Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3A043700CCC311EEB0F6648D775412E6.roa
File: 3A043700CCC311EEB0F6648D775412E6.roa (raw, json)
Hash identifier: B9x02zfssbX4IBHOVxQpiDeaat5t/EFkZ3XO2H1FJM8=
Subject key identifier: 1D:B0:BA:78:B8:BB:E4:60:E3:D6:D3:37:00:06:63:D1:FD:59:BC:F7
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 8B1F
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3A043700CCC311EEB0F6648D775412E6.roa
Signing time: Fri 16 Feb 2024 12:02:16 +0000
ROA not before: Fri 16 Feb 2024 12:02:12 +0000
ROA not after: Fri 26 Apr 2024 12:02:12 +0000
asID: 9009
IP address blocks: 154.216.255.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 26 Apr 2024 12:02:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 35615 (0x8b1f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 16 12:02:12 2024 GMT
Not After : Apr 26 12:02:12 2024 GMT
Subject: CN=65cf4ec8-b74b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:39:2f:ba:44:a7:9f:c6:48:96:d8:f0:88:2c:
ea:8e:49:f2:1d:69:37:b5:2f:73:25:b4:13:b7:90:
96:73:be:13:41:8b:68:f5:fb:74:58:22:07:4d:ba:
56:0a:80:0e:ec:38:c8:ee:55:4b:00:26:e8:05:a2:
1a:be:19:17:41:13:93:1e:6b:48:72:4f:c4:a4:f2:
45:64:2a:37:33:e7:13:7e:85:9f:26:79:e2:30:c4:
ac:0e:f3:0f:82:23:8f:be:5d:42:58:90:60:3c:11:
77:af:c2:9c:7c:d2:7c:9e:da:61:22:f2:43:e7:18:
81:46:e2:5f:0c:8a:4c:0b:ee:c0:3d:47:ec:f5:95:
66:10:33:8a:91:66:a5:6f:45:69:42:6f:ff:ea:b9:
8b:a0:d9:1b:9a:75:3a:62:22:68:cf:76:8b:cd:f3:
df:db:3b:99:a3:4e:0b:53:3d:ef:75:02:a4:f5:bf:
bd:6c:c3:61:78:3b:22:4c:fd:fa:12:fc:68:47:b8:
31:29:b1:71:b6:6f:b4:7a:55:73:fa:01:67:a5:92:
c4:7c:0f:25:7c:bf:d1:4d:9e:71:95:4b:46:5b:44:
79:8d:57:9c:b2:c5:8f:e0:47:27:be:22:da:a7:f7:
8c:54:b4:49:15:43:5e:92:75:c1:73:fe:f4:42:42:
a5:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:B0:BA:78:B8:BB:E4:60:E3:D6:D3:37:00:06:63:D1:FD:59:BC:F7
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3A043700CCC311EEB0F6648D775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.216.255.0/24
Signature Algorithm: sha256WithRSAEncryption
89:d8:bf:8b:a3:dc:c6:a7:d2:f7:32:fd:17:0c:78:95:84:fd:
ef:3b:7b:27:66:2f:fa:f5:c1:51:49:80:b8:e3:20:da:6d:81:
ce:31:11:9e:d6:84:47:88:34:87:b4:c7:eb:5c:9a:65:d5:4d:
ca:c1:4b:ce:31:ee:f5:4d:e5:f8:81:1c:53:9b:67:06:e9:81:
9d:ac:7b:54:39:32:dd:65:98:a6:ea:2f:7b:8d:66:38:52:c5:
05:9e:8c:39:89:a7:0d:5b:c9:6e:b9:28:67:0a:a2:1a:d7:4d:
6c:31:6d:a6:d5:d3:a6:20:1e:68:5d:bd:8b:5a:1a:f1:11:e7:
a5:85:80:ec:39:71:0b:f8:39:d3:89:46:72:7b:56:22:e3:12:
2d:41:45:27:48:72:38:4e:47:1a:c6:01:8b:3d:9a:7d:a7:6a:
6e:62:ac:e2:78:98:0c:a4:ac:02:91:ba:35:71:c4:64:f4:a7:
67:fa:b6:cd:b4:f5:24:5c:7c:4b:f7:ed:9d:f4:2c:75:7c:d7:
41:31:4a:5a:c7:0b:fb:f6:4d:e0:f8:21:cf:47:b4:50:f9:3b:
70:a5:eb:7b:5e:c2:97:d2:eb:11:91:a3:c0:ae:93:69:b4:44:
fb:79:68:64:0d:fe:41:8d:9e:4e:e2:a1:35:d0:b9:16:5d:bf:
cc:c8:86:cb
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAIsfMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwMjE2MTIwMjEyWhcNMjQwNDI2MTIwMjEyWjAYMRYw
FAYDVQQDEw02NWNmNGVjOC1iNzRiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvDkvukSnn8ZIltjwiCzqjknyHWk3tS9zJbQTt5CWc74TQYto9ft0WCIH
TbpWCoAO7DjI7lVLACboBaIavhkXQROTHmtIck/EpPJFZCo3M+cTfoWfJnniMMSs
DvMPgiOPvl1CWJBgPBF3r8KcfNJ8ntphIvJD5xiBRuJfDIpMC+7APUfs9ZVmEDOK
kWalb0VpQm//6rmLoNkbmnU6YiJoz3aLzfPf2zuZo04LUz3vdQKk9b+9bMNheDsi
TP36EvxoR7gxKbFxtm+0elVz+gFnpZLEfA8lfL/RTZ5xlUtGW0R5jVecssWP4Ecn
viLap/eMVLRJFUNeknXBc/70QkKlmQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFB2w
uni4u+Rg49bTNwAGY9H9Wbz3MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zQTA0MzcwMENDQzMxMUVFQjBGNjY0OEQ3NzU0MTJFNi5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtj/MA0GCSqGSIb3DQEB
CwUAA4IBAQCJ2L+Lo9zGp9L3Mv0XDHiVhP3vO3snZi/69cFRSYC44yDabYHOMRGe
1oRHiDSHtMfrXJpl1U3KwUvOMe71TeX4gRxTm2cG6YGdrHtUOTLdZZim6i97jWY4
UsUFnow5iacNW8luuShnCqIa101sMW2m1dOmIB5oXb2LWhrxEeelhYDsOXEL+DnT
iUZye1Yi4xItQUUnSHI4TkcaxgGLPZp9p2puYqzieJgMpKwCkbo1ccRk9Kdn+rbN
tPUkXHxL9+2d9Cx1fNdBMUpaxwv79k3g+CHPR7RQ+Ttwpet7XsKX0usRkaPArpNp
tET7eWhkDf5BjZ5O4qE10LkWXb/MyIbL
-----END CERTIFICATE-----
Generated at Fri Apr 26 11:01:33 2024 by rpki-client on console-ams.rpki-client.org