Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36F8F4F/8A377BBC2A7511EC90817559D8A014CE/D9217A3C661611EEA86D522B4AD9E6FC.roa
File: D9217A3C661611EEA86D522B4AD9E6FC.roa (raw, json)
Hash identifier: z2SZmCJ1kKmTX6Ii7RXMb+iItL2uLeEn8Lji78flCjA=
Subject key identifier: B7:C5:50:11:25:0D:12:DD:FA:46:15:24:BA:50:26:D8:73:20:5E:B1
Certificate issuer: /CN=F36F8F4FAF/serialNumber=DC17A0EC58652D31896123A65610C3A32046556B
Certificate serial: 0311
Authority key identifier: DC:17:A0:EC:58:65:2D:31:89:61:23:A6:56:10:C3:A3:20:46:55:6B
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/3Beg7FhlLTGJYSOmVhDDoyBGVWs.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36F8F4F/8A377BBC2A7511EC90817559D8A014CE/D9217A3C661611EEA86D522B4AD9E6FC.roa
Signing time: Sun 08 Oct 2023 20:11:21 +0000
ROA not before: Sun 08 Oct 2023 20:11:16 +0000
ROA not after: Wed 08 Oct 2025 20:11:16 +0000
asID: 21003
IP address blocks: 41.208.64.0/24 maxlen: 24
41.208.65.0/24 maxlen: 24
41.208.66.0/24 maxlen: 24
41.208.67.0/24 maxlen: 24
41.208.69.0/24 maxlen: 24
41.208.70.0/24 maxlen: 24
41.208.71.0/24 maxlen: 24
41.208.72.0/24 maxlen: 24
41.208.73.0/24 maxlen: 24
41.208.74.0/24 maxlen: 24
41.208.75.0/24 maxlen: 24
41.208.76.0/24 maxlen: 24
41.208.77.0/24 maxlen: 24
41.208.78.0/24 maxlen: 24
41.208.79.0/24 maxlen: 24
41.208.80.0/24 maxlen: 24
41.208.81.0/24 maxlen: 24
41.208.82.0/24 maxlen: 24
41.208.83.0/24 maxlen: 24
41.208.84.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36F8F4F/8A377BBC2A7511EC90817559D8A014CE/3Beg7FhlLTGJYSOmVhDDoyBGVWs.crl
rsync://rpki.afrinic.net/repository/member_repository/F36F8F4F/8A377BBC2A7511EC90817559D8A014CE/3Beg7FhlLTGJYSOmVhDDoyBGVWs.mft
rsync://rpki.afrinic.net/repository/afrinic/3Beg7FhlLTGJYSOmVhDDoyBGVWs.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 27 Nov 2024 00:05:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 785 (0x311)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36F8F4FAF/serialNumber=DC17A0EC58652D31896123A65610C3A32046556B
Validity
Not Before: Oct 8 20:11:16 2023 GMT
Not After : Oct 8 20:11:16 2025 GMT
Subject: CN=65230ce9-42ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:e5:7d:39:76:c7:71:be:b6:f2:56:db:86:c7:
29:d1:88:ea:dc:2b:a7:df:ec:4a:6b:ef:4b:17:ee:
37:0a:37:d3:1b:f8:ae:12:dd:10:09:d7:98:2e:ec:
87:31:47:fe:fc:71:cb:ba:6a:cb:8b:a0:61:73:71:
92:72:68:7b:fe:89:73:67:cb:e3:27:4c:9e:f0:71:
06:dd:19:e2:43:66:88:57:cf:08:16:b8:36:a4:1a:
6a:0b:12:4a:79:83:60:37:13:d0:60:8d:c7:03:0e:
03:20:01:68:f7:02:c6:52:4c:e3:18:ad:bc:3d:63:
b6:7f:8a:db:15:3c:b9:2c:bd:ed:5f:b5:f4:75:5c:
24:90:cf:c1:9b:f3:6e:6a:75:58:d7:f4:64:72:3c:
14:a6:80:22:ce:8e:0c:a3:9b:70:93:93:80:fa:b5:
57:95:da:d3:29:fe:ec:e9:a4:87:a1:3e:3b:63:f9:
31:66:b4:99:ac:28:01:da:d7:d4:6b:8d:6e:f7:19:
00:f4:50:d3:0f:76:3b:28:41:b1:38:34:ac:5a:e6:
51:81:f9:7d:cf:ad:ef:c0:b2:de:1b:6a:6e:d7:a6:
c0:d6:2d:b1:42:1f:26:f6:2e:cc:57:fc:a9:9a:0f:
cf:f8:09:65:06:44:ea:a5:1a:f8:50:ed:6d:85:f7:
91:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:C5:50:11:25:0D:12:DD:FA:46:15:24:BA:50:26:D8:73:20:5E:B1
X509v3 Authority Key Identifier:
