Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/043E1E1AFF9A11EEB80E6726017001B1.roa
File: 043E1E1AFF9A11EEB80E6726017001B1.roa (raw, json)
Hash identifier: spcZTK/EfkWg/3N54qGj2mBY5p08IDDuF8KzrQeJq5Y=
Subject key identifier: 10:76:8D:A7:F6:8F:8A:9B:3C:08:99:F9:A8:B4:5F:20:3E:A0:1E:B0
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: AE78
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/043E1E1AFF9A11EEB80E6726017001B1.roa
Signing time: Sun 21 Apr 2024 04:45:46 +0000
ROA not before: Sun 21 Apr 2024 04:45:40 +0000
ROA not after: Thu 17 Apr 2025 04:45:40 +0000
asID: 150698
IP address blocks: 154.198.168.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 22 May 2024 00:05:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 44664 (0xae78)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 21 04:45:40 2024 GMT
Not After : Apr 17 04:45:40 2025 GMT
Subject: CN=662499fa-7021
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:64:d9:ef:d7:c3:18:fa:a5:e5:6c:af:79:aa:
90:79:bb:9e:10:83:d9:50:4c:92:44:1c:0c:93:88:
5e:34:7f:6b:f0:44:fb:4c:f0:18:d4:83:12:d4:cf:
a5:4a:c0:dc:47:e1:18:74:bd:3b:ef:7b:b4:a3:3d:
88:63:52:27:56:c4:ec:55:4f:ed:a6:51:a8:cd:fe:
12:de:3e:18:a5:da:15:60:a1:83:0c:5c:9f:ce:61:
8b:2c:6d:1e:de:c8:cd:60:07:3b:0f:2f:7a:a9:38:
68:86:38:7e:73:11:26:80:47:74:a6:18:9b:f6:2c:
09:14:8c:4e:be:3c:8e:6d:6c:35:78:d4:a9:4c:59:
86:ec:6e:b7:5b:c9:e5:b9:4f:c4:e4:f5:cf:8c:76:
33:08:29:e8:ff:fa:d2:b9:98:e1:16:51:f4:44:75:
81:6d:d4:11:d0:72:21:3c:e6:a4:de:58:1a:2b:0b:
06:ed:f4:9b:f9:80:64:8e:2f:b6:3b:c2:12:47:83:
df:23:e4:0c:b1:fb:c6:32:ff:3b:58:7a:c5:94:b1:
97:d3:e6:cc:2a:e9:d1:96:6c:89:ec:e2:4b:b1:bd:
cc:7a:fd:f9:06:6a:9a:cf:cf:2e:24:18:cd:c6:ea:
67:3e:15:08:fc:82:82:de:81:f5:8f:ec:a0:dd:ba:
f3:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:76:8D:A7:F6:8F:8A:9B:3C:08:99:F9:A8:B4:5F:20:3E:A0:1E:B0
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/043E1E1AFF9A11EEB80E6726017001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.198.168.0/22
Signature Algorithm: sha256WithRSAEncryption
66:a3:a0:fc:27:9a:78:61:5c:6d:47:c9:71:f6:4e:48:29:21:
95:96:8f:45:56:7f:55:aa:c0:f8:3f:7b:a5:e1:3e:d9:8a:8f:
84:e7:4f:13:07:30:2f:2d:bc:f8:f0:44:14:40:1c:df:36:d3:
59:38:76:40:fc:98:f1:05:3d:4c:62:69:79:5b:54:13:4f:e4:
f1:f6:b9:78:bb:0f:c6:04:3c:68:34:ef:f9:96:61:33:67:8a:
14:be:e3:ce:4f:93:e3:22:93:bf:ef:1f:be:9f:04:61:f0:57:
43:ff:5c:81:db:47:80:4b:0b:8a:b8:88:aa:b3:9f:db:3b:9c:
e5:18:48:92:ca:a8:ff:cb:06:80:a2:4d:e4:0b:ce:4c:59:06:
93:c5:a3:60:98:76:e2:31:a0:5f:8e:9f:d4:58:d1:ad:14:20:
70:9c:f4:c4:62:80:7a:c1:20:ca:9c:69:04:8a:74:72:3f:4e:
f3:ab:fb:82:ef:eb:1e:89:02:d1:3c:2e:f8:87:eb:27:69:a7:
d2:68:42:83:e4:e4:28:9e:52:9e:7b:98:d2:8f:c7:f7:f7:42:
2f:18:31:2f:72:68:3e:73:a0:ce:93:05:f0:ba:a7:b0:ac:1b:
60:c8:39:7a:4b:bb:49:cb:eb:55:25:35:e0:a7:d9:d8:60:6b:
f3:78:68:55
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAK54MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNDIxMDQ0NTQwWhcNMjUwNDE3MDQ0NTQwWjAYMRYw
FAYDVQQDEw02NjI0OTlmYS03MDIxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3mTZ79fDGPql5WyveaqQebueEIPZUEySRBwMk4heNH9r8ET7TPAY1IMS
1M+lSsDcR+EYdL0773u0oz2IY1InVsTsVU/tplGozf4S3j4YpdoVYKGDDFyfzmGL
LG0e3sjNYAc7Dy96qThohjh+cxEmgEd0phib9iwJFIxOvjyObWw1eNSpTFmG7G63
W8nluU/E5PXPjHYzCCno//rSuZjhFlH0RHWBbdQR0HIhPOak3lgaKwsG7fSb+YBk
ji+2O8ISR4PfI+QMsfvGMv87WHrFlLGX0+bMKunRlmyJ7OJLsb3Mev35Bmqaz88u
JBjNxupnPhUI/IKC3oH1j+yg3brziwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFBB2
jaf2j4qbPAiZ+ai0XyA+oB6wMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8wNDNFMUUxQUZGOUExMUVFQjgwRTY3MjYwMTcwMDFCMS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCmsaoMA0GCSqGSIb3DQEB
CwUAA4IBAQBmo6D8J5p4YVxtR8lx9k5IKSGVlo9FVn9VqsD4P3ul4T7Zio+E508T
BzAvLbz48EQUQBzfNtNZOHZA/JjxBT1MYml5W1QTT+Tx9rl4uw/GBDxoNO/5lmEz
Z4oUvuPOT5PjIpO/7x++nwRh8FdD/1yB20eASwuKuIiqs5/bO5zlGEiSyqj/ywaA
ok3kC85MWQaTxaNgmHbiMaBfjp/UWNGtFCBwnPTEYoB6wSDKnGkEinRyP07zq/uC
7+seiQLRPC74h+snaafSaEKD5OQonlKee5jSj8f390IvGDEvcmg+c6DOkwXwuqew
rBtgyDl6S7tJy+tVJTXgp9nYYGvzeGhV
-----END CERTIFICATE-----
Generated at Mon May 20 03:18:10 2024 by rpki-client on console-fra.rpki-client.org