Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3652C3A/D607CF289A8111EE8A7BF12BD25BE465/D15451B8AEF411EE804D56A3775412E6.roa
File: D15451B8AEF411EE804D56A3775412E6.roa (raw, json)
Hash identifier: YBWjlP8F+YdvA9ozU69TQggPOcEWkXW+zdvhhb0CYsA=
Subject key identifier: 87:65:7F:CD:9D:B8:58:E9:5C:D3:06:79:4B:96:63:96:1F:2D:3E:6E
Certificate issuer: /CN=F3652C3AAF/serialNumber=3F0EEA59196D14A32AF35DA1710F150D5F9DDDD8
Certificate serial: 22
Authority key identifier: 3F:0E:EA:59:19:6D:14:A3:2A:F3:5D:A1:71:0F:15:0D:5F:9D:DD:D8
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/Pw7qWRltFKMq812hcQ8VDV-d3dg.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3652C3A/D607CF289A8111EE8A7BF12BD25BE465/D15451B8AEF411EE804D56A3775412E6.roa
Signing time: Tue 09 Jan 2024 13:41:40 +0000
ROA not before: Tue 09 Jan 2024 13:41:37 +0000
ROA not after: Sun 31 Dec 2028 13:41:37 +0000
asID: 396982
IP address blocks: 154.65.68.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3652C3A/D607CF289A8111EE8A7BF12BD25BE465/Pw7qWRltFKMq812hcQ8VDV-d3dg.crl
rsync://rpki.afrinic.net/repository/member_repository/F3652C3A/D607CF289A8111EE8A7BF12BD25BE465/Pw7qWRltFKMq812hcQ8VDV-d3dg.mft
rsync://rpki.afrinic.net/repository/afrinic/Pw7qWRltFKMq812hcQ8VDV-d3dg.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 07 May 2024 00:04:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 34 (0x22)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3652C3AAF/serialNumber=3F0EEA59196D14A32AF35DA1710F150D5F9DDDD8
Validity
Not Before: Jan 9 13:41:37 2024 GMT
Not After : Dec 31 13:41:37 2028 GMT
Subject: CN=659d4d14-b6ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:f7:aa:2d:45:b7:f5:3a:5a:9c:4a:93:96:69:
5c:0d:b1:7f:53:1f:05:33:40:e7:85:08:7c:f7:b8:
7b:57:88:2c:e7:d0:00:ef:ef:fd:77:e3:d2:fd:5b:
52:5c:e5:40:b2:d4:6d:81:2b:46:6b:0e:e4:40:3c:
f7:92:05:8c:ff:3c:ae:eb:54:f3:f7:e1:ae:cb:4f:
26:24:69:38:ea:b5:f9:01:9d:a7:84:6f:9a:7f:f9:
bf:c1:32:7a:2d:3d:ed:70:6e:09:76:6e:33:dd:47:
27:d9:c2:7b:d2:60:64:b5:e0:37:cd:4c:36:63:e4:
0c:c3:6f:26:42:15:ef:b4:ae:1a:39:02:99:a0:c4:
6d:2f:71:59:ff:af:7d:23:01:41:74:71:53:e5:b1:
42:af:e1:78:1e:b2:e1:cb:a3:4b:00:0a:d3:bf:5b:
4d:91:57:1a:da:82:21:0f:c6:ed:b8:47:3c:0c:c4:
f9:a3:16:36:c6:5a:2e:fa:0e:4c:95:32:3a:c4:99:
99:fc:ea:37:f0:93:f7:2e:7d:98:2d:b2:55:e3:1b:
f2:ea:2d:3c:b4:3d:32:ed:b6:15:1d:0c:fe:df:92:
33:68:0d:de:a6:2a:ca:79:4a:b1:d2:1a:8f:84:83:
f4:18:ca:16:29:71:94:e6:6e:99:49:1d:bf:29:90:
c7:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:65:7F:CD:9D:B8:58:E9:5C:D3:06:79:4B:96:63:96:1F:2D:3E:6E
X509v3 Authority Key Identifier:
