Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/33A25CE8CCBE11EE9A996485775412E6.roa
File: 33A25CE8CCBE11EE9A996485775412E6.roa (raw, json)
Hash identifier: jnR4cjPZtuT9WsKkX3EVHLHii/j+6qfQo4aY6D9CsmU=
Subject key identifier: A5:AD:3C:8E:33:6B:02:31:D8:71:55:5C:81:06:19:FC:8A:44:93:D0
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 8AF1
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/33A25CE8CCBE11EE9A996485775412E6.roa
Signing time: Fri 16 Feb 2024 11:26:18 +0000
ROA not before: Fri 16 Feb 2024 11:26:14 +0000
ROA not after: Fri 26 Apr 2024 11:26:14 +0000
asID: 9009
IP address blocks: 154.216.232.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 26 Apr 2024 11:26:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 35569 (0x8af1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 16 11:26:14 2024 GMT
Not After : Apr 26 11:26:14 2024 GMT
Subject: CN=65cf465a-40f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:e8:d7:fc:32:6e:10:12:93:92:ba:3b:19:bb:
58:9e:75:1e:a1:52:99:f1:23:68:39:18:a9:9c:b7:
32:ea:d6:26:21:9c:0b:95:df:94:ab:a1:ee:fd:3b:
24:e0:d9:83:f8:76:cd:f7:dd:07:cc:a2:36:dc:e8:
c6:9b:c2:a3:3f:4a:10:d7:a0:1e:c0:81:01:bc:a2:
0e:70:24:fe:be:71:01:93:e7:a9:64:ae:0e:0f:d9:
2a:7e:98:fe:2b:f0:cd:dc:07:fd:92:39:b5:7a:33:
5a:e1:d0:39:e9:ec:97:06:d2:69:6d:09:db:9e:7b:
25:8e:65:da:9b:ab:76:04:a7:c1:e0:d5:db:e3:9f:
92:0b:2c:ba:da:fd:26:3e:1d:7b:ec:24:90:47:c3:
0e:b3:81:72:80:c3:11:b2:81:c1:98:fb:9c:b2:43:
f0:b1:a1:fd:4f:90:19:9e:6d:09:86:e6:e3:24:66:
20:0e:3e:25:d5:b1:7c:3c:3b:2e:de:94:ec:ad:7d:
ff:63:aa:55:d9:51:1a:26:f6:8f:39:5d:59:00:bc:
18:50:1a:7e:be:e3:e6:df:4c:64:37:aa:6b:e1:2a:
9b:46:7b:e3:61:f8:1c:63:06:7f:e1:2a:06:5a:2a:
86:d8:ce:30:05:74:48:b7:19:03:9a:00:55:df:c1:
90:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:AD:3C:8E:33:6B:02:31:D8:71:55:5C:81:06:19:FC:8A:44:93:D0
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/33A25CE8CCBE11EE9A996485775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.216.232.0/24
Signature Algorithm: sha256WithRSAEncryption
c2:3b:8d:94:4b:fd:38:42:f3:e9:0b:9c:f6:ec:24:c1:fa:c0:
f8:08:8d:d8:c0:92:e3:39:5e:8c:50:74:ab:ff:86:b7:2f:47:
b9:eb:91:a4:9a:8b:e7:55:1a:22:aa:5e:46:db:0b:93:c1:15:
3f:d1:ca:ca:c0:17:bb:89:22:70:ae:aa:7b:72:fb:a0:fa:75:
a4:74:c5:9d:5b:ec:ea:c3:34:dc:f7:80:28:4f:70:e7:4e:79:
7f:77:ac:29:77:ab:2f:b0:b7:b1:01:0f:33:b9:1d:1a:f2:f7:
d7:49:bb:35:6b:71:b7:37:e5:9d:0a:4c:29:a4:cf:99:16:1a:
48:58:34:df:db:6e:2a:0d:08:7e:e5:a3:00:62:8e:a7:93:94:
8e:95:1e:3f:62:0c:f7:0e:5f:65:0d:23:2f:48:46:0a:69:af:
bf:12:f9:6c:da:69:f5:f3:7f:47:0c:61:dc:bf:7b:14:e0:86:
4d:eb:01:fe:d9:09:af:ee:9e:06:44:47:c2:3c:ad:cf:6c:68:
65:de:07:c4:b0:bc:ad:10:60:dd:3e:13:1f:da:74:59:7c:b2:
34:cd:7d:17:de:ca:8c:82:f7:c1:36:d8:ff:48:3b:ff:51:5c:
78:ca:df:cc:76:cb:ef:7d:18:16:07:90:bf:66:24:71:e5:1a:
d8:b4:6a:be
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAIrxMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwMjE2MTEyNjE0WhcNMjQwNDI2MTEyNjE0WjAYMRYw
FAYDVQQDEw02NWNmNDY1YS00MGY1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxejX/DJuEBKTkro7GbtYnnUeoVKZ8SNoORipnLcy6tYmIZwLld+Uq6Hu
/Tsk4NmD+HbN990HzKI23OjGm8KjP0oQ16AewIEBvKIOcCT+vnEBk+epZK4OD9kq
fpj+K/DN3Af9kjm1ejNa4dA56eyXBtJpbQnbnnsljmXam6t2BKfB4NXb45+SCyy6
2v0mPh177CSQR8MOs4FygMMRsoHBmPucskPwsaH9T5AZnm0JhubjJGYgDj4l1bF8
PDsu3pTsrX3/Y6pV2VEaJvaPOV1ZALwYUBp+vuPm30xkN6pr4SqbRnvjYfgcYwZ/
4SoGWiqG2M4wBXRItxkDmgBV38GQfwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFKWt
PI4zawIx2HFVXIEGGfyKRJPQMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zM0EyNUNFOENDQkUxMUVFOUE5OTY0ODU3NzU0MTJFNi5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtjoMA0GCSqGSIb3DQEB
CwUAA4IBAQDCO42US/04QvPpC5z27CTB+sD4CI3YwJLjOV6MUHSr/4a3L0e565Gk
movnVRoiql5G2wuTwRU/0crKwBe7iSJwrqp7cvug+nWkdMWdW+zqwzTc94AoT3Dn
Tnl/d6wpd6svsLexAQ8zuR0a8vfXSbs1a3G3N+WdCkwppM+ZFhpIWDTf224qDQh+
5aMAYo6nk5SOlR4/Ygz3Dl9lDSMvSEYKaa+/Evls2mn1839HDGHcv3sU4IZN6wH+
2Qmv7p4GREfCPK3PbGhl3gfEsLytEGDdPhMf2nRZfLI0zX0X3sqMgvfBNtj/SDv/
UVx4yt/MdsvvfRgWB5C/ZiRx5RrYtGq+
-----END CERTIFICATE-----
Generated at Fri Apr 26 11:01:33 2024 by rpki-client on console-ams.rpki-client.org