Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36FA5EA/0B1437CA38B211ED8B64E4DBF1222468/8C53FC5238B311ED8F4FDEDFF1222468.roa
File: 8C53FC5238B311ED8F4FDEDFF1222468.roa (raw, json)
Hash identifier: O/25Fyw9eXz06N9mY6g+m5UavZaWZJUhHxYSUDXSlBk=
Subject key identifier: 92:0F:32:09:42:B5:41:4D:E0:B1:FD:40:5E:75:44:01:8B:11:F2:93
Certificate issuer: /CN=F36FA5EAAF/serialNumber=3DCB79C7386C14A69C4355F34C3BC5B34F444BAE
Certificate serial: 02
Authority key identifier: 3D:CB:79:C7:38:6C:14:A6:9C:43:55:F3:4C:3B:C5:B3:4F:44:4B:AE
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/Pct5xzhsFKacQ1XzTDvFs09ES64.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36FA5EA/0B1437CA38B211ED8B64E4DBF1222468/8C53FC5238B311ED8F4FDEDFF1222468.roa
Signing time: Tue 20 Sep 2022 07:12:12 +0000
ROA not before: Tue 20 Sep 2022 07:12:07 +0000
ROA not after: Sat 20 Sep 2025 07:12:07 +0000
asID: 36909
IP address blocks: 41.78.168.0/22 maxlen: 24
41.220.128.0/20 maxlen: 24
154.0.152.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36FA5EA/0B1437CA38B211ED8B64E4DBF1222468/Pct5xzhsFKacQ1XzTDvFs09ES64.crl
rsync://rpki.afrinic.net/repository/member_repository/F36FA5EA/0B1437CA38B211ED8B64E4DBF1222468/Pct5xzhsFKacQ1XzTDvFs09ES64.mft
rsync://rpki.afrinic.net/repository/afrinic/Pct5xzhsFKacQ1XzTDvFs09ES64.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36FA5EAAF/serialNumber=3DCB79C7386C14A69C4355F34C3BC5B34F444BAE
Validity
Not Before: Sep 20 07:12:07 2022 GMT
Not After : Sep 20 07:12:07 2025 GMT
Subject: CN=632967cc-545a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:3e:6e:b0:56:4c:74:bd:f6:c4:57:bf:f1:36:
f3:37:13:97:f7:62:c6:b8:5d:96:b1:74:fb:0f:fc:
10:32:0f:6c:aa:8e:74:f4:96:01:df:d9:60:cc:02:
6a:83:20:e3:4a:d4:be:89:ab:0f:3f:fe:cf:ca:40:
0d:cf:de:ff:77:a5:84:86:df:c1:15:63:ad:09:4f:
67:05:26:6e:29:f5:f8:ab:cf:7b:27:3a:c6:81:6e:
0e:1a:f8:7d:8d:c3:6e:51:01:4d:60:03:7c:df:6f:
bc:aa:e4:d5:df:af:ba:84:28:ce:7c:b0:03:e8:83:
76:d3:8b:73:2a:a6:a2:b1:73:7c:f3:c6:13:f2:b3:
82:f7:a3:e5:56:76:98:26:1b:74:0b:62:07:08:b3:
b2:4f:dc:96:e2:aa:75:df:85:64:8c:7a:bf:87:cf:
2c:a5:25:b9:4d:85:c8:64:9d:65:f7:18:c9:ff:62:
bb:a0:ae:fe:e1:b4:7e:50:38:f9:7f:27:b9:81:47:
34:40:c8:b9:07:06:5c:b0:07:55:ef:68:73:d8:5c:
a5:11:d6:03:6b:ec:81:43:b3:a5:e0:b1:d7:46:ca:
c1:9e:2d:d0:5c:9c:06:64:ea:ed:18:6d:3f:23:d0:
4d:00:95:0d:55:c4:33:b2:f9:45:f4:d2:42:34:87:
5a:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:0F:32:09:42:B5:41:4D:E0:B1:FD:40:5E:75:44:01:8B:11:F2:93
X509v3 Authority Key Identifier:
keyid:3D:CB:79:C7:38:6C:14:A6:9C:43:55:F3:4C:3B:C5:B3:4F:44:4B:AE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36FA5EA/0B1437CA38B211ED8B64E4DBF1222468/Pct5xzhsFKacQ1XzTDvFs09ES64.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/Pct5xzhsFKacQ1XzTDvFs09ES64.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36FA5EA/0B1437CA38B211ED8B64E4DBF1222468/8C53FC5238B311ED8F4FDEDFF1222468.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
