.116.0/24 maxlen: 24
41.208.117.0/24 maxlen: 24
41.208.118.0/24 maxlen: 24
41.208.119.0/24 maxlen: 24
41.208.120.0/24 maxlen: 24
41.208.121.0/24 maxlen: 24
41.208.122.0/24 maxlen: 24
41.208.123.0/24 maxlen: 24
41.208.124.0/24 maxlen: 24
41.208.125.0/24 maxlen: 24
41.208.126.0/24 maxlen: 24
41.208.127.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36F8F4F/8A377BBC2A7511EC90817559D8A014CE/3Beg7FhlLTGJYSOmVhDDoyBGVWs.crl
rsync://rpki.afrinic.net/repository/member_repository/F36F8F4F/8A377BBC2A7511EC90817559D8A014CE/3Beg7FhlLTGJYSOmVhDDoyBGVWs.mft
rsync://rpki.afrinic.net/repository/afrinic/3Beg7FhlLTGJYSOmVhDDoyBGVWs.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 30 Sep 2024 00:05:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 789 (0x315)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36F8F4FAF/serialNumber=DC17A0EC58652D31896123A65610C3A32046556B
Validity
Not Before: Oct 8 20:28:18 2023 GMT
Not After : Oct 8 20:28:18 2025 GMT
Subject: CN=652310e6-f290
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:d2:60:3a:b1:95:12:a7:7b:b0:94:16:ff:6b:
c9:bf:31:05:a0:5d:8a:f1:7d:0e:13:49:09:5e:71:
3b:b6:51:75:29:70:d8:ce:b2:9f:70:bf:bd:af:7e:
14:2f:3f:f4:18:0c:11:ad:2d:2c:04:ad:4d:4c:1b:
b5:e3:74:e8:6a:f5:73:14:61:ce:1b:d7:5d:ff:d7:
35:e9:b2:31:cd:fa:5f:63:00:38:42:76:e1:07:ee:
0d:5a:b4:2b:65:79:69:ac:f0:2c:45:ed:7e:73:be:
5a:60:48:43:c8:e5:43:04:9c:cf:e5:a5:55:09:0c:
b0:23:6e:7d:1e:09:70:88:9c:db:e9:73:a8:76:1d:
52:6b:51:d3:cc:b7:02:50:d0:4f:22:be:fb:09:3b:
cf:1a:04:83:c6:3e:b5:05:f5:de:a5:70:0e:28:3a:
e6:4b:a4:10:df:53:55:22:d8:b0:6e:cd:10:36:ee:
69:20:92:40:fc:d3:02:d4:dc:86:08:d0:03:6f:51:
16:6f:94:a9:1d:0a:78:e3:a7:b9:50:9b:a7:0e:25:
f1:6a:cf:cf:e2:67:a5:3d:99:3a:7d:da:92:6b:c8:
b9:39:79:f6:21:37:e9:2e:49:17:3e:3a:20:0b:23:
b3:16:f9:7a:ec:34:db:f4:62:a4:ac:5e:bc:fe:1c:
1e:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:99:7D:A3:86:E9:08:9A:3B:C7:A8:DE:50:B2:93:29:97:F5:3F:3C
X509v3 Authority Key Identifier:
keyid:DC:17:A0:EC:58:65:2D:31:89:61:23:A6:56:10:C3:A3:20:46:55:6B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36F8F4F/8A377BBC2A7511EC90817559D8A014CE/3Beg7FhlLTGJYSOmVhDDoyBGVWs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/3Beg7FhlLTGJYSOmVhDDoyBGVWs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36F8F4F/8A377BBC2A7511EC90817559D8A014CE/394CCA22661911EE8EE6BB324AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
41.208.106.0-41.208.127.255
Signature Algorithm: sha256WithRSAEncryption
