Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/033A8FF00DCB11EFAA41354B017001B1.roa
File: 033A8FF00DCB11EFAA41354B017001B1.roa (raw, json)
Hash identifier: wUbFWG81QFGkOAVy/ogDG5lXlKq549hPHtrHqg5Qex4=
Subject key identifier: D7:8F:0C:DE:AB:4F:43:A6:4E:6E:54:9A:1D:AA:36:54:D0:72:5C:36
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: B61F
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/033A8FF00DCB11EFAA41354B017001B1.roa
Signing time: Thu 09 May 2024 06:11:45 +0000
ROA not before: Thu 09 May 2024 06:11:42 +0000
ROA not after: Wed 29 May 2024 06:11:42 +0000
asID: 139646
IP address blocks: 154.221.0.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 22 May 2024 00:05:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 46623 (0xb61f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 9 06:11:42 2024 GMT
Not After : May 29 06:11:42 2024 GMT
Subject: CN=663c6921-f970
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:a9:43:9c:0b:f9:e2:fa:36:32:39:f1:32:3c:
15:bb:8a:6a:c9:7b:1f:1b:30:42:66:f9:01:8c:d3:
38:18:62:d7:19:65:88:db:b5:9f:c2:32:fc:ef:37:
bb:d9:bb:fa:97:6b:e7:48:68:83:20:8e:c8:78:f5:
d0:ce:dc:a9:b7:0e:cb:ea:8c:c7:f7:93:32:dd:e3:
78:6d:58:4a:67:95:01:c0:1a:fe:cb:29:00:25:16:
22:28:49:89:cc:c8:d3:61:a0:4e:0d:14:6f:59:5c:
4f:fe:bb:a2:91:4d:d2:c8:aa:59:79:22:fa:f0:29:
04:1b:de:a2:d0:f9:42:4c:06:fd:6f:82:24:36:68:
03:f1:99:f5:bd:21:d1:8e:41:d8:48:32:20:f4:ad:
a6:25:69:fa:aa:19:69:b5:75:31:69:45:10:be:f5:
a7:11:dd:c1:9f:d9:70:bd:8f:44:77:93:47:9d:33:
9f:97:54:ae:08:58:0c:2e:76:f9:c3:a6:d2:50:35:
a1:20:f6:2e:ef:8b:de:64:dc:dd:e7:3d:e3:36:17:
ed:6e:75:3e:48:79:89:cb:fc:15:68:d8:c2:39:fe:
79:41:f6:55:e6:4a:98:d7:08:98:97:64:d6:bf:2a:
05:2c:fd:e3:f8:f8:0d:8f:f0:68:c2:8c:5e:20:81:
89:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:8F:0C:DE:AB:4F:43:A6:4E:6E:54:9A:1D:AA:36:54:D0:72:5C:36
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/033A8FF00DCB11EFAA41354B017001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.221.0.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:87:17:1d:16:c3:91:5d:9e:08:e9:29:d7:7f:d3:2a:74:2d:
9f:dc:21:7f:3d:6f:25:99:68:90:26:25:28:bc:b3:10:9a:7e:
89:59:14:fa:0d:f4:69:b0:38:13:ff:48:56:e5:ff:a1:33:05:
bd:d7:5b:5e:6d:ce:92:62:5e:98:73:b2:9c:e9:4e:ea:db:60:
9d:47:48:71:7e:ad:89:49:0a:33:55:6c:31:54:59:41:52:81:
00:43:09:f6:4f:7d:06:e1:93:2f:42:a5:03:a2:95:ec:8a:18:
27:f2:08:95:04:b3:3f:9d:9e:db:d2:47:ae:6d:2f:a3:87:50:
25:cf:61:6e:de:84:5a:15:65:8f:81:7d:dc:7b:aa:b8:5b:66:
16:d5:b3:b3:93:2b:5b:e5:b4:81:c9:06:1b:3a:92:5b:e5:89:
3f:dd:93:b0:dc:d8:2a:2e:10:69:8e:07:b5:e5:1b:20:d3:a8:
00:1e:47:4e:48:3f:6b:fc:7e:0a:57:77:19:80:04:9d:a3:df:
b8:90:39:89:e2:18:12:70:5f:e4:38:47:97:7f:db:42:bd:19:
9a:e7:ea:53:08:67:4e:62:2d:bd:f8:c5:1a:69:74:1f:68:3b:
48:10:83:e8:0e:a6:02:39:c1:ae:7c:8c:fb:ae:15:b2:8f:32:
76:6a:01:e1
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDALYfMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNTA5MDYxMTQyWhcNMjQwNTI5MDYxMTQyWjAYMRYw
FAYDVQQDEw02NjNjNjkyMS1mOTcwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAoqlDnAv54vo2MjnxMjwVu4pqyXsfGzBCZvkBjNM4GGLXGWWI27WfwjL8
7ze72bv6l2vnSGiDII7IePXQztyptw7L6ozH95My3eN4bVhKZ5UBwBr+yykAJRYi
KEmJzMjTYaBODRRvWVxP/ruikU3SyKpZeSL68CkEG96i0PlCTAb9b4IkNmgD8Zn1
vSHRjkHYSDIg9K2mJWn6qhlptXUxaUUQvvWnEd3Bn9lwvY9Ed5NHnTOfl1SuCFgM
Lnb5w6bSUDWhIPYu74veZNzd5z3jNhftbnU+SHmJy/wVaNjCOf55QfZV5kqY1wiY
l2TWvyoFLP3j+PgNj/BowoxeIIGJSQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFNeP
DN6rT0OmTm5Umh2qNlTQclw2MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8wMzNBOEZGMDBEQ0IxMUVGQUE0MTM1NEIwMTcwMDFCMS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmt0AMA0GCSqGSIb3DQEB
CwUAA4IBAQAahxcdFsORXZ4I6SnXf9MqdC2f3CF/PW8lmWiQJiUovLMQmn6JWRT6
DfRpsDgT/0hW5f+hMwW911tebc6SYl6Yc7Kc6U7q22CdR0hxfq2JSQozVWwxVFlB
UoEAQwn2T30G4ZMvQqUDopXsihgn8giVBLM/nZ7b0keubS+jh1Alz2Fu3oRaFWWP
gX3ce6q4W2YW1bOzkytb5bSByQYbOpJb5Yk/3ZOw3NgqLhBpjge15Rsg06gAHkdO
SD9r/H4KV3cZgASdo9+4kDmJ4hgScF/kOEeXf9tCvRma5+pTCGdOYi29+MUaaXQf
aDtIEIPoDqYCOcGufIz7rhWyjzJ2agHh
-----END CERTIFICATE-----
Generated at Mon May 20 03:18:10 2024 by rpki-client on console-fra.rpki-client.org