Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36FBB68/DEFB17F0767311EBBA1F686DF8AEA228/A3872CCA767511EBAC7F576FF8AEA228.roa
File: A3872CCA767511EBAC7F576FF8AEA228.roa (raw, json)
Hash identifier: hmLqvNXuyAn9YBf05pAIuD+kdW8/EhKCnZYOAEKh1yU=
Subject key identifier: 3F:C3:7C:F5:9F:E7:CE:D2:31:6F:24:07:77:D2:9B:5D:7F:99:20:4A
Certificate issuer: /CN=F36FBB68AF/serialNumber=0D150008651489BA5144B3F17EBECCDFB945640B
Certificate serial: 04
Authority key identifier: 0D:15:00:08:65:14:89:BA:51:44:B3:F1:7E:BE:CC:DF:B9:45:64:0B
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/DRUACGUUibpRRLPxfr7M37lFZAs.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36FBB68/DEFB17F0767311EBBA1F686DF8AEA228/A3872CCA767511EBAC7F576FF8AEA228.roa
Signing time: Wed 24 Feb 2021 07:55:19 +0000
ROA not before: Wed 24 Feb 2021 07:55:13 +0000
ROA not after: Mon 24 Feb 2031 07:55:13 +0000
asID: 37575
IP address blocks: 41.79.124.0/22 maxlen: 23
102.222.140.0/22 maxlen: 23
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36FBB68/DEFB17F0767311EBBA1F686DF8AEA228/DRUACGUUibpRRLPxfr7M37lFZAs.crl
rsync://rpki.afrinic.net/repository/member_repository/F36FBB68/DEFB17F0767311EBBA1F686DF8AEA228/DRUACGUUibpRRLPxfr7M37lFZAs.mft
rsync://rpki.afrinic.net/repository/afrinic/DRUACGUUibpRRLPxfr7M37lFZAs.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4 (0x4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36FBB68AF/serialNumber=0D150008651489BA5144B3F17EBECCDFB945640B
Validity
Not Before: Feb 24 07:55:13 2021 GMT
Not After : Feb 24 07:55:13 2031 GMT
Subject: CN=60360667-5f86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:a7:5c:8b:1a:3a:6b:33:78:51:c8:cf:75:e9:
83:dd:08:bb:38:f5:01:c4:da:2b:ab:12:42:27:b4:
90:a1:4a:57:c5:9c:1d:11:e0:78:c0:1a:0f:f8:d3:
f4:df:c8:b7:8b:85:f3:00:fe:ee:a4:22:be:00:a8:
66:df:97:f0:a4:5f:6e:b6:26:26:93:90:8d:e4:54:
1b:7e:ac:28:22:65:ac:8a:6c:38:4a:c5:d9:4c:b2:
00:65:9f:b1:36:fe:b2:d2:bd:08:5f:85:bd:72:45:
4a:2f:6f:7a:33:0e:c2:5b:e0:6f:cf:9c:cc:e6:80:
3c:98:2a:d4:d5:d7:11:3b:6c:42:95:a8:a5:1b:bd:
0f:9f:41:59:3b:43:ee:fb:1d:5e:50:90:1b:a6:13:
4d:a4:a5:66:19:9b:a5:22:3e:39:6f:72:44:98:82:
15:42:c7:09:e2:37:12:05:53:4c:a7:a3:96:51:fd:
8d:e0:42:31:b1:a2:a3:db:8e:e3:9e:8b:99:f4:d6:
76:54:a7:3f:a0:17:bc:75:a3:f6:e3:ad:f2:f8:f9:
36:28:1d:a8:f9:82:bf:94:40:d3:58:3d:3c:b6:62:
f1:b4:92:c7:d2:4f:cb:4a:fc:2c:67:45:f5:05:d2:
dc:06:10:c5:d5:9c:80:d1:5a:03:e6:8f:9b:53:88:
83:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:C3:7C:F5:9F:E7:CE:D2:31:6F:24:07:77:D2:9B:5D:7F:99:20:4A
X509v3 Authority Key Identifier:
keyid:0D:15:00:08:65:14:89:BA:51:44:B3:F1:7E:BE:CC:DF:B9:45:64:0B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36FBB68/DEFB17F0767311EBBA1F686DF8AEA228/DRUACGUUibpRRLPxfr7M37lFZAs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/DRUACGUUibpRRLPxfr7M37lFZAs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36FBB68/DEFB17F0767311EBBA1F686DF8AEA228/A3872CCA767511EBAC7F576FF8AEA228.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
