Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/23AFDF480B4511EFBA11EC2C017001B1.roa
File: 23AFDF480B4511EFBA11EC2C017001B1.roa (raw, json)
Hash identifier: HBe5CdYHV1497qqgTA9aLe/Un4J0VKinww7gfCb/w1Q=
Subject key identifier: 5B:82:48:12:9E:04:47:19:45:80:BA:84:3E:C8:6F:E5:BE:5A:1D:8A
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: B438
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/23AFDF480B4511EFBA11EC2C017001B1.roa
Signing time: Mon 06 May 2024 01:08:25 +0000
ROA not before: Mon 06 May 2024 01:08:22 +0000
ROA not after: Sun 09 Jun 2024 01:08:22 +0000
asID: 20457
IP address blocks: 154.198.11.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 03 Jun 2024 00:05:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 46136 (0xb438)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 6 01:08:22 2024 GMT
Not After : Jun 9 01:08:22 2024 GMT
Subject: CN=66382d89-8038
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:52:35:17:4e:9c:6d:0a:15:d2:75:01:d3:c7:
5f:74:4b:1a:e4:23:e0:3d:dc:10:c2:0b:13:0f:9f:
b8:cc:7a:b8:3b:d2:1d:a7:f5:05:ea:40:da:fe:0c:
0b:c1:18:bf:47:9a:08:f1:d3:51:61:3a:77:e0:9d:
43:df:6f:e5:82:06:b9:6c:3d:1d:38:b7:b2:9b:42:
5c:62:0f:68:b9:92:17:d8:fb:6e:a1:80:93:d2:68:
67:9d:cc:8e:0b:0a:be:33:81:da:41:5c:7a:ab:f0:
9e:90:89:dd:10:80:f5:a0:20:d8:3c:f6:59:5d:6a:
28:60:e7:9d:69:a1:f9:09:c4:30:cb:8e:ff:b7:31:
a9:33:79:ac:29:59:9a:7e:4a:7d:92:e4:40:cd:b2:
e1:30:d5:7e:01:e6:be:bb:c9:f1:86:3c:3f:3e:12:
7d:f3:61:57:4d:65:bc:02:1d:c5:ab:47:86:52:c4:
cc:e8:35:1e:db:5e:fc:4f:49:47:c8:4f:16:cb:62:
98:20:c7:a0:47:8e:ee:33:5a:b0:b7:fa:9a:c9:7a:
3f:cd:6e:b2:00:31:bc:03:83:78:14:54:1c:45:a5:
81:d0:2e:c9:ef:83:c9:08:58:9b:dc:6b:c5:80:21:
3e:db:e1:86:e8:a0:ab:12:3f:1c:17:33:d6:d5:b2:
f9:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:82:48:12:9E:04:47:19:45:80:BA:84:3E:C8:6F:E5:BE:5A:1D:8A
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/23AFDF480B4511EFBA11EC2C017001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.198.11.0/24
Signature Algorithm: sha256WithRSAEncryption
ac:66:3c:dc:db:8c:fa:c0:43:7b:5b:22:59:e9:9c:cd:11:d1:
92:6d:c5:8b:58:87:2e:dc:48:c0:e0:53:a1:cf:72:09:32:e5:
88:eb:77:9f:8b:56:2c:45:85:74:38:09:47:23:92:8d:89:89:
27:05:95:07:01:c5:94:4e:ce:89:12:84:84:88:7f:23:06:36:
c5:7f:79:f4:8c:7c:59:23:a4:31:65:92:52:bc:56:30:b2:9f:
71:e5:a6:2a:25:ea:b0:45:e0:94:46:91:c5:48:b3:ec:ea:f1:
85:c2:95:92:4b:f7:59:b7:8f:56:2f:cf:1c:72:ac:71:98:44:
b7:2f:bd:31:03:1d:b6:a2:89:21:01:6d:eb:1c:32:a6:34:9b:
c5:89:ed:34:34:6e:e6:be:2c:bb:7f:6d:65:54:9d:4e:f9:7e:
b2:93:a3:29:10:14:ba:4b:00:13:e9:24:0d:39:da:34:62:93:
b9:4a:08:d0:8c:3c:9c:d4:2c:77:34:b9:36:03:0d:c5:e6:7c:
3b:f1:0f:bb:a1:b8:26:18:f6:18:32:6e:c0:1d:20:40:49:15:
34:f7:9b:20:fe:4e:6c:e4:fe:86:d4:af:c1:a6:6d:a1:1d:4b:
7a:a9:e7:67:71:69:0e:3a:c9:6c:25:ce:70:05:f0:1f:f0:84:
ab:6c:b4:79
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDALQ4MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNTA2MDEwODIyWhcNMjQwNjA5MDEwODIyWjAYMRYw
FAYDVQQDEw02NjM4MmQ4OS04MDM4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAylI1F06cbQoV0nUB08dfdEsa5CPgPdwQwgsTD5+4zHq4O9Idp/UF6kDa
/gwLwRi/R5oI8dNRYTp34J1D32/lgga5bD0dOLeym0JcYg9ouZIX2PtuoYCT0mhn
ncyOCwq+M4HaQVx6q/CekIndEID1oCDYPPZZXWooYOedaaH5CcQwy47/tzGpM3ms
KVmafkp9kuRAzbLhMNV+Aea+u8nxhjw/PhJ982FXTWW8Ah3Fq0eGUsTM6DUe2178
T0lHyE8Wy2KYIMegR47uM1qwt/qayXo/zW6yADG8A4N4FFQcRaWB0C7J74PJCFib
3GvFgCE+2+GG6KCrEj8cFzPW1bL5qwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFFuC
SBKeBEcZRYC6hD7Ib+W+Wh2KMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yM0FGREY0ODBCNDUxMUVGQkExMUVDMkMwMTcwMDFCMS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsYLMA0GCSqGSIb3DQEB
CwUAA4IBAQCsZjzc24z6wEN7WyJZ6ZzNEdGSbcWLWIcu3EjA4FOhz3IJMuWI63ef
i1YsRYV0OAlHI5KNiYknBZUHAcWUTs6JEoSEiH8jBjbFf3n0jHxZI6QxZZJSvFYw
sp9x5aYqJeqwReCURpHFSLPs6vGFwpWSS/dZt49WL88ccqxxmES3L70xAx22ookh
AW3rHDKmNJvFie00NG7mviy7f21lVJ1O+X6yk6MpEBS6SwAT6SQNOdo0YpO5SgjQ
jDyc1Cx3NLk2Aw3F5nw78Q+7obgmGPYYMm7AHSBASRU095sg/k5s5P6G1K/Bpm2h
HUt6qedncWkOOslsJc5wBfAf8ISrbLR5
-----END CERTIFICATE-----
Generated at Sat Jun 1 02:00:38 2024 by rpki-client on console-ams.rpki-client.org