Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36FDB6D/237A7BF0816E11EBA47A295BF8AEA228/4FD4A210816F11EBA2DB5E5CF8AEA228.roa
File: 4FD4A210816F11EBA2DB5E5CF8AEA228.roa (raw, json)
Hash identifier: Q9H2lKyBkMfTg6cpSiTvID4Cv4tNB4YcVP+ZoFDWIJk=
Subject key identifier: 77:19:A9:2C:06:F1:4B:00:34:2E:82:36:D1:AF:26:F9:57:07:22:E7
Certificate issuer: /CN=F36FDB6DAF/serialNumber=41BE93666AA3C889C6A9ED25AFFF6B865C81E80A
Certificate serial: 02
Authority key identifier: 41:BE:93:66:6A:A3:C8:89:C6:A9:ED:25:AF:FF:6B:86:5C:81:E8:0A
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/Qb6TZmqjyInGqe0lr_9rhlyB6Ao.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36FDB6D/237A7BF0816E11EBA47A295BF8AEA228/4FD4A210816F11EBA2DB5E5CF8AEA228.roa
Signing time: Wed 10 Mar 2021 07:07:45 +0000
ROA not before: Wed 10 Mar 2021 07:07:38 +0000
ROA not after: Tue 10 Mar 2026 07:07:38 +0000
asID: 42235
IP address blocks: 41.76.0.0/21 maxlen: 21
41.77.32.0/21 maxlen: 21
196.40.112.0/20 maxlen: 20
196.40.123.0/24 maxlen: 24
197.242.160.0/20 maxlen: 20
2c0f:fb90::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36FDB6D/237A7BF0816E11EBA47A295BF8AEA228/Qb6TZmqjyInGqe0lr_9rhlyB6Ao.crl
rsync://rpki.afrinic.net/repository/member_repository/F36FDB6D/237A7BF0816E11EBA47A295BF8AEA228/Qb6TZmqjyInGqe0lr_9rhlyB6Ao.mft
rsync://rpki.afrinic.net/repository/afrinic/Qb6TZmqjyInGqe0lr_9rhlyB6Ao.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 31 May 2024 00:04:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36FDB6DAF/serialNumber=41BE93666AA3C889C6A9ED25AFFF6B865C81E80A
Validity
Not Before: Mar 10 07:07:38 2021 GMT
Not After : Mar 10 07:07:38 2026 GMT
Subject: CN=60487041-eea8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:88:f9:1c:13:12:d0:09:7f:a0:c4:28:57:ee:
d2:b2:f1:f6:79:26:1e:0e:19:9d:03:cd:ef:d8:9b:
5a:67:0d:47:b3:6c:59:1f:00:14:31:47:54:fa:2d:
05:57:d0:ac:88:56:1b:a7:d6:9e:a2:9d:bc:5e:41:
e9:d0:00:b8:66:14:72:63:0a:87:62:6e:28:46:f7:
7c:42:4f:e0:fe:d2:05:74:77:04:aa:1e:8b:17:cb:
44:31:24:9c:9c:0c:c7:11:e7:62:92:05:37:9c:cc:
bf:8f:ed:69:00:b8:ce:e9:5b:fa:42:6f:5b:d7:97:
33:69:9e:f0:b3:8f:53:4d:fc:8b:5b:1b:7d:a3:8b:
12:e2:b8:ef:12:b2:c8:a9:d0:f7:b2:19:ee:b8:48:
77:5b:58:b0:b5:2d:33:73:51:0b:75:c2:96:c0:4c:
39:a6:42:6b:06:6a:77:97:c2:b5:d3:40:fe:0a:6a:
78:29:9d:bf:a5:69:5d:6e:7e:b6:64:ab:b5:75:40:
5b:ad:e3:d1:8f:50:a6:3e:db:c0:0e:8d:11:2b:b8:
94:02:2d:69:8f:49:73:e8:28:5b:98:78:76:0f:4f:
f1:55:12:40:2f:4a:36:07:e1:ed:21:19:66:3d:91:
3c:5b:0f:69:9a:63:0a:ca:ae:5b:31:86:7c:b1:07:
10:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:19:A9:2C:06:F1:4B:00:34:2E:82:36:D1:AF:26:F9:57:07:22:E7
X509v3 Authority Key Identifier:
keyid:41:BE:93:66:6A:A3:C8:89:C6:A9:ED:25:AF:FF:6B:86:5C:81:E8:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36FDB6D/237A7BF0816E11EBA47A295BF8AEA228/Qb6TZmqjyInGqe0lr_9rhlyB6Ao.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/Qb6TZmqjyInGqe0lr_9rhlyB6Ao.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36FDB6D/237A7BF0816E11EBA47A295BF8AEA228/4FD4A210816F11EBA2DB5E5CF8AEA228.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
41.76.0.0/21
41.77.32.0/21
196.40.112.0/20
197.242.160.0/20
IPv6:
2c0f:fb90::/32
Signature Algorithm: sha256WithRSAEncryption
9d:f3:bd:71:32:d9:d4:f8:a3:30:4c:cb:fe:5e:da:47:6e:9e:
ab:c4:17:2f:25:d1:39:2d:e8:88:90:1d:80:a2:77:63:f3:16:
c4:dc:04:4a:5a:dc:1c:e0:45:3b:ad:b4:e2:3b:a0:60:d4:23:
d0:1f:cd:e9:26:db:54:ba:c7:9f:c0:83:27:e9:47:07:b9:20:
02:af:b6:65:02:65:4e:d8:3f:08:b3:1c:ae:ff:fd:05:60:a7:
8a:5e:02:ff:d7:1f:7a:7a:dd:e2:58:32:57:82:07:97:04:98:
bb:26:f6:91:39:8c:3e:14:6a:1b:61:f1:35:92:ed:82:6e:c0:
6a:d9:c4:a1:6d:fe:7f:76:92:16:5d:a6:5d:cc:2c:15:3d:04:
83:c9:e2:fe:af:73:7f:32:b8:ae:ac:19:57:72:b2:57:6a:67:
c9:9c:76:23:6d:89:52:59:0b:a4:d8:7e:81:a4:38:56:e5:71:
11:81:34:8f:1c:eb:18:a8:57:97:ff:7f:e9:9e:39:60:de:2e:
8f:8e:3c:b4:ae:f1:80:bd:62:82:84:5c:7b:62:bd:cb:9a:86:
3a:35:bc:3e:0d:0c:b0:0c:f2:38:85:d1:45:eb:7d:18:c7:82:
27:3e:a1:58:0a:6d:eb:63:cc:40:e1:9d:29:60:4c:c1:74:4b:
55:9a:f9:42
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZG
REI2REFGMTEwLwYDVQQFEyg0MUJFOTM2NjZBQTNDODg5QzZBOUVEMjVBRkZGNkI4
NjVDODFFODBBMB4XDTIxMDMxMDA3MDczOFoXDTI2MDMxMDA3MDczOFowGDEWMBQG
A1UEAxMNNjA0ODcwNDEtZWVhODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL2I+RwTEtAJf6DEKFfu0rLx9nkmHg4ZnQPN79ibWmcNR7NsWR8AFDFHVPot
BVfQrIhWG6fWnqKdvF5B6dAAuGYUcmMKh2JuKEb3fEJP4P7SBXR3BKoeixfLRDEk
nJwMxxHnYpIFN5zMv4/taQC4zulb+kJvW9eXM2me8LOPU038i1sbfaOLEuK47xKy
yKnQ97IZ7rhId1tYsLUtM3NRC3XClsBMOaZCawZqd5fCtdNA/gpqeCmdv6VpXW5+
tmSrtXVAW63j0Y9Qpj7bwA6NESu4lAItaY9Jc+goW5h4dg9P8VUSQC9KNgfh7SEZ
Zj2RPFsPaZpjCsquWzGGfLEHEIMCAwEAAaOCAsYwggLCMB0GA1UdDgQWBBR3Gaks
BvFLADQugjbRryb5Vwci5zAfBgNVHSMEGDAWgBRBvpNmaqPIicap7SWv/2uGXIHo
CjAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2RkRCNkQvMjM3QTdCRjA4MTZFMTFFQkE0N0EyOTVCRjhBRUEyMjgvUWI2VFpt
cWp5SW5HcWUwbHJfOXJobHlCNkFvLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvUWI2VFptcWp5SW5HcWUwbHJfOXJobHlCNkFvLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2RkRCNkQvMjM3QTdCRjA4MTZFMTFFQkE0N0EyOTVCRjhB
RUEyMjgvNEZENEEyMTA4MTZGMTFFQkEyREI1RTVDRjhBRUEyMjgucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDBABggrBgEFBQcBBwEB/wQxMC8wHgQCAAEwGAMEAylMAAMEAylNIAMEBMQocAME
BMXyoDANBAIAAjAHAwUALA/7kDANBgkqhkiG9w0BAQsFAAOCAQEAnfO9cTLZ1Pij
MEzL/l7aR26eq8QXLyXROS3oiJAdgKJ3Y/MWxNwESlrcHOBFO6204jugYNQj0B/N
6SbbVLrHn8CDJ+lHB7kgAq+2ZQJlTtg/CLMcrv/9BWCnil4C/9cfenrd4lgyV4IH
lwSYuyb2kTmMPhRqG2HxNZLtgm7AatnEoW3+f3aSFl2mXcwsFT0Eg8ni/q9zfzK4
rqwZV3KyV2pnyZx2I22JUlkLpNh+gaQ4VuVxEYE0jxzrGKhXl/9/6Z45YN4uj448
tK7xgL1igoRce2K9y5qGOjW8Pg0MsAzyOIXRRet9GMeCJz6hWApt62PMQOGdKWBM
wXRLVZr5Qg==
-----END CERTIFICATE-----
Generated at Wed May 29 02:49:51 2024 by rpki-client on console-fra.rpki-client.org