41.78.168.0/22
41.220.128.0/20
154.0.152.0/21
Signature Algorithm: sha256WithRSAEncryption
92:de:6d:b5:d7:89:94:7c:ad:74:3f:0e:f0:dd:02:be:55:5c:
1a:4a:82:78:59:ed:f5:05:b4:09:12:b1:16:49:72:b1:25:b9:
86:63:10:10:b3:23:91:c4:6b:b6:d4:2a:54:b1:8a:14:02:2b:
aa:64:f3:e1:63:04:41:f8:56:e8:be:ea:d4:94:c2:88:cb:34:
fa:01:56:0f:01:d9:36:e8:f5:58:ca:d3:c4:94:2c:c4:a6:29:
48:9d:ad:38:17:d5:8c:45:56:8f:48:8e:20:0b:c7:a2:0c:60:
75:4d:47:0d:22:8c:64:a4:2b:eb:ff:67:1a:4a:14:56:be:01:
b0:9f:2a:29:8e:38:f1:f7:49:23:f4:64:41:b9:e0:ef:60:50:
cc:d7:d1:06:92:1c:94:44:ea:29:c1:06:19:24:7d:0c:27:52:
5d:cd:1d:a4:9a:e0:93:b9:7d:56:ab:f6:3e:61:e3:6b:b5:3c:
ce:01:8a:32:32:6c:23:d6:99:3f:1f:7d:03:58:d2:54:06:28:
c0:0c:25:c0:84:91:11:fe:ef:d2:cb:7e:b4:2b:ef:95:e1:22:
ab:eb:e2:7a:72:ea:dc:0f:fc:c8:01:9c:69:78:60:d8:37:18:
26:4c:1e:52:c9:6f:71:ac:79:83:e7:50:82:1e:7a:f1:18:95:
f4:cb:a8:ba
-----BEGIN CERTIFICATE-----
MIIFjjCCBHagAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDDApGMzZG
QTVFQUFGMTEwLwYDVQQFEygzRENCNzlDNzM4NkMxNEE2OUM0MzU1RjM0QzNCQzVC
MzRGNDQ0QkFFMB4XDTIyMDkyMDA3MTIwN1oXDTI1MDkyMDA3MTIwN1owGDEWMBQG
A1UEAwwNNjMyOTY3Y2MtNTQ1YTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMM+brBWTHS99sRXv/E28zcTl/dixrhdlrF0+w/8EDIPbKqOdPSWAd/ZYMwC
aoMg40rUvomrDz/+z8pADc/e/3elhIbfwRVjrQlPZwUmbin1+KvPeyc6xoFuDhr4
fY3DblEBTWADfN9vvKrk1d+vuoQoznywA+iDdtOLcyqmorFzfPPGE/Kzgvej5VZ2
mCYbdAtiBwizsk/cluKqdd+FZIx6v4fPLKUluU2FyGSdZfcYyf9iu6Cu/uG0flA4
+X8nuYFHNEDIuQcGXLAHVe9oc9hcpRHWA2vsgUOzpeCx10bKwZ4t0FycBmTq7Rht
PyPQTQCVDVXEM7L5RfTSQjSHWtsCAwEAAaOCArEwggKtMB0GA1UdDgQWBBSSDzIJ
QrVBTeCx/UBedUQBixHykzAfBgNVHSMEGDAWgBQ9y3nHOGwUppxDVfNMO8WzT0RL
rjAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2RkE1RUEvMEIxNDM3Q0EzOEIyMTFFRDhCNjRFNERCRjEyMjI0NjgvUGN0NXh6
aHNGS2FjUTFYelREdkZzMDlFUzY0LmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvUGN0NXh6aHNGS2FjUTFYelREdkZzMDlFUzY0LmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2RkE1RUEvMEIxNDM3Q0EzOEIyMTFFRDhCNjRFNERCRjEy
MjI0NjgvOEM1M0ZDNTIzOEIzMTFFRDhGNEZERURGRjEyMjI0Njgucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDArBggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAilOqAMEBCncgAMEA5oAmDAN
BgkqhkiG9w0BAQsFAAOCAQEAkt5ttdeJlHytdD8O8N0CvlVcGkqCeFnt9QW0CRKx
FklysSW5hmMQELMjkcRrttQqVLGKFAIrqmTz4WMEQfhW6L7q1JTCiMs0+gFWDwHZ
Nuj1WMrTxJQsxKYpSJ2tOBfVjEVWj0iOIAvHogxgdU1HDSKMZKQr6/9nGkoUVr4B
sJ8qKY448fdJI/RkQbng72BQzNfRBpIclETqKcEGGSR9DCdSXc0dpJrgk7l9Vqv2
PmHja7U8zgGKMjJsI9aZPx99A1jSVAYowAwlwISREf7v0st+tCvvleEiq+vienLq
3A/8yAGcaXhg2DcYJkweUslvcax5g+dQgh568RiV9Muoug==
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:53:01 2024 by rpki-client on console-fra.rpki-client.org