66:ff:00:d1:94:2d:25:0a:64:ee:3b:12:45:1e:aa:c7:c5:85:
60:9e:f5:20:79:34:d2:14:97:0b:8f:5e:4c:3d:69:da:63:11:
36:22:2c:99:ba:44:80:26:a2:76:d1:a6:b4:3d:8f:32:b6:6b:
25:99:6d:ad:5f:22:f3:93:6d:0a:b4:af:70:33:b9:09:eb:e7:
54:1e:ad:74:8c:68:64:f7:ea:29:f4:83:2c:08:29:9a:10:79:
28:31:b9:3f:3a:72:ea:4d:e2:ff:09:0c:2e:fe:cb:aa:c2:cb:
5f:3e:db:8f:4f:e0:e6:ae:d1:b9:a5:65:eb:8c:1c:84:df:e7:
2a:3b:84:1b:29:ae:02:8f:24:0d:8d:58:91:03:5d:b3:1b:57:
22:04:6d:46:29:b8:33:42:dd:55:cf:68:ac:44:9b:17:e2:c0:
56:35:c7:3d:0f:fd:d1:b4:f7:a4:16:ac:d4:c6:22:ee:7c:08:
71:94:3a:53:4e:8a:e2:b3:f8:38:ef:e5:4e:19:1c:0b:89:27:
7e:d5:2f:03:ea:82:8e:2e:ea:45:a9:27:2e:65:b6:34:a3:c9:
7a:f7:87:32:b6:52:7b:1e:ac:3d:d2:c4:c5:13:a0:d5:61:c8:
24:61:8d:00:a9:ce:03:5e:0f:f3:8c:4c:3f:44:f9:69:53:83:
99:75:51:52
-----BEGIN CERTIFICATE-----
MIIFizCCBHOgAwIBAgICAxUwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
RjhGNEZBRjExMC8GA1UEBRMoREMxN0EwRUM1ODY1MkQzMTg5NjEyM0E2NTYxMEMz
QTMyMDQ2NTU2QjAeFw0yMzEwMDgyMDI4MThaFw0yNTEwMDgyMDI4MThaMBgxFjAU
BgNVBAMTDTY1MjMxMGU2LWYyOTAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDS0mA6sZUSp3uwlBb/a8m/MQWgXYrxfQ4TSQlecTu2UXUpcNjOsp9wv72v
fhQvP/QYDBGtLSwErU1MG7XjdOhq9XMUYc4b113/1zXpsjHN+l9jADhCduEH7g1a
tCtleWms8CxF7X5zvlpgSEPI5UMEnM/lpVUJDLAjbn0eCXCInNvpc6h2HVJrUdPM
twJQ0E8ivvsJO88aBIPGPrUF9d6lcA4oOuZLpBDfU1Ui2LBuzRA27mkgkkD80wLU
3IYI0ANvURZvlKkdCnjjp7lQm6cOJfFqz8/iZ6U9mTp92pJryLk5efYhN+kuSRc+
OiALI7MW+XrsNNv0YqSsXrz+HB45AgMBAAGjggKtMIICqTAdBgNVHQ4EFgQUfZl9
o4bpCJo7x6jeULKTKZf1PzwwHwYDVR0jBBgwFoAU3Beg7FhlLTGJYSOmVhDDoyBG
VWswDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkY4RjRGLzhBMzc3QkJDMkE3NTExRUM5MDgxNzU1OUQ4QTAxNENFLzNCZWc3
RmhsTFRHSllTT21WaEREb3lCR1ZXcy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljLzNCZWc3RmhsTFRHSllTT21WaEREb3lCR1ZXcy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkY4RjRGLzhBMzc3QkJDMkE3NTExRUM5MDgxNzU1OUQ4
QTAxNENFLzM5NENDQTIyNjYxOTExRUU4RUU2QkIzMjRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwJwYIKwYBBQUHAQcBAf8EGDAWMBQEAgABMA4wDAMEASnQagMEBynQADANBgkq
hkiG9w0BAQsFAAOCAQEAZv8A0ZQtJQpk7jsSRR6qx8WFYJ71IHk00hSXC49eTD1p
2mMRNiIsmbpEgCaidtGmtD2PMrZrJZltrV8i85NtCrSvcDO5CevnVB6tdIxoZPfq
KfSDLAgpmhB5KDG5Pzpy6k3i/wkMLv7LqsLLXz7bj0/g5q7RuaVl64wchN/nKjuE
GymuAo8kDY1YkQNdsxtXIgRtRim4M0LdVc9orESbF+LAVjXHPQ/90bT3pBas1MYi
7nwIcZQ6U06K4rP4OO/lThkcC4knftUvA+qCji7qRaknLmW2NKPJeveHMrZSex6s
PdLExROg1WHIJGGNAKnOA14P84xMP0T5aVODmXVRUg==
-----END CERTIFICATE-----
Generated at Sat Sep 28 04:04:21 2024 by rpki-client on console-fra.rpki-client.org