keyid:DC:17:A0:EC:58:65:2D:31:89:61:23:A6:56:10:C3:A3:20:46:55:6B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36F8F4F/8A377BBC2A7511EC90817559D8A014CE/3Beg7FhlLTGJYSOmVhDDoyBGVWs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/3Beg7FhlLTGJYSOmVhDDoyBGVWs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36F8F4F/8A377BBC2A7511EC90817559D8A014CE/D9217A3C661611EEA86D522B4AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
41.208.64.0/22
41.208.69.0-41.208.84.255
Signature Algorithm: sha256WithRSAEncryption
2e:f7:69:4f:86:c9:b6:c5:60:3e:a8:20:9d:47:fd:6c:34:3f:
e8:ef:28:80:8f:2c:7c:fe:99:4a:bf:3d:72:f5:03:07:a6:c5:
95:88:2f:e3:95:c1:a0:9e:27:1a:b5:f2:4b:f4:96:4c:aa:d6:
78:6a:8e:fb:0e:2d:88:d4:4b:b3:70:f2:24:d4:b4:51:0b:f9:
e3:af:cf:54:6b:61:0b:c3:7d:d2:7d:0c:3e:6d:37:af:cc:d6:
d6:30:8c:97:64:7a:66:16:d8:92:6e:8c:5f:72:70:be:c0:82:
19:2d:cf:cc:24:3d:38:33:ba:a7:67:3e:9f:91:ff:fc:91:c4:
5f:79:28:57:80:3a:62:28:bd:6e:64:a6:4e:42:04:5b:74:3b:
b5:d1:8c:fa:a4:bd:60:cb:18:c1:52:6d:cc:2e:cc:aa:f9:0f:
ea:e8:ef:0b:77:fb:71:cc:93:d1:82:0a:dd:56:90:92:b7:20:
b7:ce:69:7b:67:75:4d:08:5e:d7:9f:b6:b3:24:0b:eb:86:ba:
58:4d:60:bb:21:44:66:74:da:9e:a2:60:8e:e9:b0:a8:91:ae:
91:c2:c3:c6:81:5d:64:a6:79:47:18:b6:97:55:9f:63:46:b2:
59:83:cb:a5:80:aa:7e:66:7c:5b:ff:10:25:35:cc:eb:b8:4e:
52:27:c8:c1
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgICAxEwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
RjhGNEZBRjExMC8GA1UEBRMoREMxN0EwRUM1ODY1MkQzMTg5NjEyM0E2NTYxMEMz
QTMyMDQ2NTU2QjAeFw0yMzEwMDgyMDExMTZaFw0yNTEwMDgyMDExMTZaMBgxFjAU
BgNVBAMTDTY1MjMwY2U5LTQyYWIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDh5X05dsdxvrbyVtuGxynRiOrcK6ff7Epr70sX7jcKN9Mb+K4S3RAJ15gu
7IcxR/78ccu6asuLoGFzcZJyaHv+iXNny+MnTJ7wcQbdGeJDZohXzwgWuDakGmoL
Ekp5g2A3E9BgjccDDgMgAWj3AsZSTOMYrbw9Y7Z/itsVPLksve1ftfR1XCSQz8Gb
825qdVjX9GRyPBSmgCLOjgyjm3CTk4D6tVeV2tMp/uzppIehPjtj+TFmtJmsKAHa
19RrjW73GQD0UNMPdjsoQbE4NKxa5lGB+X3Pre/Ast4bam7XpsDWLbFCHyb2LsxX
/KmaD8/4CWUGROqlGvhQ7W2F95GJAgMBAAGjggKzMIICrzAdBgNVHQ4EFgQUt8VQ
ESUNEt36RhUkulAm2HMgXrEwHwYDVR0jBBgwFoAU3Beg7FhlLTGJYSOmVhDDoyBG
VWswDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkY4RjRGLzhBMzc3QkJDMkE3NTExRUM5MDgxNzU1OUQ4QTAxNENFLzNCZWc3
RmhsTFRHSllTT21WaEREb3lCR1ZXcy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljLzNCZWc3RmhsTFRHSllTT21WaEREb3lCR1ZXcy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkY4RjRGLzhBMzc3QkJDMkE3NTExRUM5MDgxNzU1OUQ4
QTAxNENFL0Q5MjE3QTNDNjYxNjExRUVBODZENTIyQjRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwLQYIKwYBBQUHAQcBAf8EHjAcMBoEAgABMBQDBAIp0EAwDAMEACnQRQMEACnQ
VDANBgkqhkiG9w0BAQsFAAOCAQEALvdpT4bJtsVgPqggnUf9bDQ/6O8ogI8sfP6Z
Sr89cvUDB6bFlYgv45XBoJ4nGrXyS/SWTKrWeGqO+w4tiNRLs3DyJNS0UQv546/P
VGthC8N90n0MPm03r8zW1jCMl2R6ZhbYkm6MX3JwvsCCGS3PzCQ9ODO6p2c+n5H/
/JHEX3koV4A6Yii9bmSmTkIEW3Q7tdGM+qS9YMsYwVJtzC7MqvkP6ujvC3f7ccyT
0YIK3VaQkrcgt85pe2d1TQhe15+2syQL64a6WE1guyFEZnTanqJgjumwqJGukcLD
xoFdZKZ5Rxi2l1WfY0ayWYPLpYCqfmZ8W/8QJTXM67hOUifIwQ==
-----END CERTIFICATE-----
Generated at Mon Nov 25 02:48:49 2024 by rpki-client on console-ams.rpki-client.org