41.79.124.0/22
102.222.140.0/22
Signature Algorithm: sha256WithRSAEncryption
20:7c:21:18:c9:b8:39:01:50:7b:6a:0e:5d:a0:ab:a5:76:87:
24:3a:fc:76:71:ec:fc:96:9f:54:0e:89:9b:80:fe:07:c1:92:
d3:1e:87:f7:c7:d0:e7:77:c7:3b:76:29:c0:84:7a:3d:58:8c:
8b:80:0e:29:51:c1:b0:81:3a:71:58:09:dd:46:81:fa:3a:e0:
1c:d9:8d:09:1e:3c:16:5c:60:de:3e:d4:b3:1d:53:42:36:e5:
0f:ce:ac:ef:6e:e7:fb:53:1e:04:d9:f1:59:9f:7c:47:34:10:
1f:26:5d:ca:34:5c:f8:37:f5:a1:a3:fe:f6:cd:59:26:c4:89:
04:e3:fe:90:5b:ae:8d:42:68:ad:17:cd:ba:ca:c6:48:67:cf:
94:38:23:5b:9b:fb:16:5f:40:ce:cf:07:a3:b0:5c:c5:6c:0f:
b4:f8:84:33:1b:dc:48:18:41:e4:21:b2:f6:72:b3:ab:16:a5:
a1:89:18:b7:68:5a:e0:c4:f8:c5:72:d9:b5:ff:01:cc:4a:f2:
17:ba:3c:9d:91:de:0a:25:b7:67:e7:db:4a:ba:86:e2:e3:9d:
a1:dc:b9:04:27:a2:b2:17:e8:e0:52:00:58:70:a6:26:7e:69:
7a:b2:a7:65:d1:58:c6:8e:ee:80:fb:ff:ea:31:4e:04:6a:c2:
51:9f:4c:b0
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgIBBDANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZG
QkI2OEFGMTEwLwYDVQQFEygwRDE1MDAwODY1MTQ4OUJBNTE0NEIzRjE3RUJFQ0NE
RkI5NDU2NDBCMB4XDTIxMDIyNDA3NTUxM1oXDTMxMDIyNDA3NTUxM1owGDEWMBQG
A1UEAxMNNjAzNjA2NjctNWY4NjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM+nXIsaOmszeFHIz3Xpg90Iuzj1AcTaK6sSQie0kKFKV8WcHRHgeMAaD/jT
9N/It4uF8wD+7qQivgCoZt+X8KRfbrYmJpOQjeRUG36sKCJlrIpsOErF2UyyAGWf
sTb+stK9CF+FvXJFSi9vejMOwlvgb8+czOaAPJgq1NXXETtsQpWopRu9D59BWTtD
7vsdXlCQG6YTTaSlZhmbpSI+OW9yRJiCFULHCeI3EgVTTKejllH9jeBCMbGio9uO
456LmfTWdlSnP6AXvHWj9uOt8vj5NigdqPmCv5RA01g9PLZi8bSSx9JPy0r8LGdF
9QXS3AYQxdWcgNFaA+aPm1OIg+kCAwEAAaOCAqswggKnMB0GA1UdDgQWBBQ/w3z1
n+fO0jFvJAd30ptdf5kgSjAfBgNVHSMEGDAWgBQNFQAIZRSJulFEs/F+vszfuUVk
CzAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2RkJCNjgvREVGQjE3RjA3NjczMTFFQkJBMUY2ODZERjhBRUEyMjgvRFJVQUNH
VVVpYnBSUkxQeGZyN00zN2xGWkFzLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvRFJVQUNHVVVpYnBSUkxQeGZyN00zN2xGWkFzLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2RkJCNjgvREVGQjE3RjA3NjczMTFFQkJBMUY2ODZERjhB
RUEyMjgvQTM4NzJDQ0E3Njc1MTFFQkFDN0Y1NzZGRjhBRUEyMjgucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAilPfAMEAmbejDANBgkqhkiG
9w0BAQsFAAOCAQEAIHwhGMm4OQFQe2oOXaCrpXaHJDr8dnHs/JafVA6Jm4D+B8GS
0x6H98fQ53fHO3YpwIR6PViMi4AOKVHBsIE6cVgJ3UaB+jrgHNmNCR48Flxg3j7U
sx1TQjblD86s727n+1MeBNnxWZ98RzQQHyZdyjRc+Df1oaP+9s1ZJsSJBOP+kFuu
jUJorRfNusrGSGfPlDgjW5v7Fl9Azs8Ho7BcxWwPtPiEMxvcSBhB5CGy9nKzqxal
oYkYt2ha4MT4xXLZtf8BzEryF7o8nZHeCiW3Z+fbSrqG4uOdody5BCeishfo4FIA
WHCmJn5perKnZdFYxo7ugPv/6jFOBGrCUZ9MsA==
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:05:33 2024 by rpki-client on console-ams.rpki-client.org