keyid:3F:0E:EA:59:19:6D:14:A3:2A:F3:5D:A1:71:0F:15:0D:5F:9D:DD:D8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3652C3A/D607CF289A8111EE8A7BF12BD25BE465/Pw7qWRltFKMq812hcQ8VDV-d3dg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/Pw7qWRltFKMq812hcQ8VDV-d3dg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3652C3A/D607CF289A8111EE8A7BF12BD25BE465/D15451B8AEF411EE804D56A3775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.65.68.0/23
Signature Algorithm: sha256WithRSAEncryption
69:25:c8:f8:85:d3:6b:f9:4a:f3:4b:4c:f4:ec:18:14:6e:00:
7f:9e:3e:da:1d:5e:e7:55:af:5b:da:49:dc:46:1d:c9:07:1b:
26:81:a6:7c:a8:0c:c4:d5:cd:3a:f4:61:1c:f3:77:ee:c8:2d:
57:02:b1:a2:e6:00:6f:27:19:5c:ea:37:a7:cf:5a:a9:9c:e9:
c3:a0:04:1c:46:eb:73:5b:4c:1c:0e:de:96:bd:a9:00:ad:02:
20:d5:1c:62:f8:a7:9b:9b:f2:22:e4:c8:ec:97:9a:97:d3:3e:
4e:76:6c:c5:f3:d9:1e:18:90:0d:b2:bd:a7:29:2e:50:03:07:
fe:49:61:87:7b:fc:5b:e3:a8:df:85:7f:46:73:3b:7e:de:24:
c0:44:e7:61:1f:7c:d4:6a:04:75:2b:30:91:d9:d7:d7:05:63:
6d:ac:2c:e4:f4:f9:44:4d:d1:fd:0d:cc:61:c7:c1:43:71:68:
7f:11:9d:79:3a:e3:6a:37:62:b7:7d:7e:82:e5:a3:f0:f9:2b:
70:94:88:2d:c7:40:a5:b0:b5:24:a7:2d:f5:29:2d:98:78:7b:
56:48:7b:17:6f:d6:55:cb:fb:7f:7c:85:96:39:03:f1:f3:3e:
2e:05:ba:0f:78:20:3f:d1:d1:ea:ce:12:39:b9:ae:84:29:24:
62:fa:16:aa
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBIjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY1
MkMzQUFGMTEwLwYDVQQFEygzRjBFRUE1OTE5NkQxNEEzMkFGMzVEQTE3MTBGMTUw
RDVGOUREREQ4MB4XDTI0MDEwOTEzNDEzN1oXDTI4MTIzMTEzNDEzN1owGDEWMBQG
A1UEAxMNNjU5ZDRkMTQtYjZlYTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMP3qi1Ft/U6WpxKk5ZpXA2xf1MfBTNA54UIfPe4e1eILOfQAO/v/Xfj0v1b
UlzlQLLUbYErRmsO5EA895IFjP88rutU8/fhrstPJiRpOOq1+QGdp4Rvmn/5v8Ey
ei097XBuCXZuM91HJ9nCe9JgZLXgN81MNmPkDMNvJkIV77SuGjkCmaDEbS9xWf+v
fSMBQXRxU+WxQq/heB6y4cujSwAK079bTZFXGtqCIQ/G7bhHPAzE+aMWNsZaLvoO
TJUyOsSZmfzqN/CT9y59mC2yVeMb8uotPLQ9Mu22FR0M/t+SM2gN3qYqynlKsdIa
j4SD9BjKFilxlOZumUkdvymQx/kCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBSHZX/N
nbhY6VzTBnlLlmOWHy0+bjAfBgNVHSMEGDAWgBQ/DupZGW0UoyrzXaFxDxUNX53d
2DAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NTJDM0EvRDYwN0NGMjg5QTgxMTFFRThBN0JGMTJCRDI1QkU0NjUvUHc3cVdS
bHRGS01xODEyaGNROFZEVi1kM2RnLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvUHc3cVdSbHRGS01xODEyaGNROFZEVi1kM2RnLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2NTJDM0EvRDYwN0NGMjg5QTgxMTFFRThBN0JGMTJCRDI1
QkU0NjUvRDE1NDUxQjhBRUY0MTFFRTgwNEQ1NkEzNzc1NDEyRTYucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAZpBRDANBgkqhkiG9w0BAQsF
AAOCAQEAaSXI+IXTa/lK80tM9OwYFG4Af54+2h1e51WvW9pJ3EYdyQcbJoGmfKgM
xNXNOvRhHPN37sgtVwKxouYAbycZXOo3p89aqZzpw6AEHEbrc1tMHA7elr2pAK0C
INUcYvinm5vyIuTI7Jeal9M+TnZsxfPZHhiQDbK9pykuUAMH/klhh3v8W+Oo34V/
RnM7ft4kwETnYR981GoEdSswkdnX1wVjbaws5PT5RE3R/Q3MYcfBQ3FofxGdeTrj
ajdit31+guWj8PkrcJSILcdApbC1JKct9SktmHh7Vkh7F2/WVcv7f3yFljkD8fM+
LgW6D3ggP9HR6s4SObmuhCkkYvoWqg==
-----END CERTIFICATE-----
Generated at Sun May 5 03:47:36 2024 by rpki-client on console-fra.rpki-client.org